Matt Corallo
d23be309c2
[verify-commits] Allow revoked keys to expire
7 years ago
practicalswift
0aacfa43c1
Remove accidental stray semicolon
7 years ago
Matt Corallo
df5bae2e7b
Update trusted-sha512-root-commit for new bad tree hash
8 years ago
Matt Corallo
efc06c2c46
If GNU sha512sum is missing, try perl shasum in verify-commits
8 years ago
Matt Corallo
fd5e905e21
Make verify-commits.sh non-recursive
8 years ago
Matt Corallo
b3ec305f8e
Fix bashisms in verify-commits and always check top commit's tree
8 years ago
Matt Corallo
f20e664f40
Check gpg version before setting --weak-digest
8 years ago
Matt Corallo
bbd757940b
Fix regsig checking for subkey sigs in verify-commits
8 years ago
Matt Corallo
d025bc7964
Allow any subkey in verify-commits
8 years ago
Peter Todd
eddc77a1b1
Add comment re: why SHA1 is disabled
8 years ago
Matt Corallo
d9c450ffb2
Verify Tree-SHA512s in merge commits, enforce sigs are not SHA1
8 years ago
Matt Corallo
a4b02f4275
Add Pieter's old signed commits to revsig-commits
8 years ago
Matt Corallo
3e900acafa
Require merge commits merge branches on top of other merge commits
...
Specifically, require that the left branch (first restult of git
show -s --format=format:%P) is a signed merge commit, instead of
allowing either. This is fine for now, but might need to be relaxed
in the future.
Also fixes an out-of-file-descriptors issue by holding too many
open FDs writing to /dev/null
8 years ago
isle2983
0766d1cac3
[copyright] add MIT license headers to .sh scripts where missing
...
Years are set according to 'git log' history
8 years ago
Peter Todd
1e9aab0dbf
Remove sipa's old revoked key from verify-commits
...
Now that the trusted root is past all commits signed by that key we don't need
it in the trusted-keys list, nor do we need to whitelist those commits in
allow-revsig-commits
9 years ago
Peter Todd
966151e71d
Add README for verify-commits
9 years ago
Peter Todd
11164ec0b4
Remove keys that are no longer used for merging
...
Also updated trusted git root to be right after gmaxwell's last merge.
9 years ago
Peter Todd
22421faa19
Remove pointless warning
...
Any attacker who managed to make an evil commit that changed something in the
contrib/verify-commits/ directory could just as easily remove the warning
and/or modify it to not display the evil commits; telling the user to check
those commits specifically misleads them into checking just those commits
rather than the script itself.
9 years ago
Matt Corallo
9523e8adaf
Make verify-commits path-independent
9 years ago
Matt Corallo
f7d4a25fe6
Make verify-commits POSIX-compliant
9 years ago
MarcoFalke
fa24329334
[contrib] verify-commits: Add MarcoFalke fingerprint
9 years ago
Jonas Schnelli
a5bc8de1ba
add jonasschnellis key to git-verify-commits trusted-keys
9 years ago
Matt Corallo
9ea7762e2c
Use Pieter's signing subkey instead of his primary key
...
This commit is signed.
9 years ago
Matt Corallo
6e800c2b41
Add Pieter's new PGP key to verify-commits/trusted-keys
9 years ago
Matt Corallo
1d94b72019
Whitelist commits signed with Pieter's now-revoked key
9 years ago
Matt Corallo
27252b7389
Fix pre-push-hook regexes
9 years ago
Matt Corallo
0186228d61
Update trusted-git-root to the most recent unsigned commit
9 years ago
Matt Corallo
adaa568722
Add script to verify all merge commits are signed
10 years ago