From: Junio C Hamano Date: Fri, 27 Mar 2020 00:11:20 +0000 (-0700) Subject: Merge branch 'hi/gpg-prefer-check-signature' X-Git-Url: http://git.99rst.org/?a=commitdiff_plain;h=fa82be982dfc5b463a125991a2d381f1cd0ad9eb;p=git.git Merge branch 'hi/gpg-prefer-check-signature' The code to interface with GnuPG has been refactored. * hi/gpg-prefer-check-signature: gpg-interface: prefer check_signature() for GPG verification t: increase test coverage of signature verification output --- fa82be982dfc5b463a125991a2d381f1cd0ad9eb diff --cc t/t4202-log.sh index 0f766ba65f,28145fe926..5eeb739f3e --- a/t/t4202-log.sh +++ b/t/t4202-log.sh @@@ -1607,26 -1607,66 +1607,86 @@@ test_expect_success GPG 'log --graph -- grep "^| | gpg: Good signature" actual ' +test_expect_success GPG 'log --graph --show-signature for merged tag in shallow clone' ' + test_when_finished "git reset --hard && git checkout master" && + git checkout -b plain-shallow master && + echo aaa >bar && + git add bar && + git commit -m bar_commit && + git checkout --detach master && + echo bbb >baz && + git add baz && + git commit -m baz_commit && + git tag -s -m signed_tag_msg signed_tag_shallow && + hash=$(git rev-parse HEAD) && + git checkout plain-shallow && + git merge --no-ff -m msg signed_tag_shallow && + git clone --depth 1 --no-local . shallow && + test_when_finished "rm -rf shallow" && + git -C shallow log --graph --show-signature -n1 plain-shallow >actual && + grep "tag signed_tag_shallow names a non-parent $hash" actual +' + + test_expect_success GPG 'log --graph --show-signature for merged tag with missing key' ' + test_when_finished "git reset --hard && git checkout master" && + git checkout -b plain-nokey master && + echo aaa >bar && + git add bar && + git commit -m bar_commit && + git checkout -b tagged-nokey master && + echo bbb >baz && + git add baz && + git commit -m baz_commit && + git tag -s -m signed_tag_msg signed_tag_nokey && + git checkout plain-nokey && + git merge --no-ff -m msg signed_tag_nokey && + GNUPGHOME=. git log --graph --show-signature -n1 plain-nokey >actual && + grep "^|\\\ merged tag" actual && + grep "^| | gpg: Signature made" actual && + grep "^| | gpg: Can'"'"'t check signature: \(public key not found\|No public key\)" actual + ' + + test_expect_success GPG 'log --graph --show-signature for merged tag with bad signature' ' + test_when_finished "git reset --hard && git checkout master" && + git checkout -b plain-bad master && + echo aaa >bar && + git add bar && + git commit -m bar_commit && + git checkout -b tagged-bad master && + echo bbb >baz && + git add baz && + git commit -m baz_commit && + git tag -s -m signed_tag_msg signed_tag_bad && + git cat-file tag signed_tag_bad >raw && + sed -e "s/signed_tag_msg/forged/" raw >forged && + git hash-object -w -t tag forged >forged.tag && + git checkout plain-bad && + git merge --no-ff -m msg "$(cat forged.tag)" && + git log --graph --show-signature -n1 plain-bad >actual && + grep "^|\\\ merged tag" actual && + grep "^| | gpg: Signature made" actual && + grep "^| | gpg: BAD signature from" actual + ' + + test_expect_success GPG 'log --show-signature for merged tag with GPG failure' ' + test_when_finished "git reset --hard && git checkout master" && + git checkout -b plain-fail master && + echo aaa >bar && + git add bar && + git commit -m bar_commit && + git checkout -b tagged-fail master && + echo bbb >baz && + git add baz && + git commit -m baz_commit && + git tag -s -m signed_tag_msg signed_tag_fail && + git checkout plain-fail && + git merge --no-ff -m msg signed_tag_fail && + TMPDIR="$(pwd)/bogus" git log --show-signature -n1 plain-fail >actual && + grep "^merged tag" actual && + grep "^No signature" actual && + ! grep "^gpg: Signature made" actual + ' + test_expect_success GPGSM 'log --graph --show-signature for merged tag x509' ' test_when_finished "git reset --hard && git checkout master" && test_config gpg.format x509 &&