diff options
author | Matt Corallo <git@bluematt.me> | 2015-10-23 02:05:42 -0700 |
---|---|---|
committer | Matt Corallo <git@bluematt.me> | 2015-10-23 02:05:42 -0700 |
commit | 1d94b72019e31066b33947af5709383b8075e43a (patch) | |
tree | e83ac333adc4b84830cc4482bcee2abde9a15e26 | |
parent | 27252b73894d00f9dbe27b664159b2a999683069 (diff) |
Whitelist commits signed with Pieter's now-revoked key
-rw-r--r-- | contrib/verify-commits/allow-revsig-commits | 2 | ||||
-rwxr-xr-x | contrib/verify-commits/gpg.sh | 22 | ||||
-rwxr-xr-x | contrib/verify-commits/verify-commits.sh | 12 |
3 files changed, 34 insertions, 2 deletions
diff --git a/contrib/verify-commits/allow-revsig-commits b/contrib/verify-commits/allow-revsig-commits new file mode 100644 index 0000000000..31aeb8f3d3 --- /dev/null +++ b/contrib/verify-commits/allow-revsig-commits @@ -0,0 +1,2 @@ +586a29253dabec3ca0f1ccba9091daabd16b8411 +eddaba7b5692288087a926da5733e86b47274e4e diff --git a/contrib/verify-commits/gpg.sh b/contrib/verify-commits/gpg.sh index 6b5137e7b5..0218b82e11 100755 --- a/contrib/verify-commits/gpg.sh +++ b/contrib/verify-commits/gpg.sh @@ -1,15 +1,33 @@ #!/bin/sh INPUT=$(</dev/stdin) VALID=false +REVSIG=false IFS=$'\n' for LINE in $(echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null); do - case "$LINE" in "[GNUPG:] VALIDSIG"*) + case "$LINE" in + "[GNUPG:] VALIDSIG "*) while read KEY; do case "$LINE" in "[GNUPG:] VALIDSIG $KEY "*) VALID=true;; esac done < ./contrib/verify-commits/trusted-keys + ;; + "[GNUPG:] REVKEYSIG "*) + [ "$BITCOIN_VERIFY_COMMITS_ALLOW_REVSIG" != 1 ] && exit 1 + while read KEY; do + case "$LINE" in "[GNUPG:] REVKEYSIG ${KEY:24:40} "*) + REVSIG=true + GOODREVSIG="[GNUPG:] GOODSIG ${KEY:24:40} " + ;; + esac + done < ./contrib/verify-commits/trusted-keys + ;; esac done if ! $VALID; then exit 1 fi -echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null +if $VALID && $REVSIG; then + echo "$INPUT" | gpg --trust-model always "$@" | grep "\[GNUPG:\] \(NEWSIG\|SIG_ID\|VALIDSIG\)" 2>/dev/null + echo "$GOODREVSIG" +else + echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null +fi diff --git a/contrib/verify-commits/verify-commits.sh b/contrib/verify-commits/verify-commits.sh index 5841fa2077..9ba781008a 100755 --- a/contrib/verify-commits/verify-commits.sh +++ b/contrib/verify-commits/verify-commits.sh @@ -7,11 +7,23 @@ git log "$DIR" VERIFIED_ROOT=$(cat "${DIR}/trusted-git-root") +IS_REVSIG_ALLOWED () { + while read LINE; do + [ "$LINE" = "$1" ] && return 0 + done < "${DIR}/allow-revsig-commits" + return 1 +} + HAVE_FAILED=false IS_SIGNED () { if [ $1 = $VERIFIED_ROOT ]; then return 0; fi + if IS_REVSIG_ALLOWED "$1"; then + export BITCOIN_VERIFY_COMMITS_ALLOW_REVSIG=1 + else + export BITCOIN_VERIFY_COMMITS_ALLOW_REVSIG=0 + fi if ! git -c "gpg.program=${DIR}/gpg.sh" verify-commit $1 > /dev/null 2>&1; then return 1; fi |