Commit graph

14126 commits

Author SHA1 Message Date
Joey Hess
d822b7a3dd link 2013-10-03 17:00:04 -04:00
Joey Hess
ece27f184d devblog 2013-10-03 16:58:40 -04:00
Joey Hess
93dbb7842e watcher: Detect at startup time when there is a stale .git/lock, and remove it so it does not interfere with the automatic commits of changed files. 2013-10-03 16:57:21 -04:00
Joey Hess
f8880c4fe4 Automatically and safely detect and recover from dangling .git/annex/index.lock files, which would prevent git from committing to the git-annex branch, eg after a crash. 2013-10-03 15:43:08 -04:00
Joey Hess
83b4b8d589 rename confusing function
The index.lck file is not a lock file. Kept the historical name for now as
changing it would be work.
2013-10-03 15:06:58 -04:00
Joey Hess
f2ee4ef86d ensure that commitBranch is only called when the journal is locked
This is not strictly a requirement, since it does not actually update the
journal. But it's a nice invariant to enforce.
2013-10-03 14:48:46 -04:00
Joey Hess
56c3f68a53 use types to partially prove correctness of journal locking code
My implementation does not guard against double locking of the journal. But
it does ensure that the journal is always locked when operated on, by using
a type that is only produced by lockJournal, and which is required as a
parameter of all functions that operate on the journal.

Note that I had to add the fooStale functions for cases where it does not
make sense to lock the journal when querying it. I was more concerned about
ensuring that anything that modifies the journal is locked.
setJournalFile's implementation ensures that any query of the journal will
get one value or the other atomically, even if the journal is being changed
at the time.
2013-10-03 14:41:57 -04:00
Joey Hess
7a9a16b337 lockJournal when running performTransitions
This may not strictly be needed -- the transition code bypasses the
journal. However, this ensures that the git-annex branch is only
committed with the journal locked. This will allow for further
improvements.
2013-10-03 14:37:46 -04:00
Joey Hess
be0b7341b4 Merge branch 'master' of ssh://git-annex.branchable.com 2013-10-03 12:34:27 -04:00
Joey Hess
20fb905bb6 allow building w/o cryptohash
Mostly for the debian stable autobuilds, which have a too old version
to use the Crypto.Hash module.
2013-10-03 12:33:38 -04:00
Joey Hess
c34948247e quash warning 2013-10-03 12:33:31 -04:00
https://www.google.com/accounts/o8/id?id=AItOawmf-gdwX6Nk3DyHyVCh3C_e8VGcAnPbMCI
05db0fef17 2013-10-03 13:02:40 +00:00
Joey Hess
3ac9c4e672 hlint 2013-10-02 22:59:07 -04:00
Joey Hess
f25991ca33 fix windows build 2013-10-02 20:33:13 -04:00
Joey Hess
f1295b5141 fix windows build 2013-10-02 20:26:00 -04:00
http://joeyh.name/
0724bf0d90 Added a comment 2013-10-03 00:06:11 +00:00
https://www.google.com/accounts/o8/id?id=AItOawlkA6XinbeOdnEDxEGQUWyjqPGh0kdMXr4
5cfa8f5b78 Added a comment: Starting git-annex assistant 2013-10-02 23:57:49 +00:00
volfyd
64b3f4120b 2013-10-02 22:11:57 +00:00
https://www.google.com/accounts/o8/id?id=AItOawnyMzZZLS1xGW1raqc_9Md6Ksdkvx5rUJU
8f97bdecfe Added a comment: confusion with bundled programs 2013-10-02 21:39:11 +00:00
https://www.google.com/accounts/o8/id?id=AItOawmKKg3Vmzk7KwRGRKjHVdtyoj1JfxLX6NM
b8053a0a7d Added a comment 2013-10-02 21:27:37 +00:00
http://joeyh.name/
d6986aef82 Added a comment 2013-10-02 20:37:04 +00:00
Joey Hess
e8bdd5d031 Merge branch 'master' of ssh://git-annex.branchable.com 2013-10-02 16:26:49 -04:00
https://www.google.com/accounts/o8/id?id=AItOawnyMzZZLS1xGW1raqc_9Md6Ksdkvx5rUJU
899d8959ca 2013-10-02 20:15:33 +00:00
Joey Hess
c07aaec323 prep release 2013-10-02 16:13:45 -04:00
Joey Hess
eb582b17b8 prep relase 2013-10-02 16:03:53 -04:00
Joey Hess
4709b28dbb devblog 2013-10-02 16:03:47 -04:00
Joey Hess
6b727839d6 prep release 2013-10-02 16:01:07 -04:00
Joey Hess
a5e1f2efc0 blind enabling of existing ssh and ssh gcrypt repos 2013-10-02 15:54:32 -04:00
Joey Hess
dfdaa649d0 hlint 2013-10-02 01:06:59 -04:00
Joey Hess
028b0d8961 hlint 2013-10-02 00:42:27 -04:00
Joey Hess
b24b5ca089 hlint 2013-10-02 00:33:40 -04:00
Joey Hess
a3692b4ab2 better name 2013-10-01 22:32:44 -04:00
Joey Hess
547a18019f ensure that hash representations don't change in future 2013-10-01 21:11:47 -04:00
Joey Hess
29385dc393 Moved list of backends and remote types from status to version command. 2013-10-01 20:50:46 -04:00
Joey Hess
a05b763b01 Added SKEIN256 and SKEIN512 backends
SHA3 is still waiting for final standardization.
Although this is looking less likely given
https://www.cdt.org/blogs/joseph-lorenzo-hall/2409-nist-sha-3

