git/builtin/verify-tag.c
Santiago Torres ff3c8c8f12 builtin/verify-tag: add --format to verify-tag
Callers of verify-tag may want to cross-check the tagname from refs/tags
with the tagname from the tag object header upon GPG verification. This
is to avoid tag refs that point to an incorrect object.

Add a --format parameter to git verify-tag to print the formatted tag
object header in addition to or instead of the --verbose or --raw GPG
verification output.

Signed-off-by: Santiago Torres <santiago@nyu.edu>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-01-17 16:10:22 -08:00

75 lines
1.8 KiB
C

/*
* Builtin "git verify-tag"
*
* Copyright (c) 2007 Carlos Rica <jasampler@gmail.com>
*
* Based on git-verify-tag.sh
*/
#include "cache.h"
#include "builtin.h"
#include "tag.h"
#include "run-command.h"
#include <signal.h>
#include "parse-options.h"
#include "gpg-interface.h"
#include "ref-filter.h"
static const char * const verify_tag_usage[] = {
N_("git verify-tag [-v | --verbose] [--format=<format>] <tag>..."),
NULL
};
static int git_verify_tag_config(const char *var, const char *value, void *cb)
{
int status = git_gpg_config(var, value, cb);
if (status)
return status;
return git_default_config(var, value, cb);
}
int cmd_verify_tag(int argc, const char **argv, const char *prefix)
{
int i = 1, verbose = 0, had_error = 0;
unsigned flags = 0;
char *fmt_pretty = NULL;
const struct option verify_tag_options[] = {
OPT__VERBOSE(&verbose, N_("print tag contents")),
OPT_BIT(0, "raw", &flags, N_("print raw gpg status output"), GPG_VERIFY_RAW),
OPT_STRING( 0 , "format", &fmt_pretty, N_("format"), N_("format to use for the output")),
OPT_END()
};
git_config(git_verify_tag_config, NULL);
argc = parse_options(argc, argv, prefix, verify_tag_options,
verify_tag_usage, PARSE_OPT_KEEP_ARGV0);
if (argc <= i)
usage_with_options(verify_tag_usage, verify_tag_options);
if (verbose)
flags |= GPG_VERIFY_VERBOSE;
if (fmt_pretty) {
verify_ref_format(fmt_pretty);
flags |= GPG_VERIFY_OMIT_STATUS;
}
while (i < argc) {
unsigned char sha1[20];
const char *name = argv[i++];
if (get_sha1(name, sha1)) {
had_error = !!error("tag '%s' not found.", name);
continue;
}
if (gpg_verify_tag(sha1, name, flags)) {
had_error = 1;
continue;
}
if (fmt_pretty)
pretty_print_ref(name, sha1, fmt_pretty);
}
return had_error;
}