[RFC/PATCH] verify-tag: add --check-name flag

From: Santiago Torres <santi...@nyu.edu> Hello everyone, In a previous thread [1] we discussed about the possibility of having a --check-name flag, for the tag-verify command (and possibly git tag -v). Although many points were in the table, I don't think that it was conclusive as to w

[PATCH/RFC] builtin/tag: Changes argument format for verify

From: Santiago Torres <santi...@nyu.edu> The verify tag function converts the commit sha1 to hex and passes it as a command-line argument to builtin/verify-tag. Given that builtin/verify-tag already resolves the ref name sha1 equivalent, the sha1 to hex_sha1 conversion is unnecessary and t

[PATCH v5 6/6] tag: use gpg_verify_function in tag -v call

From: Santiago Torres <santi...@nyu.edu> Instead of running the verify-tag plumbing command, we use the gpg_verify_tag() function within the verify_tag function to avoid doing an additional fork call. Signed-off-by: Santiago Torres <santi...@nyu.edu> --- builtin/tag.c | 8 +---

[PATCH v5 3/6] builtin/verify-tag: change variable name for readability

From: Santiago Torres <santi...@nyu.edu> The run_gpg_verify function has two variables size, and len. This may come off as confusing when reading the code. We clarify which one pertains to the length of the tag headers by renaming len to payload_length. Signed-off-by: Santiago Torres

[PATCH v5 4/6] builtin/verify-tag: replace name argument with sha1

From: Santiago Torres <santi...@nyu.edu> This change is meant to prepare verify_tag for libification. Many existing modules/commands already do the refname to sha1 resolution, so should avoid resolving the refname twice. To avoid breaking builtin/verify-tag, we move the refname resolution o

[PATCH v5 1/6] builtin/verify-tag.c: Ignore SIGPIPE on gpg-interface

From: Santiago Torres <santi...@nyu.edu> The verify_signed_buffer comand might cause a SIGPIPE signal when the gpg child process terminates early (due to a bad keyid, for example) and git tries to write to it afterwards. Previously, ignoring SIGPIPE was done on the builtin/verify-tag.c c

[PATCH v5 2/6] t7030-verify-tag: Adds validation for multiple tags

From: Santiago Torres <santi...@nyu.edu> The verify-tag command supports multiple tag names as an argument. However, existing tests only test for invocation with a single tag, so we add a test invoking with multiple tags. Helped-by: Jeff King <p...@peff.net> Signed-off-by: Santiago T

[PATCH v5 5/6] builtin/verify-tag: move verification code to tag.c

From: Santiago Torres <santi...@nyu.edu> The PGP verification routine for tags could be accessed by other commands that require it. We do this by moving it to the common tag.c module. We rename the verify_tag() function to gpg_verify_tag() to avoid conflicts with the mktag.c function. Sign

[PATCH v5 0/6] tag: move PGP verification code to tag.c

From: Santiago Torres <santi...@nyu.edu> v5 (this): Added helpful feedback by Eric * Reordering of the patches, to avoid temporal inclusion of a regression * Fix typos here and there. * Review commit messages, as some weren't representative of what the patches were doing a

[PATCH/RFC] builtin/tag.c: move PGP verification inside builtin.

From: Santiago Torres <torresari...@gmail.com> The verify tag function is just a thin wrapper around the verify-tag command. We can avoid one fork call by doing the verification instide the tag builtin instead. Signed-off-by: Santiago Torres <santi...@nyu.edu> --- builti

[PATCH] tag.c: move PGP verification code from plumbing

From: Santiago Torres <santi...@nyu.edu> The verify tag function is just a thin wrapper around the verify-tag command. We can avoid one fork call by doing the verification inside the tag builtin instead. To do this, the run_pgp_verify() and verify_tag() functions are moved to

[PATCH v3 2/4] t/t7030-verify-tag.sh: Adds validation for multiple tags

From: Santiago Torres <santi...@nyu.edu> The verify-tag command supports mutliple tag names as an argument. However, no previous tests try to verify multiple tags at once. This test runs the verify-tag command against three trusted tags (created previously), and ensures that: 1)

