savannah-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-users] Re: git "smart http" protocol


From: Sylvain Beucler
Subject: Re: [Savannah-users] Re: git "smart http" protocol
Date: Thu, 16 Sep 2010 22:36:42 +0200
User-agent: Mutt/1.5.20 (2009-06-14)

On Thu, Sep 16, 2010 at 09:49:02PM +0200, Sylvain Beucler wrote:
> On Thu, Sep 16, 2010 at 09:00:16PM +0900, Miles Bader wrote:
> > "Andreas K. Foerster" <address@hidden> writes:
> > >> For commit access, I dislike granting Apache write access to all
> > >> repositories, because in that case any flaw in
> > >> Apache/Gitweb/CGit/etc. would allow the attacker to corrupt any
> > >> Savannah repositories.
> > >
> > > More importantly, the article suggests using Basic Authentification.
> > > That sends the password unencrypted over the line, just base64-encoded,
> > > but anybody can decode that. So, it's a very bad idea to use that for
> > > sensible data.
> > 
> > Anyway, even just read-only mode would be a great improvement over the
> > old http protocol.
> 
> I'm not able to install it properly.

Hmmm, actually it works, but it doesn't support a HTTP redirect
(namely git.sv.gnu.org -> git.savannah.gnu.org).

$ git clone http://git.sv.gnu.org/r/freedink.git
Initialized empty Git repository in /tmp/freedink/.git/
error: RPC failed; result=22, HTTP code = 405
^C

$ git clone http://git.savannah.gnu.org/r/freedink.git
Initialized empty Git repository in /tmp/freedink/.git/
remote: Counting objects: 5528, done.
remote: Compressing objects:  11% (174/1578)


Any volunteer to report it?

-- 
Sylvain



reply via email to

[Prev in Thread] Current Thread [Next in Thread]