chiark
/
gitweb
/
~ianmdlvl
/
fdroidserver.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
dd93ee6
)
git-svn: require working HTTPS for all Subversion URLs
author
Hans-Christoph Steiner
<hans@eds.org>
Mon, 5 Feb 2018 13:43:39 +0000
(14:43 +0100)
committer
Hans-Christoph Steiner
<hans@eds.org>
Mon, 12 Feb 2018 11:07:24 +0000
(12:07 +0100)
Subversion does not verify each commit as strongly as git does, so HTTPS is
really important. Also, there is the possibility of injecting code into
`fdroid checkupdate` calls if plain HTTP is used.
fdroidserver/common.py
patch
|
blob
|
history
diff --git
a/fdroidserver/common.py
b/fdroidserver/common.py
index 6b34969fa9b6b415ad6947c577271bac413023dc..938b1c158b8dbc1b6ebefc076f682e9fb283f267 100644
(file)
--- a/
fdroidserver/common.py
+++ b/
fdroidserver/common.py
@@
-1004,6
+1004,9
@@
class vcs_gitsvn(vcs):
else:
remote = self.remote
+ if not remote.startswith('https://'):
+ raise VCSException(_('HTTPS must be used with Subversion URLs!'))
+
gitsvn_args.extend(['--', remote, self.local])
p = self.git(gitsvn_args)
if p.returncode != 0: