Commit graph

37156 commits

Author SHA1 Message Date
Joey Hess
4814b444dd
make storeExport throw exceptions 2020-05-15 12:20:02 -04:00
https://christian.amsuess.com/chrysn
112d2f8e7b Added a comment: Re: Usefulness of batch key processing 2020-05-15 09:33:22 +00:00
https://christian.amsuess.com/chrysn
340287ef94 Added a comment: Usefulness of batch key processing 2020-05-15 09:21:15 +00:00
globallyunique@da2274b36ca296fe35912b9fd7387e3a5bd17c7c
acec8e3c89 Added a comment: GCS using S3: removeKey when not present: FAIL 2020-05-14 20:39:21 +00:00
Joey Hess
dc7dc1e179
refactor 2020-05-14 14:21:58 -04:00
Joey Hess
4be94c67c7
make removeKey throw exceptions 2020-05-14 14:11:05 -04:00
globallyunique@da2274b36ca296fe35912b9fd7387e3a5bd17c7c
e6937e7643 2020-05-14 01:52:30 +00:00
Joey Hess
b5ee97f32a
Merge branch 'master' of ssh://git-annex.branchable.com 2020-05-13 17:09:13 -04:00
Joey Hess
d9c7f81ba4
make retrieveKeyFile and retrieveKeyFileCheap throw exceptions
Converted retrieveKeyFileCheap to a Maybe, to avoid needing to throw a
exception when a remote doesn't support it.
2020-05-13 17:07:07 -04:00
https://launchpad.net/~felixonmars
f246e78fd7 2020-05-13 20:35:29 +00:00
Joey Hess
a6adea4aaf
Merge branch 'master' of ssh://git-annex.branchable.com 2020-05-13 14:05:11 -04:00
Joey Hess
c1cd402081
make storeKey throw exceptions
When storing content on remote fails, always display a reason why.

Since the Storer used by special remotes already did, this mostly affects
git remotes, but not entirely. For example, if git-lfs failed to connect to
the endpoint, it used to silently return False.
2020-05-13 14:03:00 -04:00
Joey Hess
b50ee9cd0c
remove Preparer abstraction
That had almost no benefit at all, and complicated things quite a lot.

What I proably wanted this to be was something like ResourceT, but it
was not. The few remotes that actually need some preparation done only
once and reused used a MVar and not Preparer.
2020-05-13 11:56:21 -04:00
Chymera
e42d2ce0c7 Added a comment 2020-05-13 04:15:53 +00:00
ryan.singer@5db89d157f0565db67eac571e2433fa96c187e32
3b231f900c Added a comment 2020-05-12 23:26:11 +00:00
Joey Hess
49bf7c8403
typo 2020-05-12 13:59:15 -04:00
Joey Hess
898770dda1
comment 2020-05-12 13:58:14 -04:00
Joey Hess
be5caeaf51
catch more exceptions
Just in case a non-IO exception might somehow be thrown.
2020-05-12 13:05:06 -04:00
Joey Hess
35b3c891af
followup 2020-05-12 12:48:07 -04:00
Joey Hess
64e081d585
Merge branch 'master' of ssh://git-annex.branchable.com 2020-05-12 09:56:21 -04:00
Joey Hess
75add873de
fix paste 2020-05-12 09:55:54 -04:00
efraim@78c5af2ab57cf0d7aa23bae3dd0adb700c98217c
f0fc1a3906 Added a comment 2020-05-12 13:16:51 +00:00
Joey Hess
959ae7733a
man pages improvements
Added some examples. Tightened up some language and removed some
unncessary duplicate documentaton.
2020-05-12 09:07:45 -04:00
Chymera
47bd71b096 2020-05-12 07:05:23 +00:00
Joey Hess
2a8fdfc7d8
Display a warning message when asked to operate on a file inside a directory that's a symbolic link to elsewhere
This relicates git's behavior. It adds a few stat calls for the command
line parameters, so there is some minor slowdown, but even with thousands
of parameters it will not be very noticable, and git does the same statting
in similar circumstances.

Note that this does not prevent eg "git annex add symlink"; the symlink
will be added to git as usual. And "git annex find symlink" will silently
list nothing as well. It's only "symlink/foo" or "subdir/symlink/foo" that
triggers the warning.
2020-05-11 15:03:35 -04:00
Joey Hess
39d7e6dd2a
addurl --preserve-filename for other remotes
Finishing work begun in 6952060665

