BigW Consortium Gitlab

Commit 8c4b6a32 by Alexis Reigel

bail if the commit has no signature

parent 69e511c4
...@@ -242,11 +242,7 @@ class Commit ...@@ -242,11 +242,7 @@ class Commit
cached_signature = GpgSignature.find_by(commit_sha: sha) cached_signature = GpgSignature.find_by(commit_sha: sha)
return cached_signature if cached_signature.present? return cached_signature if cached_signature.present?
gpg_commit = Gitlab::Gpg::Commit.new(self) @signature = Gitlab::Gpg::Commit.new(self).signature
return unless gpg_commit.has_signature?
@signature = gpg_commit.signature
end end
def revert_branch_name def revert_branch_name
......
...@@ -10,10 +10,12 @@ module Gitlab ...@@ -10,10 +10,12 @@ module Gitlab
end end
def has_signature? def has_signature?
@signature_text && @signed_text !!(@signature_text && @signed_text)
end end
def signature def signature
return unless has_signature?
Gitlab::Gpg.using_tmp_keychain do Gitlab::Gpg.using_tmp_keychain do
# first we need to get the keyid from the signature to query the gpg # first we need to get the keyid from the signature to query the gpg
# key belonging to the keyid. # key belonging to the keyid.
...@@ -43,7 +45,7 @@ module Gitlab ...@@ -43,7 +45,7 @@ module Gitlab
project: commit.project, project: commit.project,
gpg_key: gpg_key, gpg_key: gpg_key,
gpg_key_primary_keyid: gpg_key&.primary_keyid, gpg_key_primary_keyid: gpg_key&.primary_keyid,
valid_signature: !!(gpg_key && verified_signature&.valid?) valid_signature: !!(gpg_key && verified_signature.valid?)
) )
end end
end end
......
...@@ -4,6 +4,12 @@ RSpec.describe Gitlab::Gpg::Commit do ...@@ -4,6 +4,12 @@ RSpec.describe Gitlab::Gpg::Commit do
describe '#signature' do describe '#signature' do
let!(:project) { create :project, :repository, path: 'sample-project' } let!(:project) { create :project, :repository, path: 'sample-project' }
context 'unisgned commit' do
it 'returns nil' do
expect(described_class.new(project.commit).signature).to be_nil
end
end
context 'known public key' do context 'known public key' do
it 'returns a valid signature' do it 'returns a valid signature' do
gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key gpg_key = create :gpg_key, key: GpgHelpers::User1.public_key
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment