verify-tag: migrate to parse-options
[git/git.git] / builtin-verify-tag.c
CommitLineData
2ae68fcb
CR
1/*
2 * Builtin "git verify-tag"
3 *
4 * Copyright (c) 2007 Carlos Rica <jasampler@gmail.com>
5 *
6 * Based on git-verify-tag.sh
7 */
8#include "cache.h"
9#include "builtin.h"
10#include "tag.h"
11#include "run-command.h"
12#include <signal.h>
4855b2a2 13#include "parse-options.h"
2ae68fcb 14
4855b2a2
SB
15static const char * const verify_tag_usage[] = {
16 "git verify-tag [-v|--verbose] <tag>...",
17 NULL
18};
2ae68fcb
CR
19
20#define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
21
22static int run_gpg_verify(const char *buf, unsigned long size, int verbose)
23{
24 struct child_process gpg;
25 const char *args_gpg[] = {"gpg", "--verify", "FILE", "-", NULL};
26 char path[PATH_MAX], *eol;
27 size_t len;
28 int fd, ret;
29
30 fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX");
31 if (fd < 0)
32 return error("could not create temporary file '%s': %s",
33 path, strerror(errno));
34 if (write_in_full(fd, buf, size) < 0)
35 return error("failed writing temporary file '%s': %s",
36 path, strerror(errno));
37 close(fd);
38
39 /* find the length without signature */
40 len = 0;
fec60a26 41 while (len < size && prefixcmp(buf + len, PGP_SIGNATURE)) {
2ae68fcb
CR
42 eol = memchr(buf + len, '\n', size - len);
43 len += eol ? eol - (buf + len) + 1 : size - len;
44 }
45 if (verbose)
46 write_in_full(1, buf, len);
47
48 memset(&gpg, 0, sizeof(gpg));
49 gpg.argv = args_gpg;
50 gpg.in = -1;
2ae68fcb 51 args_gpg[2] = path;
69fe5ef6
JS
52 if (start_command(&gpg)) {
53 unlink(path);
2ae68fcb 54 return error("could not run gpg.");
69fe5ef6 55 }
2ae68fcb
CR
56
57 write_in_full(gpg.in, buf, len);
58 close(gpg.in);
2ae68fcb
CR
59 ret = finish_command(&gpg);
60
691f1a28 61 unlink_or_warn(path);
2ae68fcb
CR
62
63 return ret;
64}
65
66static int verify_tag(const char *name, int verbose)
67{
68 enum object_type type;
69 unsigned char sha1[20];
70 char *buf;
71 unsigned long size;
72 int ret;
73
74 if (get_sha1(name, sha1))
75 return error("tag '%s' not found.", name);
76
77 type = sha1_object_info(sha1, NULL);
78 if (type != OBJ_TAG)
79 return error("%s: cannot verify a non-tag object of type %s.",
80 name, typename(type));
81
82 buf = read_sha1_file(sha1, &type, &size);
83 if (!buf)
84 return error("%s: unable to read file.", name);
85
86 ret = run_gpg_verify(buf, size, verbose);
87
88 free(buf);
89 return ret;
90}
91
92int cmd_verify_tag(int argc, const char **argv, const char *prefix)
93{
94 int i = 1, verbose = 0, had_error = 0;
4855b2a2
SB
95 const struct option verify_tag_options[] = {
96 OPT__VERBOSE(&verbose),
97 OPT_END()
98 };
2ae68fcb 99
ef90d6d4 100 git_config(git_default_config, NULL);
2ae68fcb 101
4855b2a2
SB
102 argc = parse_options(argc, argv, prefix, verify_tag_options,
103 verify_tag_usage, PARSE_OPT_KEEP_ARGV0);
d2761895 104 if (argc <= i)
4855b2a2 105 usage_with_options(verify_tag_usage, verify_tag_options);
d2761895 106
2ae68fcb
CR
107 /* sometimes the program was terminated because this signal
108 * was received in the process of writing the gpg input: */
109 signal(SIGPIPE, SIG_IGN);
110 while (i < argc)
111 if (verify_tag(argv[i++], verbose))
112 had_error = 1;
113 return had_error;
114}