From: Fabian Stelzer <fs@gigacodes.de>
To: Junio C Hamano <gitster@pobox.com>, git@vger.kernel.org
Subject: Re: What's cooking in git.git (Sep 2021, #08; Mon, 27)
Date: Wed, 29 Sep 2021 10:12:38 +0200 [thread overview]
Message-ID: <fd244131-84d4-7152-c88c-45f9ada6b609@gigacodes.de> (raw)
In-Reply-To: <xmqq8rzhmsi7.fsf@gitster.g>
On 28.09.21 02:52, Junio C Hamano wrote > * fs/ssh-signing (2021-09-10)
9 commits
> - ssh signing: test that gpg fails for unknown keys
> - ssh signing: tests for logs, tags & push certs
> - ssh signing: duplicate t7510 tests for commits
> - ssh signing: verify signatures using ssh-keygen
> - ssh signing: provide a textual signing_key_id
> - ssh signing: retrieve a default key from ssh-agent
> - ssh signing: add ssh key format and signing code
> - ssh signing: add test prereqs
> - ssh signing: preliminary refactoring and clean-up
>
> Use ssh public crypto for object and push-cert signing.
>
> On hold.
> cf. <pull.1041.v8.git.git.1631304462.gitgitgadget@gmail.com>
> cf. <532d97e7-8c91-df6a-6d90-70668256f513@gigacodes.de>
>
>
Openssh 8.8 has been released a few days ago and includes the needed fix
for the find-principal segfault.
I ran the full git testsuite against it without issues.
Also, we (~30developers) have been running this patch with
openssh-portable (2d678c5e3bdc2f5c99f7af5122e9d054925d560d / post 8.7 -
pre 8.8) in our organization for the last 2 weeks without problems.
The only issues we saw with our users are related to some misleading
openssh error messages.
For example if you configure a public key and the private key is not
available via the ssh-agent the error message is: "invalid format".
Or if the public key contains a typo (forgot a char in copy&pase) it
will error with "no such file or directory".
I will need to dig a bit deeper into openssh to see if we can make these
more specific without breaking any compatibility. Both errors originate
from some lower level lib functions which i don't want to change.
But vverall i think this is ready for some broader usage/testing via next.
I'd suggest to send the additional patches for valid-before/after
functionality in a new patchset for review after.
Best regards,
Fabian
next prev parent reply other threads:[~2021-09-29 8:12 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-28 0:52 What's cooking in git.git (Sep 2021, #08; Mon, 27) Junio C Hamano
2021-09-28 1:57 ` Ævar Arnfjörð Bjarmason
2021-09-28 20:52 ` Junio C Hamano
2021-09-28 6:46 ` Elijah Newren
2021-09-28 7:45 ` Ævar Arnfjörð Bjarmason
2021-09-28 17:25 ` Junio C Hamano
2021-09-28 21:00 ` Neeraj Singh
2021-09-28 23:34 ` Junio C Hamano
2021-09-28 23:53 ` Neeraj Singh
2021-10-07 22:01 ` Junio C Hamano
2021-10-08 6:51 ` Elijah Newren
2021-10-08 22:30 ` Neeraj Singh
2021-10-08 23:01 ` Junio C Hamano
2021-09-28 8:07 ` Ævar Arnfjörð Bjarmason
2021-09-28 17:27 ` Junio C Hamano
2021-09-28 13:31 ` Derrick Stolee
2021-09-28 17:33 ` Junio C Hamano
2021-09-28 20:16 ` Derrick Stolee
2021-09-28 17:16 ` Junio C Hamano
2021-09-29 6:42 ` Elijah Newren
2021-09-28 23:40 ` Jeff King
2021-09-28 23:49 ` Jeff King
2021-09-29 18:43 ` Neeraj Singh
2021-09-30 8:16 ` Jeff King
2021-10-01 7:50 ` Elijah Newren
2021-10-01 17:02 ` Junio C Hamano
2021-10-01 17:39 ` Neeraj Singh
2021-10-01 18:15 ` Elijah Newren
2021-10-01 18:12 ` Elijah Newren
2021-10-01 22:02 ` Junio C Hamano
2021-10-01 23:05 ` Elijah Newren
2021-10-04 13:45 ` Elijah Newren
2021-09-28 8:22 ` da/difftool (was: Re: What's cooking in git.git (Sep 2021, #08; Mon, 27)) Ævar Arnfjörð Bjarmason
2021-09-28 8:23 ` ns/batched-fsync & en/remerge-diff (was " Ævar Arnfjörð Bjarmason
2021-09-28 8:31 ` sg/test-split-index-fix " Ævar Arnfjörð Bjarmason
2021-09-28 8:35 ` hn/reftable (Re: " Ævar Arnfjörð Bjarmason
2021-09-28 12:18 ` Han-Wen Nienhuys
2021-09-30 5:06 ` Carlo Arenas
2021-09-29 8:12 ` Fabian Stelzer [this message]
2021-09-30 21:26 ` What's cooking in git.git (Sep 2021, #08; Mon, 27) Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=fd244131-84d4-7152-c88c-45f9ada6b609@gigacodes.de \
--to=fs@gigacodes.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).