Re: [GSoC] Google Summer of Code 2009 - new ideas

[Jakub Narebski <jnareb@gmail.com>]

On Sat, 7 Mar 2009, Tay Ray Chuan wrote:
> On 3/7/09, Jakub Narebski <jnareb@gmail.com> wrote:

> > == Single credentials ==
> >
> > Currently if you don't save your username and password in plain-text
> > `.netrc` file (for HTTP transport), or avoid need for interactive
> > credentials using public key / private key pair (for SSH), you need to
> > repeat credentials many times during single git-fetch or git-clone
> > command.  The goal is to reuse existing connections if possible, so the
> > whole transaction occurs using single connection and single
> > credentials; if that is not possible cache credentials (in secure way)
> > so user need to provide username and password at most once.
> >
> > '''Goal:''' git-fetch and git-clone over HTTPS and git://
> >             requiring providing username and password at most once
> > '''Language:''' C (perhaps also shell script)
> 
> Perhaps you might want to look at this:
> 
> http://marc.info/?l=git&m=123599968929476&w=4

Thank you for the link.

> At that time, I was thinking more of removing git's reliance on curl's
> multi interface so that it could use older versions of libcurl. But,
> on this point, Daniel convinced me otherwise. In fact, it doesn't make
> sense if you could have a up-to-date git, but not an up-to-date curl.
> 
> I didn't really get a reply on my point of "minimized credential
> prompting", though, and I think this GSoC proposal kinda gives support
> to it.
> 
> From a learning standpoint, I don't think this project would be too
> challenging, nor can it sustain for a whole summer -- the basic
> strategy to allow non-curl multi usage (ie. single connections) would
> be to "fork" the current http slot methods and make them
> non-curl_multi, then finding and replacing instances of them
> throughout the code base.

I was thinking more about caching credentials by git rather than forcing
to use single connection.  Additionally you are solving the problem for
the HTTP(S) transport; admittedly for SSH there is much better solution
of using public/private keys, instead of asking for password.

I guess you are right and "minimized credential prompting" (aka "single
credentials") is too small a project for Google Summer of Code...
I won't add it to SoC2009Ideas page.
 
> I already have a patch series that does that, plus a --persistent
> option for push. I'm fairly sure that it takes place on a single
> connection (I'm relying on my firewall log though I'm doubting it's
> reliability on this issue).

-- 
Jakub Narebski
Poland