On Fri, Oct 14, 2011 at 03:23:26PM -0400, Jeff King wrote: > Subject: [PATCH] daemon: give friendlier error messages to clients > > When the git-daemon is asked about an inaccessible > repository, it simply hangs up the connection without saying > anything further. This makes it hard to distinguish between > a repository we cannot access (e.g., due to typo), and a > service or network outage. > > Instead, let's print an "ERR" line, which git clients > understand since v1.6.1 (2008-12-24). > > Because there is a risk of leaking information about > non-exported repositories, by default all errors simply say > "access denied". Open sites can pass a flag to turn on more > specific messages. I'm tempted to suggest this on top: -- >8 -- Subject: [PATCH] daemon: turn on informative errors by default These are only a problem if you have a bunch of inaccessible repositories served from the same root as your regular exported repositories, and you are sensitive about people learning about the existence of those repositories. Git is foremost an open system, and our defaults should reflect that. Signed-off-by: Jeff King <peff@xxxxxxxx> --- But since it is a potential security issue, it does seem kind of mean to closed sites to just flip the switch on them. Documentation/git-daemon.txt | 6 +++--- daemon.c | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Documentation/git-daemon.txt b/Documentation/git-daemon.txt index ac57c6d..2b17175 100644 --- a/Documentation/git-daemon.txt +++ b/Documentation/git-daemon.txt @@ -161,12 +161,12 @@ the facility of inet daemon to achieve the same before spawning repository configuration. By default, all the services are overridable. ---informative-errors:: - Return more verbose errors to the client, differentiating +--no-informative-errors:: + By default, we return verbose errors to the client, differentiating conditions like "no such repository" from "repository not exported". This is more convenient for clients, but may leak information about the existence of unexported repositories. - Without this option, all errors report "access denied" to the + With this option, all errors report "access denied" to the client. <directory>:: diff --git a/daemon.c b/daemon.c index e5869ec..ba41a40 100644 --- a/daemon.c +++ b/daemon.c @@ -20,7 +20,7 @@ static int log_syslog; static int verbose; static int reuseaddr; -static int informative_errors; +static int informative_errors = 1; static const char daemon_usage[] = "git daemon [--verbose] [--syslog] [--export-all]\n" -- 1.7.6.4.37.g43b58b -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html