2 * Builtin "git verify-tag"
4 * Copyright (c) 2007 Carlos Rica <jasampler@gmail.com>
6 * Based on git-verify-tag.sh
11 #include "run-command.h"
14 static const char builtin_verify_tag_usage
[] =
15 "git-verify-tag [-v|--verbose] <tag>...";
17 #define PGP_SIGNATURE "-----BEGIN PGP SIGNATURE-----"
19 static int run_gpg_verify(const char *buf
, unsigned long size
, int verbose
)
21 struct child_process gpg
;
22 const char *args_gpg
[] = {"gpg", "--verify", "FILE", "-", NULL
};
23 char path
[PATH_MAX
], *eol
;
27 fd
= git_mkstemp(path
, PATH_MAX
, ".git_vtag_tmpXXXXXX");
29 return error("could not create temporary file '%s': %s",
30 path
, strerror(errno
));
31 if (write_in_full(fd
, buf
, size
) < 0)
32 return error("failed writing temporary file '%s': %s",
33 path
, strerror(errno
));
36 /* find the length without signature */
38 while (len
< size
&& prefixcmp(buf
+ len
, PGP_SIGNATURE
)) {
39 eol
= memchr(buf
+ len
, '\n', size
- len
);
40 len
+= eol
? eol
- (buf
+ len
) + 1 : size
- len
;
43 write_in_full(1, buf
, len
);
45 memset(&gpg
, 0, sizeof(gpg
));
49 if (start_command(&gpg
)) {
51 return error("could not run gpg.");
54 write_in_full(gpg
.in
, buf
, len
);
56 ret
= finish_command(&gpg
);
63 static int verify_tag(const char *name
, int verbose
)
65 enum object_type type
;
66 unsigned char sha1
[20];
71 if (get_sha1(name
, sha1
))
72 return error("tag '%s' not found.", name
);
74 type
= sha1_object_info(sha1
, NULL
);
76 return error("%s: cannot verify a non-tag object of type %s.",
77 name
, typename(type
));
79 buf
= read_sha1_file(sha1
, &type
, &size
);
81 return error("%s: unable to read file.", name
);
83 ret
= run_gpg_verify(buf
, size
, verbose
);
89 int cmd_verify_tag(int argc
, const char **argv
, const char *prefix
)
91 int i
= 1, verbose
= 0, had_error
= 0;
93 git_config(git_default_config
, NULL
);
96 usage(builtin_verify_tag_usage
);
98 if (!strcmp(argv
[i
], "-v") || !strcmp(argv
[i
], "--verbose")) {
103 /* sometimes the program was terminated because this signal
104 * was received in the process of writing the gpg input: */
105 signal(SIGPIPE
, SIG_IGN
);
107 if (verify_tag(argv
[i
++], verbose
))