Commit Briefs

bc2fa30c53 Stefan Sperling

free iev_server in login.c (gotwebd-auth)

diff | patch | tree

e21ef27f07 Stefan Sperling

forgot to increment client counter in auth.c

diff | patch | tree

a0a86356fb Stefan Sperling

run one access.c process per server to avoid it becoming a bottleneck

diff | patch | tree

97e0634664 Stefan Sperling

connect the login.c and access.c processes on startup

diff | patch | tree

91f92cd420 Stefan Sperling

access.c might receive client sockets from login.c later

diff | patch | tree

9e6d4144ce Stefan Sperling

prepare for running access.c as a dedicated child process

diff | patch | tree

e240092c03 Stefan Sperling

partly implement access_check(), but leave it disabled for now

The login process runs in chroot and hence cannot read the password database. We will need to do verification of cookies in another process.

diff | patch | tree

64eb24873b Stefan Sperling

start putting access checks into login.c; everyone passes, for now

diff | patch | tree

f64cf10ded Stefan Sperling

log errors in just one place in login.c process_request()

diff | patch | tree

e112ed1d59 Stefan Sperling

send repositories and per-repository access rules to login and gotweb procs

diff | patch | tree

ba61c78b3a Stefan Sperling

send global and per-server access rules to login and gotweb processes

diff | patch | tree

ed02a561a6 Stefan Sperling

initialize new fields in struct server when received in child process

diff | patch | tree

1f1500d02d Stefan Sperling

send global auth config to children just once

diff | patch | tree

b6f078d8ec Stefan Sperling

document more precisely what the server name in gotwebd.conf should be set to

diff | patch | tree

df585c592c Stefan Sperling

verify the login token's hostname

diff | patch | tree

3f214499bf Stefan Sperling

improve hostname check error handling

diff | patch | tree

5d6d834bc1 Stefan Sperling

fix whitespace in cookie string

diff | patch | tree

25bbf24a44 Stefan Sperling

implement and document gotwebd.conf access permission syntax

diff | patch | tree

6344415e75 Stefan Sperling

reduce validity time of login tokens to 5 minutes; browsers still get 1 day

diff | patch | tree

c24a6a6b95 Stefan Sperling

log sucessful login attempts with UID and server name

diff | patch | tree

053e042b6d Stefan Sperling

remove stray debug logging

diff | patch | tree

ea7d18f48b Stefan Sperling

remove debug prints that have become irrelevant

diff | patch | tree

15abde1eb3 Stefan Sperling

pass the client UID to the gotweb process, as well as the www UID

diff | patch | tree

93ef8eb7fa Stefan Sperling

do not close client socket too early, let the fcgi cleanup path handle that

diff | patch | tree

f9f6b7e875 Stefan Sperling

extract UID and hostname from authentication token

diff | patch | tree