1. Patchew
  2. QEMU
  3. [Qemu-devel] [PATCH v3 0/8] Use 'https://' instead of 'git://'
  4. View patch

[Qemu-devel] [PATCH v3 7/8] target-alpha: use HTTPS git URL for palcode

Stefan Hajnoczi posted 8 patches 7 years ago
There is a newer version of this series
[Qemu-devel] [PATCH v3 7/8] target-alpha: use HTTPS git URL for palcode
Posted by Stefan Hajnoczi 7 years ago 
When you clone the repository without previous commit history, 'git://'
doesn't protect from man-in-the-middle attacks.  HTTPS is more secure
since the client verifies the server certificate.

Cc: Richard Henderson <rth@twiddle.net>
Suggested-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 pc-bios/README | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pc-bios/README b/pc-bios/README
index 8f98c07a74..20f7c33c24 100644
--- a/pc-bios/README
+++ b/pc-bios/README
@@ -36,7 +36,7 @@
 	1af4:1000 -> pxe-virtio.rom
 
 - The sources for the Alpha palcode image is available from:
-  git://github.com/rth7680/qemu-palcode.git
+  https://github.com/rth7680/qemu-palcode.git
 
 - The u-boot binary for e500 comes from the upstream denx u-boot project where
   it was compiled using the qemu-ppce500 target.
-- 
2.17.2
Re: [Qemu-devel] [PATCH v3 7/8] target-alpha: use HTTPS git URL for palcode
Posted by Philippe Mathieu-Daudé 7 years ago 
On 4/11/18 12:24, Stefan Hajnoczi wrote:
> When you clone the repository without previous commit history, 'git://'
> doesn't protect from man-in-the-middle attacks.  HTTPS is more secure
> since the client verifies the server certificate.
> 
> Cc: Richard Henderson <rth@twiddle.net>
> Suggested-by: Eric Blake <eblake@redhat.com>
> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>

> ---
>   pc-bios/README | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/pc-bios/README b/pc-bios/README
> index 8f98c07a74..20f7c33c24 100644
> --- a/pc-bios/README
> +++ b/pc-bios/README
> @@ -36,7 +36,7 @@
>   	1af4:1000 -> pxe-virtio.rom
>   
>   - The sources for the Alpha palcode image is available from:
> -  git://github.com/rth7680/qemu-palcode.git
> +  https://github.com/rth7680/qemu-palcode.git
>   
>   - The u-boot binary for e500 comes from the upstream denx u-boot project where
>     it was compiled using the qemu-ppce500 target.
>
Re: [Qemu-devel] [PATCH v3 7/8] target-alpha: use HTTPS git URL for palcode
Posted by Richard Henderson 7 years ago 
On 11/4/18 11:24 AM, Stefan Hajnoczi wrote:
> When you clone the repository without previous commit history, 'git://'
> doesn't protect from man-in-the-middle attacks.  HTTPS is more secure
> since the client verifies the server certificate.
> 
> Cc: Richard Henderson <rth@twiddle.net>
> Suggested-by: Eric Blake <eblake@redhat.com>
> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
> ---
>  pc-bios/README | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Acked-by: Richard Henderson <rth@twiddle.net>


r~

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.