mbox series

[v3,0/6] Support for commits signed by multiple algorithms

Message ID 20210118234915.2036197-1-sandals@crustytoothpaste.net (mailing list archive)
Headers show
Series Support for commits signed by multiple algorithms | expand

Message

brian m. carlson Jan. 18, 2021, 11:49 p.m. UTC 
This series introduces support for verifying commits and tags signed by
multiple algorithms.

These commits allow for signing commits and tags that can be
round-tripped through both SHA-1 and SHA-256.  We verify only the
signature using the current hash algorithm, since we currently don't
rewrite objects.

Changes from v2:
* Fix problems with size_t and unsigned long on 32-bit systems by
  creating a cleanup patch at the beginning of the series.
* Fix a clang warning with initialization by using memset.

Changes from v1:
* Fix brown paper bag bug where some tests failed due to a bad rebase.

brian m. carlson (6):
  ref-filter: switch some uses of unsigned long to size_t
  commit: ignore additional signatures when parsing signed commits
  gpg-interface: improve interface for parsing tags
  commit: allow parsing arbitrary buffers with headers
  ref-filter: hoist signature parsing
  gpg-interface: remove other signature headers before verifying

 builtin/receive-pack.c   |  4 +-
 builtin/tag.c            | 16 ++++++--
 commit.c                 | 85 +++++++++++++++++++++++++++-------------
 commit.h                 | 12 +++++-
 fmt-merge-msg.c          | 29 ++++++++------
 gpg-interface.c          | 15 ++++++-
 gpg-interface.h          |  9 ++++-
 log-tree.c               | 15 +++----
 ref-filter.c             | 33 ++++++++++------
 t/t7004-tag.sh           | 25 ++++++++++++
 t/t7510-signed-commit.sh | 43 +++++++++++++++++++-
 tag.c                    | 15 +++----
 12 files changed, 226 insertions(+), 75 deletions(-)