Commit graph

1838 commits

Author SHA1 Message Date
Joey Hess
d512098cbb
further thoughts 2017-02-25 12:55:38 -04:00
Joey Hess
6b52fcbb7e
SHA1 collisions in key names was more exploitable than I thought
Yesterday's SHA1 collision attack could be used to generate eg:

SHA256-sfoo--whatever.good
SHA256-sfoo--whatever.bad

Such that they collide. A repository with the good one could have the
bad one swapped in and signed commits would still verify.

I've already mitigated this.
2017-02-24 19:54:36 -04:00
Joey Hess
634a485b50
update 2017-02-24 17:57:21 -04:00
Joey Hess
9de0767d0e
update 2017-02-24 12:31:23 -04:00
Joey Hess
35739a74c2
make file2key reject E* backend keys with a long extension
I am not happy that I had to put backend-specific code in file2key. But
it would be very difficult to avoid this layering violation.

Most of the time, when parsing a Key from a symlink target, git-annex
never looks up its Backend at all, so adding this check to a method of
the Backend object would not work.

The Key could be made to contain the appropriate
Backend, but since Backend is parameterized on an "a" that is fixed to
the Annex monad later, that would need Key to change to "Key a".

The only way to clean this up that I can see would be to have the Key
contain a LowlevelBackend, and put the validation in LowlevelBackend.
Perhaps later, but that would be an extensive change, so let's not do
it in this commit which may want to cherry-pick to backports.

This commit was sponsored by Ethan Aubin.
2017-02-24 11:22:15 -04:00
Joey Hess
63df8d8966
update 2017-02-24 02:14:36 -04:00
Joey Hess
44b9ac41a4
update 2017-02-24 01:21:54 -04:00
Joey Hess
4cad401629
updates 2017-02-24 00:28:15 -04:00
Joey Hess
969da82b5c
update 2017-02-24 00:21:58 -04:00
Joey Hess
60d99a80a6
Tighten key parser to not accept keys containing a non-numeric fields, which could be used to embed data useful for a SHA1 attack against git.
Also todo about why this is important, and with some further hardening to
add.

This commit was sponsored by Ignacio on Patreon.
2017-02-24 00:17:25 -04:00
Joey Hess
7a0d6d81a0
make curl show http errors to stderr
* Run curl with -S, so HTTP errors are displayed, even when
  it's otherwise silent.
* When downloading in --json or --quiet mode, use curl in preference
  to wget, since curl is able to display only errors to stderr, unlike
  wget.

This does mean that downloadQuiet is only silent on stdout, not necessarily
on stderr, which affects a couple other calls of it. For example,
downloading the .git/config of a http remote may show an error message now,
perhaps with slightly suboptimal formatting due to other output.
2017-02-20 16:09:32 -04:00
Joey Hess
07de7c2c76
update 2017-02-20 15:44:43 -04:00
Joey Hess
4a397b5313
Run wget with -nv instead of -q, so it will display HTTP errors.
This adds one extra line of output when a download is successful,
after the progress bar. I don't much like that, but wget does not provide a
way to show HTTP errors without it.
2017-02-20 15:25:02 -04:00
Joey Hess
6ba8b557e8
remove
I've seen this thing, whatever it is, mentioned in spam links before,
so even if it's valid for some OS (probably not the one being asked
about), it's verboten here.
2017-02-20 12:24:15 -04:00
Joey Hess
d80cf5b9e9
comment 2017-02-20 12:23:22 -04:00
Joey Hess
a700fdf5cf
documentation updates for new receive.denyCurrentBranch=updateInstead support
This commit was sponsored by andrea rota.
2017-02-17 15:43:16 -04:00
Joey Hess
de4d50e9d0
thoughts 2017-02-17 12:57:55 -04:00
yarikoptic
2f601791bf 2017-02-17 01:57:11 +00:00
Joey Hess
d0651bb567
make query commands not output extraneous messages
config group groupwanted numcopies schedule wanted required:  Avoid
displaying extraneous messages about repository auto-init, git-annex branch
merging, etc, when being used to get information.
2017-02-16 13:24:35 -04:00
yarikoptic
baa2ab2c7d Added a comment 2017-02-16 15:54:18 +00:00
CandyAngel
bb262be6f0 Added a comment 2017-02-16 14:10:56 +00:00
yarikoptic
9cdb0125c7 2017-02-16 03:49:46 +00:00
Joey Hess
de671658ee
devblog 2017-02-15 16:44:10 -04:00
Joey Hess
a73c8ce4a1
sync: Improve integration with receive.denyCurrentBranch=updateInstead
By displaying error messages from the remote then it fails to update
its checked out branch.

