Google Git
Sign in
googlers / jrn / git / 7671b63211712e5163ed46d4c93d0b75680c886c
commit7671b63211712e5163ed46d4c93d0b75680c886c[log] [tgz]
authorScott J. Goldman <scottjg@github.com>Fri Feb 28 05:04:19 2014 -0500
committerJunio C Hamano <gitster@pobox.com>Fri Feb 28 09:55:37 2014 -0800
tree7de8871a0ebc22a47a81410fb6e1e34fe326f879
parent69897bc2b8b49c09190cce065c027612b21c2d97 [diff]
add uploadarchive.allowUnreachable option

In commit ee27ca4, we started restricting remote git-archive
invocations to only accessing reachable commits. This
matches what upload-pack allows, but does restrict some
useful cases (e.g., HEAD:foo). We loosened this in 0f544ee,
which allows `foo:bar` as long as `foo` is a ref tip.
However, that still doesn't allow many useful things, like:

  1. Commits accessible from a ref, like `foo^:bar`, which
     are reachable

  2. Arbitrary sha1s, even if they are reachable.

We can do a full object-reachability check for these cases,
but it can be quite expensive if the client has sent us the
sha1 of a tree; we have to visit every sub-tree of every
commit in the worst case.

Let's instead give site admins an escape hatch, in case they
prefer the more liberal behavior.  For many sites, the full
object database is public anyway (e.g., if you allow dumb
walker access), or the site admin may simply decide the
security/convenience tradeoff is not worth it.

