This proxy decodes "git upload-pack" and allows the list of references to be rewritten, in a similar way to how we already proxy the Subversion protocol to rewrite URIs and proxy the Mercurial protocol to distinguish between read and write operations.
The piece we care about comes at the beginning, and looks like this:
<frame-length><ref-hash> <ref-name>\0<server-capabilities>\n <frame-length><ref-hash> <ref-name>\n <frame-length><ref-hash> <ref-name>\n ... <0000>
We can add, remove, or modify this section to make it appear that the server has different refs than the refs that exist on disk.
Things I have tried:
- git ls-remote
- git ls-remote where the server hides some refs.
- git fetch where the fetch is a no-op.
Things I have not tried:
- git fetch where the fetch is not a no-op.
- Tricking things into doing protocol v2. Or: I tried this, I wasn't successful. In v2, additional "\0" tricks are used to hide data in the capabilities, I think?
- git ls-remote where we rewrite/hide the first ref in the list, and need to move the capabilities frame elsewhere.
- git ls-remote where the server has no refs at all, or we remove every ref.
So the "interesting" piece of this works, but it almost certainly needs some cleanup to survive interaction with the real world.