Commit graph

1920 commits

Author SHA1 Message Date
Joey Hess
55fa1789dd Don't show "(gpg)" when decrypting the remote encryption cipher, since this could be taken to read that's the only time git-annex runs gpg, which is not the case. 2014-12-02 13:50:45 -04:00
Joey Hess
6ecd3ff421 diffdriver: New git-annex command, to make git external diff drivers work with annexed files.
Closes https://github.com/datalad/datalad/issues/18
2014-11-24 16:14:06 -04:00
Joey Hess
ffac19a29c Merge branch 'undo' 2014-11-14 14:55:35 -04:00
Joey Hess
2f83914212 Add undo action to nautilus and konqueror integration. 2014-11-14 14:55:21 -04:00
Joey Hess
13260ccc3a undo command
This commit was sponsored by Andrew Cant.
2014-11-14 14:41:07 -04:00
Joey Hess
31c2ece395 Windows: Remove Alt+A keyboard shortcut, which turns out to have scope outside the menus. 2014-11-14 13:56:05 -04:00
Joey Hess
372237991a clarification from author; lsof fixed a bug 2014-11-13 13:01:43 -04:00
Joey Hess
63fa5c0782 Work around apparent bug in lsof 4.88's -F output format. 2014-11-12 18:00:40 -04:00
Joey Hess
864086a956 proxy: for all your direct mode repository munging needs
This allows bypassing the direct mode guard in a safe way to do all sorts
of things including git revert, git mv, git checkout ...

This commit was sponsored by the WikiMedia Foundation.
2014-11-12 15:51:46 -04:00
Joey Hess
58d50f260a Debian package is now maintained by Gergely Nagy. 2014-11-11 17:11:16 -04:00
Joey Hess
adc5ca70a8 pre-commit: Block partial commit of unlocked annexed file, since that left a typechange staged in index
I had hoped that the git devs could change git's handling of partial
commits to not use a false index file, but seems not.

So, this relies on some git internals to detect that case. The test suite
has a test case added to catch it if changes to git break it.

This commit was sponsored by Paul Tagliamonte.
2014-11-10 15:36:24 -04:00
Joey Hess
748e403fed add changelog entires for when this branch gets merged 2014-11-06 14:38:51 -04:00
Joey Hess
36476aa005 prep release 2014-11-05 12:02:55 -04:00
Joey Hess
334f366979 Remove fixup code for bad bare repositories created by versions 5.20131118 through 5.20131127. That fixup code would accidentially fire when --git-dir was incorrectly pointed at the working tree of a git-annex repository, resulting in data loss. Closes: #768093 2014-11-04 18:04:19 -04:00
Joey Hess
a3ec6ed73b Merge branch 'master' into s3-aws-multipart 2014-11-03 16:05:03 -04:00
Joey Hess
0f6aaf8012 Windows: Fix crash when user.name is not set in git config. 2014-10-31 16:14:12 -04:00
Joey Hess
e535ff8fa4 Merge branch 'master' into s3-aws 2014-10-28 12:39:22 -04:00
Joey Hess
5bdcb23424 prep release 2014-10-24 13:03:50 -04:00
Joey Hess
c986bc67e5 add cabal flag for use with debian's older version of aws, which is now patched with the necessary stuff 2014-10-23 16:39:55 -04:00
Joey Hess
35551d0ed0 Merge branch 'master' into s3-aws
Conflicts:
	Remote/S3.hs
2014-10-22 17:14:38 -04:00
Joey Hess
25574bead1 enableremote: When the remote has creds, update the local creds cache file. Before, the old version of the creds could be left there, and would continue to be used. 2014-10-22 14:28:25 -04:00
Joey Hess
9280fe4cbe include creds location in info
This is intended to let the user easily tell if a remote's creds are
coming from info embedded in the repository, or instead from the
environment, or perhaps are locally stored in a creds file.

This commit was sponsored by Frédéric Schütz.
2014-10-21 15:09:40 -04:00
Joey Hess
aafaa363e3 info: When passed the name or uuid of a remote, displays info about that remote.
No per-remote-type info yet.

This commit was sponsored by Stanley Yamane.
2014-10-21 14:35:07 -04:00
Joey Hess
4a9e70c705 info: When run on a single annexed file, displays some info about the file, including its key and size. 2014-10-21 13:24:15 -04:00
Joey Hess
fced322834 glacier: Fix pipe setup when calling glacier-cli to retrieve an object. 2014-10-20 15:11:01 -04:00
Joey Hess
d3d2e51ddf update 2014-10-16 12:19:40 -04:00
Joey Hess
1e59df083d Use haskell setenv library to clean up several ugly workarounds for inability to manipulate the environment on windows.
Didn't know that this library existed!

This includes making git-annex not re-exec itself on start on windows, and
making the test suite on Windows run tests without forking.
2014-10-15 20:33:52 -04:00
Joey Hess
fe5e25eec7 initremote: Don't allow creating a special remote that has the same name as an existing git remote.
This is not a complete fix. For one, git remote will happily go add a
remote that has the same name as an existing special remote. For another,
enableremote will enable a special remote over top of an existing git
remote. And, also, the webapp might.
2014-10-15 15:47:49 -04:00
Joey Hess
cdcb4548b3 Remove hurd stuff from cabal file, since hackage currently rejects it.
https://github.com/haskell/hackage-server/issues/269
2014-10-15 13:31:20 -04:00
Joey Hess
db9121ecee vicfg: Deleting configurations now resets to the default, where before it has no effect.
Added a Default instance for TrustLevel, and was able to use that to clear
up several other parts of the code too.

This commit was sponsored by Stephan Schulz
2014-10-14 14:15:07 -04:00
Joey Hess
86a7bddb41 prep release 2014-10-13 10:13:27 -04:00
Joey Hess
c6e9125c61 repair: Prevent auto gc from happening when fetching from a remote. 2014-10-12 14:27:46 -04:00
Joey Hess
9af06670b5 map: Handle .git prefixed remote repos. Closes: #614759 2014-10-12 14:11:29 -04:00
Joey Hess
ef3804bdb3 S3: Fix embedcreds=yes handling for the Internet Archive.
Before, embedcreds=yes did not cause the creds to be stored in remote.log,
but also prevented them being locally cached.
2014-10-12 13:15:52 -04:00
Joey Hess
164f0d73ff Support building with yesod 1.4.
The new yesod needs the ViewPatterns extension.
Also, a TH splice in Assistant/Threads/WebApp.hs failed to work without
OverLoadedStrings.

This commit was sponsored by Brock Spratlen.
2014-10-09 17:01:54 -04:00
Joey Hess
55c7eb78ee add copyright of code copied from yesod 2014-10-09 15:17:07 -04:00
Joey Hess
e6a432bb56 rewrote and expanded package description 2014-10-03 14:12:32 -04:00
Joey Hess
1d5bde3be5 Adjust cabal file to support building w/o assistant on the hurd.
I used to have this and hackage rejected the os(gnu), so I am going to see
if the new hackage still rejects it.
2014-09-29 14:08:29 -04:00
Joey Hess
a001207aef prep release 2014-09-27 14:25:15 -04:00
Joey Hess
7de9b8ec06 Add temporary workaround for bug #763078 which broke building on armel and armhf. 2014-09-27 14:22:04 -04:00
Joey Hess
f518858c12 Really depend (not just build-depend) on new enough git for --no-gpg-sign to work. Closes: #763057 2014-09-27 12:15:22 -04:00
Joey Hess
5e3c41c7aa prep release 2014-09-26 15:09:13 -04:00
Joey Hess
adf69dc417 Work around failure to build on mips by using cabal, not Setup, to build in debian/rules. 2014-09-26 15:08:41 -04:00
Joey Hess
4058eeb252 Depend on new enough git for --no-gpg-sign to work. Closes: #762446 2014-09-22 13:50:16 -04:00
Joey Hess
264c65e8f8 prep release 2014-09-19 13:02:19 -04:00
Joey Hess
7faf2436f3 CVE id assigned 2014-09-19 01:38:51 -04:00
Joey Hess
0ed33c8b74 deal with old repositories with non-encrypted creds
See 2f3c3aa01f for backstory about how a repo
could be in this state.

When decryption fails, the repo must be using non-encrypted creds. Note
that creds are encrypted/decrypted using the encryption cipher which is
stored in the repo, so the decryption cannot fail due to missing gpg keys
etc. (For !shared encryptiom, the cipher is iteself encrypted using some
gpg key(s), and the decryption of the cipher happens earlier, so not
affected by this change.

Print a warning message for !shared repos, and continue on using the
cipher. Wrote a page explaining what users hit by this bug should do.

This commit was sponsored by Samuel Tardieu.
2014-09-18 17:58:03 -04:00
Joey Hess
2f3c3aa01f glacier, S3: Fix bug that caused embedded creds to not be encypted using the remote's key.
encryptionSetup must be called before setRemoteCredPair. Otherwise,
the RemoteConfig doesn't have the cipher in it, and so no cipher is used to
encrypt the embedded creds.

This is a security fix for non-shared encryption methods!

For encryption=shared, there's no security problem, just an
inconsistentency in whether the embedded creds are encrypted.

This is very important to get right, so used some types to help ensure that
setRemoteCredPair is only run after encryptionSetup. Note that the external
special remote bypasses the type safety, since creds can be set after the
initial remote config, if the external special remote program requests it.
Also note that IA remotes never use encryption, so encryptionSetup is not
run for them at all, and again the type safety is bypassed.

This leaves two open questions:

1. What to do about S3 and glacier remotes that were set up
   using encryption=pubkey/hybrid with embedcreds?
   Such a git repo has a security hole embedded in it, and this needs to be
   communicated to the user. Is the changelog enough?

2. enableremote won't work in such a repo, because git-annex will
   try to decrypt the embedded creds, which are not encrypted, so fails.
   This needs to be dealt with, especially for ecryption=shared repos,
   which are not really broken, just inconsistently configured.

   Noticing that problem for encryption=shared is what led to commit
   fbdeeeed5f, which tried to
   fix the problem by not decrypting the embedded creds.

This commit was sponsored by Josh Taylor.
2014-09-18 17:26:12 -04:00
Joey Hess
d84eab8a8a Revert "S3, Glacier, WebDAV: Fix bug that prevented accessing the creds when the repository was configured with encryption=shared embedcreds=yes."
This reverts commit fbdeeeed5f.

I can find no basis for that commit and think that I made it in error.
setRemoteCredPair always encrypts using the cipher from remoteCipher,
even when the cipher is shared.
2014-09-18 15:21:47 -04:00
Joey Hess
f7847ae98d Merge branch 'master' into s3-aws
Conflicts:
	Utility/Url.hs
	debian/changelog
	git-annex.cabal
2014-09-18 14:36:20 -04:00
Joey Hess
44e7d6e1fe add: In direct mode, adding an annex symlink will check it into git, as was already done in indirect mode. 2014-09-18 14:24:47 -04:00
Joey Hess
9964584c34 WebDav: Fix enableremote crash when the remote already exists. (Bug introduced in version 5.20140817.) 2014-09-17 13:04:55 -04:00
Joey Hess
2abeae7582 Windows: Avoid crashing trying to list gpg secret keys, for gcrypt which is not yet supported on Windows. 2014-09-16 13:40:44 -04:00
Joey Hess
09e20c3827 assistant: Detect when repository has been deleted or moved, and automatically shut down the assistant. Closes: #761261 2014-09-15 14:45:37 -04:00
Joey Hess
05e7518c3e prep 2014-09-15 10:47:10 -04:00
Joey Hess
70b2160d32 Fix build with optparse-applicative 0.10. Closes: #761484
This also works with 0.9, and probably 0.8.
2014-09-14 12:30:37 -04:00
Joey Hess
7482166180 Rather than crashing when there's a problem with the requested bloomfilter capacity/accuracy, fall back to a reasonable default bloom filter size. 2014-09-12 12:26:12 -04:00
Joey Hess
9711d529c8 WORM backend: Switched to include the relative path to the file inside the repository, rather than just the file's base name. Note that if you're relying on such things to keep files separate with WORM, you should really be using a better backend. 2014-09-11 14:50:18 -04:00
Joey Hess
4c429ad7ee sync: Ensure that pending changes to git-annex branch are committed when in direct mode. (Fixing a very minor reversion.) 2014-09-11 14:35:28 -04:00
Joey Hess
0598412e5c Fix transfer lock file FD leak that could occur when two separate git-annex processes were both working to perform the same set of transfers. 2014-09-11 13:53:26 -04:00
Joey Hess
9ed63d1545 Promote file not found warning message to an error. 2014-09-11 13:36:28 -04:00
Joey Hess
a97c9e43b7 The annex-rsync-transport configuration is now also used when checking if a key is present on a rsync remote, and when dropping a key from the remote. 2014-09-11 13:21:35 -04:00
Joey Hess
11f111bf1a Fix parsing of ipv6 address in git remote address when it was not formatted as an url. 2014-09-10 14:17:02 -04:00
Joey Hess
b874f84086 New annex.hardlink setting. Closes: #758593
* New annex.hardlink setting. Closes: #758593
* init: Automatically detect when a repository was cloned with --shared,
  and set annex.hardlink=true, as well as marking the repository as
  untrusted.

Had to reorganize Logs.Trust a bit to avoid a cycle between it and
Annex.Init.
2014-09-05 13:44:09 -04:00
Joey Hess
0881f6d45c webapp: Fixed visual glitch in xmpp pairing.
It seems that all other uses of <div .col-sm-9> occur outside of
<div .content-box>. This one occurred inside it, when xmpp pairing.

This was introduced in the bootstrap 3 conversion.
2014-09-04 16:18:20 -04:00
Joey Hess
62e6ad8bee prep release 2014-08-31 12:30:29 -07:00
Joey Hess
aa5c48dd22 update arch deps
sparc no longer supports yesod (and is probably not going to be a release
arch anyway)

tasty is now built on mipsel.
2014-08-30 09:09:47 -07:00
Joey Hess
6eb5c3f479 Do not preserve permissions and acls when copying files from one local git repository to another. Timestamps are still preserved as long as cp --preserve=timestamps is supported.
This avoids cp -a overriding the default mode acls that the user might have
set in a git repository.

With GNU cp, this behavior change should not be a breaking change, because
git-anex also uses rsync sometimes in the same situation, and has only ever
preserved timestamps when using rsync.

Systems without GNU cp will no longer use cp -a, but instead just cp.
So, timestamps will no longer be preserved. Preserving timestamps when
copying between repos is not guaranteed anyway.

Closes: #729757
2014-08-26 17:10:25 -07:00
Joey Hess
06b51f67ac no lsof build-dep on hurd
No assistant there
2014-08-23 18:47:31 -07:00
Joey Hess
756a6277ff Fix stub git-annex test support when built without tasty. 2014-08-23 18:46:08 -07:00
Joey Hess
4405650828 Fix handing of autocorrection when running outside a git repository.
Old behavior was to take the first fuzzy match. Now, it checks the globa
git config, and runs the normal fuzzy handling, including failing to run a
semi-random command by default.
2014-08-23 16:51:33 -07:00
Joey Hess
96dc423e39 When accessing a local remote, shut down git-cat-file processes afterwards, to ensure that remotes on removable media can be unmounted. Closes: #758630
This does mean that eg, copying multiple files to a local remote will
become slightly slower, since it now restarts git-cat-file after each copy.
Should not be significant slowdown.

The reason git-cat-file is run on the remote at all is to update its
location log. In order to add an item to it, it needs to get the current
content of the log. Finding a way to avoid needing to do that would be a
good path to avoiding this slowdown if it does become a problem somehow.

This commit was sponsored by Evan Deaubl.
2014-08-20 12:07:57 -04:00
Joey Hess
092041fab0 Ensure that all lock fds are close-on-exec, fixing various problems with them being inherited by child processes such as git commands.
(With the exception of daemon pid locking.)

This fixes at part of #758630. I reproduced the assistant locking eg, a
removable drive's annex journal lock file and forking a long-running
git-cat-file process that inherited that lock.

This did not affect Windows.

Considered doing a portable Utility.LockFile layer, but git-annex uses
posix locks in several special ways that have no direct Windows equivilant,
and it seems like it would mostly be a complication.

This commit was sponsored by Protonet.
2014-08-20 11:37:02 -04:00
Joey Hess
37293dc28f Make --help work when not in a git repository. Closes: #758592
Note that this means getopt parsing is done even when not in a git
repository, even though currently cmdnorepo is not passed the results of
it. I'd like to move to cmdnorepo not doing its own ad-hoc option parsing,
so this is really a good thing. (But as long as eg, getOptionFlag needs an
Annex monad, it cannot be used in cmdnorepo handling.)

