| commit | 333b5fc1dbf59968868c108f0ef018f6a052f330 | |
| author | Junio C Hamano <gitster@pobox.com> | |
| Mon, 25 Aug 2014 21:45:33 +0000 (25 14:45 -0700) | ||
| committer | Junio C Hamano <gitster@pobox.com> | |
| Mon, 25 Aug 2014 21:45:34 +0000 (25 14:45 -0700) | ||
| tree | 76c31005f94729262e43f5b823b784bee544a538 | treesnapshot (tar.gz zip) |
| parent | c9d1dfec0605e3e8a094e7c947e10ab2806ca282 | commitdiff |
| parent | a7d8fb9548e56663648430b38be55beb954d2419 | commitdiff |
Merge branch 'jc/push-cert' into pu
Allow "git push" request to be signed, so that it can be verified
audited, using the GPG signature of the person who pushed, that the
tips of branches at a public repository really point the commits
the pusher wanted to, without having to "trust" the server.
Replay attack prevention needs to be tightened and also need to fix
a few minor typos.
* jc/push-cert:
signed-push: add "pushee" header to push certificate
signed push: fortify against replay attacks
signed push: remove duplicated protocol info
send-pack: send feature request on push-cert packet
receive-pack: GPG-validate push certificates
the beginning of the signed push
pack-protocol doc: typofix for PKT-LINE
gpg-interface: move parse_signature() to where it should be
gpg-interface: move parse_gpg_output() to where it should be
send-pack: clarify that cmds_sent is a boolean
send-pack: refactor inspecting and resetting status and sending commands
send-pack: rename "new_refs" to "need_pack_data"
send-pack: factor out capability string generation
send-pack: always send capabilities
send-pack: refactor decision to send update per ref
send-pack: move REF_STATUS_REJECT_NODELETE logic a bit higher
receive-pack: factor out queueing of command
receive-pack: do not reuse old_sha1[] for other things
receive-pack: parse feature request a bit earlier
receive-pack: do not overallocate command structure
# Conflicts:
# builtin/receive-pack.c
Allow "git push" request to be signed, so that it can be verified
audited, using the GPG signature of the person who pushed, that the
tips of branches at a public repository really point the commits
the pusher wanted to, without having to "trust" the server.
Replay attack prevention needs to be tightened and also need to fix
a few minor typos.
* jc/push-cert:
signed-push: add "pushee" header to push certificate
signed push: fortify against replay attacks
signed push: remove duplicated protocol info
send-pack: send feature request on push-cert packet
receive-pack: GPG-validate push certificates
the beginning of the signed push
pack-protocol doc: typofix for PKT-LINE
gpg-interface: move parse_signature() to where it should be
gpg-interface: move parse_gpg_output() to where it should be
send-pack: clarify that cmds_sent is a boolean
send-pack: refactor inspecting and resetting status and sending commands
send-pack: rename "new_refs" to "need_pack_data"
send-pack: factor out capability string generation
send-pack: always send capabilities
send-pack: refactor decision to send update per ref
send-pack: move REF_STATUS_REJECT_NODELETE logic a bit higher
receive-pack: factor out queueing of command
receive-pack: do not reuse old_sha1[] for other things
receive-pack: parse feature request a bit earlier
receive-pack: do not overallocate command structure
# Conflicts:
# builtin/receive-pack.c