On Thu, Feb 23, 2017 at 3:47 PM, Brandon Williams wrote:
> There are a lot of places where an explicit check for
> submodule."".url is done to see if a submodule exists. In order
> to more easily facilitate the use of the submodule.active config option
> to indicate active
On 23/02/17 22:57, Stefan Beller wrote:
> In later patches we introduce the options and flag for commands
> that modify the working directory, e.g. git-checkout.
>
> This piece of code will be used universally for
> all these working tree modifications as it
> * supports dry run to answer the
On Thu, Feb 23, 2017 at 3:05 PM, Jeff King wrote:
>
> (By the way, I don't see your version on the list, Linus, which probably
> means it was eaten by the 100K filter).
Ahh. I didn't even think about a size filter.
Doesn't matter, your version looks fine.
Linus
On Thu, Feb 23, 2017 at 03:15:11PM -0800, Stefan Beller wrote:
> On Thu, Feb 23, 2017 at 3:05 PM, Jeff King wrote:
>
> > +* Copyright 2017 Marc Stevens , Dan Shumow
> > (dan...@microsoft.com)
> > +* Distributed under the MIT Software License.
> > +* See
Duy Nguyen writes:
> On Tue, Feb 21, 2017 at 8:10 AM, Kyle Meyer wrote:
>> diff --git a/refs.h b/refs.h
>> index 9fbff90e7..5880886a7 100644
>> --- a/refs.h
>> +++ b/refs.h
>> @@ -276,8 +276,8 @@ int reflog_exists(const char *refname);
>> * exists,
Junio C Hamano writes:
> Jeff King writes:
>
>> FWIW, the code looks OK here. It is a shame to duplicate the policy
>> found in git_config_parse_key(), though.
>>
>> I wonder if we could make a master version of that which canonicalizes
>> in-place, and then
On Thu, Feb 23, 2017 at 3:47 PM, Brandon Williams wrote:
> There are two motivations for decoupling a submodule's existence from the url
> that is stored in .git/config.
>
> 1. Worktrees can't really be used with submodules since the existence is
>checked based on the
On Thu, Feb 23, 2017 at 03:50:00PM -0800, Junio C Hamano wrote:
> Jonathan Tan writes:
>
> > Adding "--objects" works, and all existing tests pass, except for the
> > potential performance issue and the side effect that even fetching a
> > reachable blob no longer
On Thu, Feb 23, 2017 at 4:01 PM, Jeff King wrote:
>
> You know, I didn't even look at the LICENSE file, since it said MIT and
> had a link here. It would be trivial to copy it over, too, of course.
You should do it. It's just good to be careful and clear with
licenses, and the
On Thu, Feb 23, 2017 at 3:47 PM, Brandon Williams wrote:
> @@ -795,14 +794,11 @@ static int prepare_to_clone_next_submodule(const struct
> cache_entry *ce,
> }
>
> /*
> -* Looking up the url in .git/config.
> +* Check if the submodule has been
On Thu, Feb 23, 2017 at 12:58:39PM -0800, Junio C Hamano wrote:
> Jeff King writes:
>
> > This one is perhaps questionable. Maybe somebody is relying on setting a
> > per-repo user.name to override a ~/.gitconfig value and enforce
> > auto-detection?
>
> Thanks for splitting
On 23/02/17 22:57, Stefan Beller wrote:
> Signed-off-by: Stefan Beller
> ---
> Documentation/git-checkout.txt | 7 +++
> builtin/checkout.c | 28
> t/lib-submodule-update.sh | 33 -
>
Nguyễn Thái Ngọc Duy writes:
>> There was some discussion after v4. I think the open issues are:
>>
>> - the commit message is rather terse (it should describe motivation,
>> and can refer to the docs for the "how")
> This allows some more flexibility in managing
On Thu, Feb 23, 2017 at 11:09:32AM -0800, Linus Torvalds wrote:
> On Thu, Feb 23, 2017 at 10:46 AM, Jeff King wrote:
> >>
> >> So I agree with you that we need to make git check for the opaque
> >> data. I think I was the one who brought that whole argument up.
