Re: Question About Git V2 Protocol & SHA256

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Brian,

Thanks for the details!

Now it sounds like although SHA1/SHA256 and v1/v2 are separate features, v2 capability is the only way for the client and server to negotiate the object format so that they won't send out something that is not understandable by the other party.

In that case, I think it's still valid that v2 needs to be supported first so that SHA256 can later be supported with enough flexibility.

Bests,
Zhichen


On 9/29/20, 3:45 PM, "brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> wrote:

    On 2020-09-29 at 22:13:11, Jeff King wrote:
    > On Tue, Sep 29, 2020 at 01:17:59AM +0000, Wu, Zhichen wrote:
    > > 2. I see v2 has a capability called “object-format” that provides SHA1
    > >    option. I’m wondering if that capability will be the only way for
    > >    client and server to start using SHA256? Or put it as another word,
    > >    will v2 protocol be the prerequisite of SHA256?
    > 
    > I think it would be impossible to handle object-format via v1, because
    > the v1 protocol writes the ref advertisement before any capabilities are
    > negotiated. So I think v1 must implicitly remain sha1-only (and a sha256
    > repository on the server side would need to either reject a v1 client,
    > or back-translate as it would for a v2 client which asks for sha1).

    I don't think that's the case.  You can indeed use v1 with SHA-256, but
    if you have a SHA-1-only Git, it will choke because the object ID is
    longer than it expects.  If you want to negotiate the algorithm when we
    support both and the client can't deal with translating the initial ref
    advertisement, then yes, you'll need v2.

    We even support SHA-256 via bundles and the DAV-based HTTP protocol, but
    the latter will never support negotiation of hash algorithms because
    it's based on static files.

    It is required that you understand the object-format capability on the
    client side to support SHA-256, since if you fail to announce it, the
    default is SHA-1, and right now, the server side will produce an error
    if the client doesn't announce it (or sends SHA-1 data).
    -- 
    brian m. carlson: Houston, Texas, US
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux