* Disabling git over https for now
@ 2025-12-29 0:59 Mark Wielaard
2025-12-29 20:00 ` Frank Ch. Eigler
0 siblings, 1 reply; 5+ messages in thread
From: Mark Wielaard @ 2025-12-29 0:59 UTC (permalink / raw)
To: overseers
Hi,
There is a distributed attack on our git over https. Lots of git
clone https://sourceware.org/git/... https://cygwin.com/git/... and
https://gcc.gnu.org/git/... from lots of different ip addresses.
For now we have disable the git-http-backend.
Please use either the git:// or ssh:// protocol to clone the git
repos.
gitweb and cgit are still functioning. But this does break
builder.sourceware.org buildbots and forge.sourceware.org mirroring.
Hopefully we find some way to block these aggressive git
bots. Suggestions welcome.
Cheers,
Mark
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Disabling git over https for now
2025-12-29 0:59 Disabling git over https for now Mark Wielaard
@ 2025-12-29 20:00 ` Frank Ch. Eigler
2026-01-04 21:34 ` Mark Wielaard
0 siblings, 1 reply; 5+ messages in thread
From: Frank Ch. Eigler @ 2025-12-29 20:00 UTC (permalink / raw)
To: Overseers mailing list; +Cc: Mark Wielaard
Hi -
> For now we have disable the git-http-backend.
> [...]
We have reenabled this, in dumb-transport mode. It seems adequate for
updating preexisting checkouts, but intermittently fail on large
transactions.
- FChE
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Disabling git over https for now
2025-12-29 20:00 ` Frank Ch. Eigler
@ 2026-01-04 21:34 ` Mark Wielaard
2026-01-07 16:32 ` Carlos O'Donell
0 siblings, 1 reply; 5+ messages in thread
From: Mark Wielaard @ 2026-01-04 21:34 UTC (permalink / raw)
To: Frank Ch. Eigler via Overseers
Hi,
On Mon, Dec 29, 2025 at 03:00:52PM -0500, Frank Ch. Eigler via Overseers wrote:
> > For now we have disable the git-http-backend.
> > [...]
>
> We have reenabled this, in dumb-transport mode. It seems adequate for
> updating preexisting checkouts, but intermittently fail on large
> transactions.
It seems the bots lost interest (for now). I have dialed down the
anubis paranoia (you should now get the non-javascript metarefresh
challenge again) and reenabled the smart git http backend for now.
Anubis has also been updated to 1.24.0 (also on the forge).
Happy new year,
Mark
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Disabling git over https for now
2026-01-04 21:34 ` Mark Wielaard
@ 2026-01-07 16:32 ` Carlos O'Donell
2026-01-07 16:35 ` Frank Ch. Eigler
0 siblings, 1 reply; 5+ messages in thread
From: Carlos O'Donell @ 2026-01-07 16:32 UTC (permalink / raw)
To: Overseers mailing list; +Cc: Mark Wielaard
On 1/4/26 4:34 PM, Mark Wielaard via Overseers wrote:
> Hi,
>
> On Mon, Dec 29, 2025 at 03:00:52PM -0500, Frank Ch. Eigler via Overseers wrote:
>>> For now we have disable the git-http-backend.
>>> [...]
>>
>> We have reenabled this, in dumb-transport mode. It seems adequate for
>> updating preexisting checkouts, but intermittently fail on large
>> transactions.
>
> It seems the bots lost interest (for now). I have dialed down the
> anubis paranoia (you should now get the non-javascript metarefresh
> challenge again) and reenabled the smart git http backend for now.
>
> Anubis has also been updated to 1.24.0 (also on the forge).
I assume this disables https access too (since the one backend does both)?
Disabling https access to the repositories breaks existing anonymous git
pull using workflows.
Using git:// URLs poses additional SSDLC risks, and using ssh:// also requires
possibly exposing more secrets (ssh keys).
Please keep in mind that the The GNU Toolchain SSDLC recommended way to
anonymously access the repositories is via https.
Example:
https://sourceware.org/glibc/wiki/SSDLC/Policy/glibc#Define_software_security_checks_.28PO.4.1.2C_page_8.29
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=f56a71097f39f2737e76b3807201a4028e06c611;hp=866fa41ef8521ce94ffdacfd6f1f67737899d5c9
This is also used for various downstream mirror syncs, and when glibc
testing bots use build-many-glibcs.py for building complete toolchains.
What can we do to keep https enabled?
--
Cheers,
Carlos.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Disabling git over https for now
2026-01-07 16:32 ` Carlos O'Donell
@ 2026-01-07 16:35 ` Frank Ch. Eigler
0 siblings, 0 replies; 5+ messages in thread
From: Frank Ch. Eigler @ 2026-01-07 16:35 UTC (permalink / raw)
To: Overseers mailing list; +Cc: Carlos O'Donell, Mark Wielaard
Hi -
> I assume this disables https access too (since the one backend does both)?
http: and https: access were restored (via the "dumb" transport)
within a day, and now the original "smart" transport has been back
for about a week too.
- FChE
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2026-01-07 16:35 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-12-29 0:59 Disabling git over https for now Mark Wielaard
2025-12-29 20:00 ` Frank Ch. Eigler
2026-01-04 21:34 ` Mark Wielaard
2026-01-07 16:32 ` Carlos O'Donell
2026-01-07 16:35 ` Frank Ch. Eigler
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).