From: Junio C Hamano <gitster@pobox.com>
To: Josh Steadmon <steadmon@google.com>
Cc: git@vger.kernel.org
Subject: Re: [PATCH v2 07/11] transport: log received server trace2 SID
Date: Wed, 04 Nov 2020 13:14:31 -0800 [thread overview]
Message-ID: <xmqqpn4slt8o.fsf@gitster.c.googlers.com> (raw)
In-Reply-To: <21bdbf23f39c800b1722c54b666df7a91b5879b5.1604355792.git.steadmon@google.com> (Josh Steadmon's message of "Mon, 2 Nov 2020 14:31:05 -0800")
Josh Steadmon <steadmon@google.com> writes:
> When a client receives a trace2-sid capability from a protocol v0, v1,
> or v2 server, log the received session ID via a trace2 data event.
Would this pose a new security threat surface? Just wondering if we
want to ignore the capability if it is not enabled on our end with
the configuration.
Thanks.
> diff --git a/transport.c b/transport.c
> index 47da955e4f..d16be597bd 100644
> --- a/transport.c
> +++ b/transport.c
> @@ -286,6 +286,8 @@ static struct ref *handshake(struct transport *transport, int for_push,
> struct git_transport_data *data = transport->data;
> struct ref *refs = NULL;
> struct packet_reader reader;
> + int sid_len;
> + const char *server_trace2_sid;
>
> connect_setup(transport, for_push);
>
> @@ -297,6 +299,8 @@ static struct ref *handshake(struct transport *transport, int for_push,
> data->version = discover_version(&reader);
> switch (data->version) {
> case protocol_v2:
> + if (server_feature_v2("trace2-sid", &server_trace2_sid))
> + trace2_data_string("trace2", NULL, "server-sid", server_trace2_sid);
> if (must_list_refs)
> get_remote_refs(data->fd[1], &reader, &refs, for_push,
> ref_prefixes,
> @@ -310,6 +314,12 @@ static struct ref *handshake(struct transport *transport, int for_push,
> for_push ? REF_NORMAL : 0,
> &data->extra_have,
> &data->shallow);
> + server_trace2_sid = server_feature_value("trace2-sid", &sid_len);
> + if (server_trace2_sid) {
> + char *server_sid = xstrndup(server_trace2_sid, sid_len);
> + trace2_data_string("trace2", NULL, "server-sid", server_sid);
> + free(server_sid);
> + }
> break;
> case protocol_unknown_version:
> BUG("unknown protocol version");
next prev parent reply other threads:[~2020-11-04 21:14 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-29 21:32 [PATCH 00/10] Advertise trace2 SID in protocol capabilities Josh Steadmon
2020-10-29 21:32 ` [PATCH 01/10] docs: new capability to advertise trace2 SIDs Josh Steadmon
2020-10-29 21:32 ` [PATCH 02/10] docs: new trace2.advertiseSID option Josh Steadmon
2020-10-29 21:32 ` [PATCH 03/10] upload-pack: advertise trace2 SID in v0 capabilities Josh Steadmon
2020-10-29 21:32 ` [PATCH 04/10] receive-pack: " Josh Steadmon
2020-10-29 21:32 ` [PATCH 05/10] serve: advertise trace2 SID in v2 capabilities Josh Steadmon
2020-10-29 21:32 ` [PATCH 06/10] transport: log received server trace2 SID Josh Steadmon
2020-10-29 21:32 ` [PATCH 07/10] fetch-pack: advertise trace2 SID in capabilities Josh Steadmon
2020-10-29 21:32 ` [PATCH 08/10] upload-pack, serve: log received client trace2 SID Josh Steadmon
2020-10-29 21:32 ` [PATCH 09/10] send-pack: advertise trace2 SID in capabilities Josh Steadmon
2020-10-29 21:32 ` [PATCH 10/10] receive-pack: log received client trace2 SID Josh Steadmon
2020-10-30 15:54 ` [PATCH 00/10] Advertise trace2 SID in protocol capabilities Jeff Hostetler
2020-11-02 22:20 ` Josh Steadmon
2020-11-03 21:22 ` Junio C Hamano
2020-11-05 21:01 ` Jeff Hostetler
2020-11-10 21:37 ` Josh Steadmon
2020-10-30 22:31 ` Junio C Hamano
2020-11-02 22:30 ` [PATCH v2 00/11] " Josh Steadmon
2020-11-02 22:30 ` [PATCH v2 01/11] docs: new capability to advertise trace2 SIDs Josh Steadmon
2020-11-03 21:33 ` Junio C Hamano
2020-11-05 21:00 ` Jeff Hostetler
2020-11-12 14:05 ` Ævar Arnfjörð Bjarmason
2020-11-12 17:32 ` Junio C Hamano
2020-11-12 22:10 ` Jeff Hostetler
2020-11-11 22:40 ` Josh Steadmon
2020-11-02 22:31 ` [PATCH v2 02/11] docs: new trace2.advertiseSID option Josh Steadmon
2020-11-03 21:42 ` Junio C Hamano
2020-11-05 19:28 ` Josh Steadmon
2020-11-05 21:24 ` Junio C Hamano
2020-11-06 11:57 ` Johannes Schindelin
2020-11-02 22:31 ` [PATCH v2 03/11] trace2: add a public function for getting the SID Josh Steadmon
2020-11-02 22:31 ` [PATCH v2 04/11] upload-pack: advertise trace2 SID in v0 capabilities Josh Steadmon
2020-11-03 21:48 ` Junio C Hamano
2020-11-05 18:44 ` Josh Steadmon
2020-11-02 22:31 ` [PATCH v2 05/11] receive-pack: " Josh Steadmon
2020-11-02 22:31 ` [PATCH v2 06/11] serve: advertise trace2 SID in v2 capabilities Josh Steadmon
2020-11-04 21:11 ` Junio C Hamano
2020-11-02 22:31 ` [PATCH v2 07/11] transport: log received server trace2 SID Josh Steadmon
2020-11-04 21:14 ` Junio C Hamano [this message]
2020-11-11 22:53 ` Josh Steadmon
2020-11-12 21:30 ` Jeff Hostetler
2020-11-02 22:31 ` [PATCH v2 08/11] fetch-pack: advertise trace2 SID in capabilities Josh Steadmon
2020-11-04 21:22 ` Junio C Hamano
2020-11-05 18:58 ` Josh Steadmon
2020-11-05 19:21 ` Junio C Hamano
2020-11-11 23:32 ` Josh Steadmon
2020-11-02 22:31 ` [PATCH v2 09/11] upload-pack, serve: log received client trace2 SID Josh Steadmon
2020-11-04 21:26 ` Junio C Hamano
2020-11-05 19:12 ` Josh Steadmon
2020-11-02 22:31 ` [PATCH v2 10/11] send-pack: advertise trace2 SID in capabilities Josh Steadmon
2020-11-02 22:31 ` [PATCH v2 11/11] receive-pack: log received client trace2 SID Josh Steadmon
2020-11-03 1:02 ` [PATCH v2 00/11] Advertise trace2 SID in protocol capabilities Junio C Hamano
2020-11-11 23:29 ` [PATCH v3 00/11] Advertise session ID " Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 01/11] docs: new capability to advertise session IDs Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 02/11] docs: new transfer.advertiseSID option Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 03/11] trace2: add a public function for getting the SID Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 04/11] upload-pack: advertise session ID in v0 capabilities Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 05/11] receive-pack: " Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 06/11] serve: advertise session ID in v2 capabilities Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 07/11] transport: log received server session ID Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 08/11] fetch-pack: advertise session ID in capabilities Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 09/11] upload-pack, serve: log received client session ID Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 10/11] send-pack: advertise session ID in capabilities Josh Steadmon
2020-11-11 23:29 ` [PATCH v3 11/11] receive-pack: log received client session ID Josh Steadmon
2020-11-25 22:08 ` [PATCH v3 00/11] Advertise session ID in protocol capabilities Junio C Hamano
2020-11-25 22:56 ` Josh Steadmon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqpn4slt8o.fsf@gitster.c.googlers.com \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=steadmon@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).