Error messages in the default receive.denyCurrentBranch are still
suppressed, which matches user expectations.

This commit was sponsored by Nick Daly on Patreon.
2017-02-15 16:13:30 -04:00
Joey Hess
e8b9565b6f
thoughts 2017-02-14 17:39:37 -04:00
Edward Betts
0750913136
correct spelling mistakes 2017-02-12 17:30:23 -04:00
Joey Hess
0e7cbadf25
close 2017-02-09 18:59:45 -04:00
Joey Hess
ba61229c77
update 2017-02-09 18:58:13 -04:00
Joey Hess
2e92648383
comment 2017-02-09 16:13:02 -04:00
Joey Hess
c1ece47ea0
import --reinject-duplicates
This is the same as running git annex reinject --known, followed by
git-annex import. The advantage to having it in one command is that it
only has to hash each file once; the two commands have to
hash the imported files a second time.

This commit was sponsored by Shane-o on Patreon.
2017-02-09 15:41:00 -04:00
CandyAngel
278f9f0454 Added a comment 2017-02-07 22:51:15 +00:00
Joey Hess
30ab4ecc4b
response 2017-02-07 18:07:47 -04:00
Joey Hess
a8e64d4148
response 2017-02-07 17:23:41 -04:00
Joey Hess
27e89aeffc
initremote: When a uuid= parameter is passed, use the specified UUID for the new special remote, instead of generating a UUID.
This can be useful in some situations, eg when the same data can be
accessed via two different special remote backends.
2017-02-07 15:10:41 -04:00
Joey Hess
a89d98af6d
comment 2017-02-07 13:08:33 -04:00
Joey Hess
fe6936e065
comment 2017-02-07 12:48:12 -04:00
Joey Hess
2e246cb5d6
comment 2017-02-07 12:38:31 -04:00
yarikoptic
54bae5df37 initial thoughts 2017-02-06 15:32:45 +00:00
yarikoptic
03658010c7 initial thoughts 2017-02-06 00:49:28 +00:00
CandyAngel
e075032068 Added a comment 2017-02-05 02:20:31 +00:00
Joey Hess
424c4c2911
Merge branch 'master' of ssh://git-annex.branchable.com 2017-02-04 13:01:50 -04:00
Joey Hess
ff1ba8fdc6
update 2017-02-04 13:01:20 -04:00
joshfindit
a2d8c4120f Added a comment 2017-02-04 16:24:32 +00:00
Joey Hess
dbc0b032b8
comment 2017-02-03 15:43:34 -04:00
Joey Hess
b5e6d23242
Merge branch 'master' of ssh://git-annex.branchable.com 2017-02-03 14:37:49 -04:00
Joey Hess
ed56dba868
annex.autocommit can be configured via git-annex config
... to control the default behavior in all clones of a repository.

This includes a new Configurable data type, so the GitConfig type indicates
which values can be configured this way.

The implementation should be quite efficient; the config log is only read
once, and only when a Configurable value has not already been set by
git-config.

Indeed, it would be nice in the future to extend this, so that git-config
is itself only read on demand. Some commands may not need to look at the
git configuration at all.

This commit was sponsored by Trenton Cronholm on Patreon.
2017-02-03 13:58:53 -04:00
http://schnouki.net/
a57c21a968 Added a comment 2017-02-02 22:05:23 +00:00
Joey Hess
ed60f60e9b
unused: Improved memory use significantly when there are a lot of differences between branches.
Argh, didn't need an accumulator here!

I think I use accumulators a lot more than I need to when recusively
processing lists..

This commit was sponsored by Jeff Goeke-Smith on Patreon.
2017-01-31 19:42:00 -04:00
Joey Hess
dbaea98836
fix lack of laziness streaming large diffs
A commit last year that made a partial function use Maybe unfortunately
caused the whole input to need to be consumed, breaking streaming. So,
revert it.

This commit was sponsored by Nick Daly on Patreon.
2017-01-31 17:43:11 -04:00
Joey Hess
a1842d387b
comment
This commit was sponsored by Ole-Morten on Patreon.
2017-01-31 13:01:55 -04:00