gpg: centralize signature check
authorbrian m. carlson <sandals@crustytoothpaste.net>
Sun, 21 Jun 2015 23:14:40 +0000 (23:14 +0000)
committerJunio C Hamano <gitster@pobox.com>
Mon, 22 Jun 2015 21:20:46 +0000 (14:20 -0700)
commit434060ec6d9bf50f095db901da3fb9b557e11df1
tree7a7dc99fb6b8e1e5eaa566ec4eb5e29ff807e8f2
parent8e98e5f27aba812c0f095b7e546871e14a4139f6
gpg: centralize signature check

verify-commit and verify-tag both share a central codepath for verifying
commits: check_signature.  However, verify-tag exited successfully for
untrusted signature, while verify-commit exited unsuccessfully.
Centralize this signature check and make verify-commit adopt the older
verify-tag behavior.  This behavior is more logical anyway, as the
signature is in fact valid, whether or not there's a path of trust to
the author.

Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
builtin/verify-commit.c
builtin/verify-tag.c
commit.c
commit.h
gpg-interface.c
gpg-interface.h
t/t7510-signed-commit.sh