| Message ID | 13798dfb121c9631e9d811f5f74f9a78c1fcfdf9.1597406877.git.martin.agren@gmail.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | more SHA-256 documentation | expand |
On 8/14/2020 8:21 AM, Martin Ågren wrote: > Two of our extensions contain "sha1" in their names, but that's > historical. The "want"s will take object names that are not necessarily > SHA-1s. Make this clear, but also make it clear how there's still just > one correct hash algo: These extensions don't somehow make the "want"s > take object names derived using *any* hash algorithm. > > Signed-off-by: Martin Ågren <martin.agren@gmail.com> > --- > Documentation/technical/protocol-capabilities.txt | 11 +++++++---- > 1 file changed, 7 insertions(+), 4 deletions(-) > > diff --git a/Documentation/technical/protocol-capabilities.txt b/Documentation/technical/protocol-capabilities.txt > index 36ccd14f97..47f1b30090 100644 > --- a/Documentation/technical/protocol-capabilities.txt > +++ b/Documentation/technical/protocol-capabilities.txt > @@ -324,15 +324,18 @@ allow-tip-sha1-in-want > ---------------------- > > If the upload-pack server advertises this capability, fetch-pack may > -send "want" lines with SHA-1s that exist at the server but are not > -advertised by upload-pack. > +send "want" lines with object names that exist at the server but are not > +advertised by upload-pack. (Note that the name of the capability > +contains "sha1", but that it's more general than that: in SHA-1 > +repositories, the "want" lines provide SHA-1 values, but in SHA-256 > +repositories, they provide SHA-256 values.) > > allow-reachable-sha1-in-want > ---------------------------- > > If the upload-pack server advertises this capability, fetch-pack may > -send "want" lines with SHA-1s that exist at the server but are not > -advertised by upload-pack. > +send "want" lines with object names that exist at the server but are not > +advertised by upload-pack. (Same remark about "sha1" as above.) This "as above" is brittle to future changes. I think it could be improved with (As in "allow-tip-sha1-in-want", the "sha1" in this capability refers to object names, not the hash algorithm chosen for the repository.) Or, just repeat the same note again. Thanks, -Stolee
On Fri, 14 Aug 2020 at 14:31, Derrick Stolee <stolee@gmail.com> wrote: > > On 8/14/2020 8:21 AM, Martin Ågren wrote: > > > > If the upload-pack server advertises this capability, fetch-pack may > > -send "want" lines with SHA-1s that exist at the server but are not > > -advertised by upload-pack. > > +send "want" lines with object names that exist at the server but are not > > +advertised by upload-pack. (Note that the name of the capability > > +contains "sha1", but that it's more general than that: in SHA-1 > > +repositories, the "want" lines provide SHA-1 values, but in SHA-256 > > +repositories, they provide SHA-256 values.) > > > > allow-reachable-sha1-in-want > > ---------------------------- > > > > If the upload-pack server advertises this capability, fetch-pack may > > -send "want" lines with SHA-1s that exist at the server but are not > > -advertised by upload-pack. > > +send "want" lines with object names that exist at the server but are not > > +advertised by upload-pack. (Same remark about "sha1" as above.) > > This "as above" is brittle to future changes. Fair enough. :-) I actually thought this might be *less* brittle, since we wouldn't need to do any additional changes twice. > I think it > could be improved with > > (As in "allow-tip-sha1-in-want", the "sha1" in this capability > refers to object names, not the hash algorithm chosen for the > repository.) > > Or, just repeat the same note again. These two paragraphs are identical before this patch, so it might make sense not to change that property. Thanks. Martin
Martin Ågren <martin.agren@gmail.com> writes: > Two of our extensions contain "sha1" in their names, but that's > historical. The "want"s will take object names that are not necessarily > SHA-1s. Make this clear, but also make it clear how there's still just > one correct hash algo: These extensions don't somehow make the "want"s > take object names derived using *any* hash algorithm. > > Signed-off-by: Martin Ågren <martin.agren@gmail.com> > --- > Documentation/technical/protocol-capabilities.txt | 11 +++++++---- > 1 file changed, 7 insertions(+), 4 deletions(-) > > diff --git a/Documentation/technical/protocol-capabilities.txt b/Documentation/technical/protocol-capabilities.txt > index 36ccd14f97..47f1b30090 100644 > --- a/Documentation/technical/protocol-capabilities.txt > +++ b/Documentation/technical/protocol-capabilities.txt > @@ -324,15 +324,18 @@ allow-tip-sha1-in-want > ---------------------- > > If the upload-pack server advertises this capability, fetch-pack may > -send "want" lines with SHA-1s that exist at the server but are not > -advertised by upload-pack. > +send "want" lines with object names that exist at the server but are not > +advertised by upload-pack. (Note that the name of the capability > +contains "sha1", but that it's more general than that: in SHA-1 > +repositories, the "want" lines provide SHA-1 values, but in SHA-256 > +repositories, they provide SHA-256 values.) I think we should have either a new sha256 capability or a more generic hash-algo capability whose value can be set to sha256. Neither the connection initiators or the acceptors should talk in sha256 until both ends agreed to do so. I do not think of any other way to make sure hosting sites to serve projects that migrate at different pace. Per project, you might be able to have a flag day. You cannot have a flag day that spans the world.
