diff options
author | Junio C Hamano <gitster@pobox.com> | 2016-12-27 11:11:41 +0300 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2016-12-27 11:11:41 +0300 |
commit | 9d540e97267fa94d9701d3e1aa5cdf2926858472 (patch) | |
tree | 692790eca6a1f1ed5dd56a0f336bf910e76d15e5 /Documentation/config.txt | |
parent | 05f6e1be8cdae1ebedf3cf7b7a072a3b35f945b5 (diff) | |
parent | abcbdc03895ff3f00280e54af11fee92d6877044 (diff) |
Merge branch 'bw/transport-protocol-policy'
Finer-grained control of what protocols are allowed for transports
during clone/fetch/push have been enabled via a new configuration
mechanism.
* bw/transport-protocol-policy:
http: respect protocol.*.allow=user for http-alternates
transport: add from_user parameter to is_transport_allowed
http: create function to get curl allowed protocols
transport: add protocol policy config option
http: always warn if libcurl version is too old
lib-proto-disable: variable name fix
Diffstat (limited to 'Documentation/config.txt')
-rw-r--r-- | Documentation/config.txt | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/Documentation/config.txt b/Documentation/config.txt index d51182a060..30cb946104 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -2318,6 +2318,52 @@ pretty.<name>:: Note that an alias with the same name as a built-in format will be silently ignored. +protocol.allow:: + If set, provide a user defined default policy for all protocols which + don't explicitly have a policy (`protocol.<name>.allow`). By default, + if unset, known-safe protocols (http, https, git, ssh, file) have a + default policy of `always`, known-dangerous protocols (ext) have a + default policy of `never`, and all other protocols have a default + policy of `user`. Supported policies: ++ +-- + +* `always` - protocol is always able to be used. + +* `never` - protocol is never able to be used. + +* `user` - protocol is only able to be used when `GIT_PROTOCOL_FROM_USER` is + either unset or has a value of 1. This policy should be used when you want a + protocol to be directly usable by the user but don't want it used by commands which + execute clone/fetch/push commands without user input, e.g. recursive + submodule initialization. + +-- + +protocol.<name>.allow:: + Set a policy to be used by protocol `<name>` with clone/fetch/push + commands. See `protocol.allow` above for the available policies. ++ +The protocol names currently used by git are: ++ +-- + - `file`: any local file-based path (including `file://` URLs, + or local paths) + + - `git`: the anonymous git protocol over a direct TCP + connection (or proxy, if configured) + + - `ssh`: git over ssh (including `host:path` syntax, + `ssh://`, etc). + + - `http`: git over http, both "smart http" and "dumb http". + Note that this does _not_ include `https`; if you want to configure + both, you must do so individually. + + - any external helpers are named by their protocol (e.g., use + `hg` to allow the `git-remote-hg` helper) +-- + pull.ff:: By default, Git does not create an extra merge commit when merging a commit that is a descendant of the current commit. Instead, the |