Commit Briefs
create and verify tags signed by SSH keys
This adds a new -s flag to 'got tag' that specifies the signer identity (for example, a key file) of the tagger. The tag object will include a signature that validates each of the tag object headers and the tag message. Verifying these signed tags requires maintaining an allowed signers file which maps signer identities (i.e. the email address of the tagger) to SSH public keys. See ssh-keygen(1) for more details of the allowed signers file. After creating this file and providing the path to it in got.conf(5) using the allowed_signers option, tags may be verified using with 'got tag -V tag_name'. The return code will be non-zero if a signature fails to verify. ok stsp@
fix imsg_add TREE_ENTRY: Result too large on i386
There's a math error when computing the size of one entries in the batching code. Reported by semarie, ok semarie stsp
build with -Wmissing-prototypes
ok stsp@
fix unexpected imsg error after incomplete enumeration in got-read-pack
reported by jrick and op@ ok op@
zero the whole struct got_imsg_object before sending it
otherwise some fields may be unitialized and fail the validation done on the receiving side. ok stsp@
fix a bug in got_privsep_send_object_idlist() exposed by recent changes
The old code did not work correctly if only a single object Id was to be sent to got-read-pack. Make got-read-pack error out if the list of commits for object enumeration is empty to catch this problem if it occurs again. Found by the send_basic test, which was failing with GOT_TEST_PACK=1 ok tracey
let got-read-pack be explicit about whether it could enumerate all objects
This allows the main process to avoid looping over all object IDs again in case the pack file used for enumeration is complete. ok op@
compute object size, not pointer size
in this case they're luckily the same; got_imsg_object_idlist and got_imsg_reused_delta only have one size_t long field. ok stsp@
strictier validation for data received from libexec helpers
use correct error code and ok stsp@
use strndup instead of malloc+memcpy
Simplifies the reading of the author/committer string and makes also the code shorter. ok stsp@
don't check datalen when calling recv_imsg_error
recv_imsg_error already checks the size of the message, and it does so more precisely than the removed code. ok stsp@
Bring back object enumeration inside got-read-pack as a fast path.
The problem that was found in the earlier version has been fixed. ok op@
revert object enumeration in got-read-pack for now; needs more work
This implementation marked commits and trees as enumerated before all trees which they depend on were enumerated. This behaviour leads to incomplete pack files when a tree is only partially packed and got-read-pack hits a missing tree entry as a result. The algorithm must be reworked such that packed leave nodes are marked enumerated first, then bubble-up. Found by op@
revert "Skip poll(2) if an imsgbuf has a non-empty read buffer"
imsg_read() will call recvmsg() on the file descriptor regardless of the read buffer's state, so we should ensure that data is ready. The read buffer is used by imsg_get(), not imsg_read(). We already call imsg_get() before imsg_read(), and call the latter only if imsg_get() returns zero.
batch up tree entries in imsg instead of sending one imsg per tree entry
This speeds up loading of trees significantly. ok op@