Commits
- Commit:
5fb267cb9e3ad437bb94f4fd9ecbf399028c76f7
- From:
- Omar Polo <op@omarpolo.com>
- Date:
initial gotd-secrets.conf implementation
This moves the handling of the secrets outside gotd.conf. There
will be a few changes to this, committing it as-is to continue
hacking in tree.
ok stsp@
- Commit:
e7e510b6031184c82b94ee99efad5637ab7ad76a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
trailing whitespaces
- Commit:
bd84be8a1a59cfed38bb44a3d921b3b16ffa6469
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
add support for HMAC digests to gotd HTTP notifications
Works similar to how several Git forges authenticate their webhooks.
Feature requested by dch@freebsd.
Help from tb@ regarding which libcrypto calls to use, thanks!
ok op@ (with some follow-up tweaks suggested)
- Commit:
590eefe913c9c098a6f771014fdf5ffe49f58c67
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
only warn about missing repositories in gotd startup as was intended
This was broken in commit 4b3827cd43394b89d2af822dcd1d9a9179c1ee10
"make gitwrapper ignore 'permission denied' for repository paths"
- Commit:
df3d15f3663597c19334b0a50326ff2d07fab70d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotd: support UIDs in the user directive
Requested by PyR3X on IRC.
ok/improvements stsp@
- Commit:
e9b573a27efa4d681a69e784708e3cdfd1999771
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotd: allow (as documented) numeric IDs in permit/deny
Noticed and diff tested by PyR3X on IRC, thanks!
ok stsp@
- Commit:
1b1a386df9068b7cb3ceb8a67d88ccd24f5b2deb
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotd: use a struct got_object_id instead of an hash buffer
ok stsp@
- Commit:
cb557a498be9d6e289166a677b1af701d8a2d36d
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
set a default port for http notifications if not specified in gotd.conf
ok op@
- Commit:
55286da2a584fd52fba19447ba11921f6c3eff17
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
make it harder to leak notification credentials over plaintext HTTP
ok op@
- Commit:
c623f22185d49aeb866ddc765ad0becfb2052e35
- From:
- Omar Polo <op@omarpolo.com>
- Date:
cast a time_t to long long for printf for portability
- Commit:
5565365ce71d431c522f98b121706b13c4bf2d22
- From:
- Omar Polo <op@omarpolo.com>
- Date:
add got-notify-http
ok stsp@
- Commit:
f9e6537008c7344a6107b88bc19c5f293cacd793
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix gotd_parse_url()
A path of "/" is valid and trailing slashes must be preserved.
ok stsp@
- Commit:
7d68253bffa1fdf653a220a4b023a653c2ed29df
- From:
- Omar Polo <op@omarpolo.com>
- Date:
plug memleak in parsing the notify options
The strings need to be released regardless of the process parsing
the file.
- Commit:
ba97b2d7ec97e54a025a39e04c0fd59fdd54a57b
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
add initial support for commit notifications to gotd(8)
At present only email notifications are implemented.
Code for HTTP notifications is not yet finished, hence HTTP-related
documentation remains hidden for now.
This adds a new 'notify' process which has an "exec" pledge. It runs
helper programs which implement the notification transport layer,
such as got-notify-email which speaks SMTP. This design avoids having
to link all of gotd with network libraries and related crypto libraries.
Notification content is generated by the 'repo_write' process. Commit log
messages and diffstats are written to a file which the 'notify' process
will pass on to its helpers on stdin. The default output looks similar
to 'got log -d'. If too many new commits are present the output looks
similar to 'got log -s' instead. Tags always look like 'got tag -l'.
The session process coordinates generation of notifications. It maintains
a notification queue which holds one notification per updated reference,
and passes notification requests from this queue to the 'repo_write'
process for notification content creation and then to the 'notify'
process for notification delivery.
Only one notification can be in flight at a time to avoid file descriptor
starvation if many references get updated in a single client session.
ok op@
- Commit:
b1c090542f4ecaf993fc81468338839febcb8e37
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
allow setting variables in gotd.conf; code from gotwebd/parse.y
ok op@
- Commit:
4b3827cd43394b89d2af822dcd1d9a9179c1ee10
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
make gitwrapper ignore 'permission denied' for repository paths
We recommend that gotsh users should not have direct filesystem
access to repositories served by gotd. Which means admins will be
setting things up as follows if public read-access should be denied:
chown _gotd /git
chmod 700 /git
su -m _gotd -c 'gotadmin init /git/repo.git"
However, gitwrapper would error out when repositories listed in
gotd.conf were inaccessible to the user invoking gitwrapper:
git-upload-pack: /etc/gotd.conf:2: realpath /git/repo.git: Permission denied
Make gitwrapper ignore such errors as they are expected in this situation.
While here, add a PROC_GITWRAPPER process ID for use as a global variable
parse.y can check while special-casing any specific behaviour required by
gitwrapper. (The worse alternative would have been adding a new global
variable to parse.y just to control the behaviour on realpath errors.)
ok op@
- Commit:
d571a1762e9ff7281a5363373468c1e00a62ed42
- From:
- Omar Polo <op@omarpolo.com>
- Date:
drop unused strlen; ok stsp@
- Commit:
1963be61deb20cacab2552113c66b38fbee7a080
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
remove dependency of gitwrapper on gotd/auth.c
Move gotd_auth_parseuid() from auth.c to parse.y as gotd_parseuid(), and
remove auth.c from the list of source files required by gitwrapper.
- Commit:
eeb616b754913da958b9781aee9ed88db64e7162
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
remove dependency of gitwrapper on gotd/listen.c
Move gotd_find_uid_connection_limit() from listen.c into parse.y and
remove listen.c from the list of source files required by gitwrapper.
- Commit:
859316d03c1ee64b2c2fd2787e727daadf60bcf3
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
make gotd/gitwrapper start up even if a repository is missing on disk
This should result in more useful behaviour when gitwrapper runs and
repositories listed in gotd.conf do not yet exist or do no longer exist.
- Commit:
6be067cef84c15f7e8623ec8fccaf955d98d006b
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
grammar fix for parse.y error message
- Commit:
f850236e70ed5627a614d01de2af54581cbce23f
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
reject overlapping protected branch vs. tag namespaces
ok op@
- Commit:
584140c2ad19f354c4504d0b3381c873658bdbf3
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotd.conf: free STRINGS in all code paths
ok stsp@
- Commit:
f0426190497546f380f3bbd5d7cf464e5423a1c6
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotd.conf: fix memleak in `protect' error path and disallow dups too
ok stsp@
- Commit:
9afa3de221045d529287cc3fa75fdc2915aed5c1
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
add support for protecting references against 'got send -f' to gotd
ok op@