/ uis / git / x / uis / git / git.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw (from parent 1: 6e8f3d1)
Merge branch 'jc/gpg-status'
authorJunio C Hamano <gitster@pobox.com>
Mon, 20 Aug 2018 18:33:50 +0000 (11:33 -0700)
committerJunio C Hamano <gitster@pobox.com>
Mon, 20 Aug 2018 18:33:50 +0000 (11:33 -0700)
"git verify-tag" and "git verify-commit" have been taught to use
the exit status of underlying "gpg --verify" to signal bad or
untrusted signature they found.

* jc/gpg-status:
  gpg-interface: propagate exit status from gpg back to the callers

gpg-interface.c patch | blob | blame | history

diff --git a/gpg-interface.c b/gpg-interface.c
index bb8ea66..db17d65 100644 (file)
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -136,12 +136,13 @@ int check_signature(const char *payload, size_t plen, const char *signature,
        sigc->gpg_output = strbuf_detach(&gpg_output, NULL);
        sigc->gpg_status = strbuf_detach(&gpg_status, NULL);
        parse_gpg_output(sigc);
+       status |= sigc->result != 'G' && sigc->result != 'U';
 
  out:
        strbuf_release(&gpg_status);
        strbuf_release(&gpg_output);
 
-       return sigc->result != 'G' && sigc->result != 'U';
+       return !!status;
 }
 
 void print_signature_buffer(const struct signature_check *sigc, unsigned flags)
Local mirror of git