[PATCH v3 4/4] tag: use pgp_verify_function in tag -v call

From: Santiago Torres <santi...@nyu.edu> Instead of running the verify-tag plumbing command, we use the pgp_verify_tag(). This avoids the usage of an extra fork call. To do this, we extend the number of parameters that tag.c takes, and verify-tag passes. Redundant calls done in the pgp_veri

[PATCH v3 3/4] builtin/verify-tag: move verification code to tag.c

From: Santiago Torres <santi...@nyu.edu> The PGP verification routine for tags could be accessed by other commands that require it. We do this by moving it to the common tag.c code. We rename the verify_tag() function to pgp_verify_tag() to avoid conflicts with the mktag.c function. Sign

[PATCH v3 1/4] builtin/verify-tag.c: Ignore SIGPIPE on gpg-interface

From: Santiago Torres <santi...@nyu.edu> The verify_signed_buffer comand might cause a SIGPIPE signal when the gpg child process terminates early (due to a bad keyid, for example) and git tries to write to it afterwards. Previously, ignoring SIGPIPE was done on the builtin/gpg-verify.c c

[PATCH v3 0/4] tag: move PGP verification code to tag.c

in verify-tag to gpg-interface v1: The verify tag function is just a thin wrapper around the verify-tag command. We can avoid one fork call by doing the verification inside the tag builtin instead. This applies on v2.8.0. Thanks! -Santiago [1] http://git.661346.n2.nabble.com/PATCH-RFC-builtin

[PATCH v4 1/6] builtin/verify-tag.c: Ignore SIGPIPE on gpg-interface

From: Santiago Torres <santi...@nyu.edu> The verify_signed_buffer comand might cause a SIGPIPE signal when the gpg child process terminates early (due to a bad keyid, for example) and git tries to write to it afterwards. Previously, ignoring SIGPIPE was done on the builtin/verify-tag.c c

[PATCH v4 6/6] tag.c: Change gpg_verify_tag argument to sha1

From: Santiago Torres <santi...@nyu.edu> The gpg_verify_tag function resolves the ref for any existing object. However, git tag -v resolves to only tag-refs. We can provide support for sha1 by moving the refname resolution code out of gpg_verify_tag and allow for the object's sha1 as an ar

[PATCH v4 0/6] tag: move PGP verification code to tag.c

is just a thin wrapper around the verify-tag command. We can avoid one fork call by doing the verification inside the tag builtin instead. This applies on v2.8.0. Thanks! -Santiago [1] http://git.661346.n2.nabble.com/PATCH-RFC-builtin-tag-c-move-PGP-verification-inside-builtin-td7651529.html

[PATCH v4 5/6] tag: use pgp_verify_function in tag -v call

From: Santiago Torres <santi...@nyu.edu> Instead of running the verify-tag plumbing command, we use the pgp_verify_tag(). This avoids the usage of an extra fork call. To do this, we extend the number of parameters that tag.c takes, and verify-tag passes. Redundant calls done in the pgp_veri

[PATCH v4 2/6] t/t7030-verify-tag.sh: Adds validation for multiple tags

From: Santiago Torres <santi...@nyu.edu> The verify-tag command supports mutliple tag names as an argument. However, no previous tests try to verify multiple tags at once. This test runs the verify-tag command against three tags separately and then compares the result against the invo

[PATCH v4 3/6] builtin/verify-tag: move verification code to tag.c

From: Santiago Torres <santi...@nyu.edu> The PGP verification routine for tags could be accessed by other commands that require it. We do this by moving it to the common tag.c code. We rename the verify_tag() function to gpg_verify_tag() to avoid conflicts with the mktag.c function. Sign

[PATCH v4 4/6] tag.c: Replace varialbe name for readability

From: Santiago Torres <santi...@nyu.edu> The run_gpg_verify function has two variables size, and len. This may come off as confusing when reading the code. We clarify which one pertains to the length of the tag headers by renaming len to payload_length. Signed-off-by: Santiago Torres

