1. Patchew
  2. QEMU
  3. [Qemu-devel] [PATCH v3 0/8] Use 'https://' instead of 'git://'
  4. View patch

[Qemu-devel] [PATCH v3 8/8] docker: use HTTPS git URL for virglrenderer

Stefan Hajnoczi posted 8 patches 7 years ago
There is a newer version of this series
[Qemu-devel] [PATCH v3 8/8] docker: use HTTPS git URL for virglrenderer
Posted by Stefan Hajnoczi 7 years ago 
When you clone the repository without previous commit history, 'git://'
doesn't protect from man-in-the-middle attacks.  HTTPS is more secure
since the client verifies the server certificate.

Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
Suggested-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 tests/docker/dockerfiles/debian-amd64.docker | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/docker/dockerfiles/debian-amd64.docker b/tests/docker/dockerfiles/debian-amd64.docker
index eb13f06ed1..24b113b76f 100644
--- a/tests/docker/dockerfiles/debian-amd64.docker
+++ b/tests/docker/dockerfiles/debian-amd64.docker
@@ -24,7 +24,7 @@ RUN DEBIAN_FRONTEND=noninteractive eatmydata \
         libegl1-mesa-dev \
         libepoxy-dev \
         libgbm-dev
-RUN git clone git://anongit.freedesktop.org/virglrenderer /usr/src/virglrenderer
+RUN git clone https://anongit.freedesktop.org/git/virglrenderer.git /usr/src/virglrenderer
 RUN cd /usr/src/virglrenderer && ./autogen.sh && ./configure --with-glx --disable-tests && make install
 
 # netmap
-- 
2.17.2
Re: [Qemu-devel] [PATCH v3 8/8] docker: use HTTPS git URL for virglrenderer
Posted by Philippe Mathieu-Daudé 7 years ago 
On 4/11/18 12:24, Stefan Hajnoczi wrote:
> When you clone the repository without previous commit history, 'git://'
> doesn't protect from man-in-the-middle attacks.  HTTPS is more secure
> since the client verifies the server certificate.
> 
> Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
> Suggested-by: Eric Blake <eblake@redhat.com>
> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Philippe Mathieu-Daudé <philmd@redhat.com>

> ---
>   tests/docker/dockerfiles/debian-amd64.docker | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/tests/docker/dockerfiles/debian-amd64.docker b/tests/docker/dockerfiles/debian-amd64.docker
> index eb13f06ed1..24b113b76f 100644
> --- a/tests/docker/dockerfiles/debian-amd64.docker
> +++ b/tests/docker/dockerfiles/debian-amd64.docker
> @@ -24,7 +24,7 @@ RUN DEBIAN_FRONTEND=noninteractive eatmydata \
>           libegl1-mesa-dev \
>           libepoxy-dev \
>           libgbm-dev
> -RUN git clone git://anongit.freedesktop.org/virglrenderer /usr/src/virglrenderer
> +RUN git clone https://anongit.freedesktop.org/git/virglrenderer.git /usr/src/virglrenderer
>   RUN cd /usr/src/virglrenderer && ./autogen.sh && ./configure --with-glx --disable-tests && make install
>   
>   # netmap
>
Re: [Qemu-devel] [PATCH v3 8/8] docker: use HTTPS git URL for virglrenderer
Posted by Alex Bennée 7 years ago 
Stefan Hajnoczi <stefanha@redhat.com> writes:

> When you clone the repository without previous commit history, 'git://'
> doesn't protect from man-in-the-middle attacks.  HTTPS is more secure
> since the client verifies the server certificate.
>
> Cc: Philippe Mathieu-Daudé <f4bug@amsat.org>
> Suggested-by: Eric Blake <eblake@redhat.com>
> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Tested-by: Alex Bennée <alex.bennee@linaro.org>

> ---
>  tests/docker/dockerfiles/debian-amd64.docker | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tests/docker/dockerfiles/debian-amd64.docker b/tests/docker/dockerfiles/debian-amd64.docker
> index eb13f06ed1..24b113b76f 100644
> --- a/tests/docker/dockerfiles/debian-amd64.docker
> +++ b/tests/docker/dockerfiles/debian-amd64.docker
> @@ -24,7 +24,7 @@ RUN DEBIAN_FRONTEND=noninteractive eatmydata \
>          libegl1-mesa-dev \
>          libepoxy-dev \
>          libgbm-dev
> -RUN git clone git://anongit.freedesktop.org/virglrenderer /usr/src/virglrenderer
> +RUN git clone https://anongit.freedesktop.org/git/virglrenderer.git /usr/src/virglrenderer
>  RUN cd /usr/src/virglrenderer && ./autogen.sh && ./configure --with-glx --disable-tests && make install
>
>  # netmap


--
Alex Bennée

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.