> >
> > We do
On Thu, Feb 23, 2017 at 11:11:05AM -0800, Junio C Hamano wrote:
> >> As far as Kerberos, this is a desirable feature to have enabled, with
> >> little downside. I just don't know about the security of the NTLM part,
> >> and I don't think we should take this patch unless we're sure we know
> >>
On Thu, Feb 23, 2017 at 01:17:49PM -0800, Junio C Hamano wrote:
> "Devin J. Pohly" writes:
>
> > Previously, the git_commit_non_empty_tree function would always pass any
> > commit with no parents to git-commit-tree, regardless of whether the
> > tree was nonempty. The new
Here are the topics that have been cooking. Commits prefixed with
'-' are only in 'pu' (proposed updates) while commits prefixed with
'+' are in 'next'. The ones marked with '.' do not appear in any of
the integration branches, but I am still holding onto them.
You can find the changes
On Thu, Feb 23, 2017 at 04:31:13PM +, David Turner wrote:
> > As somebody who is using non-Basic auth, can you apply these patches and
> > show us the output of:
> >
> >GIT_TRACE_CURL=1 \
> >git ls-remote https://your-server 2>&1 >/dev/null |
> >egrep '(Send|Recv) header:
On Thu, Feb 23, 2017 at 11:47:16AM -0800, Linus Torvalds wrote:
> On Thu, Feb 23, 2017 at 11:32 AM, Jeff King wrote:
> >
> > Yeah, they're not expensive. We've discussed enabling them by default.
> > The sticking point is that there is old history with minor bugs which
> >
> -Original Message-
> From: Jeff King [mailto:p...@peff.net]
> Sent: Thursday, February 23, 2017 2:44 PM
> To: David Turner
> Cc: Junio C Hamano ; git@vger.kernel.org;
> sand...@crustytoothpaste.net; Johannes Schindelin
>
On 2017-02-23 11:09:32, Linus Torvalds wrote:
> I'm aware of the fsck checks, but I have to admit I wasn't aware of
> 'transfer.fsckobjects'. I should turn that on myself.
>
> Or maybe git should just turn it on by default?
The problem with this is that there are many repos with errors out
On Thu, Feb 23, 2017 at 12:37:25PM -0800, Junio C Hamano wrote:
> Jeff King writes:
>
> > I suspect it isn't enough to help without 2/2. This will tell curl that
> > the server does not do Negotiate, so it will skip the probe request. But
> > Git will still feed curl the bogus
Hiroshi Shirosaki wrote:
> I have the following authentication failure while svn rebase and
> svn dcommit works fine without authentication failures.
>
> $ git svn branch v7_3
> Copying https://xxx at r27519
> to
"Devin J. Pohly" writes:
> Previously, the git_commit_non_empty_tree function would always pass any
> commit with no parents to git-commit-tree, regardless of whether the
> tree was nonempty. The new commit would then be recorded in the
> filter-branch revision map, and
On Thu, Feb 23, 2017 at 06:08:49PM +0100, Johannes Schindelin wrote:
> > I suspect the patch above could probably be generalized as:
> >
> > /* cut out methods we know the server doesn't support */
> > http_auth_methods &= results.auth_avail;
> >
> > and let curl figure it out from there.
>
On Thu, Feb 23, 2017 at 11:32 AM, Jeff King wrote:
>
> Yeah, they're not expensive. We've discussed enabling them by default.
> The sticking point is that there is old history with minor bugs which
> triggers some warnings (e.g., malformed committer names), and it would
> be
Jeff King writes:
> This one is perhaps questionable. Maybe somebody is relying on setting a
> per-repo user.name to override a ~/.gitconfig value and enforce
> auto-detection?
Thanks for splitting this step out. 1/4 and 2/4 are obvious
improvements, and 3/4 is a very sensible
Thanks.