[PATCH v8 1/6] builtin/verify-tag.c: ignore SIGPIPE in gpg-interface

From: Santiago Torres <santi...@nyu.edu> The verify_signed_buffer() function may trigger a SIGPIPE when the GPG child process terminates early (due to a bad keyid, for example) and Git tries to write to it afterwards. Previously, ignoring SIGPIPE was done in builtin/verify-tag.c to

[PATCH v8 2/6] t7030: test verifying multiple tags

From: Santiago Torres <santi...@nyu.edu> The verify-tag command supports multiple tag names to verify, but existing tests only test for invocation with a single tag. Add a test invoking it with multiple tags. Helped-by: Jeff King <p...@peff.net> Signed-off-by: Santiago Torres <s

[PATCH v8 4/6] verify-tag: prepare verify_tag for libification

From: Santiago Torres <santi...@nyu.edu> The current interface of verify_tag() resolves reference names to SHA1, however, the plan is to make this functionality public and the current interface is cumbersome for callers: they are expected to supply the textual representation of a sha1/r

[PATCH v8 3/6] verify-tag: update variable name and type

From: Santiago Torres <santi...@nyu.edu> The run_gpg_verify() function has two variables, size and len. This may come off as confusing when reading the code. Clarify which one pertains to the length of the tag headers by renaming len to payload_size. Additionally, change the type of payloa

[PATCH v8 0/6] Move PGP verification out of verify-tag

From: Santiago Torres <santi...@nyu.edu> This is a follow up of [1], [2], [3], [4], [5], [6], and [7]. patches 1/6, 2/6, and 3/6, are the same as the corresponding commits in pu. v8: Minor nits, I decided to quickly reroll to drop the extern qualifier in tag.c: * Eric pointed out t

[PATCH v8 6/6] tag -v: verify directly rather than exec-ing verify-tag

From: Santiago Torres <santi...@nyu.edu> Instead of having tag -v fork to run verify-tag, use the gpg_verify_tag() function directly. Helped-by: Eric Sunshine <sunsh...@sunshineco.com> Signed-off-by: Santiago Torres <santi...@nyu.edu> --- builtin/tag.c | 8 +--- 1 file ch

[PATCH v8 5/6] verify-tag: move tag verification code to tag.c

From: Santiago Torres <santi...@nyu.edu> The PGP verification routine for tags could be accessed by other modules that require to do so. Publish the verify_tag function in tag.c and rename it to gpg_verify_tag so it does not conflict with builtin/mktag's static function. Helped-by: J

[PATCH v7 6/6] tag -v: verfy directly rather than exec-ing verify-tag

From: Santiago Torres <santi...@nyu.edu> Instead of having tag -v fork to run verify-tag, use the gpg_verify_tag() function directly. Helped-by: Eric Sunshine <sunsh...@sunshineco.com> Signed-off-by: Santiago Torres <santi...@nyu.edu> --- builtin/tag.c | 8 +--- 1 file ch

[PATCH v7 3/6] verify-tag: update variable name and type

From: Santiago Torres <santi...@nyu.edu> The run_gpg_verify() function has two variables, size and len. This may come off as confusing when reading the code. Clarify which one pertains to the length of the tag headers by renaming len to payload_size. Additionally, change the type of payloa

[PATCH v7 0/6] Move PGP verification out of verify-tag

From: Santiago Torres <santi...@nyu.edu> This is a follow up of [1], [2], [3], [4], [5], [6]. patches 1/6, 2/6, are the same as the corresponding commits in pu. v7: Mostly style/clarity changes mostly. Thanks Peff, Eric and Junio for the feedback! In summary: * Eric pointed out issues

[PATCH v7 2/6] t7030: test verifying multiple tags

From: Santiago Torres <santi...@nyu.edu> The verify-tag command supports multiple tag names to verify, but existing tests only test for invocation with a single tag. Add a test invoking it with multiple tags. Helped-by: Jeff King <p...@peff.net> Signed-off-by: Santiago Torres <s

