public inbox for git@vger.kernel.org 
 help / color / mirror / Atom feed

From: Tacitus Aedifex <aedifex@sdf•org>
To: git@vger•kernel.org
Subject: Re: [PATCH v2] gpg-interface.c: detect and reject multiple signatures on commits
Date: Thu, 4 Oct 2018 22:52:29 +0000	[thread overview]
Message-ID: <20181004225229.GA15236@SDF.ORG> (raw)
In-Reply-To: <20180817073441.5247-1-mgorny@gentoo.org>

I think that there is a more simple way to catch multiple signatures see below.  
Other than that, I like this patch.

Signed-off-by: Tacitus Aedifex <aedifex@sdf•org>
---
 gpg-interface.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/gpg-interface.c b/gpg-interface.c
index db17d65f8..a4dba3361 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -93,6 +93,7 @@ static void parse_gpg_output(struct signature_check *sigc)
 {
 	const char *buf = sigc->gpg_status;
 	int i;
+	int multi_sig = 0;
 
 	/* Iterate over all search strings */
 	for (i = 0; i < ARRAY_SIZE(sigcheck_gpg_status); i++) {
@@ -115,6 +116,23 @@ static void parse_gpg_output(struct signature_check *sigc)
 				next = strchrnul(found, '\n');
 				sigc->signer = xmemdupz(found, next - found);
 			}
+		} else 
+			multi_sig++;
+
+		/*
+		 * GOODSIG, BADSIG, etc. can occure only once for each signature.
+		 * Therefore, if we had more than one then we're dealing with
+		 * multiple signatures. We don't support them currently and they are
+		 * rather hard to create, so something is likely probably not right
+		 * and we should reject them altogether.
+		 */
+		if (multi_sig > 1) {
+			sigc->result = 'E';
+			/* clear partial data to avoid confusion */
+			if (sigc->signer)
+				FREE_AND_NULL(sigc->signer);
+			if (sigc->key)
+				FREE_AND_NULL(sigc->key);
 		}
 	}
 }
--
2.18.0.129.ge333175
-- 

     prev parent reply	other threads:[~2018-10-04 22:52 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-08-17  7:34 [PATCH v2] gpg-interface.c: detect and reject multiple signatures on commits Michał Górny
2018-10-03  8:29 ` Michał Górny
2018-10-03 18:57   ` Stefan Beller
2018-10-05  6:14   ` Junio C Hamano
2018-10-04 22:52 ` Tacitus Aedifex [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:db17d65f dfblob:a4dba336 )
 OR (
bs:"Re: [PATCH v2] gpg-interface.c: detect and reject multiple signatures on commits" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181004225229.GA15236@SDF.ORG \
    --to=aedifex@sdf$(echo .)org \
    --cc=git@vger$(echo .)kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox