From: Hans-Christoph Steiner <hans@eds.org>
Date: Mon, 5 Feb 2018 12:24:32 +0000 (+0100)
Subject: git: use /bin/true for 'askpass' to prevent all password prompts
X-Git-Tag: 1.0.1~14^2~2
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=dd93ee6c9b2a206fe5e30cdf0a89463683283d0f;p=fdroidserver.git

git: use /bin/true for 'askpass' to prevent all password prompts

This uses both the env vars and the command line options to ensure
that it works with as many versions of git as possible.  Also, git-svn
uses the env vars, but not necessarily the command line options.

This uses /bin/true to pretend that it succesfully got the password.
If password auth is truly required, then it will fail further on down
the line.
---

diff --git a/fdroidserver/common.py b/fdroidserver/common.py
index 86d1a7d1..6b34969f 100644
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@@ -815,6 +815,7 @@ class vcs_git(vcs):
         #
         # supported in git >= 2.3
         git_config = [
+            '-c', 'core.askpass=/bin/true',
             '-c', 'core.sshCommand=/bin/false',
             '-c', 'url.https://.insteadOf=ssh://',
         ]
@@ -827,6 +828,8 @@ class vcs_git(vcs):
             git_config.append('url.https://u:p@' + domain + '.insteadOf=https://' + domain)
         envs.update({
             'GIT_TERMINAL_PROMPT': '0',
+            'GIT_ASKPASS': '/bin/true',
+            'SSH_ASKPASS': '/bin/true',
             'GIT_SSH': '/bin/false',  # for git < 2.3
         })
         return FDroidPopen(['git', ] + git_config + args,
@@ -960,15 +963,27 @@ class vcs_gitsvn(vcs):
 
     def git(self, args, envs=dict(), cwd=None, output=True):
         '''Prevent git fetch/clone/submodule from hanging at the username/password prompt
+
+        AskPass is set to /bin/true to let the process try to connect
+        without a username/password.
+
+        The SSH command is set to /bin/false to block all SSH URLs
+        (supported in git >= 2.3).  This protects against
+        CVE-2017-1000117.
+
         '''
-        # CVE-2017-1000117 block all SSH URLs (supported in git >= 2.3)
-        config = ['-c', 'core.sshCommand=false']
+        git_config = [
+            '-c', 'core.askpass=/bin/true',
+            '-c', 'core.sshCommand=/bin/false',
+        ]
         envs.update({
             'GIT_TERMINAL_PROMPT': '0',
+            'GIT_ASKPASS': '/bin/true',
+            'SSH_ASKPASS': '/bin/true',
             'GIT_SSH': '/bin/false',  # for git < 2.3
             'SVN_SSH': '/bin/false',
         })
-        return FDroidPopen(['git', ] + config + args,
+        return FDroidPopen(['git', ] + git_config + args,
                            envs=envs, cwd=cwd, output=output)
 
     def gotorevisionx(self, rev):