On Fri, 14 Aug 2020 at 19:33, Junio C Hamano <gitster@pobox.com> wrote: > > Martin Ågren <martin.agren@gmail.com> writes: > > > Two of our extensions contain "sha1" in their names, but that's > > historical. The "want"s will take object names that are not necessarily > > SHA-1s. Make this clear, but also make it clear how there's still just > > one correct hash algo: These extensions don't somehow make the "want"s > > take object names derived using *any* hash algorithm. > > > > Signed-off-by: Martin Ågren <martin.agren@gmail.com> > > --- > > Documentation/technical/protocol-capabilities.txt | 11 +++++++---- > > 1 file changed, 7 insertions(+), 4 deletions(-) > > > > diff --git a/Documentation/technical/protocol-capabilities.txt b/Documentation/technical/protocol-capabilities.txt > > index 36ccd14f97..47f1b30090 100644 > > --- a/Documentation/technical/protocol-capabilities.txt > > +++ b/Documentation/technical/protocol-capabilities.txt > > @@ -324,15 +324,18 @@ allow-tip-sha1-in-want > > ---------------------- > > > > If the upload-pack server advertises this capability, fetch-pack may > > -send "want" lines with SHA-1s that exist at the server but are not > > -advertised by upload-pack. > > +send "want" lines with object names that exist at the server but are not > > +advertised by upload-pack. (Note that the name of the capability > > +contains "sha1", but that it's more general than that: in SHA-1 > > +repositories, the "want" lines provide SHA-1 values, but in SHA-256 > > +repositories, they provide SHA-256 values.) > > I think we should have either a new sha256 capability or a more > generic hash-algo capability whose value can be set to sha256. > Neither the connection initiators or the acceptors should talk > in sha256 until both ends agreed to do so. I think we should, and I think we do. I haven't dug into the details, but "object-format" looks like it's just that. Maybe instead of SHA-1 and SHA-256, this should talk about "whatever has been negotiated through 'object-format', or SHA-1", similar to brian's suggestion elsewhere. > I do not think of any other way to make sure hosting sites to serve > projects that migrate at different pace. Per project, you might be > able to have a flag day. You cannot have a flag day that spans the > world. Yeah, that makes sense. Martin
Martin Ågren <martin.agren@gmail.com> writes: >> I think we should have either a new sha256 capability or a more >> generic hash-algo capability whose value can be set to sha256. >> Neither the connection initiators or the acceptors should talk >> in sha256 until both ends agreed to do so. > > I think we should, and I think we do. I haven't dug into the details, > but "object-format" looks like it's just that. Ah, Yes, my thinko. > Maybe instead of SHA-1 and SHA-256, this should talk about "whatever has > been negotiated through 'object-format', or SHA-1", similar to brian's > suggestion elsewhere. Yup, that would be wonderful. Thanks.
diff --git a/Documentation/technical/protocol-capabilities.txt b/Documentation/technical/protocol-capabilities.txt index 36ccd14f97..47f1b30090 100644 --- a/Documentation/technical/protocol-capabilities.txt +++ b/Documentation/technical/protocol-capabilities.txt @@ -324,15 +324,18 @@ allow-tip-sha1-in-want ---------------------- If the upload-pack server advertises this capability, fetch-pack may -send "want" lines with SHA-1s that exist at the server but are not -advertised by upload-pack. +send "want" lines with object names that exist at the server but are not +advertised by upload-pack. (Note that the name of the capability +contains "sha1", but that it's more general than that: in SHA-1 +repositories, the "want" lines provide SHA-1 values, but in SHA-256 +repositories, they provide SHA-256 values.) allow-reachable-sha1-in-want ---------------------------- If the upload-pack server advertises this capability, fetch-pack may -send "want" lines with SHA-1s that exist at the server but are not -advertised by upload-pack. +send "want" lines with object names that exist at the server but are not +advertised by upload-pack. (Same remark about "sha1" as above.) push-cert=<nonce> -----------------
Two of our extensions contain "sha1" in their names, but that's historical. The "want"s will take object names that are not necessarily SHA-1s. Make this clear, but also make it clear how there's still just one correct hash algo: These extensions don't somehow make the "want"s take object names derived using *any* hash algorithm. Signed-off-by: Martin Ågren <martin.agren@gmail.com> --- Documentation/technical/protocol-capabilities.txt | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-)