t5510: harden the way verify-pack is used
[alt-git.git] / builtin-tag.c
blob2cdefb1d9a11968ea177f29b9a1334ef5f1d67eb
1 /*
2 * Builtin "git tag"
4 * Copyright (c) 2007 Kristian Høgsberg <krh@redhat.com>,
5 * Carlos Rica <jasampler@gmail.com>
6 * Based on git-tag.sh and mktag.c by Linus Torvalds.
7 */
9 #include "cache.h"
10 #include "builtin.h"
11 #include "refs.h"
12 #include "tag.h"
13 #include "run-command.h"
14 #include "parse-options.h"
16 static const char * const git_tag_usage[] = {
17 "git tag [-a|-s|-u <key-id>] [-f] [-m <msg>|-F <file>] <tagname> [<head>]",
18 "git tag -d <tagname>...",
19 "git tag -l [-n[<num>]] [<pattern>]",
20 "git tag -v <tagname>...",
21 NULL
24 static char signingkey[1000];
26 struct tag_filter {
27 const char *pattern;
28 int lines;
31 #define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
33 static int show_reference(const char *refname, const unsigned char *sha1,
34 int flag, void *cb_data)
36 struct tag_filter *filter = cb_data;
38 if (!fnmatch(filter->pattern, refname, 0)) {
39 int i;
40 unsigned long size;
41 enum object_type type;
42 char *buf, *sp, *eol;
43 size_t len;
45 if (!filter->lines) {
46 printf("%s\n", refname);
47 return 0;
49 printf("%-15s ", refname);
51 buf = read_sha1_file(sha1, &type, &size);
52 if (!buf || !size)
53 return 0;
55 /* skip header */
56 sp = strstr(buf, "\n\n");
57 if (!sp) {
58 free(buf);
59 return 0;
61 /* only take up to "lines" lines, and strip the signature */
62 for (i = 0, sp += 2;
63 i < filter->lines && sp < buf + size &&
64 prefixcmp(sp, PGP_SIGNATURE "\n");
65 i++) {
66 if (i)
67 printf("\n ");
68 eol = memchr(sp, '\n', size - (sp - buf));
69 len = eol ? eol - sp : size - (sp - buf);
70 fwrite(sp, len, 1, stdout);
71 if (!eol)
72 break;
73 sp = eol + 1;
75 putchar('\n');
76 free(buf);
79 return 0;
82 static int list_tags(const char *pattern, int lines)
84 struct tag_filter filter;
86 if (pattern == NULL)
87 pattern = "*";
89 filter.pattern = pattern;
90 filter.lines = lines;
92 for_each_tag_ref(show_reference, (void *) &filter);
94 return 0;
97 typedef int (*each_tag_name_fn)(const char *name, const char *ref,
98 const unsigned char *sha1);
100 static int for_each_tag_name(const char **argv, each_tag_name_fn fn)
102 const char **p;
103 char ref[PATH_MAX];
104 int had_error = 0;
105 unsigned char sha1[20];
107 for (p = argv; *p; p++) {
108 if (snprintf(ref, sizeof(ref), "refs/tags/%s", *p)
109 >= sizeof(ref)) {
110 error("tag name too long: %.*s...", 50, *p);
111 had_error = 1;
112 continue;
114 if (!resolve_ref(ref, sha1, 1, NULL)) {
115 error("tag '%s' not found.", *p);
116 had_error = 1;
117 continue;
119 if (fn(*p, ref, sha1))
120 had_error = 1;
122 return had_error;
125 static int delete_tag(const char *name, const char *ref,
126 const unsigned char *sha1)
128 if (delete_ref(ref, sha1, 0))
129 return 1;
130 printf("Deleted tag '%s'\n", name);
131 return 0;
134 static int verify_tag(const char *name, const char *ref,
135 const unsigned char *sha1)
137 const char *argv_verify_tag[] = {"git-verify-tag",
138 "-v", "SHA1_HEX", NULL};
139 argv_verify_tag[2] = sha1_to_hex(sha1);
141 if (run_command_v_opt(argv_verify_tag, 0))
142 return error("could not verify the tag '%s'", name);
143 return 0;
146 static int do_sign(struct strbuf *buffer)
148 struct child_process gpg;
149 const char *args[4];
150 char *bracket;
151 int len;
152 int i, j;
154 if (!*signingkey) {
155 if (strlcpy(signingkey, git_committer_info(IDENT_ERROR_ON_NO_NAME),
156 sizeof(signingkey)) > sizeof(signingkey) - 1)
157 return error("committer info too long.");
158 bracket = strchr(signingkey, '>');
159 if (bracket)
160 bracket[1] = '\0';
163 /* When the username signingkey is bad, program could be terminated
164 * because gpg exits without reading and then write gets SIGPIPE. */