[PATCH v7 1/6] builtin/verify-tag.c: ignore SIGPIPE in gpg-interface

From: Santiago Torres <santi...@nyu.edu> The verify_signed_buffer() function may trigger a SIGPIPE when the GPG child process terminates early (due to a bad keyid, for example) and Git tries to write to it afterwards. Previously, ignoring SIGPIPE was done in builtin/verify-tag.c to

[PATCH v7 4/6] verify-tag: prepare verify_tag for libification

From: Santiago Torres <santi...@nyu.edu> The current interface of verify_tag() resolves reference names to SHA1, however, the plan is to make this functionality public and the current interface is cumbersome for callers: they are expected to supply the textual representation of a sha1/r

[PATCH v7 5/6] verify-tag: move tag verification code to tag.c

From: Santiago Torres <santi...@nyu.edu> The PGP verification routine for tags could be accessed by other modules that require to do so. Publish the verify_tag function in tag.c and rename it to gpg_verify_tag so it does not conflict with builtin/mktag's static function. Helped-by: J

[PATCH v6 2/6] t7030: test verifying multiple tags

From: Santiago Torres <santi...@nyu.edu> The verify-tag command supports multiple tag names to verify, but existing tests only test for invocation with a single tag. Add a test invoking it with multiple tags. Helped-by: Jeff King <p...@peff.net> Signed-off-by: Santiago Torres <s

[PATCH v6 4/6] verify-tag: add sha1 argument to verify_tag()

From: Santiago Torres <santi...@nyu.edu> The current interface of verify_tag() resolves reference names to SHA1, which might be redundant as future callers may resolve the refname to SHA1 beforehand. Add a SHA1 parameter to use instead of the name parameter. We also replace the name ar

[PATCH v6 6/6] tag -v: verfy directly rather than exec-ing verify-tag

From: Santiago Torres <santi...@nyu.edu> tag -v forks into verify-tag, which only calls gpg_verify_tag(). Instead of forking to verify-tag, call gpg_verify_tag directly(). Helped-by: Eric Sunshine <sunsh...@sunshineco.com> Signed-off-by: Santiago Torres <santi...@nyu.edu> ---

[PATCH v6 0/6] Move PGP verification out of verify-tag

From: Santiago Torres <santi...@nyu.edu> This is a follow up of [1], [2], [3], [4], and [5]. patches 1/6, 2/6 and 3/6 are the same as the corresponding commits in pu. v6: * As Junio suggested, updated 4/6, to include the name argument and the ternary operator to provide more descr

[PATCH v6 1/6] builtin/verify-tag.c: ignore SIGPIPE in gpg-interface

From: Santiago Torres <santi...@nyu.edu> The verify_signed_buffer() function may trigger a SIGPIPE when the GPG child process terminates early (due to a bad keyid, for example) and Git tries to write to it afterwards. Previously, ignoring SIGPIPE was done in builtin/verify-tag.c to

[PATCH v6 3/6] verify-tag: change variable name for readability

From: Santiago Torres <santi...@nyu.edu> The run_gpg_verify() function has two variables, size and len. This may come off as confusing when reading the code. Clarify which one pertains to the length of the tag headers by renaming len to payload_length. Signed-off-by: Santiago Torres

[PATCH v6 5/6] verify-tag: move verification code to tag.c

From: Santiago Torres <santi...@nyu.edu> The PGP verification routine for tags could be accessed by other modules that require to do so. Publish the verify_tag function in tag.c and rename it to gpg_verify_tag so it does not conflict with builtin/mktag's static function. Helped-by: J

[PATCH v5 2/7] ref-filter: add function to print single ref_array_item

From: Lukas Puehringer ref-filter functions are useful for printing git object information using a format specifier. However, some other modules may not want to use this functionality on a ref-array but only print a single item. Expose a pretty_print_ref function to