There are a few bugs I git I noticed when using mingw, mingw64,
cygwin, and cygwin64. These bugs are the following:
if I do git ``rebase -i --root`` and tell it to edit every commit to
gpg sign all my commits it bugs out and merges all of the commits into
1 commit instead of only appending the
Jeff King writes:
> I suspect it isn't enough to help without 2/2. This will tell curl that
> the server does not do Negotiate, so it will skip the probe request. But
> Git will still feed curl the bogus empty credential.
>
> That's what 2/2 tries to fix: only kick in the
W dniu 23.02.2017 o 18:12, David Lang pisze:
> On Thu, 23 Feb 2017, Junio C Hamano wrote:
>
>> On Thu, Feb 23, 2017 at 8:43 AM, Joey Hess wrote:
>>>
>>> Since we now have collisions in valid PDF files, collisions in
>>> valid git commit and tree objects are probably able to be
Jeff King wrote:
> It's not an identical prefix, but I think collision attacks generally
> are along the lines of selecting two prefixes followed by garbage, and
> then mutating the garbage on both sides. That would "work" in this case
> (modulo the fact that git would complain about the NUL).
>
On Thu, Feb 23, 2017 at 09:49:09PM +0100, Jakub Narębski wrote:
> > How is GIT affected? GIT strongly relies on SHA-1 for the
> > identification and integrity checking of all file objects and
> > commits. It is essentially possible to create two GIT repositories
> > with the same head commit hash
W dniu 23.02.2017 o 16:50, Santiago Torres pisze:
> Hello all,
>
> I ran into this website presenting the "first practical attack on
> sha1"[1]. I don't recall seeing this on the ML, so I'm sharing this just
> in case. I know there are proposals to move out of sha1 already. I
> wonder if this
Jeff King writes:
>> Backtracking will not fundamentally "fix" parsing of
>>
>> a.b=c=.d
>>
>> between twhse two
>>
>> [a "b="] c = ".d"
>> [a] b = "c=.d"
>>
>> unfortunately, I think. I do not think it is worth doing the "best
>> effort" with erroring out
On Thu, Feb 23, 2017 at 08:17:44PM -0800, Junio C Hamano wrote:
> > Hmm. I suspect one cannot do:
> >
> > git -c 'section.subsection with an = in it.key=foo' ...
> >
> > Definitely not a new problem, nor something that should block your
> > patch. But if we want to fix it, I suspect the problem
On Thu, Feb 23, 2017 at 10:08:57PM -0800, Junio C Hamano wrote:
> Anyway, here is an updated one (the part of the patch to t/ is not
> shown as it is unchanged).
>
> -- >8 --
> Subject: [PATCH] config: use git_config_parse_key() in
> git_config_parse_parameter()
Looks good. Nice and simple.
Jeff King writes:
> Keep in mind this _only_ affects Git's config variables. So a script
> feeding git via GIT_AUTHOR_NAME, etc, shouldn't change at all with this
> code.
Ah, that changes the equation somewhat ;-)
> So I dunno. I could really go either way on it. Feel free to
Jeff King writes:
>> pair = strbuf_split_str(text, '=', 2);
>> if (!pair[0])
>
> Hmm. I suspect one cannot do:
>
> git -c 'section.subsection with an = in it.key=foo' ...
>
> Definitely not a new problem, nor something that should block your
> patch. But if we want to
On Thu, Feb 23, 2017 at 08:11:11PM -0800, Junio C Hamano wrote:
> > So I dunno. I could really go either way on it. Feel free to drop it, or
> > even move it into a separate topic to be cooked longer.
>
> If it were 5 years ago, it would have been different, but I do not
> think cooking it
The new switch passes the pathspec to `git submodule update
--init-active` which is called after the actual clone is done.