There is a potential for problems if any cmdnorepo branch of a command
handles options that are not in its regular getopt, but that would be a bug
anyway.
2014-08-19 12:55:15 -04:00
Joey Hess
5eb5451021 update aws version requirements 2014-08-18 15:26:18 -04:00
Joey Hess
5f749a0665 fix lower bounds on version of exceptions
This is needed only because of the new MonadMask needed for bracket
in the new version. Ifdefing it everywhere is not practical, since the
Setup.hs uses it.
2014-08-17 14:37:14 -04:00
Joey Hess
f273882567 prep release 2014-08-17 10:31:21 -04:00
Joey Hess
dd619c7166 Switched from the old haskell HTTP library to http-conduit.
The hoary old HTTP library was only used when checking if an url exists,
when curl was not available. It had many problems, including not supporting
https at all.

Now, this is done using http-conduit for all urls that it supports. Falls
back to curl for any url that http-conduit doesn't like (probably ftp etc,
but could also be an url that its parser chokes on for whatever reason).

This adds a new dependency on http-conduit, but webdav support already
indirectly depended on that, and the s3-aws branch also uses it.

This opens up the possibility of using http-conduit for large file
downloads, but for now I've left it using wget/curl.

This commit was sponsored by Paul Tötterman.
2014-08-15 17:37:42 -04:00
Joey Hess
ef01ff1e77 Merge branch 'master' into s3-aws
Conflicts:
	git-annex.cabal
2014-08-15 17:30:40 -04:00
Joey Hess
edac4afc53 Switched from the old haskell HTTP library to http-conduit.
The hoary old HTTP library was only used when checking if an url exists,
when curl was not available. It had many problems, including not supporting
https at all.

Now, this is done using http-conduit for all urls that it supports. Falls
back to curl for any url that http-conduit doesn't like (probably ftp etc,
but could also be an url that its parser chokes on for whatever reason).

This adds a new dependency on http-conduit, but webdav support already
indirectly depended on that, and the s3-aws branch also uses it.
2014-08-15 17:27:44 -04:00
Joey Hess
852185c242 git-annex-shell sendkey: Don't fail if a remote asks for a key to be sent that already has a transfer lock file indicating it's being sent to that remote. The remote may have moved between networks, or reconnected. 2014-08-15 14:17:05 -04:00
Joey Hess
bb6cec3461 direct: Avoid leaving file content in misctemp if interrupted. 2014-08-15 13:38:05 -04:00
Joey Hess
fbdeeeed5f S3, Glacier, WebDAV: Fix bug that prevented accessing the creds when the repository was configured with encryption=shared embedcreds=yes.
Since encryption=shared, the encryption key is stored in the git repo, so
there is no point at all in encrypting the creds, also stored in the git
repo with that key. So `initremote` doesn't. The creds are simply stored
base-64 encoded.

However, it then tried to always decrypt creds when encryption was used..
2014-08-12 15:35:29 -04:00
Joey Hess
f0df660570 WORM backend: When adding a file in a subdirectory, avoid including the subdirectory in the key name. 2014-08-12 14:38:53 -04:00
Joey Hess
d8be828734 direct: Fix ugly warning messages.
replaceFileOr was broken and ran the rollback action always.
Luckily, for replaceFile, the rollback action was safe to run, since it
just nuked a temp file that had already been moved into place.

However, when `git annex direct` used replaeFileOr, its rollback printed a
scary message:

  /home/joey/tmp/rrrr/.git/annex/misctmp/tmp32268: rename: does not exist (No such file or directory)

There was actually no bad result though.
2014-08-12 13:00:08 -04:00
Joey Hess
7285896996 make windows depend on new enough unix-compat to get inode numbers 2014-08-12 12:30:40 -04:00
Joey Hess
3659cb9efb S3: finish converting to aws library
Implemented the Retriever.

Unfortunately, it is a fileRetriever and not a byteRetriever.
It should be possible to convert this to a byteRetiever, but I got stuck:
The conduit sink needs to process individual chunks, but a byteRetriever
needs to pass a single L.ByteString to its callback for processing. I
looked into using unsafeInerlaveIO to build up the bytestring lazily,
but the sink is already operating under conduit's inversion of control,
and does not run directly in IO anyway.

