Merge branch 'jc/gpg-status'

"git verify-tag" and "git verify-commit" have been taught to use the exit status of underlying "gpg --verify" to signal bad or untrusted signature they found. * jc/gpg-status: gpg-interface: propagate exit status from gpg back to the callers
2025-01-22 07:24:10 +08:00 · 2018-08-20 11:33:50 -07:00 · 2018-08-20 11:33:50 -07:00 · 4d34122eef
commit 4d34122eef
parent 6e8f3d1ca0 4e5dc9ca17
1 changed files with 2 additions and 1 deletions
--- a/gpg-interface.c
+++ b/gpg-interface.c
@ -136,12 +136,13 @@ int check_signature(const char *payload, size_t plen, const char *signature,
 	sigc->gpg_output = strbuf_detach(&gpg_output, NULL);
 	sigc->gpg_status = strbuf_detach(&gpg_status, NULL);
 	parse_gpg_output(sigc);
+	status |= sigc->result != 'G' && sigc->result != 'U';

 out:
 	strbuf_release(&gpg_status);
 	strbuf_release(&gpg_output);

-	return sigc->result != 'G' && sigc->result != 'U';
+	return !!status;
 }

 void print_signature_buffer(const struct signature_check *sigc, unsigned flags)