aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Merge remote-tracking branch 'upstream/master'HEADgitolite-gentoo-3.6.6.1masterRobin H. Johnson2017-06-2910-15/+228
|\
| * add example PRE_GIT code for blocking access (IP-check)Sitaram Chamarty2017-06-101-0/+43
| |
| * allow repo-specific hooks to be organised into subdirectoriesSitaram Chamarty2017-05-301-0/+5
| | | | | | | | (thanks to Mathieu Arnold for catching this, and for an initial patch)
| * fix inefficiency in repo-specific hooksSitaram Chamarty2017-05-301-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | normally I don't care too much about inefficiencies that show up during a push to the gitolite-admin repo, but this one shows up even when a normal user creates a single wild-card repo -- it runs the repo-specific hooks trigger on ALL existing repos! no one noticed or complained, so perhaps it *actually* wasn't that visible a problem, but it's an easy fix anyway. (TBH, there's still a slight inefficiency. When a new (non-wild) repo is added to gitolite.conf, that particular one gets processed twice -- once in POST_CREATE, and once in POST_COMPILE... but *shrug*. If no one noticed the much bigger O(n) inefficiency we just fixed, this O(1) inefficiency hardly matters.)
| * allow the multi hook driver to be placed elsewhereSitaram Chamarty2017-05-101-1/+1
| | | | | | | | | | see https://groups.google.com/forum/#!topic/gitolite/-PvYRleGKHQ for details
| * Fix SHA256 fingerprinting to match the full character setAlex Vandiver2017-05-101-1/+1
| | | | | | | | | | | | Because of a one-bit typo, this only matched the fingerprint up until the first upper-case letter; this led to false-positive messages about hash collisions.
| * new 'skip_block' sugar, and 'testconf' feature using itSitaram Chamarty2017-04-152-0/+136
| |
| * allow syslog facility to be changedSitaram Chamarty2017-04-052-1/+3
| |
| * (minor) fix noise in ssh-authkeys-split (thanks to Tony Finch)Sitaram Chamarty2017-03-271-1/+1
| |
| * eliminate race (loaded systems only?) that makes gl-conf look emptySitaram Chamarty2017-01-161-4/+1
| |
| * minor oopsie in checking return code of "do"Sitaram Chamarty2017-01-161-1/+1
| |
| * allow @group names in config values to be expanded...Sitaram Chamarty2017-01-141-0/+8
| | | | | | | | | | The string "@group" is replaced with a space separated list of member names if it is a valid group. Otherwise it is left alone.
| * fix shebang in repo-specific-hooksSitaram Chamarty2016-11-251-1/+1
| | | | | | | | (thanks to Dieter on the mailing list for catching this!)
| * fix up command help for 'list-users' and 'list-members'Sitaram Chamarty2016-09-301-3/+19
| | | | | | | | ...was incomplete/ambiguous
| * (minor) patch typo in default .rckwadronaut2016-09-091-1/+1
| |
* | Merge tag 'v3.6.6'gitolite-gentoo-3.6.6Robin H. Johnson2017-06-2921-62/+122
|\ \ | |/ | | | | v3.6.6
| * v3.6.6v3.6.6Sitaram Chamarty2016-09-081-0/+10
| |
| * don't 'fatal' when a non-bare repo is thrown in!Sitaram Chamarty2016-09-081-1/+2
| | | | | | | | see https://groups.google.com/forum/#!topic/gitolite/O7lKFU2okl8
| * fix 'access' command behaviour for 'C' and 'D' permsSitaram Chamarty2016-09-082-3/+25
| | | | | | | | | | Thanks to Alexander GroƟ for catching this. Basically, the access command was ignoring the presence or absence
| * minor README changeSitaram Chamarty2016-09-051-3/+3
| | | | | | | | See mailing list thread, subject line "Readme-extensions"
| * prep for perl 5.26 removing "." from @INCSitaram Chamarty2016-09-051-1/+1
| | | | | | | | | | | | | | | | | | | | | | Someone on irc found that debian -- per [1] -- has already implemented it, so gitolite fails. This fix is useful even on older perls; I should have done it long ago. (It prevents perl searching all over @INC for the file when we *know* it's right here under $PWD). [1]: https://lists.debian.org/debian-devel-announce/2016/08/msg00013.html
| * ssh-authkeys-split: do not zap keys without trailing newlinesTony Finch2016-08-311-1/+3
| | | | | | | | | | | | | | | | The normal ssh-authkeys script handles key files without trailing newlines OK. However ssh-authkeys-split does not, because it tries to treat a zero-newline file as a multi-line file, and the shell `read` builtin will not read a line that ends with eof rather than a newline. So it ends up discarding zero-newline keys.
