Commit Briefs
run the tog tests as part of the default regress set
ok and README update by jamsek
make tog regress run with pledge active
ok jamsek
tog: implement automated test harness
Add framework for scripting tog tests by capturing screen dumps to compare with expected output. Includes some preliminary log view tests but lots more tests are needed to cover diff, blame, tree, ref, and help views. ok stsp@
add gitwrapper(1)
ok op@, tracey@ earlier version
import template
ok tracey@
add gotctl(8); initially supported commands are 'info' and 'stop'
This will be used by an upcoming regress test suite for gotd(8). ok tracey
introduce gotd(8), a Git repository server reachable via ssh(1)
This is an initial barebones implementation which provides the absolute minimum of functionality required to serve got(1) and git(1) clients. Basic fetch/send functionality has been tested and seems to work here, but this server is not yet expected to be stable. More testing is welcome. See the man pages for setup instructions. The current design uses one reader and one writer process per repository, which will have to be extended to N readers and N writers in the future. At startup, each process will chroot(2) into its assigned repository. This works because gotd(8) can only be started as root, and will then fork+exec, chroot, and privdrop. At present the parent process runs with the following pledge(2) promises: "stdio rpath wpath cpath proc getpw sendfd recvfd fattr flock unix unveil" The parent is the only process able to modify the repository in a way that becomes visible to Git clients. The parent uses unveil(2) to restrict its view of the filesystem to /tmp and the repositories listed in the configuration file gotd.conf(5). Per-repository chroot(2) processes use "stdio rpath sendfd recvfd". The writer defers to the parent for modifying references in the repository to point at newly uploaded commits. The reader is fine without such help, because Git repositories can be read without having to create any lock-files. gotd(8) requires a dedicated user ID, which should own repositories on the filesystem, and a separate secondary group, which should not have filesystem-level repository access, and must be allowed access to the gotd(8) socket. To obtain Git repository access, users must be members of this secondary group, and must have their login shell set to gotsh(1). gotsh(1) connects to the gotd(8) socket and speaks Git-protocol towards the client on the other end of the SSH connection. gotsh(1) is not an interactive command shell. At present, authenticated clients are granted read/write access to all repositories and all references (except for the "refs/got/" and the "refs/remotes/" namespaces, which are already being protected from modification). While complicated access control mechanism are not a design goal, making it possible to safely offer anonymous Git repository access over ssh(1) is on the road map.
import gotwebd
thread fcgi response to client for rendering in browser as data is returned fix potential problem with a stuck loop if the client is hammering the server with random clicks and stop/restarts render our index! WOOHOO! small var refactoring. fcgi.c to handle all clean-up, various error clean-up remove output used to trace down got bug temporarily stop overloading a socket, but a better solution needs to be found return on fcgi_gen_response, so we can track if a client is writable or not this stops page creation when the client is unavailable remove old comments enable profile building, although, i don't think this works thoroughly in a priv/proc daemon catch more errors correctly count repos remove temp logger we don't need to start our responder thread so early. move it to fcgi.c and start when we start processing html kill the unneeded thread, stop queueing responses, and just write to clients immediately clean up some memory leaks and dead stores rework querystring so an error can be displayed instead of showing the index on querystring error get framework in place for the rest of the content add server struct to response struct bo last commit get back a usable gotweb. not sure what i was thinking yesterday properly move our structs around this time remember index page for sitelink, fix leak unused var is annoying, so stop it for now. don't forget to change this! style briefs nearly completed. finish briefs output add briefs to summary cleanup some html properly retrieve next and previous commit ids for list navigation follow naddy's stailq macro change we will never have a previous link on the summary page goto correct label, so we get a previous link on the last page of briefs don't wrap short line simplify got_get_repo_commits code start rendering a diff start rendering a diff this was by accident finish diff output functions cleanup prepare for fd request that was a stupid idea, just flush the priv_fd bo that too. that won't work eith with append in mkstemp that isn't going to work actually zero out the priv_fd missed seek to beginning of file was overwriting first line of diff fsync our fd as well add link to repo path by sitelink and add back verbose fcgi debugging that was removed add modest write heuristics to fcgi_send_response fix dead assignments and XXX comment where a leak is happening that I can't find right now there was no leak. stsp is brilliant and knew it was the cache growing prevent double-free, render prettier err output if we can remove unused variables correctly fix double-free fix gotwebd to build with main's changes after rebase fix double-free don't error on index if pack files missing and fixup some error handling render commits finish up tag briefs and start the tag page finish up tag page unbreak TAGS and SUMMARY actions grab the correct tag from the queue unbreak TAGS and SUMMARY actions again update some error handling clean up unneeded code and start tree output render tree render branches remove tags from summary if there aren't any fix tree div structure and start blob render render blob render blame fix tree href in briefs clean up some css add headref to querystrings load correct commit for tree and diff fixup some error output update some copyright dates add full SNI support rm debug line found by Lucas6023, notified via IRC. thanks!! fix tree fix crash when querystring is manipulated to not have a commit id in certain instances. also break a stuck while loop on client error. fix for new got_object_id_by_path arguments rebase and fix prep for multiple fds per socket, instead of just one fix overlooked shift/reduce conflicts backout priv_fds as a list. after discussion with stsp, an array and length are the better direction prepare array of fds to pass into got functions make a new set of pack fds, which will be passed to got_repo_open work with new pack_fds in got_repo_open give output when no tags exist escape html in blame output change files listed in tree view to show blob, file commits, and blame, instead of blob, blob, blame. idea from mp4 on irc. this is way more handy. stop populating the queue from the headref and figure out previous commit id while iterating. this should reduce some overhead. actually purge our sockets instead of not using the function start work with new blob rm volatile use new diff change func names no more temp files increase blame number line width set content-type to text/plain so firefox won't download files rm test infra for now account for -Wwrite-strings fix for sigs and algorithm choice clean up some leaks and other mistakes
Provide lib/Makefile to enable tags file generation
The root Makefile does not hook into lib/ via <bsd.subdir.mk> since it is not a program itself and thus gets included by all others. This means `make tags` skips lib/ and `make -C lib/ tags` does not know what to do; provide a minimal <bsd.lib.mk> stub and hook it up just for the "tags" such that *all* source is browsable via tags. See /usr/share/mk/bsd.README for details. Feedback stsp tb OK tb
ensure that we always install static binaries to gotweb's chroot
Compile static libexec binaries for gotweb, keeping them separate from the main build. Use the same source files but a separate set of Makefiles. Previously, 'make web-install' installed whichever libexec binaries had already been built, and if those happened to be dynamically linked they failed to run inside the chroot which resulted in "privsep peer process closed pipe" being rendered on the index page.
.PHONY is a target
ok stsp@