[PATCH v5 5/7] builtin/tag: add --format argument for tag -v

From: Lukas Puehringer Adding --format to git tag -v mutes the default output of the GPG verification and instead prints the formatted tag object. This allows callers to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG

[PATCH v5 1/7] gpg-interface, tag: add GPG_VERIFY_QUIET flag

From: Lukas Puehringer Functions that print git object information may require that the gpg-interface functions be silent. Add GPG_VERIFY_QUIET flag and prevent print_signature_buffer from being called if flag is set. Signed-off-by: Lukas Puehringer

[PATCH v5 6/7] t/t7030-verify-tag: Add --format specifier tests

From: Santiago Torres <santi...@nyu.edu> Verify-tag now provides --format specifiers to inspect and ensure the contents of the tag are proper. We add two tests to ensure this functionality works as expected: the return value should indicate if verification passed, and the format specifier

[PATCH v5 7/7] t/t7004-tag: Add --format specifier tests

From: Santiago Torres <santi...@nyu.edu> tag -v now supports --format specifiers to inspect the contents of a tag upon verification. Add two tests to ensure this behavior is respected in future changes. Signed-off-by: Santiago Torres <santi...@nyu.edu> --- t/t7004

[PATCH v5 0/7] Add --format to tag verification

From: Santiago Torres <santi...@nyu.edu> This is the fifth iteration of [1][2][3][4], and as a result of the discussion in [5]. The main goal of this patch series is to bring --format to git tag verification so that upper-layer tools can inspect the content of a tag and make decisions

[PATCH v5 3/7] tag: add format specifier to gpg_verify_tag

From: Lukas Puehringer Calling functions for gpg_verify_tag() may desire to print relevant information about the header for further verification. Add an optional format argument to print any desired information after GPG verification. Signed-off-by: Lukas Puehringer

[PATCH v5 4/7] builtin/verify-tag: add --format to verify-tag

From: Santiago Torres <santi...@nyu.edu> Callers of verify-tag may want to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG verification. This is to avoid tag refs that point to an incorrect object. Add a --format parameter to git verify-tag to

[PATCH v6 4/6] builtin/tag: add --format argument for tag -v

From: Lukas Puehringer Adding --format to git tag -v mutes the default output of the GPG verification and instead prints the formatted tag object. This allows callers to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG

[PATCH v6 3/6] builtin/verify-tag: add --format to verify-tag

From: Santiago Torres <santi...@nyu.edu> Callers of verify-tag may want to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG verification. This is to avoid tag refs that point to an incorrect object. Add a --format parameter to git verify-tag to

[PATCH v6 1/6] gpg-interface,tag: add GPG_VERIFY_OMIT_STATUS flag

From: Lukas Puehringer Functions that print git object information may require that the gpg-interface functions be silent. Add GPG_VERIFY_OMIT_STATUS flag and prevent print_signature_buffer from being called if flag is set. Signed-off-by: Lukas Puehringer

[PATCH v6 2/6] ref-filter: add function to print single ref_array_item

From: Lukas Puehringer ref-filter functions are useful for printing git object information using a format specifier. However, some other modules may not want to use this functionality on a ref-array but only print a single item. Expose a pretty_print_ref function to

[PATCH v6 6/6] t/t7004-tag: Add --format specifier tests

From: Santiago Torres <santi...@nyu.edu> tag -v now supports --format specifiers to inspect the contents of a tag upon verification. Add two tests to ensure this behavior is respected in future changes. Signed-off-by: Santiago Torres <santi...@nyu.edu> --- t/t7004

[PATCH v6 5/6] t/t7030-verify-tag: Add --format specifier tests

From: Santiago Torres <santi...@nyu.edu> Verify-tag now provides --format specifiers to inspect and ensure the contents of the tag are proper. We add two tests to ensure this functionality works as expected: the return value should indicate if verification passed, and the format specifier

[PATCH v6 0/6] Add --format to tag verification

From: Santiago Torres <santi...@nyu.edu> This is the sixth iteration of [1][2][3][4][5], and as a result of the discussion in [5]. The main goal of this patch series is to bring --format to git tag verification so that upper-layer tools can inspect the content of a tag and make decisions

