From: Jeff King <peff@peff.net>
To: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Cc: git@vger.kernel.org, Junio C Hamano <gitster@pobox.com>,
"brian m . carlson" <sandals@crustytoothpaste.net>,
Bagas Sanjaya <bagasdotme@gmail.com>
Subject: Re: [PATCH 2/5] http: correct curl version check for CURLOPT_PINNEDPUBLICKEY
Date: Wed, 8 Sep 2021 15:22:28 -0400 [thread overview]
Message-ID: <YTkNdGk28UJnSDVt@coredump.intra.peff.net> (raw)
In-Reply-To: <patch-2.5-511534ce17a-20210908T152807Z-avarab@gmail.com>
On Wed, Sep 08, 2021 at 05:31:53PM +0200, Ævar Arnfjörð Bjarmason wrote:
> In aeff8a61216 (http: implement public key pinning, 2016-02-15) a
> dependency and warning() was added if curl older than 7.44.0 was used,
> but the relevant code depended on CURLOPT_PINNEDPUBLICKEY, introduced
> in 7.39.0.
According to the manpage for CURLOPT_PINNEDPUBLICKEY, it looks like
support for various formats and implementations was phased in. In
particular, 7.44.0 picked up sha256 support (I guess for a fingerprint?
I've never used this feature) for most major implementations.
But in terms of compiling, all we care about is that the constant is
there. So I think the cutoff point you found is what we want. Presumably
when the file format isn't supported we'd get some error, though it's
not clear if that would come during the actual curl_*_perform(), or if
we should be checking the curl_easy_setopt() result.
> Let's also remove the macro check before we declare the ssl_pinnedkey
> variable, the pattern for other such variables is to declare the
> static variable unconditionally, we just may not use it on older
> versions. This reduces macro verbosity.
>
> The reduction in verbosity comes at the small cost of issuing a
> warning about the unused variable if this code is compiled with curl
> versions older than 7.39.0. I think that's an acceptable trade-off,
> anyone compiling a new git with a 2014-era toolchain likely has at
> least other warning that'll have prompted them not to use -Werror, and
> if not maybe this'll prompt them to compile their new git with a more
> modern libcurl.
OK. That's a bit of a departure from how we've handled variables before,
but it does make the code a bit cleaner. And I am fine with the attitude
of "if you are using ancient tools, you may see some extra warnings". We
already know this is true for older compilers, and it's not worth caring
too much about.
-Peff
next prev parent reply other threads:[~2021-09-08 19:22 UTC|newest]
Thread overview: 173+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-09 12:00 [PATCH 0/4] dropping support for older curl Jeff King
2017-08-09 12:01 ` [PATCH 1/4] http: drop support for curl < 7.11.1 Jeff King