| * suppress warnings when trying to clean repo hookScott Lipcon2016-06-161-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | suppress warning when setting the repo-specific hooks to an empty string, e.g. removing an existing hook. Specifically, we default repositories to use a repo-specific hook: repo @all option hook.post-update = jenkins this causes gitolite to output a warning that it is ignoring the attempt to set a post-update hook on the admin repository. I'd like to be able to do: repo gitolite-admin option hook.post-update = "" but the warning is printed before it realizes that the argument is empty. This patch just changes the order of the checks so that the warning is only printed if the hooks are actually defined.
| * perms: make '-c' required for batch modeSitaram Chamarty2016-06-075-22/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | quoth Tony: > Typing ^C at a command to make it stop without doing anything is a natural > reaction, regardless of any imprecations to type "cancel" He asked for a '-b' option; i.e., don't allow a bare "ssh git@... perms repo" to be interpreted as batch mode. Meanwhile, '-c' is acceptable for existing repos too (as you can see from the mirroring code at least). So, just think of '-c' as a moral eqvt of '-b' that already exists.
| * rewrite create commandSebastian Koslowski2016-05-192-18/+30
| | | | | | | | | | | | | | create no longer calls the perms command, but creates the repo itself. There is some code duplication, but less dependencies between the commands. (With minor modifications by committer)
| * don't run postupdate unless master has been pushedgitolite tester2016-05-071-0/+1
| | | | | | | | thanks to Joseph Huttner for the idea
| * gitolite setup: use '-m' to supply a custom commit messageRaphael Medaer2016-05-071-10/+16
| |
| * minor fixup to selinux detectionSitaram Chamarty2016-03-251-1/+1
| |
| * minor install/test suite changeSitaram Chamarty2016-03-251-0/+2
| | | | | | | | | | | | perl no longer likes it when you increment a string (where you only care about the number at the start). It does it anyway, but it produces a warning, and gitolite's install script does not like that.
| * oops; minor bug in tproxySitaram Chamarty2016-03-211-0/+2
| | | | | | | | | | | | | | | | thanks to Robin Johnson for catching this. Note it only happens in one very very specific case: when no command is sent by the user at all (i.e., "ssh git@host", so even if you don't have this patch, the workaround is "ssh git@host info");
| * oops! perl version need not be that high; remove 'use' lineSitaram Chamarty2016-02-231-1/+0
| | | | | | | | (thanks for Johnson Earls for catching this!)
* | Merge tag 'v3.6.5'gitolite-gentoo-3.6.5Robin H. Johnson2016-02-2010-19/+36
|\ \ | |/ | | | | v3.6.5
| * v3.6.5v3.6.5Sitaram Chamarty2016-02-201-0/+19
| |
| * Add support for Github's new TEMPLATE featuresEugene E. Kashpureff Jr2016-02-182-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Github recently added support for TEMPLATEs for certain Github-specific activities, including creating Issues and Pull Requests. This patch creates these files as symlinks to the CONTRIBUTING document, which explains the process that should be used. Signed-off-by: Eugene E. Kashpureff Jr <eugene@kashpureff.org> Committer's note: I still refuse to use pull requests that *require me to go to the website and do stuff there*. But it seems it's easy enough if the requestor gives you a number. In this case, it was git fetch github refs/pull/78/head git merge FETCH_HEAD
| * ban repo name ending in ".git"Paul Sokolovsky2016-02-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 'user.html' says: The ".git" at the end is optional for git commands (i.e., you can use "testing.git" instead of "testing" for clone, fetch, push, etc., if you like) but gitolite commands in general will not like the additional ".git" at the end. Until now, we've been catching this trailing ".git" in various commands and such, but there are so many programs, it's hard to make sure they all do this properly. This patch catches it deep inside gitolite core. (based on patch sent by Paul Sokolovsky)
| * allow creator check to be bypassed during mirroring...Sitaram Chamarty2016-02-062-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The original, intended, purpose of wild repos is that they belong to the user, and if the user is gone, so should his wild repos. However, it seems people are using the wild repos thing as a convenience to avoid creating actual repo stanzas in the conf file. For them, the actual creator of a repo is more like the gitolite "admin" - his *authority* is being to used to create something, but the thing that is created is not tied to his *identity*. Oh well... so be it! To use, just add option bypass-creator-check = 1 to the rules for the repo.