[PATCH v4 3/7] tag: add format specifier to gpg_verify_tag

From: Lukas Puehringer Calling functions for gpg_verify_tag() may desire to print relevant information about the header for further verification. Add an optional format argument to print any desired information after GPG verification. Signed-off-by: Lukas Puehringer

[PATCH v4 4/7] builtin/verify-tag: add --format to verify-tag

From: Santiago Torres <santi...@nyu.edu> Callers of verify-tag may want to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG verification. This is to avoid tag refs that point to an incorrect object. Add a --format parameter to git verify-tag to

[PATCH v4 1/7] gpg-interface, tag: add GPG_VERIFY_QUIET flag

From: Lukas Puehringer Functions that print git object information may require that the gpg-interface functions be silent. Add GPG_VERIFY_QUIET flag and prevent print_signature_buffer from being called if flag is set. Signed-off-by: Lukas Puehringer

[PATCH v4 2/7] ref-filter: add function to print single ref_array_item

From: Lukas Puehringer ref-filter functions are useful for printing git object information using a format specifier. However, some other modules may not want to use this functionality on a ref-array but only print a single item. Expose a pretty_print_ref function to

[PATCH v4 5/7] builtin/tag: add --format argument for tag -v

From: Lukas Puehringer Adding --format to git tag -v mutes the default output of the GPG verification and instead prints the formatted tag object. This allows callers to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG

[PATCH v4 7/7] t/t7004-tag: Add --format specifier tests

From: Santiago Torres <santi...@nyu.edu> tag -v now supports --format specifiers to inspect the contents of a tag upon verification. Add two tests to ensure this behavior is respected in future changes. Signed-off-by: Santiago Torres <santi...@nyu.edu> --- t/t7004

[PATCH v4 0/7] Add --format to tag verification

From: Santiago Torres <santi...@nyu.edu> This is the fourth iteration of the series in [1][2][3], which comes as a result of the discussion in [4]. The main goal of this patch series is to bring --format to git tag verification so that upper-layer tools can inspect the content of a tag an

[PATCH v4 6/7] t/t7030-verify-tag: Add --format specifier tests

From: Santiago Torres <santi...@nyu.edu> Verify-tag now provides --format specifiers to inspect and ensure the contents of the tag are proper. We add two tests to ensure this functionality works as expected: the return value should indicate if verification passed, and the format specifier

[RFC/PATCH 0/6] Add --format to tag verification

From: Santiago Torres <santi...@nyu.edu> Hello everyone, This is a followup on [1]. There we discussed what would be the best way to provide automated scripts with mechanisms to inspect the contents of a tag upon verification. We struggled a little bit with how to make this fit the curre

[PATCH 6/6] builtin/tag: add --format argument for tag -v

From: Lukas P Adding --format to git tag -v mutes the default output of the GPG verification and instead prints the formatted tag object. This allows callers to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG verification.

[PATCH 3/6] ref-filter: Expose wrappers for ref_item functions

From: Lukas P Ref-filter functions are useful for printing git object information without a format specifier. However, some functions may not want to use a complete ref-array, and just a single item instead. Expose create/show/free functions for ref_array_items through

[PATCH 4/6] tag: add format specifier to gpg_verify_tag

From: Lukas P Calling functions for gpg_verify_tag() may desire to print relevant information about the header for further verification. Add an optional format argument to print any desired information after GPG verification. Signed-off-by: Lukas Puehringer

[PATCH 1/6] builtin/tag: move format specifier to global var

From: Santiago Torres <santi...@nyu.edu> The format specifier will be likely used in other functions throughout git tag. One likely candidate to require format strings in the future is the gpg_verify_tag function. However, changing the signature of functions such as for_each_ref or veri

[PATCH 2/6] gpg-interface: add GPG_VERIFY_QUIET flag

From: Lukas P Functions that print git object information may require that the gpg-interface functions be silent. Add a GPG_VERIFY_QUIET to prevent functions such as `print_signature_buffer` from printing any output and only return whether signature verification passed

[PATCH 5/6] builtin/verify-tag: Add --format to verify-tag

From: Santiago Torres <santi...@nyu.edu> Callers of verify-tag may want to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG verification. This is to avoid tag refs that point to an incorrect object. Add a --format parameter to git verify-tag to

[PATCH v3 1/5] gpg-interface, tag: add GPG_VERIFY_QUIET flag

From: Lukas Puehringer Functions that print git object information may require that the gpg-interface functions be silent. Add GPG_VERIFY_QUIET flag and prevent print_signature_buffer from being called if flag is set. Signed-off-by: Lukas Puehringer

[PATCH v3 0/5] Add --format to tag verification

From: Santiago Torres <santi...@nyu.edu> This is the third iteration of [1][2], and as a result of the discussion in [3]. In this re-roll we: * Fixed all the signed-off-by's [0002] * Renamed the function format_ref to pretty_print_ref instead, which is a more descriptive name

[PATCH v3 3/5] tag: add format specifier to gpg_verify_tag

From: Lukas P Calling functions for gpg_verify_tag() may desire to print relevant information about the header for further verification. Add an optional format argument to print any desired information after GPG verification. Signed-off-by: Lukas Puehringer

[PATCH v3 5/5] builtin/tag: add --format argument for tag -v

From: Lukas Puehringer Adding --format to git tag -v mutes the default output of the GPG verification and instead prints the formatted tag object. This allows callers to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG

[PATCH v3 2/5] ref-filter: add function to print single ref_array_item

From: Lukas Puehringer ref-filter functions are useful for printing git object information using a format specifier. However, some other modules may not want to use this functionality on a ref-array but only print a single item. Expose a format_ref function to create,

[PATCH v3 4/5] builtin/verify-tag: add --format to verify-tag

From: Santiago Torres <santi...@nyu.edu> Callers of verify-tag may want to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG verification. This is to avoid tag refs that point to an incorrect object. Add a --format parameter to git verify-tag to

[PATCH v2 3/5] tag: add format specifier to gpg_verify_tag

From: Lukas P Calling functions for gpg_verify_tag() may desire to print relevant information about the header for further verification. Add an optional format argument to print any desired information after GPG verification. Signed-off-by: Lukas P

[PATCH v2 1/5] gpg-interface, tag: add GPG_VERIFY_QUIET flag

From: Lukas P Functions that print git object information may require that the gpg-interface functions be silent. Add GPG_VERIFY_QUIET flag and prevent print_signature_buffer from being called if flag is set. Signed-off-by: Lukas P ---

[PATCH v2 2/5] ref-filter: add function to print single ref_array_item

From: Lukas P ref-filter functions are useful for printing git object information using a format specifier. However, some other modules may not want to use this functionality on a ref-array but only print a single item. Expose a format_ref function to create, pretty

[PATCH v2 5/5] builtin/tag: add --format argument for tag -v

From: Lukas P Adding --format to git tag -v mutes the default output of the GPG verification and instead prints the formatted tag object. This allows callers to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG verification.

[PATCH v2 4/5] builtin/verify-tag: add --format to verify-tag

From: Santiago Torres <santi...@nyu.edu> Callers of verify-tag may want to cross-check the tagname from refs/tags with the tagname from the tag object header upon GPG verification. This is to avoid tag refs that point to an incorrect object. Add a --format parameter to git verify-tag to

[PATCH v2 0/5] Add --format to tag verification

From: Santiago Torres <santi...@nyu.edu> This is the second iteration of [1], and as a result of the discussion in [2]. In this re-roll we: * Dropped the commit to move the format string parameter to a global variable on builtin/tag. We had to change the signature of for_each_name_fn

[RFC PATCH] t: lib-gpg: flush agent sockets on startup

From: Santiago Torres <santi...@nyu.edu> When running gpg-relevant tests, a gpg-daemon is ran for a trash_directory-specific GNUPGHOME. This daemon creates a unix socket on the target host, and it will be used on subsequent runs of the same test script. Add a call to kill the agent and

