Commit Briefs
import template
ok tracey@
switch gotd from chroot(2) to unveil(2)
In the future, gotd will fork+exec new processes for each client connection. Using unveil instead of chroot avoids having to start such processes as root. The -portable version could use chroot(2) where no equivalent to unveil(2) exists. A future component which starts new processes will be isolated as a separate process, which could run as root in the -portable version. ok op@
in gotd regress, use USER instead of USERNAME and check for sudo/doas users
Problem where USERNAME is not usually set on OpenBSD reported by Mikhail ok jamsek
gotwebd: rework gotweb_get_repo_{description,cloneurl}
- use openat(2) since we've already opened the containing dir - use fstat(2) instead of multiple seeks - don't special case len == 0 ok and improvements by stsp
gotwebd: simplify gotweb_render_index
- drops the double loop; paginate in one go - avoid lstat + got_path_dir_is_empty for each entry: use dt_type if provided by the underlying filesystem - fixes a memleak: before `continue' we need to call gotweb_free_repo_dir ok stsp
gotwebd: use prev_disp to decide when to we've reached max_repos
instead of hardcoding d_i - 2 and so expecting only "." and ".." as skipped entries, use t->prev_disp that is the number of repositories traversed until now (both skipped due to the pagination and the ones actually rendered.) ok jamsek
getpwuid() returns NULL without setting errno if no user is found
pointed out by millert@
zap double grp.h include
spotted by Thomas
forward-declare conf_new_access_rule
not all yacc implementations put the section in the same order: with OpenBSD' yacc it's fine, with GNU' bison it results in a warning about using an undeclared function conf_new_access_rule. extracted from -portable via thomas, ok stsp@