In the meantime, cryptohash implements skein, and it's used by some of the
haskell ecosystem (for yesod sessions, IIRC), so this implementation is
likely to continue working. Also, I've talked with the cryprohash author
and he's a reasonable guy.

It makes sense to have an alternate high security hash, in case some
horrible attack is found against SHA2 tomorrow, or in case SHA3 comes out
and worst fears are realized.

I'd also like to support using skein for HMAC. But no hurry there and
a new version of cryptohash has much nicer HMAC code, so I will probably
wait until I can use that version.
2013-10-01 20:34:36 -04:00
Joey Hess
d9355d8064 devblog 2013-10-01 19:21:47 -04:00
Joey Hess
202a932323 changelog 2013-10-01 19:16:56 -04:00
Joey Hess
cc0e63fac2 Merge branch 'sshgcrypt' 2013-10-01 19:12:25 -04:00
Joey Hess
7286fbd93e gcrypt basically done 2013-10-01 19:12:08 -04:00
Joey Hess
0ede6b7def typoe and debug info 2013-10-01 19:10:45 -04:00
Joey Hess
bddfbef8be git-annex-shell gcryptsetup command
This was the least-bad alternative to get dedicated key gcrypt repos
working in the assistant.
2013-10-01 17:20:51 -04:00
Joey Hess
245d5590c9 fix use of mangled ssh hostname
However, this is not working for gcrypt repos with a mangled hostname.
Problem is that the locked down key is installed before the repo is
initialized, so git-annex-shell refuses to allow the gcrypt special remote
to do its setup.
2013-10-01 16:16:38 -04:00
Joey Hess
5f9f7024e9 enabling ssh gcrypt now works 2013-10-01 16:08:01 -04:00
Joey Hess
1536ebfe47 Disable receive.denyNonFastForwards when setting up a gcrypt special remote
gcrypt needs to be able to fast-forward the master branch. If a git
repository is set up with git init --shared --bare, it gets that set, and
pushing to it will then fail, even when it's up-to-date.
2013-10-01 15:23:48 -04:00
Joey Hess
0ddf4d3148 Merge branch 'master' of ssh://git-annex.branchable.com into sshgcrypt 2013-10-01 14:40:20 -04:00
Joey Hess
67a39408aa fix probing for local gcrypt repos 2013-10-01 14:38:54 -04:00
Joey Hess
4e1e625fa6 fix transferring to gcrypt repo from direct mode repo
recvkey was told it was receiving a HMAC key from a direct mode repo,
and that confused it into rejecting the transfer, since it has no way to
verify a key using that backend, since there is no HMAC backend.

I considered making recvkey skip verification in the case of an unknown
backend. However, that could lead to bad results; a key can legitimately be
in the annex with a backend that the remote git-annex-shell doesn't know
about. Better to keep it rejecting if it cannot verify.

Instead, made the gcrypt special remote not set the direct mode flag when
sending (and receiving) files.

Also, added some recvkey messages when its checks fail, since otherwise
all that is shown is a confusing error message from rsync when the remote
git-annex-shell exits nonzero.
2013-10-01 14:38:46 -04:00
Joey Hess
101099f7b5 fix probing for local gcrypt repos 2013-10-01 14:38:20 -04:00
https://www.google.com/accounts/o8/id?id=AItOawmKKg3Vmzk7KwRGRKjHVdtyoj1JfxLX6NM
caa5116c0a Added a comment 2013-10-01 18:33:06 +00:00
Joey Hess
995e1e3c5d fix transferring to gcrypt repo from direct mode repo
recvkey was told it was receiving a HMAC key from a direct mode repo,
and that confused it into rejecting the transfer, since it has no way to
verify a key using that backend, since there is no HMAC backend.

I considered making recvkey skip verification in the case of an unknown
backend. However, that could lead to bad results; a key can legitimately be
in the annex with a backend that the remote git-annex-shell doesn't know
about. Better to keep it rejecting if it cannot verify.

Instead, made the gcrypt special remote not set the direct mode flag when
sending (and receiving) files.

Also, added some recvkey messages when its checks fail, since otherwise
all that is shown is a confusing error message from rsync when the remote
git-annex-shell exits nonzero.
2013-10-01 14:19:24 -04:00