Merge branch 'jc/sign-buffer-failure-propagation-fix'

A failed "git tag -s" did not necessarily result in an error depending on the crypto backend, which has been corrected. * jc/sign-buffer-failure-propagation-fix: ssh signing: signal an error with a negative return value tag: fix sign_buffer() call to create a signed tag
2024-04-27 22:35:12 +02:00 · 2024-02-12 13:16:10 -08:00 · 2024-02-12 13:16:10 -08:00 · 05c5a6db80
parent 13fdf82e09 6931049c32
commit 05c5a6db80
3 changed files with 3 additions and 3 deletions
--- a/builtin/tag.c
+++ b/builtin/tag.c
@ -153,7 +153,7 @@ static int verify_tag(const char *name, const char *ref UNUSED,

 static int do_sign(struct strbuf *buffer)
 {
-	return sign_buffer(buffer, buffer, get_signing_key());
+	return sign_buffer(buffer, buffer, get_signing_key()) ? -1 : 0;
 }

 static const char tag_template[] =
--- a/gpg-interface.c
+++ b/gpg-interface.c
@ -1078,7 +1078,7 @@ static int sign_buffer_ssh(struct strbuf *buffer, struct strbuf *signature,
 		if (strstr(signer_stderr.buf, "usage:"))
 			error(_("ssh-keygen -Y sign is needed for ssh signing (available in openssh version 8.2p1+)"));

-		error("%s", signer_stderr.buf);
+		ret = error("%s", signer_stderr.buf);
 		goto out;
 	}

--- a/gpg-interface.h
+++ b/gpg-interface.h
@ -66,7 +66,7 @@ size_t parse_signed_buffer(const char *buf, size_t size);
 * Create a detached signature for the contents of "buffer" and append
 * it after "signature"; "buffer" and "signature" can be the same
 * strbuf instance, which would cause the detached signature appended
- * at the end.
+ * at the end.  Returns 0 on success, non-zero on failure.
 */
 int sign_buffer(struct strbuf *buffer, struct strbuf *signature,
 		const char *signing_key);