[PATCH/RFC] builtin/tag.c: move PGP verification inside builtin.

Thu, 24 Mar 2016 14:44:18 -0700 

From: Santiago Torres <torresari...@gmail.com>

The verify tag function is just a thin wrapper around the verify-tag
command. We can avoid one fork call by doing the verification instide
the tag builtin instead.

Signed-off-by: Santiago Torres <santi...@nyu.edu>
---
 builtin/tag.c | 44 ++++++++++++++++++++++++++++++++++++++------
 1 file changed, 38 insertions(+), 6 deletions(-)

diff --git a/builtin/tag.c b/builtin/tag.c
index 1705c94..be5d7c7 100644
--- a/builtin/tag.c
+++ b/builtin/tag.c
@@ -30,6 +30,27 @@ static const char * const git_tag_usage[] = {
 
 static unsigned int colopts;
 
+static int run_gpg_verify(const char *buf, unsigned long size, unsigned flags)
+{
+       struct signature_check sigc;
+       int len;
+       int ret;
+
+       memset(&sigc, 0, sizeof(sigc));
+
+       len = parse_signature(buf, size);
+
+       if (size == len) {
+               write_in_full(1, buf, len);
+       }
+
+       ret = check_signature(buf, len, buf + len, size - len, &sigc);
+       print_signature_buffer(&sigc, flags);
+
+       signature_check_clear(&sigc);
+       return ret;
+}
+
 static int list_tags(struct ref_filter *filter, struct ref_sorting *sorting, 
const char *format)
 {
        struct ref_array array;
@@ -104,13 +125,24 @@ static int delete_tag(const char *name, const char *ref,
 static int verify_tag(const char *name, const char *ref,
                                const unsigned char *sha1)
 {
-       const char *argv_verify_tag[] = {"verify-tag",
-                                       "-v", "SHA1_HEX", NULL};
-       argv_verify_tag[2] = sha1_to_hex(sha1);
 
-       if (run_command_v_opt(argv_verify_tag, RUN_GIT_CMD))
-               return error(_("could not verify the tag '%s'"), name);
-       return 0;
+       enum object_type type;
+       unsigned long size;
+       const char* buf;
+       int ret;
+
+       type = sha1_object_info(sha1, NULL);
+       if (type != OBJ_TAG)
+               return error("%s: cannot verify a non-tag object of type %s.",
+                               name, typename(type));
+
+       buf = read_sha1_file(sha1, &type, &size);
+       if (!buf)
+               return error("%s: unable to read file.", name);
+
+       ret = run_gpg_verify(buf, size, 0);
+
+       return ret;
 }
 
 static int do_sign(struct strbuf *buffer)
-- 
2.7.3

--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to