]> source.dussan.org Git - jgit.git/commit
projects / jgit.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e54d33b) | patch
Allow users of ReceivePack access to the objects being sent 82/282/7
authorNico Sallembien <nsallembien@google.com>
Tue, 9 Feb 2010 23:01:27 +0000 (15:01 -0800)
committerNico Sallembien <nsallembien@google.com>
Thu, 11 Feb 2010 21:01:27 +0000 (13:01 -0800)
commit19126f70e9e5645278b38239c01d990c32d44af2
tree4b95459f1665f605c68dd309624fe4c2b7561c62tree | snapshot
parente54d33b6873f0b392640f9200398861210ac9374commit | diff
Allow users of ReceivePack access to the objects being sent

When implementing branch read access, we need to prove that the
newly created reference(s) point to objects that the user can see.

There are two ways that an object is reachable:
1)  It's reachable from a branch or change the user can see
2)  It was uploaded as part of the pack file the user sent us

This change adds additional methods in ReceivePack that will allow a
server to check the above conditions, in order to ensure that a user
is not trying to create a reference that they cannot see, or that a
malicious user isn't attempting to forge the SHA-1 of an object that
they cannot see in order to base a change off of it.

Change-Id: Ieba75b4f0331e06a03417c37f4ae1ebca4fbee5a
org.eclipse.jgit/src/org/eclipse/jgit/transport/IndexPack.java diff | blob | history
org.eclipse.jgit/src/org/eclipse/jgit/transport/ReceivePack.java diff | blob | history
JGit, the Java implementation of git: https://github.com/eclipse-jgit/jgit