feat: add permissions::Environment::http_transport.

Byron · Byron · commit fc64693d5af0 · 2022-11-29T14:15:50.000+01:00
That way it's possible to deny using environment variables that affect
the HTTP transport, like setting the proxy.
diff --git a/git-repository/src/config/cache/init.rs b/git-repository/src/config/cache/init.rs
@@ -27,6 +27,7 @@ impl Cache {
             home: home_env,
             xdg_config_home: xdg_config_home_env,
             ssh_prefix: _,
+            http_transport: _,
         }: repository::permissions::Environment,
         repository::permissions::Config {
             git_binary: use_installation,
diff --git a/git-repository/src/repository/permissions.rs b/git-repository/src/repository/permissions.rs
@@ -72,6 +72,11 @@ pub struct Environment {
     pub git_prefix: git_sec::Permission,
     /// Control if resources pointed to by `SSH_*` prefixed environment variables can be used (like `SSH_ASKPASS`)
     pub ssh_prefix: git_sec::Permission,
+    /// Control if environment variables to configure the HTTP transport, like `http_proxy` may be used.
+    ///
+    /// Note that those http-transport related environment variables prefixed with `GIT_` are falling under the
+    /// `git_prefix` permission, like `GIT_HTTP_USER_AGENT`.
+    pub http_transport: git_sec::Permission,
 }
 
 impl Environment {
@@ -82,6 +87,7 @@ impl Environment {
             home: git_sec::Permission::Allow,
             git_prefix: git_sec::Permission::Allow,
             ssh_prefix: git_sec::Permission::Allow,
+            http_transport: git_sec::Permission::Allow,
         }
     }
 }
@@ -126,6 +132,7 @@ impl Permissions {
                     home: deny,
                     ssh_prefix: deny,
                     git_prefix: deny,
+                    http_transport: deny,
                 }
             },
         }
diff --git a/git-repository/tests/repository/config/transport_options.rs b/git-repository/tests/repository/config/transport_options.rs
@@ -45,10 +45,12 @@ mod http {
             low_speed_limit_bytes_per_second,
             low_speed_time_seconds,
             proxy,
+            no_proxy: _,
             proxy_auth_method,
             proxy_authenticate,
             user_agent,
             connect_timeout,
+            verbose: _,
             backend,
         } = http_options(&repo, None);
         assert_eq!(

Original file line number	Diff line number	Diff line change
`@@ -72,6 +72,11 @@ pub struct Environment {`
`72`	`72`	`pub git_prefix: git_sec::Permission,`
`73`	`73`	/// Control if resources pointed to by `SSH_*` prefixed environment variables can be used (like `SSH_ASKPASS`)
`74`	`74`	`pub ssh_prefix: git_sec::Permission,`
	`75`	+ /// Control if environment variables to configure the HTTP transport, like `http_proxy` may be used.
	`76`	`+ ///`
	`77`	+ /// Note that those http-transport related environment variables prefixed with `GIT_` are falling under the
	`78`	+ /// `git_prefix` permission, like `GIT_HTTP_USER_AGENT`.
	`79`	`+ pub http_transport: git_sec::Permission,`
`75`	`80`	`}`
`76`	`81`
`77`	`82`	`impl Environment {`
`@@ -82,6 +87,7 @@ impl Environment {`
`82`	`87`	`home: git_sec::Permission::Allow,`
`83`	`88`	`git_prefix: git_sec::Permission::Allow,`
`84`	`89`	`ssh_prefix: git_sec::Permission::Allow,`
	`90`	`+ http_transport: git_sec::Permission::Allow,`
`85`	`91`	`}`
`86`	`92`	`}`
`87`	`93`	`}`
`@@ -126,6 +132,7 @@ impl Permissions {`
`126`	`132`	`home: deny,`
`127`	`133`	`ssh_prefix: deny,`
`128`	`134`	`git_prefix: deny,`
	`135`	`+ http_transport: deny,`
`129`	`136`	`}`
`130`	`137`	`},`
`131`	`138`	`}`