ok op@

Patch by Josiah Frentsos, thanks!

Currently only used to detect and avoid storing duplicate IDs sent in want and have lines by the client. If in the future we ever wanted to check which IDs the client has already sent us we could now do O(1) hash table lookups rather than iterating arrays. ok op@

It will soon grow functions to deal with sha256 too. stsp@ agrees.

In preparation for wide sha256 support; stsp@ agrees. Change done mechanically with find . -iname \*.[cy] -exec sam {} + X ,x/<sha1\.h>/i/\n#include <sha2.h>

The parent no longer sends this message. Perform related cleanup in the shutdown path instead. ok op@

The new session process is able to manipulate files in the repository and keeps track of the read/write client session state. The parent process now restricts its view of the filesystem to the absolute path stored in argv[0], and combines this with unveil "x" on this path. As a result the parent process can only re-exec itself. small tweaks + ok op@

Because these processes are now started on demand per client connection there is no need to keep track of multiple clients anymore. Also, these processes can now exit when a disconnect event is received. ok op, jamsek

ok op, jamsek

In the future, gotd will fork+exec new processes for each client connection. Using unveil instead of chroot avoids having to start such processes as root. The -portable version could use chroot(2) where no equivalent to unveil(2) exists. A future component which starts new processes will be isolated as a separate process, which could run as root in the -portable version. ok op@