Killing plaintext git:// in favor of https:// cloning

Jason A. Donenfeld Jason at zx2c4.com
Tue Feb 23 06:05:12 CET 2016


On Mon, Feb 22, 2016 at 9:43 PM, Joe Anakata
<jea-signup-cgit at anakata.org> wrote:
> (Also it was mentioned this would only work for people making a fresh
> clone; anyone with an existing clone would almost certainly know
> something was up.)

No, definitely a MITM attack is feasible that would be fast
forwardable just fine for a pull onto an existing repo.

> Also there is the issue of the book reference, which is hard to
> change.  Though, for this, you could just have a dummy server which
> redirects people, something which is essentially:
>
> nc -l -p 9418 -c "echo -n 002AERR please use https://foo.bar/foo.git"

Right, this is exactly what I wound up doing, except much higher
performance using epoll:
https://git.zx2c4.com/git-daemon-dummy/about/
I haven't decided whether or not to deploy it, but the code is there.

> (Of course, someone could still MITM *that*.

Right. But the idea, anyhow, would just be to let the readers of the
book know what's up, rather than leaving them in the dark.


More information about the CGit mailing list