From: Stefan Beller <sbeller@google.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: Stefan Beller <stefanbeller@gmail.com>,
"git@vger.kernel.org" <git@vger.kernel.org>
Subject: Re: [PATCH] receive-pack.c: don't miss exporting unsolicited push certificates
Date: Tue, 13 Jan 2015 16:11:34 -0800 [thread overview]
Message-ID: <CAGZ79kad=c1wXW163doxWBRdSvQ7Y9EkkD+ZXtOfawjtxEyeQw@mail.gmail.com> (raw)
In-Reply-To: <xmqqiogb95t4.fsf@gitster.dls.corp.google.com>
On Mon, Jan 12, 2015 at 11:07 AM, Junio C Hamano <gitster@pobox.com> wrote:
>>
>> yes that's what I was trying to hint at. The hook would just see
>> it is unsolicited instead of not having the state available.
>
> OK. That makes sort of sense. So if we:
>
> 1) did not apply either patch (i.e. we accept unsolicited
> certificate, and the fact that we did not exchange "give me this
> nonce" "here is your nonce" is conveyed to the hooks by the lack
> of GIT_PUSH_CERT_NONCE environment and possible presense of
> unsolicited nonce in the GIT_PUSH_CERT blob); and then
>
> 2) applied this patch first (i.e. we still allow unsolicited
> certificate, and the same fact is now conveyed to the hooks also
> by GIT_PUSH_CERT_NONCE_STATUS=UNSOLICITED if they sent a nonce,
> or GIT_PUSH_CERT_NONCE_STATUS=MISSING); and then finally
>
> 3) applied the other patch to reject unsolicited certificate.
>
> then we can stop at any of these three steps and the behaviour of
> three resulting systems make sense and the pre-receive hook can
> reject unsolicited certificates if it wants to, even at step #1.
I do not quite understand the intention of your mail. Are you saying I should
make a patch series to solve the problems as outlined above?
next prev parent reply other threads:[~2015-01-14 0:11 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-09 20:47 [RFC/PATCH] receive-pack.c: only accept push-cert if push_cert_nonce was advertised Stefan Beller
2015-01-09 22:39 ` Junio C Hamano
2015-01-09 23:05 ` Junio C Hamano
2015-01-09 23:15 ` Stefan Beller
2015-01-09 23:57 ` Junio C Hamano
2015-01-10 0:31 ` [PATCH] receive-pack.c: don't miss exporting unsolicited push certificates Stefan Beller
2015-01-10 1:52 ` Junio C Hamano
2015-01-10 3:55 ` Stefan Beller
2015-01-12 19:07 ` Junio C Hamano
2015-01-14 0:11 ` Stefan Beller [this message]
2015-01-14 18:08 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAGZ79kad=c1wXW163doxWBRdSvQ7Y9EkkD+ZXtOfawjtxEyeQw@mail.gmail.com' \
--to=sbeller@google.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=stefanbeller@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).