* [PATCH 0/1] Anonymize URLs in error messages and warnings of git-remote-curl @ 2019-03-04 15:33 Johannes Schindelin via GitGitGadget 2019-03-04 15:33 ` [PATCH 1/1] curl: anonymize URLs in error messages and warnings Johannes Schindelin via GitGitGadget 0 siblings, 1 reply; 4+ messages in thread From: Johannes Schindelin via GitGitGadget @ 2019-03-04 15:33 UTC (permalink / raw) To: git; +Cc: Junio C Hamano I have just noticed locally that certain errors (in my case, a stale entry in /etc/hosts) use the un-scrubbed URL in the error message when dying. Let's scrub them. Johannes Schindelin (1): curl: anonymize URLs in error messages and warnings remote-curl.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) base-commit: 8104ec994ea3849a968b4667d072fedd1e688642 Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-156%2Fdscho%2Fmore-stripped-usernames-v1 Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-156/dscho/more-stripped-usernames-v1 Pull-Request: https://github.com/gitgitgadget/git/pull/156 -- gitgitgadget ^ permalink raw reply [flat|nested] 4+ messages in thread
* [PATCH 1/1] curl: anonymize URLs in error messages and warnings 2019-03-04 15:33 [PATCH 0/1] Anonymize URLs in error messages and warnings of git-remote-curl Johannes Schindelin via GitGitGadget @ 2019-03-04 15:33 ` Johannes Schindelin via GitGitGadget 2019-03-05 5:11 ` Jeff King 0 siblings, 1 reply; 4+ messages in thread From: Johannes Schindelin via GitGitGadget @ 2019-03-04 15:33 UTC (permalink / raw) To: git; +Cc: Junio C Hamano, Johannes Schindelin From: Johannes Schindelin <johannes.schindelin@gmx.de> Just like 47abd85ba0 (fetch: Strip usernames from url's before storing them, 2009-04-17) and later 882d49ca5c (push: anonymize URL in status output, 2016-07-13), this change anonymizes URLs (read: strips them of user names and especially passwords) in user-facing error messages and warnings. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> --- remote-curl.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/remote-curl.c b/remote-curl.c index bb7421023b..e32359034d 100644 --- a/remote-curl.c +++ b/remote-curl.c @@ -16,6 +16,7 @@ #include "send-pack.h" #include "protocol.h" #include "quote.h" +#include "transport.h" static struct remote *remote; /* always ends with a trailing slash */ @@ -251,7 +252,7 @@ static struct ref *parse_info_refs(struct discovery *heads) if (data[i] == '\n') { if (mid - start != 40) die("%sinfo/refs not valid: is this a git repository?", - url.buf); + transport_anonymize_url(url.buf)); data[i] = 0; ref_name = mid + 1; ref = alloc_ref(ref_name); @@ -442,17 +443,23 @@ static struct discovery *discover_refs(const char *service, int for_push) break; case HTTP_MISSING_TARGET: show_http_message(&type, &charset, &buffer); - die("repository '%s' not found", url.buf); + die("repository '%s' not found", + transport_anonymize_url(url.buf)); case HTTP_NOAUTH: show_http_message(&type, &charset, &buffer); - die("Authentication failed for '%s'", url.buf); + die("Authentication failed for '%s'", + transport_anonymize_url(url.buf)); default: show_http_message(&type, &charset, &buffer); - die("unable to access '%s': %s", url.buf, curl_errorstr); + die("unable to access '%s': %s", + transport_anonymize_url(url.buf), curl_errorstr); } - if (options.verbosity && !starts_with(refs_url.buf, url.buf)) - warning(_("redirecting to %s"), url.buf); + if (options.verbosity && !starts_with(refs_url.buf, url.buf)) { + char *u = transport_anonymize_url(url.buf); + warning(_("redirecting to %s"), u); + free(u); + } last= xcalloc(1, sizeof(*last_discovery)); last->service = xstrdup(service); -- gitgitgadget ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 1/1] curl: anonymize URLs in error messages