From: Duy Nguyen <pclouds@gmail.com>
To: Shawn Pearce <spearce@spearce.org>
Cc: "Jeff King" <peff@peff.net>, "Junio C Hamano" <gitster@pobox.com>,
"Ævar Arnfjörð" <avarab@gmail.com>,
"Michael Haggerty" <mhagger@alum.mit.edu>,
"Jonathan Nieder" <jrnieder@gmail.com>,
"Git Mailing List" <git@vger.kernel.org>
Subject: Re: [PATCH v3 0/8] Hiding refs
Date: Sat, 15 Mar 2014 06:30:47 +0700 [thread overview]
Message-ID: <CACsJy8DtuCCYmmsEFB_m-YPHOOQ4FuchvnYQeuv75-vcSMej_w@mail.gmail.com> (raw)
In-Reply-To: <CAJo=hJvy6KKMNT9iyZAnKy18Pa+rQkKPQtfqT1e+ddXoVwX0yg@mail.gmail.com>
On Fri, Mar 14, 2014 at 11:45 PM, Shawn Pearce <spearce@spearce.org> wrote:
> On Fri, Mar 14, 2014 at 5:37 AM, Duy Nguyen <pclouds@gmail.com> wrote:
>> On Wed, Mar 12, 2014 at 3:36 AM, Jeff King <peff@peff.net> wrote:
>>> If the client is limited to setting a few flags, then something like
>>> http can get away with:
>>>
>>> GET foo.git/info/refs?service=git-upload-pack&advertise-symrefs&refspec=refs/heads/*
>>>
>>> And it does not need to worry about upload-pack2 at all. Either the
>>> server recognizes and acts on them, or it ignores them.
>>>
>>> But given that we do not have such a magic out-of-band method for
>>> passing values over ssh and git, maybe it is not worth worrying about.
>>
>> git could go the same if we lift the restriction in 73bb33a (daemon:
>> Strictly parse the "extra arg" part of the command - 2009-06-04). It's
>> been five years. Old daemons hopefully have all died out by now. For
>> ssh, I suppose upload-pack and receive-pack can take an extra argument
>> like "advertise-symrefs&refspec=refs/heads/*" (daemon would use it too
>> to pass the advertiment to upload-pack and receive-pack).
>
> Heh. IIRC you are talking about the DoS attack for git-daemon where
> you send an extra header and the process infinite loops forever? We
> really don't want a modern client attempting to upgrade the protocol
> with an ancient daemon to DoS attack that server.
Shouldn't vulnerable daemons be upgraded anyway? If they keep using
the vulnerable version for all these 5 years, I feel no sorry for new
clients DoSing them. Jeff's idea about "remote.*.useUploadPack2" still
applies here so after we attack the server once, it'll be black listed
for a while (or forever).
>> That would make all three not need to change the underlying protocol
>> for capability advertisement. Old git-daemon, upload-pack and
>> receive-pack will fail hard on the new advertisement though, unlike
>> http. But that's no worse than upload-pack2.
>
> You missed the SSH case. It doesn't have this slot to hide the data into.
Right now we run this for ssh case: "ssh <host> git-upload-pack
<repo-path>". New client can do this instead
ssh <host> git-upload-pack <repo-path> <client capability flags>
--
Duy
next prev parent reply other threads:[~2014-03-14 23:31 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-30 18:45 [PATCH v3 0/8] Hiding refs Junio C Hamano
2013-01-30 18:45 ` [PATCH v3 1/8] upload-pack: share more code Junio C Hamano
2013-01-30 18:45 ` [PATCH v3 2/8] upload-pack: simplify request validation Junio C Hamano
2013-01-30 18:45 ` [PATCH v3 3/8] upload/receive-pack: allow hiding ref hierarchies Junio C Hamano
2013-02-05 8:50 ` Jeff King
2013-02-05 15:45 ` Junio C Hamano
2013-02-06 11:31 ` Jeff King
2013-02-06 15:57 ` Junio C Hamano
2013-01-30 18:45 ` [PATCH v3 4/8] parse_fetch_refspec(): clarify the codeflow a bit Junio C Hamano
2013-01-30 18:45 ` [PATCH v3 5/8] fetch: use struct ref to represent refs to be fetched Junio C Hamano
2013-01-30 18:45 ` [PATCH v3 6/8] upload-pack: optionally allow fetching from the tips of hidden refs Junio C Hamano
2013-01-30 18:45 ` [PATCH v3 7/8] fetch: fetch objects by their exact SHA-1 object names Junio C Hamano
2013-02-05 9:19 ` Jeff King
2013-02-05 11:18 ` Jeff King
2013-02-05 15:55 ` Junio C Hamano
2013-01-30 18:45 ` [PATCH v3 8/8] WIP: receive.allowupdatestohidden Junio C Hamano
2013-02-05 8:04 ` [PATCH v3 0/8] Hiding refs Michael Haggerty
2013-02-05 8:33 ` Jonathan Nieder
2013-02-05 10:29 ` Michael Haggerty
2013-02-05 17:38 ` Junio C Hamano
2013-02-06 10:34 ` Duy Nguyen
2013-02-06 19:17 ` Junio C Hamano
2013-02-06 19:45 ` Jonathan Nieder
2013-02-06 21:50 ` Michael Haggerty
2013-02-06 22:12 ` Junio C Hamano
2013-02-06 22:26 ` Ævar Arnfjörð Bjarmason
2013-02-07 0:12 ` Junio C Hamano
2013-02-07 0:16 ` Jeff King
2013-02-07 10:30 ` Ævar Arnfjörð Bjarmason
2013-02-07 18:25 ` Junio C Hamano
2014-02-23 2:44 ` Duy Nguyen
2014-03-11 1:49 ` Jeff King
2014-03-11 19:32 ` Junio C Hamano
2014-03-11 20:05 ` Jeff King
2014-03-11 20:25 ` Junio C Hamano
2014-03-11 20:36 ` Jeff King
2014-03-14 12:37 ` Duy Nguyen
2014-03-14 16:45 ` Shawn Pearce
2014-03-14 23:30 ` Duy Nguyen [this message]
2014-03-15 0:09 ` Shawn Pearce
2014-03-18 4:17 ` Jeff King
2014-03-18 14:27 ` Duy Nguyen
2014-03-18 14:36 ` Duy Nguyen
2014-03-15 1:23 ` Duy Nguyen
2014-03-18 4:18 ` Jeff King
2013-02-06 22:56 ` Jeff King
2013-02-05 17:36 ` Junio C Hamano
2013-02-05 17:27 ` Junio C Hamano
2013-02-06 10:17 ` Michael Haggerty
2013-02-06 19:55 ` Jonathan Nieder
2013-02-06 22:01 ` Michael Haggerty
2013-02-07 15:58 ` Jed Brown
2013-02-09 23:23 ` Junio C Hamano
2013-02-10 4:45 ` Jed Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CACsJy8DtuCCYmmsEFB_m-YPHOOQ4FuchvnYQeuv75-vcSMej_w@mail.gmail.com \
--to=pclouds@gmail.com \
--cc=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jrnieder@gmail.com \
--cc=mhagger@alum.mit.edu \
--cc=peff@peff.net \
--cc=spearce@spearce.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).