diff options
| author | Justin Tobler <jltobler@gmail.com> | 2026-03-26 14:14:13 -0500 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2026-03-26 12:42:58 -0700 |
| commit | 2b1546c03cc3e02e51261fa38fe47a4f1b4e295b (patch) | |
| tree | 7be74f13c31ddd66f4c4506264c7a0d5e0191238 /builtin | |
| parent | 817b0428797742829b57538210ad8404b09f9cb1 (diff) | |
| download | git-2b1546c03cc3e02e51261fa38fe47a4f1b4e295b.tar.xz | |
fast-import: add 'sign-if-invalid' mode to '--signed-tags=<mode>'
With ee66c793f8 (fast-import: add mode to sign commits with invalid
signatures, 2026-03-12), git-fast-import(1) learned to verify commit
signatures during import and replace signatures that fail verification
with a newly generated one. Extend the same behavior to signed tag
objects by introducing a 'sign-if-invalid' mode for the '--signed-tags'
option.
Signed-off-by: Justin Tobler <jltobler@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'builtin')
| -rw-r--r-- | builtin/fast-import.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/builtin/fast-import.c b/builtin/fast-import.c index 5e89829aea..783e0e7ab4 100644 --- a/builtin/fast-import.c +++ b/builtin/fast-import.c @@ -191,6 +191,7 @@ static const char *global_prefix; static enum sign_mode signed_tag_mode = SIGN_VERBATIM; static enum sign_mode signed_commit_mode = SIGN_VERBATIM; static const char *signed_commit_keyid; +static const char *signed_tag_keyid; /* Memory pools */ static struct mem_pool fi_mem_pool = { @@ -3110,6 +3111,19 @@ static void handle_tag_signature_if_invalid(struct strbuf *buf, strbuf_setlen(msg, sig_offset); + if (signed_tag_mode == SIGN_SIGN_IF_INVALID) { + strbuf_attach(&payload, sigc.payload, sigc.payload_len, + sigc.payload_len + 1); + sigc.payload = NULL; + strbuf_reset(&signature); + + if (sign_buffer(&payload, &signature, signed_tag_keyid, + SIGN_BUFFER_USE_DEFAULT_KEY)) + die(_("failed to sign tag object")); + + strbuf_addbuf(msg, &signature); + } + out: signature_check_clear(&sigc); strbuf_release(&signature); @@ -3142,6 +3156,7 @@ static void handle_tag_signature(struct strbuf *buf, struct strbuf *msg, const c /* Truncate the buffer to remove the signature */ strbuf_setlen(msg, sig_offset); break; + case SIGN_SIGN_IF_INVALID: case SIGN_STRIP_IF_INVALID: handle_tag_signature_if_invalid(buf, msg, sig_offset); break; @@ -3153,9 +3168,6 @@ static void handle_tag_signature(struct strbuf *buf, struct strbuf *msg, const c case SIGN_ABORT_IF_INVALID: die(_("'abort-if-invalid' is not a valid mode for " "git fast-import with --signed-tags=<mode>")); - case SIGN_SIGN_IF_INVALID: - die(_("'sign-if-invalid' is not a valid mode for " - "git fast-import with --signed-tags=<mode>")); default: BUG("invalid signed_tag_mode value %d from tag '%s'", signed_tag_mode, name); @@ -3749,7 +3761,7 @@ static int parse_one_option(const char *option) if (parse_sign_mode(option, &signed_commit_mode, &signed_commit_keyid)) usagef(_("unknown --signed-commits mode '%s'"), option); } else if (skip_prefix(option, "signed-tags=", &option)) { - if (parse_sign_mode(option, &signed_tag_mode, NULL)) + if (parse_sign_mode(option, &signed_tag_mode, &signed_tag_keyid)) usagef(_("unknown --signed-tags mode '%s'"), option); } else if (!strcmp(option, "quiet")) { show_stats = 0; |