# dgit
# Integration between git and Debian-style archives
#
-# Copyright (C)2013 Ian Jackson
+# Copyright (C)2013-2015 Ian Jackson
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
'dgit-distro.debian.archive-query-url', 'https://api.ftp-master.debian.org/',
'dgit-distro.debian.archive-query-tls-key',
'/etc/ssl/certs/%HOST%.pem:/etc/dgit/%HOST%.pem',
+#
+# 'dgit-distro.debian.archive-query-tls-curl-args',
+# '--ca-path=/etc/ssl/ca-debian',
+# ^ this is a workaround but works (only) on DSA-administered machines
'dgit-distro.debian.diverts.alioth' => '/alioth',
'dgit-distro.debian/alioth.git-host' => 'git.debian.org',
'dgit-distro.debian/alioth.git-user-force' => '',
my $url = access_cfg('archive-query-url');
if ($url =~ m#^https://([-.0-9a-z]+)/#) {
my $host = $1;
- my $keys = access_cfg('archive-query-tls-key','RETURN-UNDEF');
+ my $keys = access_cfg('archive-query-tls-key','RETURN-UNDEF') //'';
foreach my $key (split /\:/, $keys) {
$key =~ s/\%HOST\%/$host/g;
if (!stat $key) {
fail "for $url: stat $key: $!" unless $!==ENOENT;
next;
}
- push @cmd, "--ca-certificate=$key", "--ca-directory=/dev/enoent";
+ push @cmd, "--cacert", $key, "--capath", "/dev/enoent";
last;
}
+ # Fixing #790093 properly will involve providing a value
+ # for this on clients.
+ my $keys = access_cfg('archive-query-tls-curl-ca-args','RETURN-UNDEF');
+ push @cmd, split / /, $keys if defined $keys;
}
push @cmd, $url.$subpath;
return @cmd;
responder_send_command("param head $head");
responder_send_command("param csuite $csuite");
- if ($forceflag) {
+ if (deliberately_not_fast_forward) {
git_for_each_ref(lrfetchrefs, sub {
my ($objid,$objtype,$lrfetchrefname,$reftail) = @_;
my $rrefname= substr($lrfetchrefname, length(lrfetchrefs) + 1);
create_remote_git_repo();
}
runcmd_ordryrun @git, qw(push),access_giturl(),
- $forceflag."HEAD:".rrref(), "refs/tags/$tag";
+ $forceflag."HEAD:".rrref(), $forceflag."refs/tags/$tag";
runcmd_ordryrun @git, qw(update-ref -m), 'dgit push', lrref(), 'HEAD';
if ($we_are_responder) {
exec @cmd or fail "exec curl: $!\n";
}
+sub cmd_clone_dgit_repos_server {
+ badusage "need destination argument" unless @ARGV==1;
+ my ($destdir) = @ARGV;
+ $package = '_dgit-repos-server';
+ my @cmd = (@git, qw(clone), access_giturl(), $destdir);
+ debugcmd ">",@cmd;
+ exec @cmd or fail "exec git clone: $!\n";
+}
+
#---------- argument parsing and main program ----------
sub cmd_version {