-
Notifications
You must be signed in to change notification settings - Fork 25.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
merge/pull: verify GPG signatures of commits being merged
When --verify-signatures is specified on the command-line of git-merge or git-pull, check whether the commits being merged have good gpg signatures and abort the merge in case they do not. This allows e.g. auto-deployment from untrusted repo hosts. Signed-off-by: Sebastian Götte <jaseg@physik-pool.tu-berlin.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>
- Loading branch information
Showing
4 changed files
with
98 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,52 @@ | |||
#!/bin/sh | |||
|
|||
test_description='merge signature verification tests' | |||
. ./test-lib.sh | |||
. "$TEST_DIRECTORY/lib-gpg.sh" | |||
|
|||
test_expect_success GPG 'create signed commits' ' | |||
echo 1 >file && git add file && | |||
test_tick && git commit -m initial && | |||
git tag initial && | |||
git checkout -b side-signed && | |||
echo 3 >elif && git add elif && | |||
test_tick && git commit -S -m "signed on side" && | |||
git checkout initial && | |||
git checkout -b side-unsigned && | |||
echo 3 >foo && git add foo && | |||
test_tick && git commit -m "unsigned on side" && | |||
git checkout initial && | |||
git checkout -b side-bad && | |||
echo 3 >bar && git add bar && | |||
test_tick && git commit -S -m "bad on side" && | |||
git cat-file commit side-bad >raw && | |||
sed -e "s/bad/forged bad/" raw >forged && | |||
git hash-object -w -t commit forged >forged.commit && | |||
git checkout initial && | |||
git checkout master | |||
' | |||
|
|||
test_expect_success GPG 'merge unsigned commit with verification' ' | |||
test_must_fail git merge --ff-only --verify-signatures side-unsigned 2>mergeerror && | |||
test_i18ngrep "does not have a GPG signature" mergeerror | |||
' | |||
|
|||
test_expect_success GPG 'merge commit with bad signature with verification' ' | |||
test_must_fail git merge --ff-only --verify-signatures $(cat forged.commit) 2>mergeerror && | |||
test_i18ngrep "has a bad GPG signature" mergeerror | |||
' | |||
|
|||
test_expect_success GPG 'merge signed commit with verification' ' | |||
git merge --verbose --ff-only --verify-signatures side-signed >mergeoutput && | |||
test_i18ngrep "has a good GPG signature" mergeoutput | |||
' | |||
|
|||
test_expect_success GPG 'merge commit with bad signature without verification' ' | |||
git merge $(cat forged.commit) | |||
' | |||
|
|||
test_done |