Re: [RFC] Adding a challenge-response authentication method to git://

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Shawn O. Pearce wrote:

"Stephen R. van den Berg" <srb@xxxxxxx> wrote:

I'm not trying to solve all management problems, I'm just trying to
offer a simple solution for the small-user-base-central-repository case
without a lot of code-bloat on the git side.
If it doesn't fit ones needs, use ssh or something else; but it does
have its merits for the simple centralised setups.


OK, then my final two cents, and I'll shutup.

- Add to git-daemon a new service command, "git-authenticate-user".
- Clients request "git-authenticate-user 'repository'".
- The auth_user routine:
	enters 'repository' ('ala upload-pack)
	execs "git-authenticate-user ."

- git-authenticate-user:
	send pkt-line challenge
	recv pkt-line username
	recv pkt-line SHA-1(username + password + challenge)
	
	read gitconfig for "auth.passwordfile"
	read passwordfile for entry $username
		("user:pass:upload-pack,receive-pack")
	verify response

	send pkt-line ok/fail
	recv pkt-line "git-$service '.'"
	check $service is allowed
	exec git-$service .



I'd do it like this instead:

daemon: auth_user = dlsym(dlopen("auth-module.so", RTLD_NOW), "authenticat");
client: "git-authenticate action 'repository'"
daemon: send pkt-line challenge
client: send pkt-line username
client: send pkt-line SHA1(username + password + challenge)
daemon: if (auth_user(repository, action, username, password, struct sockaddr_in *inbound))
              allow_connection();

This approach has several nifty benefits:
* The otherwise duplicated code (for different auth schemes) is
 done only once (in the git daemon).
* If the git daemon has no authentication module loaded, we might
 as well not bother sending any challenge and just pretend we do
 not know about the authentication scheme.
* Any kind of authentication scheme can be supported without changing
 the core code. If the authentication module does something wrong,
 one can continue to serve read-only requests by simply unloading
 the module.
* Modules is a great way for newcomers to get started contributing to
 git so it's a nice way of getting more contributors/sub-maintainers.

--
Andreas Ericsson                   andreas.ericsson@xxxxxx
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux