Commit Briefs

Stefan Sperling

add support for protecting references against 'got send -f' to gotd

ok op@


Omar Polo

include sha2.h too where sha1.h is included

In preparation for wide sha256 support; stsp@ agrees. Change done mechanically with find . -iname \*.[cy] -exec sam {} + X ,x/<sha1\.h>/i/\n#include <sha2.h>


Stefan Sperling

update client state tracking in the gotd parent process

The session process takes over the old state definitions under a new name ("session state"). The parent only needs to keep track of whether a client has been granted access, so it only uses two states: NEW, and ACCCESS_GRANTED which is set as soon as the auth process has granted repository access and before the session and repo_read/repo_write children are started. Because 'gotctl info' can no longer observe the session state remove support code for printing it. ok op@


Stefan Sperling

remove support for showing client capabilities in 'gotctl info'

The gotd parent process has lost access to client capabilities. Take the easy way out and remove related code. If needed, client capabilities can still be found in the debug log with 'gotd -v'. ok op, jamsek


Stefan Sperling

add a gotd session process, split off from the parent process

The new session process is able to manipulate files in the repository and keeps track of the read/write client session state. The parent process now restricts its view of the filesystem to the absolute path stored in argv[0], and combines this with unveil "x" on this path. As a result the parent process can only re-exec itself. small tweaks + ok op@


Omar Polo

fix gotctl usage string


Omar Polo

gotctl: simplify socket_path handling

ok stsp@


Stefan Sperling

add gotctl(8); initially supported commands are 'info' and 'stop'

This will be used by an upcoming regress test suite for gotd(8). ok tracey