and warnings 2019-03-04 15:33 ` [PATCH 1/1] curl: anonymize URLs in error messages and warnings Johannes Schindelin via GitGitGadget @ 2019-03-05 5:11 ` Jeff King 2019-03-05 22:55 ` Johannes Schindelin 0 siblings, 1 reply; 4+ messages in thread From: Jeff King @ 2019-03-05 5:11 UTC (permalink / raw) To: Johannes Schindelin via GitGitGadget Cc: git, Junio C Hamano, Johannes Schindelin On Mon, Mar 04, 2019 at 07:33:46AM -0800, Johannes Schindelin via GitGitGadget wrote: > From: Johannes Schindelin <johannes.schindelin@gmx.de> > > Just like 47abd85ba0 (fetch: Strip usernames from url's before storing > them, 2009-04-17) and later 882d49ca5c (push: anonymize URL in status > output, 2016-07-13), this change anonymizes URLs (read: strips them of > user names and especially passwords) in user-facing error messages and > warnings. Yeah, these all look obviously correct. I suspect most people haven't noticed them because it's pretty easy to use a real password helper these days instead of shoving it into the URL. > @@ -251,7 +252,7 @@ static struct ref *parse_info_refs(struct discovery *heads) > if (data[i] == '\n') { > if (mid - start != 40) > die("%sinfo/refs not valid: is this a git repository?", > - url.buf); > + transport_anonymize_url(url.buf)); Looking at the code, I think we'd keep the trailing slash during the anonymization. Good. > @@ -442,17 +443,23 @@ static struct discovery *discover_refs(const char *service, int for_push) > break; > case HTTP_MISSING_TARGET: > show_http_message(&type, &charset, &buffer); > - die("repository '%s' not found", url.buf); > + die("repository '%s' not found", > + transport_anonymize_url(url.buf)); Sort of orthogonal to your patch, but these could probably stand to be marked for translation (I'm happy for that to come on top later, though). > - if (options.verbosity && !starts_with(refs_url.buf, url.buf)) > - warning(_("redirecting to %s"), url.buf); > + if (options.verbosity && !starts_with(refs_url.buf, url.buf)) { > + char *u = transport_anonymize_url(url.buf); > + warning(_("redirecting to %s"), u); > + free(u); > + } Good attention to detail here. -Peff ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 1/1] curl: anonymize URLs in error messages and warnings 2019-03-05 5:11 ` Jeff King @ 2019-03-05 22:55 ` Johannes Schindelin 0 siblings, 0 replies; 4+ messages in thread From: Johannes Schindelin @ 2019-03-05 22:55 UTC (permalink / raw) To: Jeff King; +Cc: Johannes Schindelin via GitGitGadget, git, Junio C Hamano Hi Peff, On Tue, 5 Mar 2019, Jeff King wrote: > On Mon, Mar 04, 2019 at 07:33:46AM -0800, Johannes Schindelin via GitGitGadget wrote: > > > @@ -442,17 +443,23 @@ static struct discovery *discover_refs(const char *service, int for_push) > > break; > > case HTTP_MISSING_TARGET: > > show_http_message(&type, &charset, &buffer); > > - die("repository '%s' not found", url.buf); > > + die("repository '%s' not found", > > + transport_anonymize_url(url.buf)); > > Sort of orthogonal to your patch, but these could probably stand to be > marked for translation (I'm happy for that to come on top later, > though). Good idea! Ciao, Dscho ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-03-05 22:55 UTC | newest] Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2019-03-04 15:33 [PATCH 0/1] Anonymize URLs in error messages and warnings of git-remote-curl Johannes Schindelin via GitGitGadget 2019-03-04 15:33 ` [PATCH 1/1] curl: anonymize URLs in error messages and warnings Johannes Schindelin via GitGitGadget 2019-03-05 5:11 ` Jeff King 2019-03-05 22:55 ` Johannes Schindelin
Code repositories for project(s) associated with this public inbox https://80x24.org/mirrors/git.git This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).