On 03/26/2013 02:46 AM, Junio C Hamano wrote:> Sebastian Götte
<ja...@physik.tu-berlin.de> writes:
>> Rebased it onto the current 'master'. The second patch fixes that the GPG
>> status parser ignores the first line of GPG status output (that would be
>> caught
>> by the new merge signature verification test case).
>
> Thanks.
>
> Does it still make sure that it won't be fooled by the expected
> string appearing in the middle of a line, not at the beginning?
I thought that would not be a problem until I noticed it checks for GOODSIG
before it checks for BADSIG. Here is a fix.
Sebastian Götte (5):
Move commit GPG signature verification to commit.c
commit.c/GPG signature verification: Also look at the first GPG status
line
merge/pull: verify GPG signatures of commits being merged
merge/pull Check for untrusted good GPG signatures
pretty printing: extend %G? to include 'N' and 'U'
Documentation/merge-options.txt | 4 ++
Documentation/pretty-formats.txt | 3 +-
builtin/merge.c | 35 ++++++++++++++++-
commit.c | 64 ++++++++++++++++++++++++++++++
commit.h | 10 +++++
git-pull.sh | 10 ++++-
gpg-interface.h | 8 ++++
pretty.c | 77 ++++---------------------------------
t/lib-gpg/pubring.gpg | Bin 1164 -> 2359 bytes
t/lib-gpg/random_seed | Bin 600 -> 600 bytes
t/lib-gpg/secring.gpg | Bin 1237 -> 3734 bytes
t/lib-gpg/trustdb.gpg | Bin 1280 -> 1360 bytes
t/t7612-merge-verify-signatures.sh | 61 +++++++++++++++++++++++++++++
13 files changed, 198 insertions(+), 74 deletions(-)
create mode 100755 t/t7612-merge-verify-signatures.sh
--
1.8.1.5
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
