mktag: call "check_sha1_signature" with the replacement sha1

Otherwise we get a "sha1 mismatch" error for replaced objects.

Note that I am not sure at all that this is a good change.
It may be that we should just refuse to tag a replaced object. But
in this case we should probably give a meaningfull error message
instead of "sha1 mismatch".

Signed-off-by: Christian Couder <chriscool@tuxfamily.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

mktag.c

@@ -19,16 +19,17 @@
 /*
  * We refuse to tag something we can't verify. Just because.
  */
-static int verify_object(unsigned char *sha1, const char *expected_type)
+static int verify_object(const unsigned char *sha1, const char *expected_type)
 {
 	int ret = -1;
 	enum object_type type;
 	unsigned long size;
-	void *buffer = read_sha1_file(sha1, &type, &size);
+	const unsigned char *repl;
+	void *buffer = read_sha1_file_repl(sha1, &type, &size, &repl);
 
 	if (buffer) {
 		if (type == type_from_string(expected_type))
-			ret = check_sha1_signature(sha1, buffer, size, expected_type);
+			ret = check_sha1_signature(repl, buffer, size, expected_type);
 		free(buffer);
 	}
 	return ret;

t/t6050-replace.sh

@@ -70,6 +70,18 @@ test_expect_success 'replace the author' '
      git show $HASH2 | grep "O Thor"
 '
 
+cat >tag.sig <<EOF
+object $HASH2
+type commit
+tag mytag
+tagger T A Gger <> 0 +0000
+
+EOF
+
+test_expect_success 'tag replaced commit' '
+     git mktag <tag.sig >.git/refs/tags/mytag 2>message
+'
+
 #
 #
 test_done