From: Junio C Hamano <gitster@pobox.com>
To: "Torsten Bögershausen" <tboegi@web.de>
Cc: Mike Hommey <mh@glandium.org>, git@vger.kernel.org
Subject: Re: [PATCH 2/6] connect: uniformize and group CONNECT_DIAG_URL handling code
Date: Mon, 02 May 2016 16:14:57 -0700 [thread overview]
Message-ID: <xmqq37q0qcge.fsf@gitster.mtv.corp.google.com> (raw)
In-Reply-To: <xmqqfuu0qfo4.fsf@gitster.mtv.corp.google.com> (Junio C. Hamano's message of "Mon, 02 May 2016 15:05:31 -0700")
Junio C Hamano <gitster@pobox.com> writes:
> Torsten Bögershausen <tboegi@web.de> writes:
>
>> git://host:[port]/path/to/repo
>> Knowing that, the "@" will be feed into the name resolver,
>> and that's OK.
>
> Is it OK? It is plausible that our client side may even want to
> accept git://user:pass@host:port/local/part, and as an anonymous
> service, allow it to go to git://host:port/local/part without
> sending user:pass part over the wire. Or with the same knowledge
> that git:// is an anonymous service, it is also a plausible policy
> to error such a request out. To implement either needs a robust
> parsing of the URL, doesn't it?
To put it differently, there is a vast difference between
(1) knowing that xx@git.kernel.org is asking to access
git.kernel.org as user 'xx' and failing because of a policy
that says "we do not send auth material over the wire when we
know we are doing anonymous access"; and
(2) not caring the distinction between xx@git.kernel.org and
git.kernel.org, and implicitly relying on the DNS to forbid '@'
in the hostname and to return a look-up failure when the whole
string of the former is taken as a hostname in order to fail
that request.
If we want to fail the request, we should be in control of the
policy to fail. Even in an unlikely (and impossible) world where
suddenly resolver starts allowing "xx@git.kernel.org" as a host, we
do not want to be making a connection to a bogus host that is not
what the end user requested, i.e. git.kernel.org.
Otherwise we cannot change the policy to allow it in the future if
it turns out to be necessary.
next prev parent reply other threads:[~2016-05-02 23:15 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-01 6:02 [PATCH v3 0/6] connect: various cleanups Mike Hommey
2016-05-01 6:02 ` [PATCH 1/6] connect: remove get_port() Mike Hommey
2016-05-01 10:10 ` Torsten Bögershausen
2016-05-01 21:43 ` Mike Hommey
2016-05-03 5:03 ` Jeff King
2016-05-03 5:11 ` Mike Hommey
2016-05-01 6:02 ` [PATCH 2/6] connect: uniformize and group CONNECT_DIAG_URL handling code Mike Hommey
2016-05-01 13:37 ` Torsten Bögershausen
2016-05-01 23:20 ` Mike Hommey
2016-05-02 4:56 ` Torsten Bögershausen
2016-05-02 8:31 ` Mike Hommey
2016-05-02 11:29 ` Torsten Bögershausen
2016-05-02 12:38 ` Mike Hommey
2016-05-02 22:05 ` Junio C Hamano
2016-05-02 23:14 ` Junio C Hamano [this message]
2016-05-01 6:02 ` [PATCH 3/6] connect: only match the host with core.gitProxy Mike Hommey
2016-05-01 6:02 ` [PATCH 4/6] connect: pass separate host and port to git_tcp_connect and git_proxy_connect Mike Hommey
2016-05-01 6:02 ` [PATCH 5/6] connect: don't xstrdup target_host Mike Hommey
2016-05-01 6:02 ` [PATCH 6/6] connect: move ssh command line preparation to a separate function Mike Hommey
2016-05-03 8:50 ` [PATCH v4 00/11] connect: various cleanups Mike Hommey
2016-05-03 8:50 ` [PATCH v4 01/11] add fetch-pack --diag-url tests for some corner cases Mike Hommey
2016-05-03 16:07 ` Torsten Bögershausen
2016-05-03 16:07 ` Junio C Hamano
2016-05-03 16:30 ` Torsten Bögershausen
2016-05-03 22:48 ` Mike Hommey
2016-05-05 21:52 ` Mike Hommey
2016-05-06 4:17 ` Torsten Bögershausen
2016-05-06 15:52 ` Junio C Hamano
2016-05-03 8:50 ` [PATCH v4 02/11] connect: call get_host_and_port() earlier Mike Hommey
2016-05-03 8:50 ` [PATCH v4 03/11] connect: only match the host with core.gitProxy Mike Hommey
2016-05-03 8:50 ` [PATCH v4 04/11] connect: fill the host header in the git protocol with the host and port variables Mike Hommey
2016-05-03 8:50 ` [PATCH v4 05/11] connect: make parse_connect_url() return separated host and port Mike Hommey
2016-05-03 8:50 ` [PATCH v4 06/11] connect: group CONNECT_DIAG_URL handling code Mike Hommey
2016-05-03 8:50 ` [PATCH v4 07/11] connect: make parse_connect_url() return the user part of the url as a separate value Mike Hommey
2016-05-03 8:50 ` [PATCH v4 08/11] connect: change the --diag-url output to separate user and host Mike Hommey
2016-05-03 16:20 ` Torsten Bögershausen
2016-05-03 17:23 ` Eric Sunshine
2016-05-03 22:50 ` Mike Hommey
2016-05-03 8:50 ` [PATCH v4 09/11] connect: use "-l user" instead of "user@" on ssh command line Mike Hommey
2016-05-03 16:25 ` Torsten Bögershausen
2016-05-03 17:50 ` Junio C Hamano
2016-05-03 17:33 ` Eric Sunshine
2016-05-03 22:52 ` Mike Hommey
2016-05-03 8:50 ` [PATCH v4 10/11] connect: actively reject git:// urls with a user part Mike Hommey
2016-05-03 8:50 ` [PATCH v4 11/11] connect: move ssh command line preparation to a separate function Mike Hommey
2016-05-03 12:30 ` [PATCH v4.1 " Mike Hommey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq37q0qcge.fsf@gitster.mtv.corp.google.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=mh@glandium.org \
--cc=tboegi@web.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).