From patchwork Mon Oct 31 23:09:09 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Junio C Hamano X-Patchwork-Id: 122997 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 02D82B6F62 for ; Tue, 1 Nov 2011 10:09:39 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753351Ab1JaXJN (ORCPT ); Mon, 31 Oct 2011 19:09:13 -0400 Received: from b-pb-sasl-quonix.pobox.com ([208.72.237.35]:49785 "EHLO smtp.pobox.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753343Ab1JaXJM (ORCPT ); Mon, 31 Oct 2011 19:09:12 -0400 Received: from smtp.pobox.com (unknown [127.0.0.1]) by b-sasl-quonix.pobox.com (Postfix) with ESMTP id AD66758E3; Mon, 31 Oct 2011 19:09:11 -0400 (EDT) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=from:to:cc :subject:references:date:in-reply-to:message-id:mime-version :content-type; s=sasl; bh=6yp8Nw/DJLiLxcECoqGeGUjyHao=; b=R87alb nWmus3pPO7FkDZz2GQcOwD8L0IIKfpk7I45n4KRWOcfXabK9gSnFwKmytBBH7xoq 1rE86yObQRqFFiSSkhigJfA2joFmxISga0+gtt/UM2x2O4i76uismMkslWNNAXgG 9ndYciz7IscQJIrqCRus7EZpZ2Wloo8G3PtP0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=from:to:cc :subject:references:date:in-reply-to:message-id:mime-version :content-type; q=dns; s=sasl; b=YgiZ5fLA6syMEPs7aV4YU7y/pBMYjmQy 8qKgaNhI7av0C6/11wFSVXjF7S+QOX178MStl/TPmSMvuybLGeDHOj8tKrTAnNJf iPP+y5GQ7pUECHOBueJoW9htT8Tik04W0It9S1muvjUc/JwXzu9LiXpK5kFcELzS IuZLqUhfBe8= Received: from b-pb-sasl-quonix.pobox.com (unknown [127.0.0.1]) by b-sasl-quonix.pobox.com (Postfix) with ESMTP id A374C58E2; Mon, 31 Oct 2011 19:09:11 -0400 (EDT) Received: from pobox.com (unknown [76.102.170.102]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by b-sasl-quonix.pobox.com (Postfix) with ESMTPSA id 0058B58E0; Mon, 31 Oct 2011 19:09:10 -0400 (EDT) From: Junio C Hamano To: Linus Torvalds Cc: "H. Peter Anvin" , git@vger.kernel.org, James Bottomley , Jeff Garzik , Andrew Morton , linux-ide@vger.kernel.org, LKML Subject: Re: [git patches] libata updates, GPG signed (but see admin notes) References: <20111026202235.GA20928@havoc.gtf.org> <1319969101.5215.20.camel@dabdike> <1320049150.8283.19.camel@dabdike> <7vy5w1ow90.fsf@alter.siamese.dyndns.org> <4EAF1F40.3030907@zytor.com> <4EAF2245.90308@zytor.com> <7vvcr4ojvp.fsf@alter.siamese.dyndns.org> Date: Mon, 31 Oct 2011 16:09:09 -0700 In-Reply-To: <7vvcr4ojvp.fsf@alter.siamese.dyndns.org> (Junio C. Hamano's message of "Mon, 31 Oct 2011 15:51:06 -0700") Message-ID: <7vlis0oj1m.fsf@alter.siamese.dyndns.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.2 (gnu/linux) MIME-Version: 1.0 X-Pobox-Relay-ID: 57B975AA-0415-11E1-8ED5-9DB42E706CDE-77302942!b-pb-sasl-quonix.pobox.com Sender: linux-ide-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ide@vger.kernel.org Junio C Hamano writes: > Linus Torvalds writes: > ... > As I already said, I do not think notes is a good match as a tool to do > this. > >> matters is that "git push" and "git pull" would JustWork(tm), and >> check the signature if one exists, without having to cut-and-paste >> data that simply shouldn't be visible to the user. >> >> I abhor the interface Ingo suggested, for example.... > > Some cut-and-paste (or piping the e-mail to a command) would be necessary > evil, though, as you would have GPG keys from more than one trusted person > in your keyring, and when you are responding to a pull-request from person > A, finding a valid commit signed by person B should not be a success, but > at least should raise a warning. So here is a quick hack that does not involve cut-and-paste (it depends on the signed-commit topic in 'next'). $ git pull --require-signature would trigger signature verification and stops you after fetching but before merging. git-pull.sh | 25 ++++++++++++++++++++++++- 1 files changed, 24 insertions(+), 1 deletions(-) --- To unsubscribe from this list: send the line "unsubscribe linux-ide" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/git-pull.sh b/git-pull.sh index 9868a0b..f3b4c93 100755 --- a/git-pull.sh +++ b/git-pull.sh @@ -39,7 +39,7 @@ test -z "$(git ls-files -u)" || die_conflict test -f "$GIT_DIR/MERGE_HEAD" && die_merge strategy_args= diffstat= no_commit= squash= no_ff= ff_only= -log_arg= verbosity= progress= recurse_submodules= +log_arg= verbosity= progress= recurse_submodules= must_be_signed= merge_args= curr_branch=$(git symbolic-ref -q HEAD) curr_branch_short="${curr_branch#refs/heads/}" @@ -60,6 +60,8 @@ do diffstat=--no-stat ;; --stat|--summary) diffstat=--stat ;; + --require-signature) + must_be_signed=yes ;; --log|--no-log) log_arg=$1 ;; --no-c|--no-co|--no-com|--no-comm|--no-commi|--no-commit) @@ -208,6 +210,27 @@ orig_head=$(git rev-parse -q --verify HEAD) git fetch $verbosity $progress $dry_run $recurse_submodules --update-head-ok "$@" || exit 1 test -z "$dry_run" || exit 0 +if test -n "$must_be_signed" +then + signature=$(git show -s --format='%G?' FETCH_HEAD) + case "$signature" in + G) + case "$verbosity" in + *' '-v*) + git show -s --show-signature FETCH_HEAD ;; + esac + ;; + B) + echo >&2 "Bad signature on the tip commit" + exit 1 + ;; + *) + echo >&2 "Tip commit must be signed" + exit 1 + ;; + fi +fi + curr_head=$(git rev-parse -q --verify HEAD) if test -n "$orig_head" && test "$curr_head" != "$orig_head" then