remove dependency of gitwrapper on gotd/auth.c Move gotd_auth_parseuid() from auth.c to parse.y as gotd_parseuid(), and remove auth.c from the list of source files required by gitwrapper.

remove dependency of gitwrapper on gotd/listen.c Move gotd_find_uid_connection_limit() from listen.c into parse.y and remove listen.c from the list of source files required by gitwrapper.

make gotd/gitwrapper start up even if a repository is missing on disk This should result in more useful behaviour when gitwrapper runs and repositories listed in gotd.conf do not yet exist or do no longer exist.

grammar fix for parse.y error message

reject overlapping protected branch vs. tag namespaces ok op@

gotd.conf: free STRINGS in all code paths ok stsp@

gotd.conf: fix memleak in `protect' error path and disallow dups too ok stsp@

add support for protecting references against 'got send -f' to gotd ok op@

avoid gitwrapper printing a warning when /etc/gotd.conf does not exist gotd still requires the config file, of course, but gitwrapper must treat is as optional and remain silent if the file cannot be found.

add gitwrapper(1) ok op@, tracey@ earlier version

gotd requires a config file; don't fail silently when gotd.conf cannot be read Fixes an issue encountered by mlarkin@ where the auth process was working with an empty list of repositories and kept saying it could not find a repository which was obviously listed in gotd.conf. Now we can see errors from fopen() in the logs instead. Old code was copied from gotwebd where the config file is optional.

include sha2.h too where sha1.h is included In preparation for wide sha256 support; stsp@ agrees. Change done mechanically with find . -iname \*.[cy] -exec sam {} + X ,x/<sha1\.h>/i/\n#include <sha2.h>

rm unused boolean grammar. ok stsp@

gotd: move socket path check to parse.y and error from the main process It's handy to have a "bad unix socket path" error being reported directly from the main process since can get caught by `gotd -n'. ok jamsek stsp

gotd: move nrepos check to parse_config ok jamsek stsp

call realpath() during early startup in gotd's parse.y This ensures that all repositories exist when the process is first started. It will also help to avoid an "rpath" pledge promise in a future gotd which uses a separate session process, by avoiding realpath() calls while starting new processes.

switch gotd.conf syntax from 'unix_socket' to 'listen on' ok op@

remove the gotsh group requirement from gotd; any user can now connect Repository access is now controlled by access rules in gotd.conf, and concurrent connections to the gotd socket by local users are limited by the listen process. We should keep refining our anti-DoS measures in the future, but at least we have something in place now. ok jamsek, op

simplify gotd' timeouts string parsing no need to duplicate what strtonum does; pass the *real* maximum value allowed to it directly. ok stsp@

gotd: allow to express timeouts using minutes/hours This allows to use a suffix to indicate the unit of measure, such as "1h" for one hour or "30m" for 30 minutes. The suffix "s" for seconds is also accepted for completeness. ok stsp

enforce gotd request timeout > 0; the code doesn't handle zero right now spotted by + ok op@

add conf_limit_user_connection prototype at the top of parse.y different yacc implementations (e.g. GNU bison) may put the various parts in a different order, and so the definition of the function may not be visible in the generated code.

introduce connection options to gotd.conf Allow administrators to tweak the default authentication and request timeouts if needed, and to tweak the limit of concurrent connections for specific user accounts. with several tweaks from and ok op@

log_warnx and fatalx prepend the program name internally, don't add it manually

gotd.conf: complain if a repository lacks a path in the configuration file