| commit | efa6f9007cd6754c7a99391b451d1163447d98b9 | |
| author | Junio C Hamano <gitster@pobox.com> | |
| Mon, 18 Aug 2014 21:38:45 +0000 (18 14:38 -0700) | ||
| committer | Junio C Hamano <gitster@pobox.com> | |
| Sat, 23 Aug 2014 01:23:18 +0000 (22 18:23 -0700) | ||
| tree | a39194ffbc6240fbf2fdf1657b94476e817161f7 | treesnapshot (tar.gz zip) |
| parent | 66a7d76b7f1fddaa6bd8dda6d823d817e8bbae03 | commitdiff |
signed push: remove duplicated protocol info
With the interim protocol, we used to send the update commands even
though we already send a signed copy of the same information when
push certificate is in use. Update the send-pack/receive-pack pair
not to do so.
The notable thing on the receive-pack side is that it makes sure
that there is no command sent over the traditional protocol packet
outside the push certificate. Otherwise a pusher can claim to be
pushing one set of ref updates in the signed certificate while
issuing commands to update unrelated refs, and such an update will
evade later audits.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
With the interim protocol, we used to send the update commands even
though we already send a signed copy of the same information when
push certificate is in use. Update the send-pack/receive-pack pair
not to do so.
The notable thing on the receive-pack side is that it makes sure
that there is no command sent over the traditional protocol packet
outside the push certificate. Otherwise a pusher can claim to be
pushing one set of ref updates in the signed certificate while
issuing commands to update unrelated refs, and such an update will
evade later audits.
Signed-off-by: Junio C Hamano <gitster@pobox.com>