From: Junio C Hamano <gitster@pobox•com>
To: Michael J Gruber <git@drmicha•warpmail.net>
Cc: git@vger•kernel.org
Subject: Re: [PATCHv2] push: heed user.signingkey for signed pushes
Date: Wed, 22 Oct 2014 15:05:55 -0700 [thread overview]
Message-ID: <xmqq7fzru5do.fsf@gitster.dls.corp.google.com> (raw)
In-Reply-To: <7b3546cd125d1ad92dd62297ecbe624a78c6079b.1413989799.git.git@drmicha.warpmail.net> (Michael J. Gruber's message of "Wed, 22 Oct 2014 16:57:49 +0200")
Michael J Gruber <git@drmicha•warpmail.net> writes:
> push --signed promises to take user.signingkey as the signing key but
> fails to read the config.
>
> Make it do so.
>
> Signed-off-by: Michael J Gruber <git@drmicha•warpmail.net>
> ---
> Okay, I guess this is nicer. We do have the committer info in the env. Sorry.
>
> builtin/push.c | 13 ++++++++++++-
> t/lib-gpg/trustdb.gpg | Bin 1360 -> 1360 bytes
> t/t5534-push-signed.sh | 44 ++++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 56 insertions(+), 1 deletion(-)
Hmph, I simply forgot about that configuration, I guess.
What is this change to trustdb about, though? The log message does
not say anything about it.
>
> diff --git a/builtin/push.c b/builtin/push.c
> index ae56f73..a076b19 100644
> --- a/builtin/push.c
> +++ b/builtin/push.c
> @@ -471,6 +471,17 @@ static int option_parse_recurse_submodules(const struct option *opt,
> return 0;
> }
>
> +static int git_push_config(const char *k, const char *v, void *cb)
> +{
> + struct wt_status *s = cb;
> + int status;
> +
> + status = git_gpg_config(k, v, NULL);
> + if (status)
> + return status;
> + return git_default_config(k, v, s);
> +}
> +
> int cmd_push(int argc, const char **argv, const char *prefix)
> {
> int flags = 0;
> @@ -511,7 +522,7 @@ int cmd_push(int argc, const char **argv, const char *prefix)
> };
>
> packet_trace_identity("push");
> - git_config(git_default_config, NULL);
> + git_config(git_push_config, NULL);
> argc = parse_options(argc, argv, prefix, options, push_usage, 0);
>
> if (deleterefs && (tags || (flags & (TRANSPORT_PUSH_ALL | TRANSPORT_PUSH_MIRROR))))
> diff --git a/t/lib-gpg/trustdb.gpg b/t/lib-gpg/trustdb.gpg
> index 4879ae9a84650a93a4d15bd6560c5d1b89eb4c2f..c11b1464b3d13b45966a493e2174fc0e253ddd0c 100644
> GIT binary patch
> delta 47
> ncmcb>b%9HOF})z2nVFH5k%@sJ#C^}~iH71E)x}wb7%%_;=xPS!
>
> delta 51
> tcmcb>b%9HSF})z2nVFH5k%@sJ&}Z5*1_lPkiGso#)x}wb*nk{V008$D2C@JE
>
> diff --git a/t/t5534-push-signed.sh b/t/t5534-push-signed.sh
> index 2786346..ecb8d44 100755
> --- a/t/t5534-push-signed.sh
> +++ b/t/t5534-push-signed.sh
> @@ -124,4 +124,48 @@ test_expect_success GPG 'signed push sends push certificate' '
> test_cmp expect dst/push-cert-status
> '
>
> +test_expect_success GPG 'fail without key and heed user.signingkey' '
> + prepare_dst &&
> + mkdir -p dst/.git/hooks &&
> + git -C dst config receive.certnonceseed sekrit &&
> + write_script dst/.git/hooks/post-receive <<-\EOF &&
> + # discard the update list
> + cat >/dev/null
> + # record the push certificate
> + if test -n "${GIT_PUSH_CERT-}"
> + then
> + git cat-file blob $GIT_PUSH_CERT >../push-cert
> + fi &&
> +
> + cat >../push-cert-status <<E_O_F
> + SIGNER=${GIT_PUSH_CERT_SIGNER-nobody}
> + KEY=${GIT_PUSH_CERT_KEY-nokey}
> + STATUS=${GIT_PUSH_CERT_STATUS-nostatus}
> + NONCE_STATUS=${GIT_PUSH_CERT_NONCE_STATUS-nononcestatus}
> + NONCE=${GIT_PUSH_CERT_NONCE-nononce}
> + E_O_F
> +
> + EOF
> +
> + unset GIT_COMMITTER_EMAIL &&
> + git config user.email hasnokey@nowhere•com &&
> + test_must_fail git push --signed dst noop ff +noff &&
> + git config user.signingkey committer@example•com &&
> + git push --signed dst noop ff +noff &&
> +
> + (
> + cat <<-\EOF &&
> + SIGNER=C O Mitter <committer@example•com>
> + KEY=13B6F51ECDDE430D
> + STATUS=G
> + NONCE_STATUS=OK
> + EOF
> + sed -n -e "s/^nonce /NONCE=/p" -e "/^$/q" dst/push-cert
> + ) >expect &&
> +
> + grep "$(git rev-parse noop ff) refs/heads/ff" dst/push-cert &&
> + grep "$(git rev-parse noop noff) refs/heads/noff" dst/push-cert &&
> + test_cmp expect dst/push-cert-status
> +'
> +
> test_done
next prev parent reply other threads:[~2014-10-22 22:06 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-22 14:47 [RFD/PATCH] push: heed user.signingkey for signed pushes Michael J Gruber
2014-10-22 14:57 ` [PATCHv2] " Michael J Gruber
2014-10-22 22:05 ` Junio C Hamano [this message]
2014-10-22 23:47 ` Junio C Hamano
2014-10-24 15:16 ` Michael J Gruber
2014-10-24 15:23 ` [PATCH] t/lib-gpg: make gpghome files writable Michael J Gruber
2014-10-24 16:48 ` [PATCHv2] push: heed user.signingkey for signed pushes Junio C Hamano
2014-10-24 15:03 ` Michael J Gruber
2014-10-24 16:49 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq7fzru5do.fsf@gitster.dls.corp.google.com \
--to=gitster@pobox$(echo .)com \
--cc=git@drmicha$(echo .)warpmail.net \
--cc=git@vger$(echo .)kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox