Commit graph

45737 commits

Author SHA1 Message Date
Joey Hess
028b4a9203
comment 2024-10-21 11:32:02 -04:00
Joey Hess
952442fdc4
comment 2024-10-21 11:24:50 -04:00
Joey Hess
98ad05a07b
Merge branch 'master' of ssh://git-annex.branchable.com 2024-10-21 10:41:51 -04:00
Joey Hess
5ce388cd94
response 2024-10-21 10:40:51 -04:00
git-annex@3fb6b72405b924a12d8319f01d0fdb908a3c551e
c45822852c 2024-10-21 14:14:18 +00:00
git-annex@3fb6b72405b924a12d8319f01d0fdb908a3c551e
3953b880e9 2024-10-21 14:12:31 +00:00
Joey Hess
b8d6b7c848
Merge branch 'master' of ssh://git-annex.branchable.com 2024-10-21 10:03:32 -04:00
Joey Hess
de138c642b
p2phttp: Allow unauthenticated users to lock content by default
* p2phttp: Allow unauthenticated users to lock content by default.
* p2phttp: Added --unauth-nolocking option to prevent unauthenticated
  users from locking content.

The rationalle for this is that locking is not really a write operation, so
makes sense to allow in a repository that only allows read-only access. Not
supporting locking in that situation will prevent the user from dropping
content from a special remote they control in cases where the other copy of
the content is on the p2phttp server.

Also, when p2phttp is configured to also allow authenticated access,
lockcontent was resulting in a password prompt for users who had no way to
authenticate. And there is no good way to distinguish between the two types
of users client side.

--unauth-nolocking anticipates that this might be abused, and seems better
than disabling unauthenticated access entirely if a server is being
attacked. It may be that rate limiting locking by IP address or similar
would be an effective measure in such a situation. Or just limiting the
number of locks by anonymous users that can be live at any one time. Since
the impact of such an DOS attempt is limited to preventing dropping content
from the server, it seems not a very appealing target anyway.
2024-10-21 10:02:12 -04:00
git-annex@3fb6b72405b924a12d8319f01d0fdb908a3c551e
60c123dd9d 2024-10-21 13:10:52 +00:00
Joey Hess
87c88025d1
comment 2024-10-19 17:53:28 -04:00
Joey Hess
e9771ff45c
tag 2024-10-19 17:13:26 -04:00
Joey Hess
82e91b380a
add GITMANIFEST to parseKeyVariety
git-remote-annex: Fix bug that prevented using it with external special
remotes, leading to protocol error messages involving "GITMANIFEST".
2024-10-19 17:12:23 -04:00
Joey Hess
bbc2d47782
comment 2024-10-19 16:43:35 -04:00
yarikoptic
93534b6a94 Added a comment 2024-10-18 20:31:21 +00:00
matrss
4a810c56b2 Added a comment 2024-10-18 16:56:46 +00:00
Joey Hess
a3d1d3bcb6
comments 2024-10-18 12:04:48 -04:00
Joey Hess
d5b59ecba9
clarification on 403 2024-10-18 11:05:41 -04:00
Joey Hess
69f8c41492
comment 2024-10-18 10:28:49 -04:00
Joey Hess
14336b9660
fix build on windows
Utility.OpenFile is posix only
2024-10-18 10:17:07 -04:00
yarikoptic
fbe4530989 Added a comment 2024-10-18 13:10:38 +00:00
yarikoptic
0784ca2339 report on windows FTBFS 2024-10-18 13:04:49 +00:00
yarikoptic
899f822270 Added a comment 2024-10-18 13:01:25 +00:00
Joey Hess
fdf8b64d7e
comment 2024-10-17 20:56:31 -04:00
Joey Hess
b83fdf66df
Allow enabling the servant build flag with older versions of stm
Allowing building with ghc 9.0.2 (debian stable).

Updated patch covering all uses of writeTMVar.
2024-10-17 20:55:31 -04:00
yarikoptic
facde8bf85 removed 2024-10-17 22:08:32 +00:00
yarikoptic
e584ad6f24 Added a comment 2024-10-17 21:44:50 +00:00
yarikoptic
96f8297ab1 Added a comment 2024-10-17 21:44:17 +00:00
yarikoptic
2b42622727 Added a comment 2024-10-17 21:44:04 +00:00
mih
b642800d8c Tag with project ID 2024-10-17 20:26:08 +00:00
yarikoptic
f0a86bc223 Added a comment 2024-10-17 18:37:57 +00:00
Joey Hess
3c75e333c5
comment 2024-10-17 14:05:20 -04:00
Joey Hess
3a53c60121
Allow enabling the servant build flag with older versions of stm
Allowing building with ghc 9.0.2 (debian stable).
2024-10-17 14:04:31 -04:00
yarikoptic
c738920d19 Added a comment 2024-10-17 17:04:07 +00:00
Joey Hess
0629219617
p2phttp combining unauth and auth options
p2phttp: Support serving unauthenticated users while requesting
authentication for operations that need it. Eg, --unauth-readonly can be
combined with --authenv.

Drop locking currently needs authentication so it will prompt for that.
That still needs to be addressed somehow.
2024-10-17 11:10:28 -04:00
Joey Hess
4e59828f4c
response 2024-10-17 10:10:26 -04:00
Joey Hess
b387ffef33
Merge branch 'master' of ssh://git-annex.branchable.com 2024-10-17 10:06:25 -04:00
Joey Hess
5adc54eaba
add IMN7 to projects and tag a relevant issue 2024-10-17 10:06:08 -04:00
Joey Hess
6c65de35f0
comment 2024-10-17 10:01:31 -04:00
yarikoptic
1fa10f9427 question about Servant 2024-10-17 13:57:43 +00:00
matrss
8f96f7b16b 2024-10-17 09:39:56 +00:00
matrss
20e7201e5d Make VURL a proper list item 2024-10-17 09:18:04 +00:00
yarikoptic
48fb37388f initial report on divergence in behavior on ACL 2024-10-16 19:13:08 +00:00
yarikoptic
460cdb5623 Added a comment 2024-10-16 18:58:04 +00:00
yarikoptic
bcc243f5b1 make freeze/thaw relative paths 2024-10-16 18:51:45 +00:00
yarikoptic
d672a4ccfe initial report on freeze/thaw exit code ignorance 2024-10-16 18:34:06 +00:00
matrss
287212c40e Added a comment 2024-10-16 12:09:02 +00:00
Joey Hess
c4dfeaef53
streaming uploads 2024-10-15 16:02:19 -04:00
yarikoptic
6eb32468bc initial report on not all files being saved 2024-10-15 18:15:16 +00:00
Joey Hess
9e8bbb3aac
remove change that was accidentially committed 2024-10-15 13:30:52 -04:00
Joey Hess
c6c794a27d
comment 2024-10-15 13:27:27 -04:00