Commits
- Commit:
97799ccd4b67a81f97039305d4fdd66588da9962
- From:
- Thomas Adam <thomas@xteddy.org>
- Date:
portable: add support for landlock
landlock is a new set of linux APIs that is conceptually similar to
unveil(2): the idea is to restrict what a process can do on a
specified part of the filesystem. There are some differences in the
behaviour: the major one being that the landlock ruleset is inherited
across execve(2).
This just restricts the libexec helpers by completely revoking ANY
filesystem access; after all they are the biggest attack surface. got
send/fetch/clone *may* end up spawning ssh(1), so at the moment is not
possible to landlock the main process.
From Omar Polo.
- Commit:
92a9e85d28a30997176ce0d3c2915e3ea70782c7
- From:
- Thomas Adam <thomas@xteddy.org>
- Date:
portable: add FreeBSD support
This adds the capability to compile got-portable on FreeBSD.
- Commit:
dd038bc6ec835ad3fd3c0b5303b8af9ad506c8cc
- From:
- Thomas Adam <thomas@xteddy.org>
- Via:
- Thomas Adam <thomas.adam@smoothwall.net>
- Date:
portable: initial Linux compilation
This commit modifies the GoT main branch to be able to compile it under
linux.
- Commit:
d5c81d448ae4eec21053152e1c82c66eb11ca7a4
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
verify object ID checksums while loose objects are being accessed
- Commit:
12f2167a2e638b44a8d0c2c163448011485067b3
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
add checksum parameters to got_inflate functions which did not provide them yet
- Commit:
08578a35f60be8657db97b705f27a55ab61850c8
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
make close(2) failure checks consistent; check 'close() == -1' everywhere
ok millert, naddy
- Commit:
56b63ca4ab1049de6fa2d6910ce22c16e2b42a53
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
make fclose(3) failure checks consistent; check 'fclose() == EOF' everywhere
ok millert, naddy
- Commit:
23c57b285fdcf9a8a0a5913ea096232038bf0ac3
- From:
- Christian Weisgerber <naddy@mips.inka.de>
- Date:
Stop including <sys/syslimits.h> directly.
POSIX says the limits defined there are available from <limits.h>,
which almost all affected source files already included anyway.
ok millert stsp
- Commit:
81a12da58651e79380d81dea7020bf6af20bb28b
- From:
- Christian Weisgerber <naddy@mips.inka.de>
- Date:
do not rely on <zlib.h> to pull in <unistd.h>
ok stsp
- Commit:
6fb3a4970337c135644ac0ef619a7e96616e4230
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
add optional 'consumed' output parameter to got_inflate_to_mem()
- Commit:
12ce7a6cb20e62e36b3430f7bbada96069749f8b
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
include <limits.h> instead of <sys/limits.h>; patch by Thomas Klausner
- Commit:
cc62643986abd93b4a2dae15c40415c625646fc2
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
make got-read-blob account for header len in size check
Fixes "no space" error with blobs which happen to straddle the
size boundary for in-memory handling.
- Commit:
4492af8432c70fe0b00cc5736f17590c29d79068
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
plug a memory leak in got-read-blob
- Commit:
638f9024045bbe2420143f8868dcc484c231c634
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
rename got_error_prefix_errno() to got_error_from_errno()
- Commit:
656b1f76d3a6f52318782284fa83ae47894cbffb
- From:
- joshua stein <jcs@jcs.org>
- Date:
while (1) -> for (;;)
- Commit:
230a42bdc60c6136d2a5ce65bf1a2f26d990c096
- From:
- joshua stein <jcs@jcs.org>
- Date:
got_error_from_errno -> got_error_prefix_errno
also add got_error_prefix_errno2 and got_error_prefix_errno3 which
should hopefully all be merged into a single function with variadic
args (but can't alloc mem)
- Commit:
3a6ce05aff1497b3b590a07e1dccad289ad84d0f
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
check for errors from close(2)
- Commit:
fb43ecf1500cf7f8b2e22348bd1635edcda97fee
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
check for errors from fclose()
- Commit:
5d56da8198435fa1d0e717f60d562f4a28e2e4e0
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
happy new copyright year
- Commit:
ac544f8c6ffbe7126fa9ae6c7dd09c6661d1ef2d
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
pass smallish blobs directly via imsg buffer
- Commit:
f392e333e6fe8e8ce5e2ebc285041cbe95236c5e
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
verify total size vs header length in got-read-blob
- Commit:
ebc55e2dfc648063c434cc7a708ac24d266efbdb
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
eliminate got_object_open() round-trip when opening blobs
- Commit:
80d5f1347d70550d49d95b6420ca27877d1221e8
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
don't be noisy on stderr when Ctrl-C is hit
- Commit:
99437157b9e800c9893cc896f72c552613dd0cbd
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
abort checkout operations cleanly when Ctrl-C is hit
- Commit:
2ff12563f8266a459fcfc4d3b635d320c0a761d7
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
fix 'make PROFILE=1' build