[PATCH] t: lib-gpg: flush gpg agent on startup

From: Santiago Torres <santi...@nyu.edu> When running gpg-relevant tests, a gpg-daemon is spawned for each GNUPGHOME used. This daemon may stay running after the test and cache file descriptors for the trash directories, even after the trash directory is removed. This leads to ENOENT error

[PATCH v2] t: lib-gpg: flush gpg agent on startup

From: Santiago Torres <santi...@nyu.edu> When running gpg-relevant tests, a gpg-daemon is spawned for each GNUPGHOME used. This daemon may stay running after the test and cache file descriptors for the trash directories, even after the trash directory is removed. This leads to ENOENT error

[RFC] Malicously tampering git metadata?

Hello everyone, I'm Santiago, a PhD student at NYU doing research about secure software development pipelines. We've been studying different aspects of Git lately, (as it is an integral part of many projects) and we believe we've found a vulnerabilty in the way Git structures/signs metadata

Re: [RFC] Malicously tampering git metadata?

ojects in which this has happened (I've noticed that both Git and Linux are quite stringent in their review/merge process so this wouldn't be the case). > > Cheers, Thanks for the insight! -Santiago. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

Re: [RFC] Malicously tampering git metadata?

are the basic design of it here. However, it follows our threat model: a compromised server that can't introduce malicious code (thanks to commit signing), but can modify branch pointers and other unsigned metadata to alter the repository's state. > > Thanks for researching on Git, Thanks for

Re: [RFC/PATCH] verify-tag: add --check-name flag

an alternative, that might be cleaner. I'm wondering if this is easier to implement than having the --check-name flag. Intuitively, it seems like that's the case. Would you suggest taking this path instead? Thanks! -Santiago. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

Re: [RFC/PATCH] verify-tag: add --check-name flag

ag (if the appropriate format string is provided) I still agree with the rest of Peff's comments about this approach. I'm not sure about which approach to take either. -Santiago. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

Re: [RFC/PATCH] verify-tag: add --check-name flag

ame $tag) > > make dest=/usr/local/$package/$tag install > > It is racy. That probably doesn't matter for most callers, but it would > be nice to be able to get a custom format out of the "-v" invocation. Oh yeah, I didn't consider this either. I also don't think it's

Re: [RFC/PATCH] verify-tag: add --check-name flag

--check-name [name] [ref] In case the ref doesn't match the tag. I can do it either way, although the second case would be cumbersome. > > 2. What do we do for non-annotated tags? Is it always a failure? Right now, verify-tag fails with non-annotated tags like this: santiago at

Re: [RFC/PATCH] verify-tag: add --check-name flag

heck-name=tagname] (tag-ref|tag-name|sha1)? and tag -v [--check-name] (tag-name) Or would --format still work better? Thanks! -Santiago. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

Re: [RFC] tag-ref and tag object binding

On Tue, Jan 26, 2016 at 01:13:16PM -0800, Junio C Hamano wrote: > Jeff King <p...@peff.net> writes: > > > On Tue, Jan 26, 2016 at 10:29:42AM -0500, Santiago Torres wrote: > > > >> > If you cannot trust those with write access to a repo that you are > >

Re: [RFC] tag-ref and tag object binding

se for a more > > foolproof tool. > > OK, let's make a tool that helps fooling as well as proofing :) > > I'll look into the tag header check. Maybe "--check-tagname"? "check" > seems to imply less than "verify". This seems like exactly what I wa

Re: [PATCH/RFC] builtin/tag: Changes argument format for verify

rapper over run_gpg_verify(), and we could > improve the efficiency quite a bit by eliminates the sub-process > entirely. I agree here too. while going through gdb to follow the logic on this I saw that this code forks three times (git, tag-verify and gpg). I'm sure that removing one layer should be good efficiencly-wise. Is it ok if I give this a shot? Thanks! -Santiago. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

  1   2   >