165 signal(SIGPIPE, SIG_IGN);
167 memset(&gpg, 0, sizeof(gpg));
168 gpg.argv = args;
169 gpg.in = -1;
170 gpg.out = -1;
171 args[0] = "gpg";
172 args[1] = "-bsau";
173 args[2] = signingkey;
174 args[3] = NULL;
176 if (start_command(&gpg))
177 return error("could not run gpg.");
179 if (write_in_full(gpg.in, buffer->buf, buffer->len) != buffer->len) {
180 close(gpg.in);
181 close(gpg.out);
182 finish_command(&gpg);
183 return error("gpg did not accept the tag data");
185 close(gpg.in);
186 len = strbuf_read(buffer, gpg.out, 1024);
187 close(gpg.out);
189 if (finish_command(&gpg) || !len || len < 0)
190 return error("gpg failed to sign the tag");
192 /* Strip CR from the line endings, in case we are on Windows. */
193 for (i = j = 0; i < buffer->len; i++)
194 if (buffer->buf[i] != '\r') {
195 if (i != j)
196 buffer->buf[j] = buffer->buf[i];
197 j++;
199 strbuf_setlen(buffer, j);
201 return 0;
204 static const char tag_template[] =
205 "\n"
206 "#\n"
207 "# Write a tag message\n"
208 "#\n";
210 static void set_signingkey(const char *value)
212 if (strlcpy(signingkey, value, sizeof(signingkey)) >= sizeof(signingkey))
213 die("signing key value too long (%.10s...)", value);
216 static int git_tag_config(const char *var, const char *value, void *cb)
218 if (!strcmp(var, "user.signingkey")) {
219 if (!value)
220 return config_error_nonbool(var);
221 set_signingkey(value);
222 return 0;
225 return git_default_config(var, value, cb);
228 static void write_tag_body(int fd, const unsigned char *sha1)
230 unsigned long size;
231 enum object_type type;
232 char *buf, *sp, *eob;
233 size_t len;
235 buf = read_sha1_file(sha1, &type, &size);
236 if (!buf)
237 return;
238 /* skip header */
239 sp = strstr(buf, "\n\n");
241 if (!sp || !size || type != OBJ_TAG) {
242 free(buf);
243 return;
245 sp += 2; /* skip the 2 LFs */
246 eob = strstr(sp, "\n" PGP_SIGNATURE "\n");
247 if (eob)
248 len = eob - sp;
249 else
250 len = buf + size - sp;
251 write_or_die(fd, sp, len);
253 free(buf);
256 static int build_tag_object(struct strbuf *buf, int sign, unsigned char *result)
258 if (sign && do_sign(buf) < 0)
259 return error("unable to sign the tag");
260 if (write_sha1_file(buf->buf, buf->len, tag_type, result) < 0)
261 return error("unable to write tag file");
262 return 0;
265 static void create_tag(const unsigned char *object, const char *tag,
266 struct strbuf *buf, int message, int sign,
267 unsigned char *prev, unsigned char *result)
269 enum object_type type;
270 char header_buf[1024];
271 int header_len;
272 char *path = NULL;
274 type = sha1_object_info(object, NULL);
275 if (type <= OBJ_NONE)
276 die("bad object type.");
278 header_len = snprintf(header_buf, sizeof(header_buf),
279 "object %s\n"
280 "type %s\n"
281 "tag %s\n"
282 "tagger %s\n\n",
283 sha1_to_hex(object),
284 typename(type),
285 tag,
286 git_committer_info(IDENT_ERROR_ON_NO_NAME));
288 if (header_len > sizeof(header_buf) - 1)
289 die("tag header too big.");
291 if (!message) {
292 int fd;
294 /* write the template message before editing: */
295 path = git_pathdup("TAG_EDITMSG");
296 fd = open(path, O_CREAT | O_TRUNC | O_WRONLY, 0600);
297 if (fd < 0)
298 die("could not create file '%s': %s",
299 path, strerror(errno));
301 if (!is_null_sha1(prev))
302 write_tag_body(fd, prev);
303 else
304 write_or_die(fd, tag_template, strlen(tag_template));
305 close(fd);
307 if (launch_editor(path, buf, NULL)) {
308 fprintf(stderr,
309 "Please supply the message using either -m or -F option.\n");
310 exit(1);
314 stripspace(buf, 1);
316 if (!message && !buf->len)
317 die("no tag message?");
319 strbuf_insert(buf, 0, header_buf, header_len);
321 if (build_tag_object(buf, sign, result) < 0) {
322 if (path)
323 fprintf(stderr, "The tag message has been left in %s\n",
