git-annex/Remote
Joey Hess 9a8391078a
git-annex-shell: block relay requests
connRepo is only used when relaying git upload-pack and receive-pack.
That's only supposed to be used when git-annex-remotedaemon is serving
git-remote-tor-annex connections over tor. But, it was always set, and
so could be used in other places possibly.

Fixed by making connRepo optional in the P2P protocol interface.

In Command.EnableTor, it's not needed, because it only speaks the
protocol in order to check that it's able to connect back to itself via
the hidden service. So changed that to pass Nothing rather than the git
repo.

In Remote.Helper.Ssh, it's connecting to git-annex-shell p2pstdio,
so is making the requests, so will never need connRepo.

In git-annex-shell p2pstdio, it was accepting git upload-pack and
receive-pack requests over the P2P protocol, even though nothing sent
them. This is arguably a security hole, particularly if the user has
set environment variables like GIT_ANNEX_SHELL_LIMITED to prevent
git push/pull via git-annex-shell.
2024-06-10 14:16:27 -04:00
..
Directory improve createDirectoryUnder to allow alternate top directories 2022-08-12 12:52:37 -04:00
External rclone special remote 2024-04-17 15:20:37 -04:00
Helper git-annex-shell: block relay requests 2024-06-10 14:16:27 -04:00
List auto-init autoenable=yes 2020-05-27 12:40:35 -04:00
Rsync add newtypes for QuickCheck to avoid LANG=C issues 2020-11-09 20:21:18 -04:00
WebDAV Apply codespell -w throughout 2023-03-17 15:14:58 -04:00
Adb.hs run codespell throughout fixing typos automagically 2024-05-01 15:46:21 -04:00
BitTorrent.hs support VURL backend 2024-02-29 13:48:51 -04:00
Borg.hs implement Unavilable for borg bup ddar directory rsync 2023-08-16 15:48:09 -04:00
Bup.hs implement Unavilable for borg bup ddar directory rsync 2023-08-16 15:48:09 -04:00
Ddar.hs implement Unavilable for borg bup ddar directory rsync 2023-08-16 15:48:09 -04:00
Directory.hs run codespell throughout fixing typos automagically 2024-05-01 15:46:21 -04:00
External.hs avoid accepting externaltype= and readonly= parameters for rclone 2024-04-17 15:41:55 -04:00
GCrypt.hs eliminate s2w8 and w82s 2023-10-26 13:12:57 -04:00
Git.hs skip remotes with an annex:: url 2024-05-07 15:02:20 -04:00
GitLFS.hs Removed the vendored git-lfs and the GitLfs build flag 2023-08-28 13:12:31 -04:00
Glacier.hs let Remote.availability return Unavilable 2023-08-16 14:31:31 -04:00
Hook.hs let Remote.availability return Unavilable 2023-08-16 14:31:31 -04:00
HttpAlso.hs let Remote.availability return Unavilable 2023-08-16 14:31:31 -04:00
List.hs git-remote-annex: support importrree=yes remotes 2024-05-27 12:35:42 -04:00
P2P.hs git-annex-shell: block relay requests 2024-06-10 14:16:27 -04:00
Rclone.hs rclone special remote 2024-04-17 15:20:37 -04:00
Rsync.hs export tree: avoid confusing output about renaming files 2024-03-09 13:50:26 -04:00
S3.hs export tree: avoid confusing output about renaming files 2024-03-09 13:50:26 -04:00
Tahoe.hs disk free checking for unsized keys 2024-01-16 14:29:10 -04:00
Web.hs implement URL to VURL migration 2024-03-01 16:42:02 -04:00
WebDAV.hs export tree: avoid confusing output about renaming files 2024-03-09 13:50:26 -04:00