2017-08-09 12:01 ` [PATCH 2/4] http: drop support for curl < 7.16.0 Jeff King
2017-08-09 17:29 ` Stefan Beller
2017-08-09 21:13 ` Jeff King
2017-08-09 17:40 ` Junio C Hamano
2017-08-09 18:03 ` Nicolas Morey-Chaisemartin
2017-08-09 21:17 ` Jeff King
2017-08-09 21:29 ` Nicolas Morey-Chaisemartin
2017-08-09 21:49 ` Jeff King
2017-08-09 21:15 ` Jeff King
2017-08-09 12:02 ` [PATCH 3/4] http: drop support for curl < 7.19.4 Jeff King
2017-08-09 13:14 ` Ævar Arnfjörð Bjarmason
2017-08-09 13:38 ` Jeff King
2017-08-09 13:49 ` [PATCH 5/4] curl: remove ifdef'd code never used with curl >=7.19.4 Ævar Arnfjörð Bjarmason
2017-08-09 17:34 ` [PATCH 3/4] http: drop support for curl < 7.19.4 Stefan Beller
2017-08-09 21:19 ` Jeff King
2017-08-10 12:36 ` Mischa POSLAWSKY
2017-08-10 17:34 ` Jeff King
2017-08-09 12:02 ` [PATCH 4/4] http: #error on too-old curl Jeff King
2017-08-09 17:37 ` Stefan Beller
2017-08-09 21:42 ` [PATCH 0/4] dropping support for older curl Johannes Schindelin
2017-08-09 21:47 ` Jeff King
2017-08-10 9:01 ` Tom G. Christensen
2017-08-10 9:36 ` Johannes Schindelin
2017-08-10 21:33 ` Jeff King
2017-08-10 22:17 ` Junio C Hamano
2017-08-10 23:09 ` Jeff King
2017-08-11 0:17 ` Jeff King
[not found] ` <CAHVLzcnnrABmkYNg31Aq99NgBbyuCKEM60pHGygyjXbjmaUEYQ@mail.gmail.com>
2017-08-14 21:50 ` Johannes Schindelin
2017-08-10 20:33 ` Tom G. Christensen
2017-08-10 21:32 ` Jeff King
2017-08-10 22:23 ` Tom G. Christensen
2017-08-10 22:54 ` Jeff King
2017-08-10 23:17 ` Tom G. Christensen
2017-08-10 23:23 ` Jeff King
2017-08-10 23:36 ` Tom G. Christensen
2017-08-11 16:37 ` [PATCH 0/2] http: handle curl with vendor backports Tom G. Christensen
2017-08-11 22:15 ` Junio C Hamano
2017-08-12 6:20 ` Tom G. Christensen
2017-08-20 8:47 ` Jeff King
2017-08-20 16:28 ` Junio C Hamano
2017-08-23 15:41 ` Jeff King
2017-08-11 16:37 ` [PATCH 1/2] http: Fix handling of missing CURLPROTO_* Tom G. Christensen
2017-08-12 0:30 ` Junio C Hamano
2017-08-12 9:04 ` Tom G. Christensen
2017-08-20 8:59 ` Jeff King
2017-08-11 16:37 ` [PATCH 2/2] http: use a feature check to enable GSSAPI delegation control Tom G. Christensen
2017-08-09 23:39 ` [PATCH 0/4] dropping support for older curl Ævar Arnfjörð Bjarmason
[not found] ` <87zib8g8ub.fsf@gmail.com>
2017-08-10 10:04 ` Dropping support for older perl Tom G. Christensen
2021-07-21 22:22 ` [PATCH v2 0/5] drop support for ancient curl Ævar Arnfjörð Bjarmason
2021-07-21 22:22 ` [PATCH v2 1/5] http: drop support for curl < 7.11.1 Ævar Arnfjörð Bjarmason
2021-07-21 22:56 ` Junio C Hamano
2021-07-21 22:22 ` [PATCH v2 2/5] http: drop support for curl < 7.16.0 Ævar Arnfjörð Bjarmason
2021-07-21 22:22 ` [PATCH v2 3/5] http: drop support for curl < 7.19.4 Ævar Arnfjörð Bjarmason