| * who-pushed: avoid undefined variable warnings before printing usageTony Finch2016-01-211-2/+3
| |
| * (minor) make sure <user> was passed in access commandSebastian Koslowski2016-01-211-1/+1
| |
| * sshkeys-lint: remove a couple of subs...Sitaram Chamarty2016-01-201-12/+2
| | | | | | | | | | | | | | a couple of subs are now re-defined following 285c4b5 ("sshkeys-lint: use new ssh fingerprint functions") because that commit pulls in Common.pm. One (dbg) was subtly different but was not being used anyway, while the other (usage) was genuinely redundant. Got rid of both.
| * ukm: use new ssh fingerprint functions.Robin H. Johnson2016-01-191-4/+4
| | | | | | | | | | | | UKM was never updated for new-style fingerprints at all. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
| * sskm: use new ssh fingerprint functions.Robin H. Johnson2016-01-191-3/+4
| | | | | | | | | | | | SSKM was never updated for new-style fingerprints at all. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
| * sshkeys-lint: use new ssh fingerprint functions.Robin H. Johnson2016-01-191-20/+12
| | | | | | | | Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
| * ssh-authkeys: use new ssh fingerprint functions.Robin H. Johnson2016-01-191-10/+5
| | | | | | | | Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
| * Add helper functions for SSH fingerprints.Robin H. Johnson2016-01-191-0/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | New Gitolite::Common functions: ssh_fingerprint_file ssh_fingerprint_line The existing code for new-style fingerprint did not correctly match on some inputs, as it was not strict enough about the MD5-format fingerprint. Additionally, some places in the codebase had not been updated for new-style fingerprints at all. Two fingerprints both starting with 'SHA256:34' were matched by the old regex as '56:34', instead of a full MD5 fingerprint, and gitolite mistakenly thought they were identical. This held for ANY new form fingerprint where both the hashname ended with AND the hash content started with [0-9a-f]{2}. Be stricter about the form of the fingerprints instead: - MD5 can have a 'MD5:' prefix (new OpenSSH versions only). - MD5 has a known length (16 octets of hex digits, with colons) - Other hashes are more than just SHA256, but all follow the form '$HASHNAME:$base64_str' This commit introduces the new functions only. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
| * allow pre-auto-gc also when adding repo specific hooksSitaram Chamarty2016-01-131-2/+2
| |
* | Merge branch 'wip-sshfp'Robin H. Johnson2016-01-125-37/+67
|\ \
| * | ukm: use new ssh fingerprint functions.wip-sshfpRobin H. Johnson2016-01-121-4/+4
| | | | | | | | | | | | | | | | | | UKM was never updated for new-style fingerprints at all. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
| * | sskm: use new ssh fingerprint functions.Robin H. Johnson2016-01-121-3/+4
| | | | | | | | | | | | | | | | | | SSKM was never updated for new-style fingerprints at all. Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
| * | sshkeys-lint: use new ssh fingerprint functions.Robin H. Johnson2016-01-121-20/+12
| | | | | | | | | | | | Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
| * | ssh-authkeys: use new ssh fingerprint functions.Robin H. Johnson2016-01-121-10/+5
| | | | | | | | | | | | Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>