From dd93ee6c9b2a206fe5e30cdf0a89463683283d0f Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Mon, 5 Feb 2018 13:24:32 +0100
Subject: [PATCH] git: use /bin/true for 'askpass' to prevent all password
 prompts

This uses both the env vars and the command line options to ensure
that it works with as many versions of git as possible.  Also, git-svn
uses the env vars, but not necessarily the command line options.

This uses /bin/true to pretend that it succesfully got the password.
If password auth is truly required, then it will fail further on down
the line.
---
 fdroidserver/common.py | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/fdroidserver/common.py b/fdroidserver/common.py
index 86d1a7d1..6b34969f 100644
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@@ -815,6 +815,7 @@ class vcs_git(vcs):
         #
         # supported in git >= 2.3
         git_config = [
+            '-c', 'core.askpass=/bin/true',
             '-c', 'core.sshCommand=/bin/false',
             '-c', 'url.https://.insteadOf=ssh://',
         ]
@@ -827,6 +828,8 @@ class vcs_git(vcs):
             git_config.append('url.https://u:p@' + domain + '.insteadOf=https://' + domain)
         envs.update({
             'GIT_TERMINAL_PROMPT': '0',
+            'GIT_ASKPASS': '/bin/true',
+            'SSH_ASKPASS': '/bin/true',
             'GIT_SSH': '/bin/false',  # for git < 2.3
         })
         return FDroidPopen(['git', ] + git_config + args,
@@ -960,15 +963,27 @@ class vcs_gitsvn(vcs):
 
     def git(self, args, envs=dict(), cwd=None, output=True):
         '''Prevent git fetch/clone/submodule from hanging at the username/password prompt
+
+        AskPass is set to /bin/true to let the process try to connect
+        without a username/password.
+
+        The SSH command is set to /bin/false to block all SSH URLs
+        (supported in git >= 2.3).  This protects against
+        CVE-2017-1000117.
+
         '''
-        # CVE-2017-1000117 block all SSH URLs (supported in git >= 2.3)
-        config = ['-c', 'core.sshCommand=false']
+        git_config = [
+            '-c', 'core.askpass=/bin/true',
+            '-c', 'core.sshCommand=/bin/false',
+        ]
         envs.update({
             'GIT_TERMINAL_PROMPT': '0',
+            'GIT_ASKPASS': '/bin/true',
+            'SSH_ASKPASS': '/bin/true',
             'GIT_SSH': '/bin/false',  # for git < 2.3
             'SVN_SSH': '/bin/false',
         })
-        return FDroidPopen(['git', ] + config + args,
+        return FDroidPopen(['git', ] + git_config + args,
                            envs=envs, cwd=cwd, output=output)
 
     def gotorevisionx(self, rev):
-- 
2.30.2