On the plus side, no more memory leak..
2014-08-09 15:58:01 -04:00
Joey Hess
a6da13c1e9 deps 2014-08-09 15:56:46 -04:00
Joey Hess
8eac9eab03 Merge branch 'master' into s3-aws 2014-08-09 13:40:21 -04:00
Joey Hess
2fd9518f72 unlock: Better error handling; continue past files that are not available or cannot be unlocked due to disk space, and try all specified files. 2014-08-09 11:09:54 -04:00
Joey Hess
6fcca2f13e WIP converting S3 special remote from hS3 to aws library
Currently, initremote works, but not the other operations. They should be
fairly easy to add from this base.

Also, https://github.com/aristidb/aws/issues/119 blocks internet archive
support.

Note that since http-conduit is used, this also adds https support to S3.
Although git-annex encrypts everything anyway, so that may not be extremely
useful. It is not enabled by default, because existing S3 special remotes
have port=80 in their config. Setting port=443 will enable it.

This commit was sponsored by Daniel Brockman.
2014-08-08 19:00:53 -04:00
Joey Hess
2d344edf60 increave dav build-dep 2014-08-08 13:47:44 -04:00
Joey Hess
c3f8512475 WebDAV: Avoid buffering whole file in memory when downloading.
httpBodyRetriever will later also be used by S3

This commit was sponsored by Ethan Aubin.
2014-08-08 13:40:55 -04:00
Joey Hess
871b6cb886 DAV version turns out to be 1.0. 2014-08-08 12:50:51 -04:00
Joey Hess
d3d30d2bf3 need transformers for Utility.Exception 2014-08-07 22:11:28 -04:00
Joey Hess
c784ef4586 unify exception handling into Utility.Exception
Removed old extensible-exceptions, only needed for very old ghc.

Made webdav use Utility.Exception, to work after some changes in DAV's
exception handling.

Removed Annex.Exception. Mostly this was trivial, but note that
tryAnnex is replaced with tryNonAsync and catchAnnex replaced with
catchNonAsync. In theory that could be a behavior change, since the former
caught all exceptions, and the latter don't catch async exceptions.

However, in practice, nothing in the Annex monad uses async exceptions.
Grepping for throwTo and killThread only find stuff in the assistant,
which does not seem related.

Command.Add.undo is changed to accept a SomeException, and things
that use it for rollback now catch non-async exceptions, rather than
only IOExceptions.
2014-08-07 22:03:29 -04:00
Joey Hess
2dd8dab314 WebDAV: Avoid buffering whole file in memory when uploading.
The httpStorer will later also be used by S3.

This commit was sponsored by Torbjørn Thorsen.
2014-08-07 19:32:23 -04:00
Joey Hess
0b1b85d9ea use DAV monad
This speeds up the webdav special remote somewhat, since it often now
groups actions together in a single http connection when eg, storing a
file.

Legacy chunks are still supported, but have not been sped up.

This depends on a as-yet unreleased version of DAV.

This commit was sponsored by Thomas Hochstein.
2014-08-07 17:32:57 -04:00
Joey Hess
aacb0b2823 convert WebDAV to new special remote interface, adding new-style chunking support
Reusing http connection when operating on chunks is not done yet,
I had to submit some patches to DAV to support that. However, this is no
slower than old-style chunking was.

Note that it's a fileRetriever and a fileStorer, despite DAV using
bytestrings that would allow streaming. As a result, upload/download of
encrypted files is made a bit more expensive, since it spools them to temp
files. This was needed to get the progress meters to work.

There are probably ways to avoid that.. But it turns out that the current
DAV interface buffers the whole file content in memory, and I have
sent in a patch to DAV to improve its interfaces. Using the new interfaces,
it's certainly going to need to be a fileStorer, in order to read the file
size from the file (getting the size of a bytestring would destroy
laziness). It should be possible to use the new interface to make it be a
byteRetriever, so I'll change that when I get to it.

This commit was sponsored by Andreas Olsson.
2014-08-06 16:57:06 -04:00
Joey Hess
d12becfdde fix removal from local gcrypt repo that had files stored using rsync
When files are stored using rsync, they have their write bit removed;
so does the directory they're put in. The local repo code did not turn
these bits back on, so failed to remove.
2014-08-03 20:21:46 -04:00