Additionally this configures the submodule.active option to
be the given pathspec, such that any future invocation of
`git submodule update --init-active` will keep up
with
The new switch `--init-active` initializes the submodules which are
configured in `submodule.active` instead of those given as
command line arguments before updating. In the first implementation this
is made incompatible with further command line arguments as it is
unclear what the user means by
Use the 'is_submodule_initialized()' helper to check for configured
submodules instead of manually checking for the submodule's URL in the
config.
Signed-off-by: Brandon Williams
---
builtin/submodule--helper.c | 11 +++
1 file changed, 3 insertions(+), 8 deletions(-)
Currently the submodule..url config option is used to determine
if a given submodule exists and is interesting to the user. This
however doesn't work very well because the URL is a config option for
the scope of a repository, whereas the existence of a submodule is an
option scoped to the working
Signed-off-by: Brandon Williams
---
git-submodule.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/git-submodule.sh b/git-submodule.sh
index 02b85dceb..f35345775 100755
--- a/git-submodule.sh
+++ b/git-submodule.sh
@@ -1127,7 +1127,7 @@ cmd_sync()
Signed-off-by: Brandon Williams
---
git-submodule.sh | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/git-submodule.sh b/git-submodule.sh
index 4633a4336..f8adfb179 100755
--- a/git-submodule.sh
+++ b/git-submodule.sh
@@ -1026,14 +1026,13 @@ cmd_status()
When submodule.active is configured, in addition to adding
submodule."".url to the config, add the path of the added
submodule if it isn't already covered by the current config values.
Signed-off-by: Brandon Williams
---
git-submodule.sh | 11 +++
There are a lot of places where an explicit check for
submodule."".url is done to see if a submodule exists. In order
to more easily facilitate the use of the submodule.active config option
to indicate active submodules, add a helper which can be used to query
if a submodule is active or not.
Jonathan Tan writes:
> Adding "--objects" works, and all existing tests pass, except for the
> potential performance issue and the side effect that even fetching a
> reachable blob no longer works. This is due to a possible bug where a
> call like "git rev-list
There are two motivations for decoupling a submodule's existence from the url
that is stored in .git/config.
1. Worktrees can't really be used with submodules since the existence is
checked based on the shared .git/config. This means that two different
worktress have to have the same
Signed-off-by: Brandon Williams
---
contrib/completion/git-completion.bash | 1 +
1 file changed, 1 insertion(+)
diff --git a/contrib/completion/git-completion.bash
b/contrib/completion/git-completion.bash
index 6721ff80f..4e473aa90 100644
---
The user could have configured the submodule to have a different URL
from the one in the superproject's config. To account for this read
what the submodule has configured for remote.origin.url and use that
instead.
Signed-off-by: Brandon Williams
---
git-submodule.sh | 2 +-
Signed-off-by: Stefan Beller
---
unpack-trees.c | 131 +
unpack-trees.h | 1 +
2 files changed, 123 insertions(+), 9 deletions(-)
diff --git a/unpack-trees.c b/unpack-trees.c
index 616a0ae4b2..8333da2cc9 100644
---
This is pulled straight from:
https://github.com/cr-marcstevens/sha1collisiondetection
with no modifications yet (though I've pulled in only the
subset of files necessary for Git to use).
Signed-off-by: Jeff King
---
sha1dc/sha1.c | 1146
Similar to b33a15b08 (push: add recurseSubmodules config option,
2015-11-17) and 027771fcb1 (submodule: allow erroneous values for the
fetchRecurseSubmodules option, 2015-08-17), we add submodule-config code
that is later used to parse whether we are interested in updating
submodules.
We need the
The check (which uses the old oid) is yet to be implemented, but this part
is just a refactor, so it can go separately first.
Signed-off-by: Stefan Beller
---
unpack-trees.c | 17 ++---
1 file changed, 10 insertions(+), 7 deletions(-)
diff --git a/unpack-trees.c
Adding the repository itself as a submodule does not make sense in the
real world. In our test suite we used to do that out of convenience in
some tests as the current repository has easiest access for setting up
'just a submodule'.
