Matt Corallo
efc06c2c46
If GNU sha512sum is missing, try perl shasum in verify-commits
2017-03-09 09:53:19 -05:00
Matt Corallo
fd5e905e21
Make verify-commits.sh non-recursive
2017-03-09 09:53:19 -05:00
Matt Corallo
b3ec305f8e
Fix bashisms in verify-commits and always check top commit's tree
2017-03-06 16:59:08 -05:00
Matt Corallo
f20e664f40
Check gpg version before setting --weak-digest
2017-03-06 16:59:07 -05:00
Matt Corallo
bbd757940b
Fix regsig checking for subkey sigs in verify-commits
2017-03-05 11:21:52 -05:00
Matt Corallo
d025bc7964
Allow any subkey in verify-commits
2017-03-04 09:41:16 -05:00
Peter Todd
eddc77a1b1
Add comment re: why SHA1 is disabled
2017-03-04 09:41:16 -05:00
Matt Corallo
d9c450ffb2
Verify Tree-SHA512s in merge commits, enforce sigs are not SHA1
2017-03-04 09:41:15 -05:00
Matt Corallo
a4b02f4275
Add Pieter's old signed commits to revsig-commits
2017-02-27 20:24:20 -05:00
Matt Corallo
3e900acafa
Require merge commits merge branches on top of other merge commits
...
Specifically, require that the left branch (first restult of git
show -s --format=format:%P) is a signed merge commit, instead of
allowing either. This is fine for now, but might need to be relaxed
in the future.
Also fixes an out-of-file-descriptors issue by holding too many
open FDs writing to /dev/null
2017-02-01 18:22:27 -05:00
isle2983
0766d1cac3
[copyright] add MIT license headers to .sh scripts where missing
...
Years are set according to 'git log' history
2016-09-11 13:36:22 -06:00
Peter Todd
1e9aab0dbf
Remove sipa's old revoked key from verify-commits
...
Now that the trusted root is past all commits signed by that key we don't need
it in the trusted-keys list, nor do we need to whitelist those commits in
allow-revsig-commits
2016-06-18 20:53:17 -04:00
Peter Todd
966151e71d
Add README for verify-commits
2016-06-09 13:58:29 -04:00
Peter Todd
11164ec0b4
Remove keys that are no longer used for merging
...
Also updated trusted git root to be right after gmaxwell's last merge.
2016-05-21 11:29:01 +02:00
Peter Todd
22421faa19
Remove pointless warning
...
Any attacker who managed to make an evil commit that changed something in the
contrib/verify-commits/ directory could just as easily remove the warning
and/or modify it to not display the evil commits; telling the user to check
those commits specifically misleads them into checking just those commits
rather than the script itself.
2016-05-21 11:26:21 +02:00
Matt Corallo
9523e8adaf
Make verify-commits path-independent
2016-05-21 11:26:10 +02:00
Matt Corallo
f7d4a25fe6
Make verify-commits POSIX-compliant
2016-05-21 11:26:06 +02:00
MarcoFalke
fa24329334
[contrib] verify-commits: Add MarcoFalke fingerprint
2016-04-21 15:25:09 +02:00
Jonas Schnelli
a5bc8de1ba
add jonasschnellis key to git-verify-commits trusted-keys
2015-11-13 14:52:17 +01:00
Matt Corallo
9ea7762e2c
Use Pieter's signing subkey instead of his primary key
...
This commit is signed.
2015-11-06 15:19:31 -08:00
Matt Corallo
6e800c2b41
Add Pieter's new PGP key to verify-commits/trusted-keys
2015-10-27 17:06:13 -07:00
Matt Corallo
1d94b72019
Whitelist commits signed with Pieter's now-revoked key
2015-10-23 02:05:42 -07:00
Matt Corallo
27252b7389
Fix pre-push-hook regexes
2015-10-22 19:50:01 -07:00
Matt Corallo
0186228d61
Update trusted-git-root to the most recent unsigned commit
2015-09-14 12:54:25 -04:00
Matt Corallo
adaa568722
Add script to verify all merge commits are signed
2014-12-20 00:39:42 -05:00