Commit Graph

15 Commits

Author SHA1 Message Date
Ronnie Sahlberg
1b70fe5d30 receive-pack.c: negotiate atomic push support
This adds the atomic protocol option to allow
receive-pack to inform the client that it has
atomic push capability.

This commit makes the functionality introduced
in the previous commits go live for the serving
side. The changes in documentation reflect the
protocol capabilities of the server.

Signed-off-by: Stefan Beller <sbeller@google.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-01-07 19:56:43 -08:00
Thomas Ackermann
f745acb028 Documentation: typofixes
In addition to fixing trivial and obvious typos, be careful about
the following points:

 - Spell ASCII, URL and CRC in ALL CAPS;
 - Spell Linux as Capitalized;
 - Do not omit periods in "i.e." and "e.g.".

Signed-off-by: Thomas Ackermann <th.acker@arcor.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-11-04 13:14:44 -08:00
Junio C Hamano
b89363e4a5 signed push: fortify against replay attacks
In order to prevent a valid push certificate for pushing into an
repository from getting replayed in a different push operation, send
a nonce string from the receive-pack process and have the signer
include it in the push certificate.  The receiving end uses an HMAC
hash of the path to the repository it serves and the current time
stamp, hashed with a secret seed (the secret seed does not have to
be per-repository but can be defined in /etc/gitconfig) to generate
the nonce, in order to ensure that a random third party cannot forge
a nonce that looks like it originated from it.

The original nonce is exported as GIT_PUSH_CERT_NONCE for the hooks
to examine and match against the value on the "nonce" header in the
certificate to notice a replay, but returned "nonce" header in the
push certificate is examined by receive-pack and the result is
exported as GIT_PUSH_CERT_NONCE_STATUS, whose value would be "OK"
if the nonce recorded in the certificate matches what we expect, so
that the hooks can more easily check.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-09-17 14:27:40 -07:00
Junio C Hamano
4adf569dea signed push: remove duplicated protocol info
With the interim protocol, we used to send the update commands even
though we already send a signed copy of the same information when
push certificate is in use.  Update the send-pack/receive-pack pair
not to do so.

The notable thing on the receive-pack side is that it makes sure
that there is no command sent over the traditional protocol packet
outside the push certificate.  Otherwise a pusher can claim to be
pushing one set of ref updates in the signed certificate while
issuing commands to update unrelated refs, and such an update will
evade later audits.

Finally, start documenting the protocol.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-09-15 13:23:28 -07:00
Nguyễn Thái Ngọc Duy
c9cd60f6fa protocol-capabilities.txt: document no-done
See 3e63b21 (upload-pack: Implement no-done capability - 2011-03-14)
and 761ecf0 (fetch-pack: Implement no-done capability - 2011-03-14)
for more information.

Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-02-10 10:21:33 -08:00
Nguyễn Thái Ngọc Duy
087e347f26 protocol-capabilities.txt: refer multi_ack_detailed back to pack-protocol.txt
pack-protocol.txt explains in detail how multi_ack_detailed works and
what's the difference between no multi_ack, multi_ack and
multi_ack_detailed. No need to repeat here.

Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-02-10 10:21:33 -08:00
Carlos Martín Nieto
1ba98a79f1 send-pack: don't send a thin pack to a server which doesn't support it
Up to now git has assumed that all servers are able to fix thin
packs. This is however not always the case.

Document the 'no-thin' capability and prevent send-pack from generating
a thin pack if the server advertises it.

Signed-off-by: Carlos Martín Nieto <cmn@elego.de>
Helped-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-11-25 13:16:19 -08:00
Nguyễn Thái Ngọc Duy
4acbe91a82 document 'allow-tip-sha1-in-want' capability
See 390eb36 (upload-pack: optionally allow fetching from the tips of
hidden refs - 2013-01-28) for more information.

Signed-off-by: Nguyễn Thái Ngọc Duy <pclouds@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-07-26 08:33:38 -07:00
Jeff King
69fb96037f document 'quiet' receive-pack capability
This was added in c207e34 (fix push --quiet: add 'quiet'
capability to receive-pack, 2012-01-08) but never
documented.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-07-24 15:57:01 -07:00
Jeff King
af608260f6 document 'agent' protocol capability
This was added in ff5effd (include agent identifier in
capability string, 2012-08-03), but neither the syntax nor
the semantics were ever documented outside of the commit
message.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-07-24 15:57:01 -07:00
Jeff King
9354b9a4f0 docs: note that receive-pack knows side-band-64k capability
The protocol-capabilities documentation notes that any
capabilities not explicitly mentioned for receive-pack work
only for upload-pack.

Receive-pack has advertised and understood side-band-64k
since 38a81b4 (receive-pack: Wrap status reports inside
side-band-64k, 2010-02-05), but we do not mention it
explicitly. Let's do so.

Note that receive-pack does not understand side-band, which
was obsolete by that point.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-07-24 15:57:01 -07:00
Jeff King
9a621ad085 docs: fix 'report-status' protocol capability thinko
The report-status capability is understood by receive-pack,
not upload-pack.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-07-24 15:57:01 -07:00
Fredrik Skolmli
5d1e34158a Documentation: Spelling fix in protocol-capabilities.txt
Signed-off-by: Fredrik Skolmli <fredrik@frsk.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-07-09 17:36:28 -07:00
Ralf Wildenhues
6a5d0b0a90 Fix typos in technical documentation.
Signed-off-by: Ralf Wildenhues <Ralf.Wildenhues@gmx.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-01-31 10:24:53 -08:00
Scott Chacon
b31222cfb7 Update packfile transfer protocol documentation
The current technical documentation for the packfile protocol is both
sparse and incorrect.  This documents the fetch-pack/upload-pack and
send-pack/ receive-pack protocols much more fully.

Add documentation from Shawn's upcoming http-protocol docs that is
shared by the packfile protocol. protocol-common.txt describes ABNF
notation amendments, refname rules and the packet line format.

Add documentation on the various capabilities supported by the
upload-pack and receive-pack protocols. protocol-capabilities.txt
describes multi-ack, thin-pack, side-band[-64k], shallow, no-progress,
include-tag, ofs-delta, delete-refs and report-status.

Signed-off-by: Scott Chacon <schacon@gmail.com>
Signed-off-by: Nanako Shiraishi <nanako3@lavabit.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-11-13 12:07:21 -08:00