From: Jeff King <email@example.com> To: Junio C Hamano <firstname.lastname@example.org> Cc: "brian m. carlson" <email@example.com>, Jonathan Tan <firstname.lastname@example.org>, email@example.com Subject: Re: [PATCH 2/2] http, imap-send: stop using CURLOPT_VERBOSE Date: Wed, 13 May 2020 00:50:01 -0400 [thread overview] Message-ID: <20200513045001.GA65110@coredump.intra.peff.net> (raw) In-Reply-To: <firstname.lastname@example.org> On Tue, May 12, 2020 at 05:10:24PM -0700, Junio C Hamano wrote: > > On 2020-05-11 at 17:43:10, Jonathan Tan wrote: > >> Whenever GIT_CURL_VERBOSE is set, teach Git to behave as if > >> GIT_TRACE_CURL=1 and GIT_TRACE_CURL_NO_DATA=1 is set, instead of setting > >> CURLOPT_VERBOSE. > >> > >> This is to prevent inadvertent revelation of sensitive data. In > >> particular, GIT_CURL_VERBOSE redacts neither the "Authorization" header > >> nor any cookies specified by GIT_REDACT_COOKIES. > > > > I actually use GIT_CURL_VERBOSE to debug authentication problems from > > time to time, so I'd like to keep an option to produce full, unredacted > > output. Since everyone uses HTTPS, it's not possible to perform this > > debugging using a tool like Wireshark unless you use a MITM CA cert, > > which seems excessive. > > Hmm, that is a valid concern. Introducing yet another environment > feels a bit yucky, but something like GIT_NO_REDACT that disables > any redacting, not limited to curl but in all codepaths, might turn > out to be a useful escape hatch. > > Opinions? Having an environment variable was my first thought, as well. I do think it's key that the default be to redact. That makes life slightly harder for people debugging auth problems, but prevents people from accidentally leaking private info. Regarding the name: - should it be under GIT_TRACE_CURL_* to make its impact clear? Or do we imagine it might eventually be applied elsewhere? - doing GIT_TRACE_REDACT would get rid of the negative (and it could just default to "true") -Peff
next prev parent reply other threads:[~2020-05-13 4:50 UTC|newest] Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-05-11 17:43 [PATCH 0/2] Safer GIT_CURL_VERBOSE Jonathan Tan 2020-05-11 17:43 ` [PATCH 1/2] t5551: test that GIT_TRACE_CURL redacts password Jonathan Tan 2020-05-12 19:08 ` Jeff King 2020-05-11 17:43 ` [PATCH 2/2] http, imap-send: stop using CURLOPT_VERBOSE Jonathan Tan 2020-05-12 19:16 ` Jeff King 2020-05-12 19:23 ` Jonathan Tan 2020-05-12 19:27 ` Jeff King 2020-05-12 23:13 ` brian m. carlson 2020-05-13 0:10 ` Junio C Hamano 2020-05-13 4:50 ` Jeff King [this message] 2020-05-13 5:05 ` Junio C Hamano 2020-05-13 6:16 ` Daniel Stenberg 2020-05-13 14:45 ` Jeff King 2020-05-13 19:12 ` [PATCH v2 0/3] Safer GIT_CURL_VERBOSE Jonathan Tan 2020-05-13 19:12 ` [PATCH v2 1/3] t5551: test that GIT_TRACE_CURL redacts password Jonathan Tan 2020-05-13 19:12 ` [PATCH v2 2/3] http: make GIT_TRACE_CURL auth redaction optional Jonathan Tan 2020-05-13 19:29 ` Junio C Hamano 2020-05-13 19:12 ` [PATCH v2 3/3] http, imap-send: stop using CURLOPT_VERBOSE Jonathan Tan 2020-05-13 19:27 ` [PATCH v2 0/3] Safer GIT_CURL_VERBOSE Junio C Hamano 2020-05-13 19:33 ` Junio C Hamano 2020-05-15 20:47 ` Jeff King
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200513045001.GA65110@coredump.intra.peff.net \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --firstname.lastname@example.org \ --email@example.com \ --subject='Re: [PATCH 2/2] http, imap-send: stop using CURLOPT_VERBOSE' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.