Commits
- Commit:
f0426190497546f380f3bbd5d7cf464e5423a1c6
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotd.conf: fix memleak in `protect' error path and disallow dups too
ok stsp@
- Commit:
9afa3de221045d529287cc3fa75fdc2915aed5c1
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
add support for protecting references against 'got send -f' to gotd
ok op@
- Commit:
e9e0377f452e9d3f600011e0714cc6c779f10bab
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
avoid gitwrapper printing a warning when /etc/gotd.conf does not exist
gotd still requires the config file, of course, but gitwrapper must
treat is as optional and remain silent if the file cannot be found.
- Commit:
b09c127974759a56a6b5273da53d215f8500f5a7
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
add gitwrapper(1)
ok op@, tracey@ earlier version
- Commit:
3fa763e5f0869e218fa64750c375a84b706c6f92
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
gotd requires a config file; don't fail silently when gotd.conf cannot be read
Fixes an issue encountered by mlarkin@ where the auth process was working
with an empty list of repositories and kept saying it could not find a
repository which was obviously listed in gotd.conf. Now we can see errors
from fopen() in the logs instead. Old code was copied from gotwebd where
the config file is optional.
- Commit:
5822e79e39a8777984e08b5d89a8c55d6aa0356d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
include sha2.h too where sha1.h is included
In preparation for wide sha256 support; stsp@ agrees. Change done
mechanically with
find . -iname \*.[cy] -exec sam {} +
X ,x/<sha1\.h>/i/\n#include <sha2.h>
- Commit:
3b8fb9520f899be7cb492c652afa0cdce28e350e
- From:
- Tracey Emery <tracey@traceyemery.net>
- Date:
rm unused boolean grammar. ok stsp@
- Commit:
abe844e2dfc7056150889993b3568fe400af7358
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotd: move socket path check to parse.y and error from the main process
It's handy to have a "bad unix socket path" error being reported
directly from the main process since can get caught by `gotd -n'.
ok jamsek stsp
- Commit:
809a54db7c7cec54dcacb53f62eedecc18a833da
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotd: move nrepos check to parse_config
ok jamsek stsp
- Commit:
9b7f22a6148eb14af6e59de120bb5b1dd0e05469
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
call realpath() during early startup in gotd's parse.y
This ensures that all repositories exist when the process is first started.
It will also help to avoid an "rpath" pledge promise in a future gotd which
uses a separate session process, by avoiding realpath() calls while starting
new processes.
- Commit:
83577462cc61708af1c98d70939bb1d6c54a1506
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
switch gotd.conf syntax from 'unix_socket' to 'listen on'
ok op@
- Commit:
6f854dde056f82d0c757c720beed863fc557a1ca
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
remove the gotsh group requirement from gotd; any user can now connect
Repository access is now controlled by access rules in gotd.conf,
and concurrent connections to the gotd socket by local users are
limited by the listen process. We should keep refining our anti-DoS
measures in the future, but at least we have something in place now.
ok jamsek, op
- Commit:
71cd355cb2711ad528715bbbb5b41be7c26ace2a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
simplify gotd' timeouts string parsing
no need to duplicate what strtonum does; pass the *real* maximum value
allowed to it directly.
ok stsp@
- Commit:
2be11cdeee0c210d3273b3724e924de0422d9f67
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotd: allow to express timeouts using minutes/hours
This allows to use a suffix to indicate the unit of measure, such as
"1h" for one hour or "30m" for 30 minutes. The suffix "s" for seconds
is also accepted for completeness.
ok stsp
- Commit:
46e48ac738ef3d714f4258bd513bca84369a457d
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
enforce gotd request timeout > 0; the code doesn't handle zero right now
spotted by + ok op@