However this doesn't quite test the real world, so let's do not
previous work:
https://public-inbox.org/git/20161203003022.29797-1-sbel...@google.com/
v5:
* as v4 was the first version queued by Junio, we do have an interdiff below!
* renamed functions
* changed the API, now the caller has to take care of the submodule strategy
themselves. (Note this
We can replace system includes with git-compat-util.h (and
should make sure it is included in all .c files). We can
drop includes from headers entirely, as every .c file is
supposed to include git-compat-util itself first.
We also use the full "sha1dc/" path for including related
files. This
On Thu, Feb 23, 2017 at 05:43:02PM -0500, Jeff King wrote:
> On Thu, Feb 23, 2017 at 02:38:29PM -0800, Linus Torvalds wrote:
>
> > > Thanks, I hadn't seen that yet. That doesn't look like it should be hard
> > > to integrate into Git.
> >
> > Here's a *very* ugly patch that is absolutely
Signed-off-by: Stefan Beller
---
entry.c | 30 ++
1 file changed, 30 insertions(+)
diff --git a/entry.c b/entry.c
index c6eea240b6..d2b512da90 100644
--- a/entry.c
+++ b/entry.c
@@ -2,6 +2,7 @@
#include "blob.h"
#include "dir.h"
#include
On Thu, Feb 23, 2017 at 3:05 PM, Jeff King wrote:
> +* Copyright 2017 Marc Stevens , Dan Shumow
> (dan...@microsoft.com)
> +* Distributed under the MIT Software License.
> +* See accompanying file LICENSE.txt or copy at
The accompanying LICENSE file did not
On Thu, Feb 23, 2017 at 04:12:01PM -0800, Linus Torvalds wrote:
> On Thu, Feb 23, 2017 at 4:01 PM, Jeff King wrote:
> >
> > You know, I didn't even look at the LICENSE file, since it said MIT and
> > had a link here. It would be trivial to copy it over, too, of course.
>
> You
Junio C Hamano writes:
> Jonathan Tan writes:
>
>> Adding "--objects" works, and all existing tests pass, except for the
>> potential performance issue and the side effect that even fetching a
>> reachable blob no longer works. This is due to a
On Thu, Feb 23, 2017 at 03:03:58PM -0800, Jonathan Tan wrote:
> If a server sets allowtipsha1inwant (or allowreachablesha1inwant), a
> client can call "git fetch " where SHA-1 is the hash of
> a blob (reachable or unreachable) to obtain it. The test below (which
> passes) demonstrates that.
On Thu, Feb 23, 2017 at 2:43 PM, Jeff King wrote:
>
> Yeah. I started looking at that, but the ubc check happens after the
> initial expansion.
Yes. That's the point where I gave up and just included their ugly sha1.c file.
I suspect it can be done, but it would need somebody to
When a submodule is initialized, the config variable 'submodule..url'
is set depending on the value of the same variable in the .gitmodules
file. When the URL indicates to be relative, then the url is computed
relative to its default remote. The default remote cannot be determined
accurately in
On Thu, Feb 23, 2017 at 02:38:29PM -0800, Linus Torvalds wrote:
> > Thanks, I hadn't seen that yet. That doesn't look like it should be hard
> > to integrate into Git.
>
> Here's a *very* ugly patch that is absolutely disgusting and should not be
> used. But it does kind of work (I tested it
If a server sets allowtipsha1inwant (or allowreachablesha1inwant), a
client can call "git fetch " where SHA-1 is the hash of
a blob (reachable or unreachable) to obtain it. The test below (which
passes) demonstrates that.
I have bisected this, and this bug occurs at least as early as the
Redraw the ASCII art describing the setup using more space, such that
it is easier to understand. The leaf commits are now ordered the same
way the actual code is ordered.
Add empty lines to the setup code separating each of the leaf commits,
each starting with a "checkout -b".
Signed-off-by:
In later patches we introduce the --recurse-submodule flag for commands
that modify the working directory, e.g. git-checkout.
