gpg: centralize signature check verify-commit and verify-tag both share a central codepath for verifying commits: check_signature. However, verify-tag exited successfully for untrusted signature, while verify-commit exited unsuccessfully. Centralize this signature check and make verify-commit adopt the older verify-tag behavior. This behavior is more logical anyway, as the signature is in fact valid, whether or not there's a path of trust to the author. Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit: 434060ec6d9bf50f095db901da3fb9b557e11df1 [log] [tgz]
author: brian m. carlson <sandals@crustytoothpaste.net> Sun Jun 21 23:14:40 2015 +0000
committer: Junio C Hamano <gitster@pobox.com> Mon Jun 22 14:20:46 2015 -0700
tree: 7a7dc99fb6b8e1e5eaa566ec4eb5e29ff807e8f2
parent: 8e98e5f27aba812c0f095b7e546871e14a4139f6 [diff] [blame]
diff --git a/commit.h b/commit.h
index 9f189cb..afa0f6f 100644
--- a/commit.h
+++ b/commit.h

@@ -375,7 +375,7 @@
  * at all.  This may allocate memory for sig->gpg_output, sig->gpg_status,
  * sig->signer and sig->key.
  */
-extern void check_commit_signature(const struct commit *commit, struct signature_check *sigc);
+extern int check_commit_signature(const struct commit *commit, struct signature_check *sigc);
 
 int compare_commits_by_commit_date(const void *a_, const void *b_, void *unused);
commit	434060ec6d9bf50f095db901da3fb9b557e11df1	[log] [tgz]
author	brian m. carlson <sandals@crustytoothpaste.net>	Sun Jun 21 23:14:40 2015 +0000
committer	Junio C Hamano <gitster@pobox.com>	Mon Jun 22 14:20:46 2015 -0700
tree	7a7dc99fb6b8e1e5eaa566ec4eb5e29ff807e8f2
parent	8e98e5f27aba812c0f095b7e546871e14a4139f6 [diff] [blame]