free iev_server in login.c

forgot to increment client counter in auth.c

run one access.c process per server to avoid it becoming a bottleneck

connect the login.c and access.c processes on startup

access.c might receive client sockets from login.c later

prepare for running access.c as a dedicated child process

partly implement access_check(), but leave it disabled for now The login process runs in chroot and hence cannot read the password database. We will need to do verification of cookies in another process.

start putting access checks into login.c; everyone passes, for now

log errors in just one place in login.c process_request()

send repositories and per-repository access rules to login and gotweb procs

send global and per-server access rules to login and gotweb processes

initialize new fields in struct server when received in child process

send global auth config to children just once

document more precisely what the server name in gotwebd.conf should be set to

verify the login token's hostname

improve hostname check error handling

fix whitespace in cookie string

implement and document gotwebd.conf access permission syntax

reduce validity time of login tokens to 5 minutes; browsers still get 1 day

log sucessful login attempts with UID and server name

remove stray debug logging

remove debug prints that have become irrelevant

pass the client UID to the gotweb process, as well as the www UID

do not close client socket too early, let the fcgi cleanup path handle that

extract UID and hostname from authentication token