diff options
| author | Erich Eckner <git@eckner.net> | 2020-05-22 19:52:56 +0200 |
|---|---|---|
| committer | Erich Eckner <git@eckner.net> | 2020-05-22 19:52:56 +0200 |
| commit | 418529b3167a2a0c922266daabcb1b8c3b237123 (patch) | |
| tree | 93bbdc89ac00e51fdbee8ebd00371fece9a278d4 /httpdocs/index.php | |
| parent | f73f04a33849f56c5dd7f87aa2fda48ab321d8bd (diff) | |
| download | archive-server-418529b3167a2a0c922266daabcb1b8c3b237123.tar.xz | |
httpdocs/index.php: git verify-tag should look for subkeys, too
Diffstat (limited to 'httpdocs/index.php')
| -rw-r--r-- | httpdocs/index.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/httpdocs/index.php b/httpdocs/index.php index 01188a7..b433bd1 100644 --- a/httpdocs/index.php +++ b/httpdocs/index.php @@ -77,7 +77,7 @@ if (isset($_GET['r'])) { if ($_GET['t']=='git') { if (trim(shell_exec( 'GNUPGHOME="' . $work_dir . 'gnupg" git -C "' . $work_dir . 'repositories/' . $_GET['t'] . '/' . $_GET['r'] . '" verify-tag --raw "' . $commit_identifier . '" 2>&1 | ' . - 'grep -c "\[GNUPG:\] VALIDSIG ' . $key_regex . ' "' + 'grep -c "\[GNUPG:\] VALIDSIG\( ' . $key_regex . ' \| .* ' . $key_regex . '\$\)"' )) == '0') throw_http_error(409, 'Commit ' . $commit_identifier . ' is not signed by ' . $_GET['valid_keys']); } else |