From: Mark Lodato <lodatom@gmail.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: git@vger.kernel.org, Marcus Camen <mcamen@mcamen.de>
Subject: Re: What's cooking in git.git (Jul 2009, #01; Mon, 06)
Date: Mon, 6 Jul 2009 22:18:03 -0400 [thread overview]
Message-ID: <ca433830907061918s6c674bf6w2f8d166f645d4e33@mail.gmail.com> (raw)
In-Reply-To: <7vk52l4q7k.fsf@alter.siamese.dyndns.org>
On Mon, Jul 6, 2009 at 2:32 PM, Junio C Hamano<gitster@pobox.com> wrote:
> [Stalled and may need help and prodding to go forward]
>
> * ml/http (Wed May 27 23:16:03 2009 -0400) 2 commits
> - http.c: add http.sslCertPasswordProtected option
> - http.c: prompt for SSL client certificate password
>
> I've rewritten these two to (1) move the #ifdef out of the main codepath,
> and (2) use configuration/environment to make the misfeature of always
> asking for a passphrase even a key/cert is unencrypted optional. I tried
> to be careful but extra sets of eyeballs would be nice to check the result.
>
> Nobody seems to be jumping up-and-down asking for this or helping to push
> this forward. Perhaps it's time to drop it?
Sorry for the lack of updates. After hearing feedback, the consensus
seemed to be that detection of the certificate's encryption (above)
and file type (other patch, not in git.git) should be done
automatically, that is, without user configuration. I agree, but
neither can be done without great difficulty outside of libcurl.
Therefore, I have started implement the autodetection of both, as well
as the password caching, directly in libcurl. If my work, once
completed, is accepted by the libcurl folks, then there would be no
need for the above, and we should recommend upgrading libcurl for
those who want to use client-side certificates.
However, in the interim, and for users with earlier libcurl versions
(and especially if my libcurl patch is never accepted), it might be
nice to still have the above commits. They are unobtrusive - the
patches are small, and they do not affect users who do not enable the
option - yet they drastically improve the experience for those using
password-protected client-side certificates.
Anyway, I am still very interested in getting proper client-side
certificate support in git, and I am glad to see Marcus is as well.
Ultimately, I think the libcurl solution is the proper way to go, but
this patch series might still be good to include in git. The downside
is that it adds extra crap to the git-config man page and it does
increase the code size a little.
--
Mark
next prev parent reply other threads:[~2009-07-07 2:18 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-07-06 18:32 What's cooking in git.git (Jul 2009, #01; Mon, 06) Junio C Hamano
2009-07-06 20:29 ` Marcus Camen
2009-07-06 21:38 ` Junio C Hamano
2009-07-06 22:03 ` Marcus Camen
2009-07-06 22:34 ` Junio C Hamano
2009-07-06 23:42 ` Jakub Narebski
2009-07-07 2:18 ` Mark Lodato [this message]
2009-07-07 21:11 ` Jeff King
2009-07-07 6:30 ` Johannes Sixt
2009-07-07 19:17 ` Linus Torvalds
2009-07-07 19:57 ` Alex Riesen
2009-07-07 22:13 ` Linus Torvalds
2009-07-07 20:08 ` Johannes Schindelin
2009-07-07 20:13 ` Shawn O. Pearce
2009-07-07 22:19 ` Junio C Hamano
2009-07-07 22:28 ` Shawn O. Pearce
2009-07-08 13:42 ` notes, was " Johannes Schindelin
2009-07-08 5:39 ` Stephen Boyd
2009-07-08 6:38 ` Johannes Sixt
2009-07-10 5:05 ` Christian Couder
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ca433830907061918s6c674bf6w2f8d166f645d4e33@mail.gmail.com \
--to=lodatom@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=mcamen@mcamen.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).