Also, truncate filenames provided by other remotes if they're too long,
when --preserve-filename is not used. That seems to have been omitted
before by accident.
2020-05-11 14:33:27 -04:00
Joey Hess
5f5170b22b
remove SafeFilePath
Move sanitizeFilePath call to where fromSafeFilePath had been.
2020-05-11 14:04:56 -04:00
Joey Hess
cabbc91b18
addurl, importfeed: Allow '-' in filenames, as long as it's not the first character 2020-05-11 13:50:49 -04:00
Joey Hess
57451bd9a1
followup 2020-05-11 13:06:39 -04:00
Joey Hess
3b15145703
fix name of option 2020-05-11 13:05:57 -04:00
Joey Hess
79cc7cba93
response 2020-05-11 12:56:34 -04:00
Joey Hess
568c2b58c2
comments 2020-05-11 12:49:50 -04:00
Joey Hess
0e2e8df8bf
bug 2020-05-11 12:38:40 -04:00
Joey Hess
42cc20c99c
Merge /home/joey/thk_fix_haddock 2020-05-11 11:40:45 -04:00
efraim@78c5af2ab57cf0d7aa23bae3dd0adb700c98217c
84d5f77630 Added a comment 2020-05-11 11:29:34 +00:00
Thomas Koch
8a0480daf3 Fix haddock parse error
I run haddock with `cabal haddock --executables`. It fails with:

    Types/Remote.hs:271:17: error: parse error on input ‘->’

Apparently haddock does not like to find haddock blocks outside of
declarations? In any case, this patch makes these type of errors go
away.

Afterwards, I see errors like these, that need to be investigated as
a next step:

haddock: internal error: internal: extractDecl
CallStack (from HasCallStack):
  error, called at utils/haddock/haddock-api/src/Haddock/Interface/Create.hs:1116:12 in main:Haddock.Interface.Create
2020-05-11 08:40:13 +02:00
yarikoptic
2d8c8868ef Added a comment 2020-05-10 16:30:51 +00:00
yarikoptic
2b125e0dd7 Added a comment 2020-05-09 22:10:44 +00:00
globallyunique@da2274b36ca296fe35912b9fd7387e3a5bd17c7c
f02ec096d4 2020-05-09 19:25:28 +00:00
the13thletter
b8a472ba84 2020-05-08 22:10:29 +00:00
Joey Hess
6952060665
addurl --preserve-filename and a few related changes
* addurl --preserve-filename: New option, uses server-provided filename
  without any sanitization, but with some security checking.

  Not yet implemented for remotes other than the web.

* addurl, importfeed: Avoid adding filenames with leading '.', instead
  it will be replaced with '_'.

  This might be considered a security fix, but a CVE seems unwattanted.
  It was possible for addurl to create a dotfile, which could change
  behavior of some program. It was also possible for a web server to say
  the file name was ".git" or "foo/.git". That would not overrwrite the
  .git directory, but would cause addurl to fail; of course git won't
  add "foo/.git".

sanitizeFilePath is too opinionated to remain in Utility, so moved it.

The changes to mkSafeFilePath are because it used sanitizeFilePath.
In particular:

	isDrive will never succeed, because "c:" gets munged to "c_"
	".." gets sanitized now
	".git" gets sanitized now
	It will never be null, because sanitizeFilePath keeps the length
	the same, and splitDirectories never returns a null path.

Also, on the off chance a web server suggests a filename of "",
ignore that, rather than trying to save to such a filename, which would
fail in some way.
2020-05-08 16:22:55 -04:00
Joey Hess
54599207f7
note 2020-05-08 15:56:15 -04:00
Joey Hess
980de9c910
comment 2020-05-08 13:21:16 -04:00
Joey Hess
de396fac80
comment 2020-05-08 13:16:46 -04:00
ryan.singer@5db89d157f0565db67eac571e2433fa96c187e32
25b6f7ca96 2020-05-07 22:11:04 +00:00
ryan.singer@5db89d157f0565db67eac571e2433fa96c187e32
f88c26c211 2020-05-07 22:09:44 +00:00
ryan.singer@5db89d157f0565db67eac571e2433fa96c187e32
6b49594d91 2020-05-07 22:08:30 +00:00
yarikoptic
a3d196fe39 original complaint about filenames obfuscated by addurl 2020-05-07 21:07:28 +00:00
Joey Hess
69e2e4763e
only check --force at init time, not enable time
git-lfs repos that encrypt the annexed content but not the git repo only
need --force passed to initremote, allow enableremote and autoenable of
such remotes without forcing again.

Needing --force again particularly made autoenable of such a repo not work.
And once such a repo has been set up, it seems a second --force when
enabling it elsewhere has little added value. It does tell the user about
the possibly insecure configuration, but if the git repo has already been
pushed to that remote in the clear, data has already been exposed. The goal
of that --force was not to prevent every situation where such an exposure
can happen -- anyone who sets up a public git repo and pushes to it will
expose things similarly and git-annex is not involved. Instead, the purpose
of the --force is to point out to the user that they're asking for a
configuration where encryption is inconsistently applied.
2020-05-07 15:59:29 -04:00
Joey Hess
1532d67c3e
S3: Support signature=v4
To use S3 Signature Version 4. Some S3 services seem to require v4, while
others may only support v2, which remains the default.

I'm also not sure if v4 works correctly in all cases, there is this
upstream bug report: https://github.com/aristidb/aws/issues/262
I've only tested it against the default S3 endpoint.
2020-05-07 13:18:11 -04:00