[MERGE] Don't use sftp:// URLs as lp:/// translations when there's no Launchpad login.

Martin Pool mbp at sourcefrog.net
Thu Nov 29 01:43:14 GMT 2007


On Nov 29, 2007 5:07 AM, Aaron Bentley <aaron.bentley at utoronto.ca> wrote:
> Aaron Bentley has voted comment.
> Status is now: Waiting
> Comment:
> This is a questionable practice, but since we've done it before, my
> rejection was too hasty.
>
> sftp may not work if you don't have a launchpad account, but you don't
> need to set it in the URL.  I set it in ~/.ssh/config:
> Host bazaar.launchpad.net
> User aaron.bentley at utoronto.ca
>
> I don't think there's any way of doing what you're trying to do, without
> breaking something else.

So what we're trying to do, at the root, is know whether the user has
a Launchpad account or not.  If they do, we will use
(authenticated/encrypted) ssh to connect, and if they don't we will
use http.

You're right that it's not visible to Bazaar whether they have an ssh
account set up within .ssh/config and I don't think it would be
practical to try and guess.

If we do have this heuristic, it needs to rely on whether the user has
told us their launchpad username.

There is no need to rely on the heuristic: you can always use a url
that explicitly identifies a protocol.

It might be better if the client did not need to know this, and took
an approach more typical of http: send the initial request
unauthenticated, and let the server challenge us if necessary (if
we're trying to write, for example).  However, that's not
straightforward to do at the moment because the only protocols
launchpad supports are sftp/ssh (never anonymous), and http (which is
always unencrypted/unauthenticated.)  Eventually we could go to always
using https.

But that will take some time, and so James/Jono's patch is ok for now.

-- 
Martin



More information about the bazaar mailing list