SSL for the bzr protocol
Martin Pool
mbp at canonical.com
Wed Aug 19 23:31:24 BST 2009
2009/8/20 Denys Duchier <denys.duchier at univ-orleans.fr>:
> On LaunchPad, I made the following "merge proposal": Provide SSL
> encrypted communication for the bzr protocol.
>
> server::
>
> bzr serve --keyfile FILE --certfile FILE ...
>
> client::
>
> bzr log bzrs://host/branch
>
> These are the merge proposals in reversed chronological order:
>
> https://code.launchpad.net/~denys.duchier/bzr/bzr.ssl/+merge/10254
> https://code.launchpad.net/~denys.duchier/bzr/bzr.ssl/+merge/10190
> https://code.launchpad.net/~denys.duchier/bzr/bzr.ssl/+merge/10175
> https://code.launchpad.net/~denys.duchier/bzr/bzr.ssl/+merge/10163
> https://code.launchpad.net/~denys.duchier/bzr/bzr.ssl/+merge/10147
(There's probably some use case here for Launchpad supporting chained mps.)
> I am currently working on:
>
> - STARTTLS-type encryption initiation
> - user authentication (through plugins)
> - operation authorization (through plugins)
>
> for the bzr protocol.
As I'm discussing with lifeless and denys on irc, I think it's worth
looking at running SSH self-contained within bzr using Paramiko,
rather than inventing a similar protocol over ssl.
--
Martin <http://launchpad.net/~mbp/>
More information about the bazaar
mailing list