| commit | cbaf82cc6b734244a9190c3341ca5f08f8d5acc4 | |
| author | Jonathan Tan <jonathantanmy@google.com> | |
| Tue, 9 May 2017 19:23:53 +0000 (9 12:23 -0700) | ||
| committer | Junio C Hamano <gitster@pobox.com> | |
| Wed, 10 May 2017 04:18:28 +0000 (10 13:18 +0900) | ||
| tree | b06badfc81d2b16f22715a4f8b33dc40523a6719 | treesnapshot (tar.gz zip) |
| parent | b7b744f297b736c51636407f5883b3777bb36433 | commitdiff |
receive-pack: verify push options in cert
In commit f6a4e61 ("push: accept push options", 2016-07-14), send-pack
was taught to include push options both within the signed cert (if the
push is a signed push) and outside the signed cert; however,
receive-pack ignores push options within the cert, only handling push
options outside the cert.
Teach receive-pack, in the case that push options are provided for a
signed push, to verify that the push options both within the cert and
outside the cert are consistent.
This sets in stone the requirement that send-pack redundantly send its
push options in 2 places, but I think that this is better than the
alternatives. Sending push options only within the cert is
backwards-incompatible with existing Git servers (which read push
options only from outside the cert), and sending push options only
outside the cert means that the push options are not signed for.
Signed-off-by: Jonathan Tan <jonathantanmy@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
In commit f6a4e61 ("push: accept push options", 2016-07-14), send-pack
was taught to include push options both within the signed cert (if the
push is a signed push) and outside the signed cert; however,
receive-pack ignores push options within the cert, only handling push
options outside the cert.
Teach receive-pack, in the case that push options are provided for a
signed push, to verify that the push options both within the cert and
outside the cert are consistent.
This sets in stone the requirement that send-pack redundantly send its
push options in 2 places, but I think that this is better than the
alternatives. Sending push options only within the cert is
backwards-incompatible with existing Git servers (which read push
options only from outside the cert), and sending push options only
outside the cert means that the push options are not signed for.
Signed-off-by: Jonathan Tan <jonathantanmy@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| Documentation/technical/pack-protocol.txt | diffblobblamehistory | |
| builtin/receive-pack.c | diffblobblamehistory | |
| t/t5534-push-signed.sh | diffblobblamehistory |