lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 16 Nov 2017 12:36:08 -0800
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     "Tobin C. Harding" <me@...in.cc>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        kernelnewbies@...nelnewbies.org,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "open list:DOCUMENTATION" <linux-doc@...r.kernel.org>
Subject: Re: git pull

On Tue, Nov 14, 2017 at 1:46 PM, Linus Torvalds
<torvalds@...ux-foundation.org> wrote:
> And then people can do this:
>
>   [url "ssh://git@...olite.kernel.org"]
>       insteadOf = https://git.kernel.org
>       insteadOf = http://git.kernel.org
>       insteadOf = git://git.kernel.org
>
> which makes git.kernel.org addresses use ssh, and avoid the whole
> possible DNS spoofing problem.

So credit goes for Konstantin for pointing that out, and I actually
used it this merge window.

A few notes for other people who end up doing this:

 (a) ssh is slower, and the gitolite machine is not as reachable.

 (b) it affects your merge commit message.

As to (a), yes it's noticeable, but the extra couple of seconds isn't
really that big of a deal. Depending on exactly where you are, though,
you might end up wanting to use https:// to the public servers
instead.

But (b) actually ends up being annoying, because I don't like my merge
commits to contain references to repositories that aren't actually
available unless you have a kernel.org account.

I tried to edit things up by hand, but honestly, that just meant that
I forgot about 50% of the time. Do a

    git log --author=Torvalds --grep=ssh://gitolite

to see my shameful lack of actually fixing up the end result.

Happily, once you realize that you have the attention span of a
slightly retarded chipmunk, and that you keep on forgetting to fix
things up, you hopefully also go "I'm a moron, but I can compensate
for that automatically".

Which is simple. Just create a .git/hooks/prepare-commit-msg file that contains

  #!/bin/sh
  sed -i 's|ssh://gitolite.kernel.org/|git://git.kernel.org/|g' "$1"

and make it executable, and git will do that commit message editing for you.

Tadaa! Now you don't look like quite the tool that I did.

                  Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