Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: git/git
base: 18c6653da0be924f83415f987d76f6813b81f086
Choose a base ref
...
head repository: git/git
compare: f3af71c947cdf2e5acd16cacf50586b829a68f6e
Choose a head ref
  • 5 commits
  • 16 files changed
  • 3 contributors

Commits on Oct 12, 2021

  1. Merge branch 'fs/ssh-signing' into fs/ssh-signing-fix 

    * fs/ssh-signing:
  ssh signing: test that gpg fails for unknown keys
  ssh signing: tests for logs, tags & push certs
  ssh signing: duplicate t7510 tests for commits
  ssh signing: verify signatures using ssh-keygen
  ssh signing: provide a textual signing_key_id
  ssh signing: retrieve a default key from ssh-agent
  ssh signing: add ssh key format and signing code
  ssh signing: add test prereqs
  ssh signing: preliminary refactoring and clean-up
    @gitster
    gitster committed Oct 12, 2021
    Copy the full SHA
    e8191a5 View commit details
    Browse the repository at this point in the history

  2. ssh signing: fmt-merge-msg tests & config parse 

    When merging a signed tag fmt-merge-msg was unable to verify its
validity missing the necessary ssh allowedSignersFile config.

Adds gpg config parsing to fmt-merge-msg.
Adds tests for ssh signed tags to fmt-merge-msg tests.

Signed-off-by: Fabian Stelzer <fs@gigacodes.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
    @FStelzer @gitster
    FStelzer authored and gitster committed Oct 12, 2021
    Copy the full SHA
    9d12546 View commit details
    Browse the repository at this point in the history

Commits on Oct 13, 2021

  1. ssh signing: clarify trustlevel usage in docs 

    facca53 added verification for ssh signatures but incorrectly
described the usage of gpg.minTrustLevel. While the verifications
trustlevel is stil set to fully or undefined depending on if the key is
known or not it has no effect on the verification result. Unknown keys
will always fail verification. This commit updates the docs to match
this behaviour.

Signed-off-by: Fabian Stelzer <fs@gigacodes.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
    @FStelzer @gitster
    FStelzer authored and gitster committed Oct 13, 2021
    Copy the full SHA
    9fb391b View commit details
    Browse the repository at this point in the history

Commits on Oct 18, 2021

  1. gpg-interface: fix leak of "line" in parse_ssh_output() 

    We xmemdupz() this buffer, but never free it. Let's do so. We'll use a
cleanup label, since there are multiple exits from the function.

Note that it was also declared a "const char *". We could switch that to
"char *" to indicate that it's allocated, but that make it awkward to
use with skip_prefix(). So instead, we'll introduce an extra non-const
pointer.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
    @peff @gitster
    peff authored and gitster committed Oct 18, 2021
    Copy the full SHA
    78d468f View commit details
    Browse the repository at this point in the history

  2. gpg-interface: fix leak of strbufs in get_ssh_key_fingerprint() 

    We read stdout from gpg into a strbuf, then split it into a list of
strbufs, pull out one element, and return it. But we don't free either
the original stdout buffer, nor the list returned from strbuf_split().

This patch fixes both. Note that we have to detach the returned string
from its strbuf before calling strbuf_list_free(), as that would
otherwise throw it away.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
    @peff @gitster
    peff authored and gitster committed Oct 18, 2021
    Copy the full SHA
    f3af71c View commit details
    Browse the repository at this point in the history