From: Junio C Hamano <gitster@pobox•com>
To: Jeff King <peff@peff•net>
Cc: Michael J Gruber <git@drmicha•warpmail.net>, git@vger•kernel.org
Subject: Re: [PATCH] log: correctly identify mergetag signature verification status
Date: Thu, 10 Jul 2014 15:27:14 -0700 [thread overview]
Message-ID: <xmqq7g3k7su5.fsf@gitster.dls.corp.google.com> (raw)
In-Reply-To: <20140628004458.GB13228@sigill.intra.peff.net> (Jeff King's message of "Fri, 27 Jun 2014 20:44:59 -0400")
Jeff King <peff@peff•net> writes:
> Perhaps it would be easier to read (and would have made the logic error
> you are fixing more obvious) as:
>
> if (extra->len > payload_size) {
> if (!verify_signed_buffer(...))
> status = 0; /* good; all other code paths leave it as -1 */
> else if (verify_message.len <= gpg_message_offset)
> strbuf_addstr(&verify_message, "No signature\n");
> }
>
> That is, for each conditional to check one more thing needed for a good
> signature, and then know that all other code paths leave status as -1.
Thanks. Let's do it this way, then.
log-tree.c | 21 +++++++++++----------
1 file changed, 11 insertions(+), 10 deletions(-)
diff --git a/log-tree.c b/log-tree.c
index 1982631..b4bbfe1 100644
--- a/log-tree.c
+++ b/log-tree.c
@@ -446,16 +446,17 @@ static void show_one_mergetag(struct rev_info *opt,
payload_size = parse_signature(extra->value, extra->len);
status = -1;
- if (extra->len > payload_size)
- if (verify_signed_buffer(extra->value, payload_size,
- extra->value + payload_size,
- extra->len - payload_size,
- &verify_message, NULL)) {
- if (verify_message.len <= gpg_message_offset)
- strbuf_addstr(&verify_message, "No signature\n");
- else
- status = 0;
- }
+ if (extra->len > payload_size) {
+ /* could have a good signature */
+ if (!verify_signed_buffer(extra->value, payload_size,
+ extra->value + payload_size,
+ extra->len - payload_size,
+ &verify_message, NULL))
+ status = 0; /* good */
+ else if (verify_message.len <= gpg_message_offset)
+ strbuf_addstr(&verify_message, "No signature\n");
+ /* otherwise we couldn't verify, which is shown as bad */
+ }
show_sig_lines(opt, status, verify_message.buf);
strbuf_release(&verify_message);
next prev parent reply other threads:[~2014-07-10 22:27 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-06 14:15 [PATCH 0/3] verify-commit: verify commit signatures Michael J Gruber
2014-06-06 14:15 ` [PATCH 1/3] pretty: free the gpg status buf Michael J Gruber
2014-06-06 14:15 ` [PATCH 2/3] gpg-interface: provide access to the payload Michael J Gruber
2014-06-13 7:55 ` Jeff King
2014-06-13 9:44 ` Michael J Gruber
2014-06-13 10:34 ` Jeff King
2014-06-06 14:15 ` [PATCH 3/3] verify-commit: scriptable commit signature verification Michael J Gruber
2014-06-11 19:48 ` Michael J Gruber
2014-06-13 8:02 ` Jeff King
2014-06-13 9:55 ` Michael J Gruber
2014-06-13 11:09 ` Jeff King
2014-06-13 17:06 ` Junio C Hamano
2014-06-16 9:21 ` Michael J Gruber
2014-06-16 19:54 ` Jeff King
2014-06-16 20:34 ` Junio C Hamano
2014-06-16 20:39 ` Jeff King
2014-06-27 12:31 ` Michael J Gruber
2014-06-27 12:49 ` Michael J Gruber
2014-06-27 13:06 ` Michael J Gruber
2014-06-27 13:18 ` [PATCH] log: correctly identify mergetag signature verification status Michael J Gruber
2014-06-28 0:44 ` Jeff King
2014-07-10 22:27 ` Junio C Hamano [this message]
