Re: [Issue 4124] New - Give servers sufficient means to disallow commits from clients based on version numbers

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: Fri, 17 Aug 2012 14:01:03 -0400

On 08/17/2012 12:43 PM, Daniel Shahaf wrote:
> Stefan Sperling wrote on Fri, Aug 17, 2012 at 18:24:03 +0200:
>> On Fri, Aug 17, 2012 at 12:14:31PM -0400, C. Michael Pilato wrote:
>>> 4. something else?
>>
>> 4. Marshall the version string before sending it across svn://,
>> escaping unsupported characters somehow in a reversible way,
>> and unescape them before passing them to hooks?
>> I.e. use something like strnvis() but adapted to the
>> restrictions of the svn:// protocol.

Yeah, I forgot to add that I was thinking about this approach, too. I'm not
familiar with strnvis(), but I assume it's similar to what we do with our
checksum API _readable() variants (where 'A' is 0x41 and represented as as
"41")?

> 5. Require the version string and client name to match
> /^[A-Za-z0-9-]+$/, and embed them directly as part of a capability
> name (so: capabilities might be named client-version-tsvn-1dot7dot0)

I'll give the honor of treating this suggestion as a serious one. And then
the dishonor of a hearty -1. :-)

-- 
C. Michael Pilato <cmpilato_at_collab.net>
CollabNet   <>   www.collab.net   <>   Enterprise Cloud Development

application/pgp-signature attachment: OpenPGP digital signature

Received on 2012-08-17 20:01:40 CEST

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]