The combination of verify_signed_buffer followed by parse_gpg_output is available as check_signature. Use that instead of implementing it again.
Signed-off-by: Henning Schild <henning.sch...@siemens.com> --- builtin/receive-pack.c | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/builtin/receive-pack.c b/builtin/receive-pack.c index 68d36e0a5..9f0583deb 100644 --- a/builtin/receive-pack.c +++ b/builtin/receive-pack.c @@ -629,8 +629,6 @@ static void prepare_push_cert_sha1(struct child_process *proc) return; if (!already_done) { - struct strbuf gpg_output = STRBUF_INIT; - struct strbuf gpg_status = STRBUF_INIT; int bogs /* beginning_of_gpg_sig */; already_done = 1; @@ -639,22 +637,11 @@ static void prepare_push_cert_sha1(struct child_process *proc) oidclr(&push_cert_oid); memset(&sigcheck, '\0', sizeof(sigcheck)); - sigcheck.result = 'N'; bogs = parse_signature(push_cert.buf, push_cert.len); - if (verify_signed_buffer(push_cert.buf, bogs, - push_cert.buf + bogs, push_cert.len - bogs, - &gpg_output, &gpg_status) < 0) { - ; /* error running gpg */ - } else { - sigcheck.payload = push_cert.buf; - sigcheck.gpg_output = gpg_output.buf; - sigcheck.gpg_status = gpg_status.buf; - parse_gpg_output(&sigcheck); - } + check_signature(push_cert.buf, bogs, push_cert.buf + bogs, + push_cert.len - bogs, &sigcheck); - strbuf_release(&gpg_output); - strbuf_release(&gpg_status); nonce_status = check_nonce(push_cert.buf, bogs); } if (!is_null_oid(&push_cert_oid)) { -- 2.16.4