2014-06-27 13:50 ` [PATCH 3/3] verify-commit: scriptable commit signature verification Michael J Gruber
2014-06-27 18:55 ` Junio C Hamano
2014-06-27 18:36 ` Junio C Hamano
2014-06-28 0:32 ` Jeff King
2014-06-30 6:14 ` Junio C Hamano
2014-06-13 10:42 ` [PATCHv2 0/6] verify-commit: verify commit signatures Michael J Gruber
2014-06-13 10:42 ` [PATCHv2 1/6] pretty: free the gpg status buf Michael J Gruber
2014-06-13 11:39 ` Jeff King
2014-06-13 10:42 ` [PATCHv2 2/6] gpg-interface: provide access to the payload Michael J Gruber
2014-06-13 10:42 ` [PATCHv2 3/6] verify-commit: scriptable commit signature verification Michael J Gruber
2014-06-13 11:19 ` Jeff King
2014-06-13 11:45 ` Michael J Gruber
2014-06-13 11:50 ` Jeff King
2014-06-13 12:12 ` Michael J Gruber
2014-06-13 10:42 ` [PATCHv2 4/6] t7510: exit for loop with test result Michael J Gruber
2014-06-13 11:46 ` Jeff King
2014-06-13 12:04 ` Michael J Gruber
2014-06-13 12:22 ` Michael J Gruber
2014-06-13 12:33 ` Michael J Gruber
2014-06-13 12:45 ` Jeff King
2014-06-13 12:54 ` Johannes Sixt
2014-06-13 13:06 ` Michael J Gruber
2014-06-13 13:21 ` Johannes Sixt
2014-06-13 13:30 ` Jeff King
2014-06-13 13:31 ` Michael J Gruber
2014-06-13 13:42 ` Johannes Sixt
2014-06-13 18:23 ` Junio C Hamano
2014-06-13 10:42 ` [PATCHv2 5/6] t7510: test verify-commit Michael J Gruber
2014-06-13 11:51 ` Jeff King
2014-06-13 12:14 ` Michael J Gruber
2014-06-13 18:16 ` Junio C Hamano
2014-06-13 10:42 ` [PATCHv2 6/6] gpg-interface: provide clear helper for struct signature_check Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 0/5] verify-commit: verify commit signatures Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 1/5] gpg-interface: provide clear helper for struct signature_check Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 2/5] gpg-interface: provide access to the payload Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 3/5] verify-commit: scriptable commit signature verification Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 4/5] t7510: exit for loop with test result Michael J Gruber
2014-06-23 7:05 ` [PATCHv3 5/5] t7510: test verify-commit Michael J Gruber
2014-06-23 23:02 ` Junio C Hamano
2014-06-23 17:28 ` [PATCHv3 0/5] verify-commit: verify commit signatures Jeff King
2014-06-23 17:52 ` Junio C Hamano
2014-06-23 21:09 ` Jeff King
2014-06-23 21:23 ` Junio C Hamano
2014-06-27 14:13 ` [PATCHv4 0/4] " Michael J Gruber
2014-06-27 14:13 ` [PATCHv4 1/4] gpg-interface: provide clear helper for struct signature_check Michael J Gruber
2014-06-27 14:13 ` [PATCHv4 2/4] gpg-interface: provide access to the payload Michael J Gruber
2014-06-27 14:13 ` [PATCHv4 3/4] verify-commit: scriptable commit signature verification Michael J Gruber
2014-06-27 14:13 ` [PATCHv4 4/4] t7510: test verify-commit Michael J Gruber
2014-06-27 19:32 ` Junio C Hamano
2014-06-27 20:26 ` Michael J Gruber
2014-06-27 19:07 ` [PATCHv4 0/4] verify-commit: verify commit signatures Junio C Hamano
2014-06-28 0:48 ` Jeff King
2014-06-28 0:49 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq7g3k7su5.fsf@gitster.dls.corp.google.com \
--to=gitster@pobox$(echo .)com \
--cc=git@drmicha$(echo .)warpmail.net \
--cc=git@vger$(echo .)kernel.org \
--cc=peff@peff$(echo .)net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox