When we create a signature, it may happen that gpg returns with
"success" but not with an actual detached signature on stdout.
Check for the correct header to catch these cases better.
Signed-off-by: Michael J Gruber <g...@drmicha.warpmail.net>
---
This catches at least my echo example.
We could do a full blown gpg signature check, of course.
gpg-interface.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gpg-interface.c b/gpg-interface.c
index c4b1e8c..664796f 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -185,7 +185,7 @@ int sign_buffer(struct strbuf *buffer, struct strbuf
*signature, const char *sig
sigchain_pop(SIGPIPE);
- if (finish_command(&gpg) || !len || len < 0)
+ if (finish_command(&gpg) || !len || len < 0 || strncmp(signature->buf,
PGP_SIGNATURE, strlen(PGP_SIGNATURE)))
return error(_("gpg failed to sign the data"));
/* Strip CR from the line endings, in case we are on Windows. */
--
2.9.0.382.g87fd384
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
