summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--builtin/tag.c16
-rw-r--r--builtin/verify-tag.c10
-rwxr-xr-xt/t7004-tag.sh66
-rw-r--r--tag.c15
-rw-r--r--tag.h1
5 files changed, 88 insertions, 20 deletions
diff --git a/builtin/tag.c b/builtin/tag.c
index d1d7d8701d..aa1f87d47a 100644
--- a/builtin/tag.c
+++ b/builtin/tag.c
@@ -29,8 +29,6 @@ struct tag_filter {
struct commit_list *with_commit;
};
-#define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
-
static int show_reference(const char *refname, const unsigned char *sha1,
int flag, void *cb_data)
{
@@ -70,9 +68,9 @@ static int show_reference(const char *refname, const unsigned char *sha1,
return 0;
}
/* only take up to "lines" lines, and strip the signature */
+ size = parse_signature(buf, size);
for (i = 0, sp += 2;
- i < filter->lines && sp < buf + size &&
- prefixcmp(sp, PGP_SIGNATURE "\n");
+ i < filter->lines && sp < buf + size;
i++) {
if (i)
printf("\n ");
@@ -242,8 +240,7 @@ static void write_tag_body(int fd, const unsigned char *sha1)
{
unsigned long size;
enum object_type type;
- char *buf, *sp, *eob;
- size_t len;
+ char *buf, *sp;
buf = read_sha1_file(sha1, &type, &size);
if (!buf)
@@ -256,12 +253,7 @@ static void write_tag_body(int fd, const unsigned char *sha1)
return;
}
sp += 2; /* skip the 2 LFs */
- eob = strstr(sp, "\n" PGP_SIGNATURE "\n");
- if (eob)
- len = eob - sp;
- else
- len = buf + size - sp;
- write_or_die(fd, sp, len);
+ write_or_die(fd, sp, parse_signature(sp, buf + size - sp));
free(buf);
}
diff --git a/builtin/verify-tag.c b/builtin/verify-tag.c
index 8136dba7a1..3134766049 100644
--- a/builtin/verify-tag.c
+++ b/builtin/verify-tag.c
@@ -17,13 +17,11 @@ static const char * const verify_tag_usage[] = {
NULL
};
-#define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
-
static int run_gpg_verify(const char *buf, unsigned long size, int verbose)
{
struct child_process gpg;
const char *args_gpg[] = {"gpg", "--verify", "FILE", "-", NULL};
- char path[PATH_MAX], *eol;
+ char path[PATH_MAX];
size_t len;
int fd, ret;
@@ -37,11 +35,7 @@ static int run_gpg_verify(const char *buf, unsigned long size, int verbose)
close(fd);
/* find the length without signature */
- len = 0;
- while (len < size && prefixcmp(buf + len, PGP_SIGNATURE)) {
- eol = memchr(buf + len, '\n', size - len);
- len += eol ? eol - (buf + len) + 1 : size - len;
- }
+ len = parse_signature(buf, size);
if (verbose)
write_in_full(1, buf, len);
diff --git a/t/t7004-tag.sh b/t/t7004-tag.sh
index f160af3ccc..3e7baaf89f 100755
--- a/t/t7004-tag.sh
+++ b/t/t7004-tag.sh
@@ -1030,6 +1030,72 @@ test_expect_success GPG \
test_cmp expect actual
'
+# usage with rfc1991 signatures
+echo "rfc1991" > gpghome/gpg.conf
+get_tag_header rfc1991-signed-tag $commit commit $time >expect
+echo "RFC1991 signed tag" >>expect
+echo '-----BEGIN PGP MESSAGE-----' >>expect
+test_expect_success GPG \
+ 'creating a signed tag with rfc1991' '
+ git tag -s -m "RFC1991 signed tag" rfc1991-signed-tag $commit &&
+ get_tag_msg rfc1991-signed-tag >actual &&
+ test_cmp expect actual
+'
+
+cat >fakeeditor <<'EOF'
+#!/bin/sh
+cp "$1" actual
+EOF
+chmod +x fakeeditor
+
+test_expect_success GPG \
+ 'reediting a signed tag body omits signature' '
+ echo "RFC1991 signed tag" >expect &&
+ GIT_EDITOR=./fakeeditor git tag -f -s rfc1991-signed-tag $commit &&
+ test_cmp expect actual
+'
+
+test_expect_success GPG \
+ 'verifying rfc1991 signature' '
+ git tag -v rfc1991-signed-tag
+'
+
+test_expect_success GPG \
+ 'list tag with rfc1991 signature' '
+ echo "rfc1991-signed-tag RFC1991 signed tag" >expect &&
+ git tag -l -n1 rfc1991-signed-tag >actual &&
+ test_cmp expect actual &&
+ git tag -l -n2 rfc1991-signed-tag >actual &&
+ test_cmp expect actual &&
+ git tag -l -n999 rfc1991-signed-tag >actual &&
+ test_cmp expect actual
+'
+
+rm -f gpghome/gpg.conf
+
+test_expect_success GPG \
+ 'verifying rfc1991 signature without --rfc1991' '
+ git tag -v rfc1991-signed-tag
+'
+
+test_expect_success GPG \
+ 'list tag with rfc1991 signature without --rfc1991' '
+ echo "rfc1991-signed-tag RFC1991 signed tag" >expect &&
+ git tag -l -n1 rfc1991-signed-tag >actual &&
+ test_cmp expect actual &&
+ git tag -l -n2 rfc1991-signed-tag >actual &&
+ test_cmp expect actual &&
+ git tag -l -n999 rfc1991-signed-tag >actual &&
+ test_cmp expect actual
+'
+
+test_expect_success GPG \
+ 'reediting a signed tag body omits signature' '
+ echo "RFC1991 signed tag" >expect &&
+ GIT_EDITOR=./fakeeditor git tag -f -s rfc1991-signed-tag $commit &&
+ test_cmp expect actual
+'
+
# try to sign with bad user.signingkey
git config user.signingkey BobTheMouse
test_expect_success GPG \
diff --git a/tag.c b/tag.c
index 28641cf85a..f789744cca 100644
--- a/tag.c
+++ b/tag.c
@@ -4,6 +4,9 @@
#include "tree.h"
#include "blob.h"
+#define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
+#define PGP_MESSAGE "-----BEGIN PGP MESSAGE-----"
+
const char *tag_type = "tag";
struct object *deref_tag(struct object *o, const char *warn, int warnlen)
@@ -133,3 +136,15 @@ int parse_tag(struct tag *item)
free(data);
return ret;
}
+
+size_t parse_signature(const char *buf, unsigned long size)
+{
+ char *eol;
+ size_t len = 0;
+ while (len < size && prefixcmp(buf + len, PGP_SIGNATURE) &&
+ prefixcmp(buf + len, PGP_MESSAGE)) {
+ eol = memchr(buf + len, '\n', size - len);
+ len += eol ? eol - (buf + len) + 1 : size - len;
+ }
+ return len;
+}
diff --git a/tag.h b/tag.h
index 47662724a6..8522370039 100644
--- a/tag.h
+++ b/tag.h
@@ -16,5 +16,6 @@ extern struct tag *lookup_tag(const unsigned char *sha1);
extern int parse_tag_buffer(struct tag *item, void *data, unsigned long size);
extern int parse_tag(struct tag *item);
extern struct object *deref_tag(struct object *, const char *, int);
+extern size_t parse_signature(const char *buf, unsigned long size);
#endif /* TAG_H */