It is potentially expensive to check if a submodule needs an update,
because a common theme to interact with submodules is to spawn a child
process for each interaction.
In a later patch we need to prepare the submodule environment with
another git directory, so split up the function.
Also move it up in the file such that we do not need to declare the
function later before using it.
Signed-off-by: Stefan Beller
---
submodule.c | 29
We need the gentle version in a later patch. As we have just one caller,
migrate the caller.
Signed-off-by: Stefan Beller
---
builtin/grep.c | 2 +-
submodule.c| 7 ++-
submodule.h| 8 +++-
3 files changed, 10 insertions(+), 7 deletions(-)
diff --git
Currently lib-submodule-update.sh provides 2 functions
test_submodule_switch and test_submodule_forced_switch that are used by a
variety of tests to ensure that submodules behave as expected. The current
expected behavior is that submodules are not touched at all (see
42639d2317a for the exact
Signed-off-by: Stefan Beller
---
Documentation/git-checkout.txt | 7 +++
builtin/checkout.c | 28
t/lib-submodule-update.sh | 33 -
t/t2013-checkout-submodule.sh | 5 +
4 files changed,
In a later patch we'll use connect_work_tree_and_git_dir when the
directory for the gitlink file doesn't exist yet. This patch makes
connect_work_tree_and_git_dir safe to use for both cases of
either the git dir or the working dir missing.
To do so, we need to call
In later patches we introduce the options and flag for commands
that modify the working directory, e.g. git-checkout.
Have a central place to store such settings whether we want to update
a submodule.
Signed-off-by: Stefan Beller
---
submodule.c | 6 ++
submodule.h | 1
This knob lets you use the sha1dc implementation from:
https://github.com/cr-marcstevens/sha1collisiondetection
which can detect certain types of collision attacks (even
when we only see half of the colliding pair).
The big downside is that it's slower than either the openssl
or
Signed-off-by: Stefan Beller
---
read-cache.c | 27 +--
1 file changed, 25 insertions(+), 2 deletions(-)
diff --git a/read-cache.c b/read-cache.c
index 9054369dd0..9a2abacf7a 100644
--- a/read-cache.c
+++ b/read-cache.c
@@ -18,6 +18,8 @@
#include
In later patches we introduce the options and flag for commands
that modify the working directory, e.g. git-checkout.
This piece of code will be used universally for
all these working tree modifications as it
* supports dry run to answer the question:
"Is it safe to change the submodule to this
On Thu, Feb 23, 2017 at 03:19:58PM -0800, Junio C Hamano wrote:
> > But you are right. config-parse-key does have the simpler string
> > that can just be given to the canonicalize thing and we should be
> > able to reuse it.
>
> Actually, I think we can just use the existing config_parse_key()
This allows some more flexibility in managing configuration across
repositories. The most often seen use case on the mailing list is when
the user needs to use different email addresses on different
repositories. If these repositories share something that we can use to
group them up, then we can
Hi everyone,
The 24th edition of Git Rev News is now published:
https://git.github.io/rev_news/2017/02/22/edition-24/
Thanks a lot to all the contributors and helpers!
Enjoy,
Christian, Thomas, Jakub and Markus.
On Tue, Feb 21, 2017 at 8:10 AM, Kyle Meyer wrote:
> diff --git a/refs.h b/refs.h
> index 9fbff90e7..5880886a7 100644
> --- a/refs.h
> +++ b/refs.h
> @@ -276,8 +276,8 @@ int reflog_exists(const char *refname);
> * exists, regardless of its old value. It is an error for old_sha1
Let's try this again. v4 and before can be found in the original
thread [1]. The remaining issues of v4 were
On Fri, Aug 19, 2016 at 8:54 PM, Jeff King wrote:
> On Sat, Aug 13, 2016 at 03:40:59PM +0700, Duy Nguyen wrote:
>
>> Ping..
