Merge branch 'mg/verify-commit'

Add 'verify-commit' to be used in a way similar to 'verify-tag' is
used.  Further work on verifying the mergetags might be needed.

* mg/verify-commit:
  t7510: test verify-commit
  t7510: exit for loop with test result
  verify-commit: scriptable commit signature verification
  gpg-interface: provide access to the payload
  gpg-interface: provide clear helper for struct signature_check

diff --cc builtin/merge.c
Simple merge

diff --cc commit.c
Simple merge

diff --cc git.c
Simple merge

diff --cc pretty.c
index 8d201f6,f6a0023..14357e2
--- 1/pretty.c
--- 2/pretty.c
+++ b/pretty.c
@@@ -1519,9 -1531,8 +1519,7 @@@ void format_commit_message(const struc
        }
  
        free(context.commit_encoding);
 -      logmsg_free(context.message, commit);
 -      signature_check_clear(&context.signature_check);
 +      unuse_commit_buffer(commit, context.message);
-       free(context.signature_check.gpg_output);
-       free(context.signature_check.signer);
  }
  
  static void pp_header(struct pretty_print_context *pp,

diff --cc t/t7510-signed-commit.sh
index e97477a,dd4b948..474dab3
--- 1/t/t7510-signed-commit.sh
--- 2/t/t7510-signed-commit.sh
+++ b/t/t7510-signed-commit.sh
@@@ -43,44 -43,46 +43,59 @@@ test_expect_success GPG 'create signed 
  
        test_tick && git rebase -f HEAD^^ && git tag sixth-signed HEAD^ &&
        git tag seventh-signed
 +
 +      echo 8 >file && test_tick && git commit -a -m eighth -SB7227189 &&
 +      git tag eighth-signed-alt
  '
  
- test_expect_success GPG 'show signatures' '
+ test_expect_success GPG 'verify and show signatures' '
        (
 -              for commit in initial second merge fourth-signed fifth-signed sixth-signed master
 +              for commit in initial second merge fourth-signed fifth-signed sixth-signed seventh-signed
                do
+                       git verify-commit $commit &&
                        git show --pretty=short --show-signature $commit >actual &&
                        grep "Good signature from" actual &&
 -                      ! grep "BAD signature from" actual || exit 1
 -                      echo $commit OK
 +                      ! grep "BAD signature from" actual &&
 +                      echo $commit OK || exit 1
                done
        ) &&
        (
                for commit in merge^2 fourth-unsigned sixth-unsigned seventh-unsigned
                do
+                       test_must_fail git verify-commit $commit &&
                        git show --pretty=short --show-signature $commit >actual &&
                        ! grep "Good signature from" actual &&
 -                      ! grep "BAD signature from" actual || exit 1
 -                      echo $commit OK
 +                      ! grep "BAD signature from" actual &&
 +                      echo $commit OK || exit 1
 +              done
 +      ) &&
 +      (
 +              for commit in eighth-signed-alt
 +              do
 +                      git show --pretty=short --show-signature $commit >actual &&
 +                      grep "Good signature from" actual &&
 +                      ! grep "BAD signature from" actual &&
 +                      grep "not certified" actual &&
 +                      echo $commit OK || exit 1
                done
        )
  '
  
+ test_expect_success GPG 'show signed commit with signature' '
+       git show -s initial >commit &&
+       git show -s --show-signature initial >show &&
+       git verify-commit -v initial >verify.1 2>verify.2 &&
+       git cat-file commit initial >cat &&
+       grep -v "gpg: " show >show.commit &&
+       grep "gpg: " show >show.gpg &&
+       grep -v "^ " cat | grep -v "^gpgsig " >cat.commit &&
+       test_cmp show.commit commit &&
+       test_cmp show.gpg verify.2 &&
+       test_cmp cat.commit verify.1
+ '
+ 
  test_expect_success GPG 'detect fudged signature' '
 -      git cat-file commit master >raw &&
 +      git cat-file commit seventh-signed >raw &&
  
        sed -e "s/seventh/7th forged/" raw >forged1 &&
        git hash-object -w -t commit forged1 >forged1.commit &&