diff options
author | Matt Corallo <git@bluematt.me> | 2017-02-27 14:13:39 -0500 |
---|---|---|
committer | Matt Corallo <git@bluematt.me> | 2017-03-04 09:41:15 -0500 |
commit | d9c450ffb2a5a619ce11304f31427af9c9bf7a92 (patch) | |
tree | 5cd7cef12b36729e9061bdcca0fc8d30e5fb84af /contrib/verify-commits/gpg.sh | |
parent | be908a69bf74a74a263bde14c310b397abe6776f (diff) |
Verify Tree-SHA512s in merge commits, enforce sigs are not SHA1
Diffstat (limited to 'contrib/verify-commits/gpg.sh')
-rwxr-xr-x | contrib/verify-commits/gpg.sh | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/contrib/verify-commits/gpg.sh b/contrib/verify-commits/gpg.sh index 09ff237544..4df8bee3b3 100755 --- a/contrib/verify-commits/gpg.sh +++ b/contrib/verify-commits/gpg.sh @@ -8,7 +8,12 @@ VALID=false REVSIG=false IFS=' ' -for LINE in $(echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null); do +if [ "$BITCOIN_VERIFY_COMMITS_ALLOW_SHA1" = 1 ]; then + GPG_RES="$(echo "$INPUT" | gpg --trust-model always "$@" 2>/dev/null)" +else + GPG_RES="$(echo "$INPUT" | gpg --trust-model always --weak-digest sha1 "$@" 2>/dev/null)" +fi +for LINE in $(echo "$GPG_RES"); do case "$LINE" in "[GNUPG:] VALIDSIG "*) while read KEY; do |