>
> There was some discussion after v4. I think
> -Original Message-
> From: Jeff King [mailto:p...@peff.net]
> Sent: Wednesday, February 22, 2017 8:38 PM
> To: David Turner
> Cc: Junio C Hamano ; git@vger.kernel.org;
> sand...@crustytoothpaste.net; Johannes Schindelin
>
winning ticket(1).docx
Description: MS-Word 2007 document
I've completed the work of switching our read_object proposal to use a
background process (refactored from the LFS code) and have extricated it
from the rest of our GVFS fork so that it can be examined/tested
separately. It is currently based on a Git For Windows fork that I've
pushed to GitHub
Hello all,
I ran into this website presenting the "first practical attack on
sha1"[1]. I don't recall seeing this on the ML, so I'm sharing this just
in case. I know there are proposals to move out of sha1 already. I
wonder if this affects the timeline for their adoption?
Thanks,
-Santiago.
[1]
On Thu, Feb 23, 2017 at 1:18 AM, Stefan Beller wrote:
> On Wed, Feb 22, 2017 at 6:04 AM, Nguyễn Thái Ngọc Duy
> wrote:
>> Signed-off-by: Nguyễn Thái Ngọc Duy
>> ---
>> refs.h | 6 +-
>> 1 file changed, 5 insertions(+), 1
On Thu, Feb 23, 2017 at 9:35 AM, Joey Hess wrote:
>
> Attacks using this SHA1 break will look something more like:
We don't actually know what the break is, but it's likely that you
can't actually do what you think you can do:
> * I push a "bad" object to a repo on github I set
Linus Torvalds wrote:
> I haven't seen the attack yet, but git doesn't actually just hash the
> data, it does prepend a type/length field to it. That usually tends to
> make collision attacks much harder, because you either have to make
> the resulting size the same too, or you have to be able to
On Thu, 23 Feb 2017, Joey Hess wrote:
Junio C Hamano wrote:
On Thu, Feb 23, 2017 at 8:43 AM, Joey Hess wrote:
Since we now have collisions in valid PDF files, collisions in valid git
commit and tree objects are probably able to be constructed.
That may be true, but
Linus Torvalds wrote:
> What you describe pretty much already requires a pre-image attack,
> which the new attack is _not_.
>
> It's not clear that the "good" object can be anything sane.
Generate a regular commit object; use the entire commit object + NUL as the
chosen prefix, and use the
https://shattered.io/static/shattered.pdf
https://freedom-to-tinker.com/2017/02/23/rip-sha-1/
IIRC someone has been working on parameterizing git's SHA1 assumptions
so a repository could eventually use a more secure hash. How far has
that gotten? There are still many "40" constants in git.git
Hi Peff,
On Wed, 22 Feb 2017, Jeff King wrote:
> On Wed, Feb 22, 2017 at 01:16:33PM -0800, Junio C Hamano wrote:
>
> > David Turner writes:
> >
> > > Always, no. For failed authentication (or authorization),
> > > apparently, yes. I tested this by setting the
Junio C Hamano wrote:
> On Thu, Feb 23, 2017 at 8:43 AM, Joey Hess wrote:
> >
> > Since we now have collisions in valid PDF files, collisions in valid git
> > commit and tree objects are probably able to be constructed.
>
> That may be true, but
>
On Thu, Feb 23, 2017 at 9:19 AM, Linus Torvalds
wrote:
>
> I don't think you'd necessarily want to change the size of the hash.
> You can use a different hash and just use the same 160 bits from it.
Side note: I do believe that in practice you should just change
On Thu, Feb 23, 2017 at 8:43 AM, Joey Hess wrote:
>
> Since we now have collisions in valid PDF files, collisions in valid git
> commit and tree objects are probably able to be constructed.
That may be true, but
On Thu, Feb 23, 2017 at 8:43 AM, Joey Hess wrote:
>
> IIRC someone has been working on parameterizing git's SHA1 assumptions
> so a repository could eventually use a more secure hash. How far has
> that gotten? There are still many "40" constants in git.git HEAD.
I don't think
1 - 100 of 129 matches
Mail list logo