324 path);
325 exit(128);
327 if (path) {
328 unlink(path);
329 free(path);
333 struct msg_arg {
334 int given;
335 struct strbuf buf;
338 static int parse_msg_arg(const struct option *opt, const char *arg, int unset)
340 struct msg_arg *msg = opt->value;
342 if (!arg)
343 return -1;
344 if (msg->buf.len)
345 strbuf_addstr(&(msg->buf), "\n\n");
346 strbuf_addstr(&(msg->buf), arg);
347 msg->given = 1;
348 return 0;
351 int cmd_tag(int argc, const char **argv, const char *prefix)
353 struct strbuf buf;
354 unsigned char object[20], prev[20];
355 char ref[PATH_MAX];
356 const char *object_ref, *tag;
357 struct ref_lock *lock;
359 int annotate = 0, sign = 0, force = 0, lines = -1,
360 list = 0, delete = 0, verify = 0;
361 const char *msgfile = NULL, *keyid = NULL;
362 struct msg_arg msg = { 0, STRBUF_INIT };
363 struct option options[] = {
364 OPT_BOOLEAN('l', NULL, &list, "list tag names"),
365 { OPTION_INTEGER, 'n', NULL, &lines, NULL,
366 "print n lines of each tag message",
367 PARSE_OPT_OPTARG, NULL, 1 },
368 OPT_BOOLEAN('d', NULL, &delete, "delete tags"),
369 OPT_BOOLEAN('v', NULL, &verify, "verify tags"),
371 OPT_GROUP("Tag creation options"),
372 OPT_BOOLEAN('a', NULL, &annotate,
373 "annotated tag, needs a message"),
374 OPT_CALLBACK('m', NULL, &msg, "msg",
375 "message for the tag", parse_msg_arg),
376 OPT_STRING('F', NULL, &msgfile, "file", "message in a file"),
377 OPT_BOOLEAN('s', NULL, &sign, "annotated and GPG-signed tag"),
378 OPT_STRING('u', NULL, &keyid, "key-id",
379 "use another key to sign the tag"),
380 OPT_BOOLEAN('f', NULL, &force, "replace the tag if exists"),
381 OPT_END()
384 git_config(git_tag_config, NULL);
386 argc = parse_options(argc, argv, options, git_tag_usage, 0);
387 msgfile = parse_options_fix_filename(prefix, msgfile);
389 if (keyid) {
390 sign = 1;
391 set_signingkey(keyid);
393 if (sign)
394 annotate = 1;
395 if (argc == 0 && !(delete || verify))
396 list = 1;
398 if ((annotate || msg.given || msgfile || force) &&
399 (list || delete || verify))
400 usage_with_options(git_tag_usage, options);
402 if (list + delete + verify > 1)
403 usage_with_options(git_tag_usage, options);
404 if (list)
405 return list_tags(argv[0], lines == -1 ? 0 : lines);
406 if (lines != -1)
407 die("-n option is only allowed with -l.");
408 if (delete)
409 return for_each_tag_name(argv, delete_tag);
410 if (verify)
411 return for_each_tag_name(argv, verify_tag);
413 strbuf_init(&buf, 0);
414 if (msg.given || msgfile) {
415 if (msg.given && msgfile)
416 die("only one -F or -m option is allowed.");
417 annotate = 1;
418 if (msg.given)
419 strbuf_addbuf(&buf, &(msg.buf));
420 else {
421 if (!strcmp(msgfile, "-")) {
422 if (strbuf_read(&buf, 0, 1024) < 0)
423 die("cannot read %s", msgfile);
424 } else {
425 if (strbuf_read_file(&buf, msgfile, 1024) < 0)
426 die("could not open or read '%s': %s",
427 msgfile, strerror(errno));
432 tag = argv[0];
434 object_ref = argc == 2 ? argv[1] : "HEAD";
435 if (argc > 2)
436 die("too many params");
438 if (get_sha1(object_ref, object))
439 die("Failed to resolve '%s' as a valid ref.", object_ref);
441 if (snprintf(ref, sizeof(ref), "refs/tags/%s", tag) > sizeof(ref) - 1)
442 die("tag name too long: %.*s...", 50, tag);
443 if (check_ref_format(ref))
444 die("'%s' is not a valid tag name.", tag);
446 if (!resolve_ref(ref, prev, 1, NULL))
447 hashclr(prev);
448 else if (!force)
449 die("tag '%s' already exists", tag);
451 if (annotate)
452 create_tag(object, tag, &buf, msg.given || msgfile,
453 sign, prev, object);
455 lock = lock_any_ref_for_update(ref, prev, 0);
456 if (!lock)
457 die("%s: cannot lock the ref", ref);
458 if (write_ref_sha1(lock, object, NULL) < 0)
459 die("%s: cannot update the ref", ref);
461 strbuf_release(&buf);
462 return 0;