Commits
- Commit:
7554713a026de839e0b958d7885d5d1286b3f547
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
avoid gitwrapper printing a warning when /etc/gotd.conf does not exist
gotd still requires the config file, of course, but gitwrapper must
treat is as optional and remain silent if the file cannot be found.
- Commit:
5dcb3a437bc93a9d9e2670049ca9deac25b36dc4
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
add gitwrapper(1)
ok op@, tracey@ earlier version
- Commit:
f3296add5bdbbb73f33c8f4b1576a24aae32924b
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
gotd requires a config file; don't fail silently when gotd.conf cannot be read
Fixes an issue encountered by mlarkin@ where the auth process was working
with an empty list of repositories and kept saying it could not find a
repository which was obviously listed in gotd.conf. Now we can see errors
from fopen() in the logs instead. Old code was copied from gotwebd where
the config file is optional.
- Commit:
98670ba726486c39efff220ab1e074c62023aae7
- From:
- Thomas Adam <thomas@xteddy.org>
- Date:
portable: rework SHA detection
Simply the SHA detection by not predicating on libcrypto, but instead
checking individual header files.
- Commit:
4680f704353811c8bb6ce65eac3714d1bd200c26
- From:
- Thomas Adam <thomas@xteddy.org>
- Date:
portable: remove sha1.h; found portably
Remove sha1.h as this is found portably across systems.
- Commit:
588a8092bc282294ee23585991e81586905a8fd4
- From:
- Omar Polo <op@omarpolo.com>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
include sha2.h too where sha1.h is included
In preparation for wide sha256 support; stsp@ agrees. Change done
mechanically with
find . -iname \*.[cy] -exec sam {} +
X ,x/<sha1\.h>/i/\n#include <sha2.h>
- Commit:
43c08a530e595df40d8133b9a3f77318c2a04b44
- From:
- Tracey Emery <tracey@traceyemery.net>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
rm unused boolean grammar. ok stsp@
- Commit:
7348ded8f8bf5a82c1b0361e0e7591a1af96ff89
- From:
- Omar Polo <op@omarpolo.com>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
gotd: move socket path check to parse.y and error from the main process
It's handy to have a "bad unix socket path" error being reported
directly from the main process since can get caught by `gotd -n'.
ok jamsek stsp
- Commit:
4d24b1fdb79bbc3df9ef996250267ba70f189a4d
- From:
- Omar Polo <op@omarpolo.com>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
gotd: move nrepos check to parse_config
ok jamsek stsp
- Commit:
fe6a8988670d1e54478187f93e22a1980f5926e4
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
call realpath() during early startup in gotd's parse.y
This ensures that all repositories exist when the process is first started.
It will also help to avoid an "rpath" pledge promise in a future gotd which
uses a separate session process, by avoiding realpath() calls while starting
new processes.
- Commit:
f9a4feb61d225e9b02d58e2d115ba0bd09176b08
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
switch gotd.conf syntax from 'unix_socket' to 'listen on'
ok op@
- Commit:
f2fc8ce0a3b225e5408c9b26476e395ca7109e63
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
remove the gotsh group requirement from gotd; any user can now connect
Repository access is now controlled by access rules in gotd.conf,
and concurrent connections to the gotd socket by local users are
limited by the listen process. We should keep refining our anti-DoS
measures in the future, but at least we have something in place now.
ok jamsek, op
- Commit:
85bccbf76e77e3f3f535f42d21d106ad54504758
- From:
- Omar Polo <op@omarpolo.com>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
simplify gotd' timeouts string parsing
no need to duplicate what strtonum does; pass the *real* maximum value
allowed to it directly.
ok stsp@
- Commit:
77d755e8ee27002658ec8f9ed0a282ac89d2906f
- From:
- Omar Polo <op@omarpolo.com>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
gotd: allow to express timeouts using minutes/hours
This allows to use a suffix to indicate the unit of measure, such as
"1h" for one hour or "30m" for 30 minutes. The suffix "s" for seconds
is also accepted for completeness.
ok stsp
- Commit:
912db690abe419dd5f82d9ea6ecf351ab2c48f00
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
enforce gotd request timeout > 0; the code doesn't handle zero right now
spotted by + ok op@
- Commit:
67f822ee222a3d9a131449ec1c80c275ca122e1b
- From:
- Omar Polo <op@omarpolo.com>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
add conf_limit_user_connection prototype at the top of parse.y
different yacc implementations (e.g. GNU bison) may put the various
parts in a different order, and so the definition of the function may
not be visible in the generated code.
- Commit:
0781db0e2428460cdb0b48d3797899eede6afa44
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
introduce connection options to gotd.conf
Allow administrators to tweak the default authentication and request
timeouts if needed, and to tweak the limit of concurrent connections
for specific user accounts.
with several tweaks from and ok op@
- Commit:
0cbf8de725393d7866ab0e146671a1611644afc6
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
log_warnx and fatalx prepend the program name internally, don't add it manually
- Commit:
88f1bb6ddf803e7ceb1f2f7a72253a46d12ae6c6
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
gotd.conf: complain if a repository lacks a path in the configuration file
- Commit:
a42b418b1416531932c59f608ef8cc9cfb442cc9
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
gotd.conf: treat empty repository names as a syntax error
- Commit:
bb45bea88220ce7474bfe455a681f00406ba0e6f
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
gotd.conf: treat repositories without any parameters as a syntax error
Because gotd expects some parameters to be present they must not be
optional at the syntax level.
- Commit:
c669c4892eacfb82355f0fa66bcafe84a600040e
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
run gotd authentication in a separate child process
ok op@
- Commit:
2b3d32a184dad78705d52ecd06a87282ca9340ba
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
add a gotd "listen" process which watches the unix socket
ok op@
- Commit:
c3841c6767f0a2860420de1163b6cf41923cd29f
- From:
- Omar Polo <op@omarpolo.com>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
forward-declare conf_new_access_rule
not all yacc implementations put the section in the same order: with
OpenBSD' yacc it's fine, with GNU' bison it results in a warning about
using an undeclared function conf_new_access_rule.
extracted from -portable via thomas, ok stsp@
- Commit:
da9a9ea87f65f3809ff8edf4fb6314c1a6dd95aa
- From:
- Stefan Sperling <stsp@stsp.name>
- Via:
- Thomas Adam <thomas@xteddy.org>
- Date:
add missing RO and RW tokens; pointed out by op@