diff options
| author | Jeff King <peff@peff.net> | 2021-09-15 20:36:36 +0200 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2021-09-15 21:25:19 +0200 |
| commit | 0ab7eeccd9aea668819288c086dcdf57ca14a026 (patch) | |
| tree | 946ea970d2bc853e825153193b1d6af89e5017f6 /serve.c | |
| parent | serve: reject bogus v2 "command=ls-refs=foo" (diff) | |
| download | git-0ab7eeccd9aea668819288c086dcdf57ca14a026.tar.xz git-0ab7eeccd9aea668819288c086dcdf57ca14a026.zip | |
serve: reject commands used as capabilities
Our table of v2 "capabilities" contains everything we might tell the
client we support. But there are differences in how we expect the client
to respond. Some of the entries are true capabilities (i.e., we expect
the client to say "yes, I support this"), and some are ones we expect
them to send as commands (with "command=ls-refs" or similar).
When we receive a capability used as a command, we complain about that.
But when we receive a command used as a capability (e.g., just "ls-refs"
in a pkt-line by itself), we silently ignore it.
This isn't really hurting anything (clients shouldn't send it, and we'll
ignore it), but we can tighten up the protocol to match what we expect
to happen.
There are two new tests here. The first one checks a capability used as
a command, which already passes. The second tests a command as a
capability, which this patch fixes.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'serve.c')
| -rw-r--r-- | serve.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -201,7 +201,7 @@ static int receive_client_capability(const char *key) const char *value; const struct protocol_capability *c = get_capability(key, &value); - if (!c || !c->advertise(the_repository, NULL)) + if (!c || c->command || !c->advertise(the_repository, NULL)) return 0; if (c->receive) |