Andreas Ericsson venit, vidit, dixit 15.04.2009 14:16:
> When pulling from a remote, the full URL including username
> is by default added to the commit message. Since it adds
> very little value but could be used by malicious people to
> glean valid usernames (with matching hostnames), we're far
> better off just stripping the username before storing the
> remote URL locally.
Uhm, this is for non-fast-forwards when pull uses "merge" and creates a
merge commit, right?
Fetch does not create commit messages, and pull does not either if it
rebases. So maybe the commit message could make it clearer for lesser
git-educated people such as myself ;)
Michael
> Signed-off-by: Andreas Ericsson <ae@xxxxxx>
> ---
> builtin-fetch.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++--
> 1 files changed, 46 insertions(+), 2 deletions(-)
>
> diff --git a/builtin-fetch.c b/builtin-fetch.c
> index 3c998ea..47fba00 100644
> --- a/builtin-fetch.c
> +++ b/builtin-fetch.c
> @@ -289,7 +289,48 @@ static int update_local_ref(struct ref *ref,
> }
> }
>
> -static int store_updated_refs(const char *url, const char *remote_name,
> +/*
> + * strip username information from the url
> + * This will allocate a new string, or return its argument
> + * if no stripping is necessary.
> + *
> + * The url's we want to catch are the following:
> + * ssh://[user@]host.xz[:port]/path/to/repo.git/
> + * [user@]host.xz:/path/to/repo.git/
> + * http[s]://[user[:password]@]host.xz/path/to/repo.git
> + *
> + * Although git doesn't currently support giving the password
> + * to http url's on the command-line, it's easier to catch
> + * that case too than it is to cater for it specially.
> + */
> +static char *anonymize_url(const char *url)
> +{
> + char *anon_url;
> + const char *at_sign = strchr(url, '@');
> + size_t prefix_len = 0;
> +
> + if (!at_sign)
> + return strdup(url);
> +
> + if (!prefixcmp(url, "ssh://"))
> + prefix_len = strlen("ssh://");
> + else if (!prefixcmp(url, "http://";))
> + prefix_len = strlen("http://";);
> + else if (!prefixcmp(url, "https://";))
> + prefix_len = strlen("https://";);
> + else if (!strchr(at_sign + 1, ':'))
> + return strdup(url);
> +
> + anon_url = xcalloc(1, 1 + prefix_len +
> + ((unsigned long)at_sign - (unsigned long)url));
> + if (prefix_len)
> + memcpy(anon_url, url, prefix_len);
> + memcpy(anon_url + prefix_len, at_sign + 1, strlen(at_sign + 1));
> +
> + return anon_url;
> +}
> +
> +static int store_updated_refs(const char *raw_url, const char *remote_name,
> struct ref *ref_map)
> {
> FILE *fp;
> @@ -298,11 +339,13 @@ static int store_updated_refs(const char *url, const char *remote_name,
> char note[1024];
> const char *what, *kind;
> struct ref *rm;
> - char *filename = git_path("FETCH_HEAD");
> + char *url, *filename = git_path("FETCH_HEAD");
>
> fp = fopen(filename, "a");
> if (!fp)
> return error("cannot open %s: %s\n", filename, strerror(errno));
> +
> + url = anonymize_url(raw_url);
> for (rm = ref_map; rm; rm = rm->next) {
> struct ref *ref = NULL;
>
> @@ -376,6 +419,7 @@ static int store_updated_refs(const char *url, const char *remote_name,
> fprintf(stderr, " %s\n", note);
> }
> }
> + free(url);
> fclose(fp);
> if (rc & 2)
> error("some local refs could not be updated; try running\n"
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html