mailing list mirror (one of many)
 help / color / mirror / code / Atom feed
From: "Wu, Zhichen" <>
To: "brian m. carlson" <>,
	Jeff King <>
Cc: "" <>
Subject: Re: Question About Git V2 Protocol & SHA256
Date: Tue, 29 Sep 2020 23:07:06 +0000	[thread overview]
Message-ID: <> (raw)
In-Reply-To: <>

Hi Brian,

Thanks for the details!

Now it sounds like although SHA1/SHA256 and v1/v2 are separate features, v2 capability is the only way for the client and server to negotiate the object format so that they won't send out something that is not understandable by the other party.

In that case, I think it's still valid that v2 needs to be supported first so that SHA256 can later be supported with enough flexibility.


On 9/29/20, 3:45 PM, "brian m. carlson" <> wrote:

    On 2020-09-29 at 22:13:11, Jeff King wrote:
    > On Tue, Sep 29, 2020 at 01:17:59AM +0000, Wu, Zhichen wrote:
    > > 2. I see v2 has a capability called “object-format” that provides SHA1
    > >    option. I’m wondering if that capability will be the only way for
    > >    client and server to start using SHA256? Or put it as another word,
    > >    will v2 protocol be the prerequisite of SHA256?
    > I think it would be impossible to handle object-format via v1, because
    > the v1 protocol writes the ref advertisement before any capabilities are
    > negotiated. So I think v1 must implicitly remain sha1-only (and a sha256
    > repository on the server side would need to either reject a v1 client,
    > or back-translate as it would for a v2 client which asks for sha1).

    I don't think that's the case.  You can indeed use v1 with SHA-256, but
    if you have a SHA-1-only Git, it will choke because the object ID is
    longer than it expects.  If you want to negotiate the algorithm when we
    support both and the client can't deal with translating the initial ref
    advertisement, then yes, you'll need v2.

    We even support SHA-256 via bundles and the DAV-based HTTP protocol, but
    the latter will never support negotiation of hash algorithms because
    it's based on static files.

    It is required that you understand the object-format capability on the
    client side to support SHA-256, since if you fail to announce it, the
    default is SHA-1, and right now, the server side will produce an error
    if the client doesn't announce it (or sends SHA-1 data).
    brian m. carlson: Houston, Texas, US

  reply	other threads:[~2020-09-29 23:07 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-09-29  1:17 Question About Git V2 Protocol & SHA256 Wu, Zhichen
2020-09-29 22:13 ` Jeff King
2020-09-29 22:41   ` Wu, Zhichen
2020-09-29 22:43   ` brian m. carlson
2020-09-29 23:07     ` Wu, Zhichen [this message]
2020-09-30  0:46     ` Jeff King
2020-09-30  2:19       ` brian m. carlson
2020-09-30 12:20         ` Jeff King
2020-10-01 23:52           ` brian m. carlson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

  List information:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
Code repositories for project(s) associated with this public inbox

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).