[cfarm-users] Unable to git pull on gcc112
Jacob Bachmeyer
jcb62281 at gmail.com
Thu Mar 31 01:52:23 CEST 2022
Vincent Lefevre via cfarm-users wrote:
> On 2022-03-29 22:01:26 -0500, Jacob Bachmeyer via cfarm-users wrote:
>
>> Jeffrey Walton via cfarm-users wrote:
>>
>>> When I try git://github.com/weidai11/cryptopp/:
>>>
>>> $ git pull
>>> fatal: remote error:
>>> The unauthenticated git protocol on port 9418 is no longer supported.
>>>
>> While this does not help you, the root of this latter problem seems to be
>> that GitHub has decided to deliberately break compatibility with one of
>> Git's standard features using "security" as an excuse. This is, of course,
>> ridiculous for public repositories, since public repositories are, well,
>> public.
>>
>
> Even though they are public, you still need to have a way to
> authenticate the host to ensure that you will not connect to
> a fake server (in particular with "git clone").
>
Easily solved by checking the HEAD commit against a known-good ID;
either the origin tracking branch in your local copy, or as I have done
in the past with GitHub, by looking at the (HTTPS) Web page. If those
IDs match, you have the correct data, with overwhelming probability. If
they do not match, find the differences and you have just caught an
attacker in the act.
The solution, in short, is to authenticate the _data_ (which actually
matters) instead of the _server_ (which is actually irrelevant here; an
honest "ghost mirror" is fine and a dishonest origin is bad).
-- Jacob
More information about the cfarm-users
mailing list