2021-07-21 23:05 ` Junio C Hamano
2021-07-21 22:22 ` [PATCH v2 4/5] http: drop support for curl < 7.19.3 and < 7.16.4 (again) Ævar Arnfjörð Bjarmason
2021-07-21 23:17 ` Junio C Hamano
2021-07-21 22:22 ` [PATCH v2 5/5] http: rename CURLOPT_FILE to CURLOPT_WRITEDATA Ævar Arnfjörð Bjarmason
2021-07-21 23:19 ` Junio C Hamano
2021-07-21 22:39 ` [PATCH v2 0/5] drop support for ancient curl Junio C Hamano
2021-07-21 22:56 ` brian m. carlson
2021-07-22 7:09 ` Ævar Arnfjörð Bjarmason
2021-07-22 22:56 ` brian m. carlson
2021-07-23 7:17 ` Ævar Arnfjörð Bjarmason
2021-07-22 6:27 ` Bagas Sanjaya
2021-07-23 10:16 ` Jeff King
2021-07-23 16:21 ` Junio C Hamano
2021-07-23 16:49 ` Randall S. Becker
2021-07-24 1:19 ` Jeff King
2021-07-30 9:31 ` [PATCH v3 0/7] drop support for ancient curl, improve version checks Ævar Arnfjörð Bjarmason
2021-07-30 9:31 ` [PATCH v3 1/7] http: drop support for curl < 7.11.1 Ævar Arnfjörð Bjarmason
2021-07-30 9:31 ` [PATCH v3 2/7] http: drop support for curl < 7.16.0 Ævar Arnfjörð Bjarmason
2021-07-30 9:31 ` [PATCH v3 3/7] http: drop support for curl < 7.19.4 Ævar Arnfjörð Bjarmason
2021-07-30 9:31 ` [PATCH v3 4/7] http: drop support for curl < 7.19.3 and <= 7.16.4 (or <7.17.0) (again) Ævar Arnfjörð Bjarmason
2021-07-30 16:18 ` Junio C Hamano
2021-07-30 9:31 ` [PATCH v3 5/7] http: drop support for curl < 7.18.0 (again) Ævar Arnfjörð Bjarmason
2021-07-30 16:22 ` Junio C Hamano
2021-07-30 9:31 ` [PATCH v3 6/7] http: rename CURLOPT_FILE to CURLOPT_WRITEDATA Ævar Arnfjörð Bjarmason
2021-07-30 9:31 ` [PATCH v3 7/7] http: centralize the accounting of libcurl dependencies Ævar Arnfjörð Bjarmason
2021-07-30 16:47 ` Junio C Hamano
2021-07-30 17:59 ` [PATCH v4 0/5] drop support for ancient curl Ævar Arnfjörð Bjarmason
2021-07-30 17:59 ` [PATCH v4 1/5] http: drop support for curl < 7.11.1 Ævar Arnfjörð Bjarmason
2021-07-30 17:59 ` [PATCH v4 2/5] http: drop support for curl < 7.16.0 Ævar Arnfjörð Bjarmason
2021-09-10 22:28 ` Andrei Rybak
2021-09-11 14:32 ` Jeff King
2021-09-11 21:39 ` Junio C Hamano
2021-09-11 21:58 ` Jeff King
2021-07-30 17:59 ` [PATCH v4 3/5] http: drop support for curl < 7.19.4 Ævar Arnfjörð Bjarmason
2021-07-30 17:59 ` [PATCH v4 4/5] http: drop support for curl < 7.19.3 and < 7.17.0 (again) Ævar Arnfjörð Bjarmason
2021-07-30 17:59 ` [PATCH v4 5/5] http: rename CURLOPT_FILE to CURLOPT_WRITEDATA Ævar Arnfjörð Bjarmason
2021-07-30 19:03 ` [PATCH v4 0/5] drop support for ancient curl Junio C Hamano
2021-07-30 19:50 ` Junio C Hamano
2021-07-30 22:49 ` Junio C Hamano
2021-09-08 15:31 ` [PATCH 0/5] post-v2.33 "drop support for ancient curl" follow-up Ævar Arnfjörð Bjarmason
2021-09-08 15:31 ` [PATCH 1/5] http: drop support for curl < 7.18.0 (again) Ævar Arnfjörð Bjarmason
