diff options
Diffstat (limited to 'gpg-interface.c')
| -rw-r--r-- | gpg-interface.c | 45 |
1 files changed, 24 insertions, 21 deletions
diff --git a/gpg-interface.c b/gpg-interface.c index 8672edaf48..4feacf16e5 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -1,4 +1,5 @@ #include "cache.h" +#include "config.h" #include "run-command.h" #include "strbuf.h" #include "gpg-interface.h" @@ -13,16 +14,11 @@ static const char *gpg_program = "gpg"; void signature_check_clear(struct signature_check *sigc) { - free(sigc->payload); - free(sigc->gpg_output); - free(sigc->gpg_status); - free(sigc->signer); - free(sigc->key); - sigc->payload = NULL; - sigc->gpg_output = NULL; - sigc->gpg_status = NULL; - sigc->signer = NULL; - sigc->key = NULL; + FREE_AND_NULL(sigc->payload); + FREE_AND_NULL(sigc->gpg_output); + FREE_AND_NULL(sigc->gpg_status); + FREE_AND_NULL(sigc->signer); + FREE_AND_NULL(sigc->key); } static struct { @@ -33,6 +29,10 @@ static struct { { 'B', "\n[GNUPG:] BADSIG " }, { 'U', "\n[GNUPG:] TRUST_NEVER" }, { 'U', "\n[GNUPG:] TRUST_UNDEFINED" }, + { 'E', "\n[GNUPG:] ERRSIG "}, + { 'X', "\n[GNUPG:] EXPSIG "}, + { 'Y', "\n[GNUPG:] EXPKEYSIG "}, + { 'R', "\n[GNUPG:] REVKEYSIG "}, }; void parse_gpg_output(struct signature_check *sigc) @@ -54,9 +54,12 @@ void parse_gpg_output(struct signature_check *sigc) /* The trust messages are not followed by key/signer information */ if (sigc->result != 'U') { sigc->key = xmemdupz(found, 16); - found += 17; - next = strchrnul(found, '\n'); - sigc->signer = xmemdupz(found, next - found); + /* The ERRSIG message is not followed by signer information */ + if (sigc-> result != 'E') { + found += 17; + next = strchrnul(found, '\n'); + sigc->signer = xmemdupz(found, next - found); + } } } } @@ -199,26 +202,26 @@ int verify_signed_buffer(const char *payload, size_t payload_size, struct strbuf *gpg_output, struct strbuf *gpg_status) { struct child_process gpg = CHILD_PROCESS_INIT; - static struct tempfile temp; - int fd, ret; + struct tempfile *temp; + int ret; struct strbuf buf = STRBUF_INIT; - fd = mks_tempfile_t(&temp, ".git_vtag_tmpXXXXXX"); - if (fd < 0) + temp = mks_tempfile_t(".git_vtag_tmpXXXXXX"); + if (!temp) return error_errno(_("could not create temporary file")); - if (write_in_full(fd, signature, signature_size) < 0) { + if (write_in_full(temp->fd, signature, signature_size) < 0 || + close_tempfile_gently(temp) < 0) { error_errno(_("failed writing detached signature to '%s'"), - temp.filename.buf); + temp->filename.buf); delete_tempfile(&temp); return -1; } - close(fd); argv_array_pushl(&gpg.args, gpg_program, "--status-fd=1", "--keyid-format=long", - "--verify", temp.filename.buf, "-", + "--verify", temp->filename.buf, "-", NULL); if (!gpg_status) |