Re: [PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

On Sat, 2018-11-03 at 16:36 +0100, Duy Nguyen wrote: > On Sat, Nov 3, 2018 at 4:32 PM Michał Górny wrote: > > > Perhaps my gpg is too old? > > > > > > $ gpg --version > > > gpg (GnuPG) 2.1.15 > > > libgcrypt 1.7.3 > > > Copyright (C) 2016 Free Software Foundation, Inc. > > > License GPLv3+: GNU

Re: [PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

On Sat, Nov 3, 2018 at 4:32 PM Michał Górny wrote: > Perhaps this is indeed specific to this version of GnuPG. The tests > pass for me with both 1.4.21 and 2.2.10. We don't have 2.1* in Gentoo > anymore. Updated to 2.2.8 and the test is passed. -- Duy

Re: [PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

On Sat, Nov 3, 2018 at 4:32 PM Michał Górny wrote: > > Perhaps my gpg is too old? > > > > $ gpg --version > > gpg (GnuPG) 2.1.15 > > libgcrypt 1.7.3 > > Copyright (C) 2016 Free Software Foundation, Inc. > > License GPLv3+: GNU GPL version 3 or later > > > >

Re: [PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

On Sat, 2018-11-03 at 16:17 +0100, Duy Nguyen wrote: > On Sat, Oct 20, 2018 at 9:31 PM Michał Górny wrote: > > +test_expect_success GPG 'detect fudged commit with double signature' ' > > + sed -e "/gpgsig/,/END PGP/d" forged1 >double-base && > > + sed -n -e "/gpgsig/,/END PGP/p"

Re: [PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

On Sat, Oct 20, 2018 at 9:31 PM Michał Górny wrote: > +test_expect_success GPG 'detect fudged commit with double signature' ' > + sed -e "/gpgsig/,/END PGP/d" forged1 >double-base && > + sed -n -e "/gpgsig/,/END PGP/p" forged1 | \ > + sed -e "s/^gpgsig//;s/^ //" | gpg

Re: [PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

On Mon, 2018-10-22 at 08:04 +, Michał Górny wrote: > Dnia October 20, 2018 11:57:36 PM UTC, Junio C Hamano > napisał(a): > > Michał Górny writes: > > > > > GnuPG supports creating signatures consisting of multiple signature > > > packets. If such a signature is verified, it outputs all

Re: [PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

Dnia October 20, 2018 11:57:36 PM UTC, Junio C Hamano napisał(a): >Michał Górny writes: > >> GnuPG supports creating signatures consisting of multiple signature >> packets. If such a signature is verified, it outputs all the status >> messages for each signature separately. However, git

Re: [PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

Michał Górny writes: >> Very minor point but by not using pre-increment, i.e. >> >> if (seen_exclusive_status++) >> goto found_duplicate_status; >> >> you can use the expression as a "have we already seen?" boolean, >> whic may probably be more idiomatic. >>

Re: [PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

On Sun, 2018-10-21 at 08:57 +0900, Junio C Hamano wrote: > Michał Górny writes: > > > GnuPG supports creating signatures consisting of multiple signature > > packets. If such a signature is verified, it outputs all the status > > messages for each signature separately. However, git currently

Re: [PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

Michał Górny writes: > GnuPG supports creating signatures consisting of multiple signature > packets. If such a signature is verified, it outputs all the status > messages for each signature separately. However, git currently does not > account for such scenario and gets terribly confused over

[PATCH v4] gpg-interface.c: detect and reject multiple signatures on commits

GnuPG supports creating signatures consisting of multiple signature packets. If such a signature is verified, it outputs all the status messages for each signature separately. However, git currently does not account for such scenario and gets terribly confused over getting multiple *SIG