This patch adds a new config option to disable the
restrictions added in ee27ca4. It defaults to off, meaning
there is no change in behavior by default.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
4 files changed
tree: 7de8871a0ebc22a47a81410fb6e1e34fe326f879
  1. block-sha1/
  2. builtin/
  3. compat/
  4. contrib/
  5. Documentation/
  6. git-gui/
  7. gitk-git/
  8. gitweb/
  9. mergetools/
  10. perl/
  11. po/
  12. ppc/
  13. t/
  14. templates/
  15. vcs-svn/
  16. xdiff/
  17. RelNotesDocumentation/RelNotes/1.9.0.txt
  18. .gitattributes
  19. .gitignore
  20. .mailmap
  21. abspath.c
  22. aclocal.m4
  23. advice.c
  24. advice.h
  25. alias.c
  26. alloc.c
  27. archive-tar.c
  28. archive-zip.c
  29. archive.c
  30. archive.h
  31. argv-array.c
  32. argv-array.h
  33. attr.c
  34. attr.h
  35. base85.c
  36. bisect.c
  37. bisect.h
  38. blob.c
  39. blob.h
  40. branch.c
  41. branch.h
  42. builtin.h
  43. bulk-checkin.c
  44. bulk-checkin.h
  45. bundle.c
  46. bundle.h
  47. cache-tree.c
  48. cache-tree.h
  49. cache.h
  50. check-builtins.sh
  51. check-racy.c
  52. check_bindir
  53. color.c
  54. color.h
  55. column.c
  56. column.h
  57. combine-diff.c
  58. command-list.txt
  59. commit-slab.h
  60. commit.c
  61. commit.h
  62. config.c
  63. config.mak.in
  64. config.mak.uname
  65. configure.ac
  66. connect.c
  67. connect.h
  68. connected.c
  69. connected.h
  70. convert.c
  71. convert.h
  72. copy.c
  73. COPYING
  74. credential-cache--daemon.c
  75. credential-cache.c
  76. credential-store.c
  77. credential.c
  78. credential.h
  79. csum-file.c
  80. csum-file.h
  81. ctype.c
  82. daemon.c
  83. date.c
  84. decorate.c
  85. decorate.h
  86. delta.h
  87. diff-delta.c
  88. diff-lib.c
  89. diff-no-index.c
  90. diff.c
  91. diff.h
  92. diffcore-break.c
  93. diffcore-delta.c
  94. diffcore-order.c
  95. diffcore-pickaxe.c
  96. diffcore-rename.c
  97. diffcore.h
  98. dir.c
  99. dir.h
  100. editor.c
  101. entry.c
  102. environment.c
  103. exec_cmd.c
  104. exec_cmd.h
  105. fast-import.c
  106. fetch-pack.c
  107. fetch-pack.h
  108. fmt-merge-msg.h
  109. fsck.c
  110. fsck.h
  111. generate-cmdlist.sh
  112. gettext.c
  113. gettext.h
  114. git-add--interactive.perl
  115. git-am.sh
  116. git-archimport.perl
  117. git-bisect.sh
  118. git-compat-util.h
  119. git-cvsexportcommit.perl
  120. git-cvsimport.perl
  121. git-cvsserver.perl
  122. git-difftool--helper.sh
  123. git-difftool.perl
  124. git-filter-branch.sh
  125. git-instaweb.sh
  126. git-merge-octopus.sh
  127. git-merge-one-file.sh
  128. git-merge-resolve.sh
  129. git-mergetool--lib.sh
  130. git-mergetool.sh
  131. git-p4.py
  132. git-parse-remote.sh
  133. git-pull.sh
  134. git-quiltimport.sh
  135. git-rebase--am.sh
  136. git-rebase--interactive.sh
  137. git-rebase--merge.sh
  138. git-rebase.sh
  139. git-relink.perl
  140. git-remote-testgit.sh
  141. git-request-pull.sh
  142. git-send-email.perl
  143. git-sh-i18n.sh
  144. git-sh-setup.sh
  145. git-stash.sh
  146. git-submodule.sh
  147. git-svn.perl
  148. GIT-VERSION-GEN
  149. git-web--browse.sh
  150. git.c
  151. git.rc
  152. git.spec.in
  153. gpg-interface.c
  154. gpg-interface.h
  155. graph.c
  156. graph.h
  157. grep.c
  158. grep.h
  159. hash.c
  160. hash.h
  161. help.c
  162. help.h
  163. hex.c
  164. http-backend.c
  165. http-fetch.c
  166. http-push.c
  167. http-walker.c
  168. http.c
  169. http.h
  170. ident.c
  171. imap-send.c
  172. INSTALL
  173. kwset.c
  174. kwset.h
  175. levenshtein.c
  176. levenshtein.h
  177. LGPL-2.1
  178. line-log.c
  179. line-log.h
  180. line-range.c
  181. line-range.h
  182. list-objects.c
  183. list-objects.h
  184. ll-merge.c
  185. ll-merge.h
  186. lockfile.c
  187. log-tree.c
  188. log-tree.h
  189. mailmap.c
  190. mailmap.h
  191. Makefile
  192. match-trees.c
  193. merge-blobs.c
  194. merge-blobs.h
  195. merge-recursive.c
  196. merge-recursive.h
  197. merge.c
  198. mergesort.c
  199. mergesort.h
  200. name-hash.c
  201. notes-cache.c
  202. notes-cache.h
  203. notes-merge.c
  204. notes-merge.h
  205. notes-utils.c
  206. notes-utils.h
  207. notes.c
  208. notes.h
  209. object.c
  210. object.h
  211. pack-check.c
  212. pack-revindex.c
  213. pack-revindex.h
  214. pack-write.c
  215. pack.h
  216. pager.c
  217. parse-options-cb.c
  218. parse-options.c
  219. parse-options.h
  220. patch-delta.c
  221. patch-ids.c
  222. patch-ids.h
  223. path.c
  224. pathspec.c
  225. pathspec.h
  226. pkt-line.c
  227. pkt-line.h
  228. preload-index.c
  229. pretty.c
  230. prio-queue.c
  231. prio-queue.h
  232. progress.c
  233. progress.h
  234. prompt.c
  235. prompt.h
  236. quote.c
  237. quote.h
  238. reachable.c
  239. reachable.h
  240. read-cache.c
  241. README
  242. reflog-walk.c
  243. reflog-walk.h
  244. refs.c
  245. refs.h
  246. remote-curl.c
  247. remote-testsvn.c
  248. remote.c
  249. remote.h
  250. replace_object.c
  251. rerere.c
  252. rerere.h
  253. resolve-undo.c
  254. resolve-undo.h
  255. revision.c
  256. revision.h
  257. run-command.c
  258. run-command.h
  259. send-pack.c
  260. send-pack.h
  261. sequencer.c
  262. sequencer.h
  263. server-info.c
  264. setup.c
  265. sh-i18n--envsubst.c
  266. sha1-array.c
  267. sha1-array.h
  268. sha1-lookup.c
  269. sha1-lookup.h
  270. sha1_file.c
  271. sha1_name.c
  272. shallow.c
  273. shell.c
  274. shortlog.h
  275. show-index.c
  276. sideband.c
  277. sideband.h
  278. sigchain.c
  279. sigchain.h
  280. strbuf.c
  281. strbuf.h
  282. streaming.c
  283. streaming.h
  284. string-list.c
  285. string-list.h
  286. submodule.c
  287. submodule.h
  288. symlinks.c
  289. tag.c
  290. tag.h
  291. tar.h
  292. test-chmtime.c
  293. test-ctype.c
  294. test-date.c
  295. test-delta.c
  296. test-dump-cache-tree.c
  297. test-genrandom.c
  298. test-index-version.c
  299. test-line-buffer.c
  300. test-match-trees.c
  301. test-mergesort.c
  302. test-mktemp.c
  303. test-parse-options.c
  304. test-path-utils.c
  305. test-prio-queue.c
  306. test-read-cache.c
  307. test-regex.c
  308. test-revision-walking.c
  309. test-run-command.c
  310. test-scrap-cache-tree.c
  311. test-sha1.c
  312. test-sha1.sh
  313. test-sigchain.c
  314. test-string-list.c
  315. test-subprocess.c
  316. test-svn-fe.c
  317. test-urlmatch-normalization.c
  318. test-wildmatch.c
  319. thread-utils.c
  320. thread-utils.h
  321. trace.c
  322. transport-helper.c
  323. transport.c
  324. transport.h
  325. tree-diff.c
  326. tree-walk.c
  327. tree-walk.h
  328. tree.c
  329. tree.h
  330. unimplemented.sh
  331. unix-socket.c
  332. unix-socket.h
  333. unpack-trees.c
  334. unpack-trees.h
  335. upload-pack.c
  336. url.c
  337. url.h
  338. urlmatch.c
  339. urlmatch.h
  340. usage.c
  341. userdiff.c
  342. userdiff.h
  343. utf8.c
  344. utf8.h
  345. varint.c
  346. varint.h
  347. version.c
  348. version.h
  349. walker.c
  350. walker.h
  351. wildmatch.c
  352. wildmatch.h
  353. wrap-for-bin.sh
  354. wrapper.c
  355. write_or_die.c
  356. ws.c
  357. wt-status.c
  358. wt-status.h
  359. xdiff-interface.c
  360. xdiff-interface.h
  361. zlib.c