On Fri, May 18, 2007 at 11:27:22AM -0700, Linus Torvalds wrote: > Well, we could try to support the git protocol over port 80.. > > IOW, it's probably easier to try to get people to use > > git clone git://some.host:80/project > > and just run git-daemon on port 80, than it is to try to set of magic cgi > scripts etc. Can we tech the git-daemon to parse the HTTP headers (specifically, the URL) and return the appropriate HTTP response? > And yes, I do realize that in theory you can have http-aware firewalls > that expect to see the normal http sequences in the first few packets in > order to pass things through, but I seriously doubt it's very common. It's not about packet scanning, it's about GET vs CONNECT. If the proxy allows GET but not CONNECT, it's going to forward the HTTP protocol to the server, and git-daemon is going to see "GET /project HTTP/1.1" as its first input. Now, perhaps we can cook that up behind some apache so that apache handles vhosting the URL, then calls git-daemon which can take the stdin. So we'd be doing POST, not GET. On the other hand, if the proxy allows CONNECT, there is no scanning for HTTP sequences done by the proxy. It just allows all raw data (as it figures you're doing SSL). A normal company needs to have their firewall allow CONNECT to 9418. Then git proxying over HTTP is possible to a standard git-daemon. Joel -- "The first requisite of a good citizen in this republic of ours is that he shall be able and willing to pull his weight." - Theodore Roosevelt Joel Becker Principal Software Developer Oracle E-mail: joel.becker@xxxxxxxxxx Phone: (650) 506-8127 - To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
