merge/pull Check for untrusted good GPG signatures When --verify-signatures is specified, abort the merge in case a good GPG signature from an untrusted key is encountered. Signed-off-by: Sebastian Götte <jaseg@physik-pool.tu-berlin.de> Signed-off-by: Junio C Hamano <gitster@pobox.com>

commit: eb307ae7bb78ccde4e2ac69f302ccf8834883628 [log] [tgz]
author: Sebastian Götte <jaseg@physik.tu-berlin.de> Sun Mar 31 18:02:46 2013 +0200
committer: Junio C Hamano <gitster@pobox.com> Sun Mar 31 22:38:49 2013 -0700
tree: 40bed8e400a5208b7c81ff94752133818014da6b
parent: efed0022492b81bf59d29193c4ffe96492dd9e9b [diff]
diff --git a/builtin/merge.c b/builtin/merge.c
index e57c42c..bac11d1 100644
--- a/builtin/merge.c
+++ b/builtin/merge.c

@@ -1248,6 +1248,9 @@
 			switch (signature_check.result) {
 			case 'G':
 				break;
+			case 'U':
+				die(_("Commit %s has an untrusted GPG signature, "
+				      "allegedly by %s."), hex, signature_check.signer);
 			case 'B':
 				die(_("Commit %s has a bad GPG signature "
 				      "allegedly by %s."), hex, signature_check.signer);
commit	eb307ae7bb78ccde4e2ac69f302ccf8834883628	[log] [tgz]
author	Sebastian Götte <jaseg@physik.tu-berlin.de>	Sun Mar 31 18:02:46 2013 +0200
committer	Junio C Hamano <gitster@pobox.com>	Sun Mar 31 22:38:49 2013 -0700
tree	40bed8e400a5208b7c81ff94752133818014da6b
parent	efed0022492b81bf59d29193c4ffe96492dd9e9b [diff]