[PATCH] httprepo: make sure we have auth before sending large bundles
Augie Fackler
durin42 at gmail.com
Sat Sep 26 15:19:20 CDT 2009
On Sep 26, 2009, at 2:58 PM, Matt Mackall wrote:
> On Sat, 2009-09-26 at 12:20 -0400, durin42 at gmail.com wrote:
>> # HG changeset patch
>> # User Augie Fackler <durin42 at gmail.com>
>> # Date 1253039420 18000
>> # Node ID a359878a686b571414b73ace46a58b66992a58c5
>> # Parent 32ec707991726bd58b9190862ab98f204797eea4
>> httprepo: make sure we have auth before sending large bundles
>>
>> Send an empty bundle to the server to verify we are properly
>> authenticated before sending a large bundle. This prevents doing an
>> unbundle of many megabytes and then immediately do it again with
>> auth.
>
> Auth is a really unfortunate term, given the similarities and
> differences between authentication and authorization. Does this also
> make sense for sshrepo, which also has push authorization issues, even
> though authentication happens earlier? Or does that manage to abort
> earlier?
I hadn't thought of sshrepo authorization - I've personally never
encountered a read-only ssh repository. At first glance I can't tell
what the behavior will be, I'll have to test and see what happens.
As far as this patch, should I replace "auth" with either "authn" or
"authentication?" The current implementation won't notice push
disallowed responses, although I plan to fix that before too long. I'm
perfectly happy to resubmit when I get those details ironed out.
More information about the Mercurial-devel
mailing list