2021-09-09 22:58 ` Junio C Hamano
2021-09-08 15:31 ` [PATCH 2/5] http: correct curl version check for CURLOPT_PINNEDPUBLICKEY Ævar Arnfjörð Bjarmason
2021-09-08 19:22 ` Jeff King [this message]
2021-09-09 23:12 ` Junio C Hamano
2021-09-10 14:19 ` Jeff King
2021-09-10 14:30 ` Jeff King
2021-09-10 14:37 ` Ævar Arnfjörð Bjarmason
2021-09-10 15:28 ` Jeff King
2021-09-10 15:45 ` Daniel Stenberg
2021-09-10 19:41 ` Ævar Arnfjörð Bjarmason
2021-09-10 21:57 ` Daniel Stenberg
2021-09-08 15:31 ` [PATCH 3/5] http: correct version check for CURL_HTTP_VERSION_2_0 Ævar Arnfjörð Bjarmason
2021-09-08 19:27 ` Jeff King
2021-09-08 15:31 ` [PATCH 4/5] http: centralize the accounting of libcurl dependencies Ævar Arnfjörð Bjarmason
2021-09-08 19:31 ` Jeff King
2021-09-09 17:40 ` Junio C Hamano
2021-09-09 19:26 ` Jeff King
2021-09-08 15:31 ` [PATCH 5/5] http: don't hardcode the value of CURL_SOCKOPT_OK Ævar Arnfjörð Bjarmason
2021-09-09 23:15 ` Junio C Hamano
2021-09-09 23:22 ` Junio C Hamano
2021-09-08 19:32 ` [PATCH 0/5] post-v2.33 "drop support for ancient curl" follow-up Jeff King
2021-09-10 11:04 ` [PATCH v2 0/8] " Ævar Arnfjörð Bjarmason
2021-09-10 11:04 ` [PATCH v2 1/8] INSTALL: don't mention the "curl" executable at all Ævar Arnfjörð Bjarmason
2021-09-10 14:53 ` Jeff King
2021-09-10 11:04 ` [PATCH v2 2/8] INSTALL: mention that we need libcurl 7.19.4 or newer to build Ævar Arnfjörð Bjarmason
2021-09-10 14:54 ` Jeff King
2021-09-10 16:56 ` Junio C Hamano
2021-09-10 17:46 ` Jeff King
2021-09-10 11:04 ` [PATCH v2 3/8] Makefile: drop support for curl < 7.9.8 (again) Ævar Arnfjörð Bjarmason
2021-09-10 15:04 ` Jeff King
2021-09-10 11:04 ` [PATCH v2 4/8] http: drop support for curl < 7.18.0 (again) Ævar Arnfjörð Bjarmason
2021-09-10 11:04 ` [PATCH v2 5/8] http: correct version check for CURL_HTTP_VERSION_2 Ævar Arnfjörð Bjarmason
2021-09-10 15:09 ` Jeff King
2021-09-10 15:20 ` Daniel Stenberg
2021-09-10 15:41 ` Jeff King
2021-09-10 17:19 ` Ævar Arnfjörð Bjarmason
2021-09-10 11:04 ` [PATCH v2 6/8] http: correct curl version check for CURLOPT_PINNEDPUBLICKEY Ævar Arnfjörð Bjarmason
2021-09-10 17:00 ` Junio C Hamano
2021-09-10 11:04 ` [PATCH v2 7/8] http: centralize the accounting of libcurl dependencies Ævar Arnfjörð Bjarmason
2021-09-10 15:15 ` Jeff King
2021-09-10 11:04 ` [PATCH v2 8/8] http: don't hardcode the value of CURL_SOCKOPT_OK Ævar Arnfjörð Bjarmason
2021-09-10 15:17 ` Jeff King
2021-09-10 14:37 ` [PATCH v2 0/8] post-v2.33 "drop support for ancient curl" follow-up Jeff King
2021-09-10 15:08 ` Ævar Arnfjörð Bjarmason
2021-09-10 15:20 ` Jeff King
2021-09-10 16:52 ` Junio C Hamano
2021-09-10 17:06 ` Randall S. Becker
2021-09-10 17:42 ` Ævar Arnfjörð Bjarmason
2021-09-10 17:14 ` Junio C Hamano
