diff --git a/Documentation/config.txt b/Documentation/config.txt index b30c7e6278..094c1c9de3 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -1094,6 +1094,17 @@ grep.lineNumber:: grep.extendedRegexp:: If set to true, enable '--extended-regexp' option by default. +gpg.program:: + Use this custom program instead of "gpg" found on $PATH when + making or verifying a PGP signature. The program must support the + same command line interface as GPG, namely, to verify a detached + signature, "gpg --verify $file - <$signature" is run, and the + program is expected to signal a good signature by exiting with + code 0, and to generate an ascii-armored detached signature, the + standard input of "gpg -bsau $key" is fed with the contents to be + signed, and the program is expected to send the result to its + standard output. + gui.commitmsgwidth:: Defines how wide the commit message window is in the linkgit:git-gui[1]. "75" is the default. diff --git a/Documentation/git-tag.txt b/Documentation/git-tag.txt index c83cb13de6..74fc7e006f 100644 --- a/Documentation/git-tag.txt +++ b/Documentation/git-tag.txt @@ -38,7 +38,9 @@ created (i.e. a lightweight tag). A GnuPG signed tag object will be created when `-s` or `-u ` is used. When `-u ` is not used, the committer identity for the current user is used to find the -GnuPG key for signing. +GnuPG key for signing. The configuration variable `gpg.program` +is used to specify custom GnuPG binary. + OPTIONS ------- @@ -48,11 +50,11 @@ OPTIONS -s:: --sign:: - Make a GPG-signed tag, using the default e-mail address's key + Make a GPG-signed tag, using the default e-mail address's key. -u :: --local-user=:: - Make a GPG-signed tag, using the given key + Make a GPG-signed tag, using the given key. -f:: --force:: diff --git a/gpg-interface.c b/gpg-interface.c index ff232c8c5d..18630ff8da 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -5,6 +5,7 @@ #include "sigchain.h" static char *configured_signing_key; +static const char *gpg_program = "gpg"; void set_signing_key(const char *key) { @@ -15,9 +16,12 @@ void set_signing_key(const char *key) int git_gpg_config(const char *var, const char *value, void *cb) { if (!strcmp(var, "user.signingkey")) { + set_signing_key(value); + } + if (!strcmp(var, "gpg.program")) { if (!value) return config_error_nonbool(var); - set_signing_key(value); + gpg_program = xstrdup(value); } return 0; } @@ -46,7 +50,7 @@ int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *sig gpg.argv = args; gpg.in = -1; gpg.out = -1; - args[0] = "gpg"; + args[0] = gpg_program; args[1] = "-bsau"; args[2] = signing_key; args[3] = NULL; @@ -101,10 +105,11 @@ int verify_signed_buffer(const char *payload, size_t payload_size, struct strbuf *gpg_output) { struct child_process gpg; - const char *args_gpg[] = {"gpg", "--verify", "FILE", "-", NULL}; + const char *args_gpg[] = {NULL, "--verify", "FILE", "-", NULL}; char path[PATH_MAX]; int fd, ret; + args_gpg[0] = gpg_program; fd = git_mkstemp(path, PATH_MAX, ".git_vtag_tmpXXXXXX"); if (fd < 0) return error("could not create temporary file '%s': %s",