- From:
- Josh Rickmar <openbsd+lists@zettaport.com>
- Subject:
- Fix for GitHub's SSH signature verification
- To:
- gameoftrees@openbsd.org
- Date:
- Wed, 24 Aug 2022 08:58:45 -0400
Download raw body.
Thread
Fix for GitHub's SSH signature verification
Download raw body.
Fix for GitHub's SSH signature verification
-----------------------------------------------
commit 2a465cc117c93bb10bcdde96661dfd7cb34577ea (nul)
from: Josh Rickmar <jrick@zettaport.com>
date: Wed Aug 24 12:57:07 2022 UTC
don't create signed tag objects with trailing NUL
Although Git itself did not care, the superfluous NUL at the end of
the tag object was breaking GitHub's SSH signature detection.
diff 374f69ddc0b897e90fa603748cac7859adac2769 2a465cc117c93bb10bcdde96661dfd7cb34577ea
commit - 374f69ddc0b897e90fa603748cac7859adac2769
commit + 2a465cc117c93bb10bcdde96661dfd7cb34577ea
blob - 05652e3057827e3b2c8cc76f5e95d07a081979a7
blob + a8d1928a0ff8a3d7b37172bb17dafe36f8e6b8e7
--- lib/object_create.c
+++ lib/object_create.c
@@ -748,10 +748,7 @@ got_object_tag_create(struct got_object_id **id,
err = buf_load_fd(&buf, out_fd);
if (err)
goto done;
- sig_len = buf_len(buf) + 1;
- err = buf_putc(buf, '\0');
- if (err)
- goto done;
+ sig_len = buf_len(buf);
if (close(out_fd) == -1) {
err = got_error_from_errno("close");
goto done;
Fix for GitHub's SSH signature verification