On Fri, Feb 03, 2006 at 11:24:22PM -0500, Daniel Carrera wrote: > You must have some way to upload files to the server. SSH? FTP? I'd > think that those two would be more romising than using a CGI script.
Neither are secure; the former because it grants the user too much access[1], and the latter because it is a stupid protocol which should've been obsoleted long ago. HTTP(S) POST is IMO a much more appropriate solution. > >The only problems I see is: > >- how to 'upload' the patch It would be nice if 'darcs send' had built-in support for sending to HTTP URLs as well as email addresses. As it stands, it shouldn't be too hard to script something though: use the -o option to 'send' to create a patch bundle, and then POST it to a CGI script using Curl. The CGI just has to pipe the patch bundle through to 'darcs apply'. > >- how to authenticate the user Curl (which is also used internally by Darcs) supports both password-based and X.509 authentication, which will work with the built-in authentication support of the web server. Alternatively, you could require that the patch is signed with a recognised GPG key (since both signing and verification are built into Darcs), though that would mean that authentication is delayed until the patch bundle has already been uploaded. Note that even though HTTP is probably more secure than SSH, there's still a risk involved, in particular because the system could be effectively DOSed if a patch which sends Darcs off into infinity is submitted. -- Jamie Webb [1] Yes, I know it's possible to be pretty sure that only Darcs will run, but a) these methods have been historically unreliable, and b) they are black magic; more people are comfortable with configuring a web server. _______________________________________________ darcs-users mailing list [email protected] http://www.abridgegame.org/mailman/listinfo/darcs-users
