From efee9553a4f97b2ecd8f49be19606dd4cf7d9c28 Mon Sep 17 00:00:00 2001 From: Michael J Gruber Date: Fri, 17 Jun 2016 19:38:59 -0400 Subject: [PATCH] gpg-interface: check gpg signature creation status When we create a signature, it may happen that gpg returns with "success" but not with an actual detached signature on stdout. Check for the correct signature creation status to catch these cases better. Really, --status-fd parsing is the only way to check gpg status reliably. We do the same for verify already. Signed-off-by: Michael J Gruber Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- gpg-interface.c | 8 ++++++-- t/t7004-tag.sh | 9 ++++++++- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/gpg-interface.c b/gpg-interface.c index 74f08a2a0e..08356f92e7 100644 --- a/gpg-interface.c +++ b/gpg-interface.c @@ -153,9 +153,11 @@ int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *sig struct child_process gpg = CHILD_PROCESS_INIT; int ret; size_t i, j, bottom; + struct strbuf gpg_status = STRBUF_INIT; argv_array_pushl(&gpg.args, gpg_program, + "--status-fd=2", "-bsau", signing_key, NULL); @@ -167,10 +169,12 @@ int sign_buffer(struct strbuf *buffer, struct strbuf *signature, const char *sig */ sigchain_push(SIGPIPE, SIG_IGN); ret = pipe_command(&gpg, buffer->buf, buffer->len, - signature, 1024, NULL, 0); + signature, 1024, &gpg_status, 0); sigchain_pop(SIGPIPE); - if (ret || signature->len == bottom) + ret |= !strstr(gpg_status.buf, "\n[GNUPG:] SIG_CREATED "); + strbuf_release(&gpg_status); + if (ret) return error(_("gpg failed to sign the data")); /* Strip CR from the line endings, in case we are on Windows. */ diff --git a/t/t7004-tag.sh b/t/t7004-tag.sh index f9b7d79af5..8b0f71a2ac 100755 --- a/t/t7004-tag.sh +++ b/t/t7004-tag.sh @@ -1202,10 +1202,17 @@ test_expect_success GPG,RFC1991 \ # try to sign with bad user.signingkey git config user.signingkey BobTheMouse test_expect_success GPG \ - 'git tag -s fails if gpg is misconfigured' \ + 'git tag -s fails if gpg is misconfigured (bad key)' \ 'test_must_fail git tag -s -m tail tag-gpg-failure' git config --unset user.signingkey +# try to produce invalid signature +test_expect_success GPG \ + 'git tag -s fails if gpg is misconfigured (bad signature format)' \ + 'test_config gpg.program echo && + test_must_fail git tag -s -m tail tag-gpg-failure' + + # try to verify without gpg: rm -rf gpghome