2021-09-10 17:32 ` Junio C Hamano
2021-09-10 19:05 ` Konstantin Ryabitsev
2021-09-10 19:49 ` Junio C Hamano
2021-09-10 17:47 ` Ævar Arnfjörð Bjarmason
2021-09-11 9:34 ` [PATCH v3 0/9] " Ævar Arnfjörð Bjarmason
2021-09-11 9:34 ` [PATCH v3 1/9] INSTALL: don't mention the "curl" executable at all Ævar Arnfjörð Bjarmason
2021-09-11 9:34 ` [PATCH v3 2/9] INSTALL: reword and copy-edit the "libcurl" section Ævar Arnfjörð Bjarmason
2021-09-11 9:34 ` [PATCH v3 3/9] INSTALL: mention that we need libcurl 7.19.4 or newer to build Ævar Arnfjörð Bjarmason
2021-09-11 9:34 ` [PATCH v3 4/9] Makefile: drop support for curl < 7.9.8 (again) Ævar Arnfjörð Bjarmason
2021-09-11 9:34 ` [PATCH v3 5/9] http: drop support for curl < 7.18.0 (again) Ævar Arnfjörð Bjarmason
2021-09-11 9:34 ` [PATCH v3 6/9] http: correct version check for CURL_HTTP_VERSION_2 Ævar Arnfjörð Bjarmason
2021-09-11 9:34 ` [PATCH v3 7/9] http: correct curl version check for CURLOPT_PINNEDPUBLICKEY Ævar Arnfjörð Bjarmason
2021-09-11 9:34 ` [PATCH v3 8/9] http: centralize the accounting of libcurl dependencies Ævar Arnfjörð Bjarmason
2021-09-11 9:34 ` [PATCH v3 9/9] http: don't hardcode the value of CURL_SOCKOPT_OK Ævar Arnfjörð Bjarmason
2021-09-11 14:46 ` [PATCH v3 0/9] post-v2.33 "drop support for ancient curl" follow-up Jeff King
2021-09-12 19:01 ` Junio C Hamano
2021-09-13 14:51 ` [PATCH v4 " Ævar Arnfjörð Bjarmason
2021-09-13 14:51 ` [PATCH v4 1/9] INSTALL: don't mention the "curl" executable at all Ævar Arnfjörð Bjarmason
2021-09-13 14:51 ` [PATCH v4 2/9] INSTALL: reword and copy-edit the "libcurl" section Ævar Arnfjörð Bjarmason
2021-09-13 14:51 ` [PATCH v4 3/9] INSTALL: mention that we need libcurl 7.19.4 or newer to build Ævar Arnfjörð Bjarmason
2021-09-13 14:51 ` [PATCH v4 4/9] Makefile: drop support for curl < 7.9.8 (again) Ævar Arnfjörð Bjarmason
2021-09-13 14:51 ` [PATCH v4 5/9] http: drop support for curl < 7.18.0 (again) Ævar Arnfjörð Bjarmason
2021-09-13 14:51 ` [PATCH v4 6/9] http: correct version check for CURL_HTTP_VERSION_2 Ævar Arnfjörð Bjarmason
2021-09-13 14:51 ` [PATCH v4 7/9] http: correct curl version check for CURLOPT_PINNEDPUBLICKEY Ævar Arnfjörð Bjarmason
2021-09-13 14:51 ` [PATCH v4 8/9] http: centralize the accounting of libcurl dependencies Ævar Arnfjörð Bjarmason
2021-09-13 14:51 ` [PATCH v4 9/9] http: don't hardcode the value of CURL_SOCKOPT_OK Ævar Arnfjörð Bjarmason
2021-09-13 17:02 ` [PATCH v4 0/9] post-v2.33 "drop support for ancient curl" follow-up Jeff King
2021-09-13 17:41 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YTkNdGk28UJnSDVt@coredump.intra.peff.net \
--to=peff@peff.net \
--cc=avarab@gmail.com \
--cc=bagasdotme@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.