Hi! I have put together few haskell-programs to implement cgi-push. I'd like comments on implementation and usability.
THIS IS NOT A PRODUCTION QUALITY RELEASE. Watch out, it bites. darcs get http://darcs.tamelambda.net/repo/darcs-cgi-push/ The main problems, if I understood people's concerns correctly, have been that http push is insecure and there is no canonical way to present exactly where to push. Pushing over http has two parts that are insecure: * Patches aren't signed on normal "darcs push", there is no --sign or --sign-as. I use gpg to sign patches, they can be checked the very same way as email-sent patches. I plan to patch darcs to support signing for push. * Server, in practice the account for http-server needs to have write access to the repository. I don't think this is huge problem. However, this requires careful security analysis, which I'd like to hear someone more knowledgeable would volunteer to help with. There is also diffrence to email setups, because the same account is used to access all darcs repos, not just one or two (as email-type system tends to have user per-project). Canonical "http push api", there simply isn't such thing. What I propose here is very simple api and has no significant drawbacks as far as I can see. * When client gets url to fetch, it checks for _darcs/prefs/cgi_push_url on *remote repository* to find where the patch actually goes. * Client makes a post request to this url with two variables in html-form-encoded body, repo, which is the original url to the repo and patch, which is the body of the patch. The darcs repository above has specs.txt and README that should clarify how I implemented these ideas. Also, I tested only configuration where client is in Windows and server on linux running apache 2. For this to make work, I had to patch darcs (on server-side) to accept \r\n line-endings that GnuGP for Windows creates, this patch is available as part of http://darcs.tamelambda.net/repo/temp/darcs/ Any comments, ideas and patches are welcome, TIA, --Esa _______________________________________________ darcs-users mailing list [email protected] http://www.abridgegame.org/mailman/listinfo/darcs-users
