Message ID | 20200709204925.27287-1-grandmaster@al2klimov.de |
---|---|
State | Accepted |
Delegated to: | David Miller |
Headers | show |
Series | SUNDANCE NETWORK DRIVER: Replace HTTP links with HTTPS ones | expand |
On Thu, 9 Jul 2020 22:49:25 +0200 Alexander A. Klimov wrote: > Rationale: > Reduces attack surface on kernel devs opening the links for MITM > as HTTPS traffic is much harder to manipulate. > > Deterministic algorithm: > For each file: > If not .svg: > For each line: > If doesn't contain `\bxmlns\b`: > For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: > If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`: > If both the HTTP and HTTPS versions > return 200 OK and serve the same content: > Replace HTTP with HTTPS. > > Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de> Applied to net-next, but please find a better algorithm for generating the subject prefixes. Thanks.
On Wed, 2020-07-15 at 17:44 -0700, Jakub Kicinski wrote: > On Thu, 9 Jul 2020 22:49:25 +0200 Alexander A. Klimov wrote: > > Rationale: > > Reduces attack surface on kernel devs opening the links for MITM > > as HTTPS traffic is much harder to manipulate. > > > > Deterministic algorithm: > > For each file: > > If not .svg: > > For each line: > > If doesn't contain `\bxmlns\b`: > > For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: > > If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`: > > If both the HTTP and HTTPS versions > > return 200 OK and serve the same content: > > Replace HTTP with HTTPS. > > > > Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de> > > Applied to net-next, but please find a better algorithm for generating > the subject prefixes. Suggestions welcomed for automating patch subject prefixes for generic treewide conversions by subsystem. git history doesn't work particularly well for that.
diff --git a/drivers/net/ethernet/dlink/sundance.c b/drivers/net/ethernet/dlink/sundance.c index dc566fcc3ba9..ebaca07f7873 100644 --- a/drivers/net/ethernet/dlink/sundance.c +++ b/drivers/net/ethernet/dlink/sundance.c @@ -18,7 +18,7 @@ http://www.scyld.com/network/sundance.html [link no longer provides useful info -jgarzik] Archives of the mailing list are still available at - http://www.beowulf.org/pipermail/netdrivers/ + https://www.beowulf.org/pipermail/netdrivers/ */
Rationale: Reduces attack surface on kernel devs opening the links for MITM as HTTPS traffic is much harder to manipulate. Deterministic algorithm: For each file: If not .svg: For each line: If doesn't contain `\bxmlns\b`: For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`: If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`: If both the HTTP and HTTPS versions return 200 OK and serve the same content: Replace HTTP with HTTPS. Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de> --- Continuing my work started at 93431e0607e5. See also: git log --oneline '--author=Alexander A. Klimov <grandmaster@al2klimov.de>' v5.7..master (Actually letting a shell for loop submit all this stuff for me.) If there are any URLs to be removed completely or at least not HTTPSified: Just clearly say so and I'll *undo my change*. See also: https://lkml.org/lkml/2020/6/27/64 If there are any valid, but yet not changed URLs: See: https://lkml.org/lkml/2020/6/26/837 If you apply the patch, please let me know. drivers/net/ethernet/dlink/sundance.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)