hook: refuse to run on cover letter templatesHEADmain

When git-send-email is invoked with --compose, it will create a cover
letter template that is not a valid RFC2822 message by itself (e.g. it
has lines starting with "GIT: " that will be removed before the message
is sent). Refuse to sign such templated messages, because the contents
are going to be modified before the message is sent and the signature is
going to be invalid anyway.

Reported-by: Paul Moore <paul@paul-moore.com>
Link: https://github.com/stacked-git/stgit/issues/414
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>

2 files changed, 7 insertions, 0 deletions

diff --git a/patatt/__init__.py b/patatt/__init__.py
index f5e6a9c..82e264f 100644
--- a/patatt/__init__.py
+++ b/patatt/__init__.py
@@ -1272,6 +1272,7 @@ def cmd_install_hook(cmdargs, config: dict):  # noqa
     with open(hookfile, 'w') as fh:
         fh.write('#!/bin/sh\n')
         fh.write('# installed by patatt install-hook\n')
+        fh.write('grep -q "^GIT: " "${1}" && exit 0\n')
         fh.write('patatt sign --hook "${1}"\n')
         os.chmod(hookfile, 0o755)
     logger.critical('Hook installed as %s', hookfile)
diff --git a/sendemail-validate-hook b/sendemail-validate-hook
index 9096388..efa92fb 100755
--- a/sendemail-validate-hook
+++ b/sendemail-validate-hook
@@ -1,4 +1,10 @@
 #!/usr/bin/env bash
+if grep -q "^GIT: " "${1}"; then
+    # This is a cover letter template that will be modified by git-send-email.
+    # Refuse to sign it, as it's obviously going to be different at send time.
+    exit 0
+fi
+
 if which patatt>/dev/null 2>&1; then
     # We have it in path, so just execute it
     patatt sign --hook "${1}"