From 0e8905a9fd69eb481cb74a45447d2e8f6277c420 Mon Sep 17 00:00:00 2001
From: Richard Ipsum <richard.ipsum@codethink.co.uk>
Date: Wed, 5 Feb 2014 15:50:52 +0000
Subject: Update ruleset

Allow users to change their own password
---
 skel/gitano-admin/rules/defines.lace    | 3 ++-
 skel/gitano-admin/rules/selfchecks.lace | 2 ++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/skel/gitano-admin/rules/defines.lace b/skel/gitano-admin/rules/defines.lace
index e72f598..95e729e 100644
--- a/skel/gitano-admin/rules/defines.lace
+++ b/skel/gitano-admin/rules/defines.lace
@@ -9,7 +9,8 @@ define if_asanother as_user ~.
 # Self-related operations
 define op_whoami operation whoami
 define op_sshkey operation sshkey
-define op_self anyof op_whoami op_sshkey
+define op_passwd operation passwd
+define op_self anyof op_whoami op_sshkey op_passwd
 
 # Admin-related operations
 
diff --git a/skel/gitano-admin/rules/selfchecks.lace b/skel/gitano-admin/rules/selfchecks.lace
index 300bb91..e30e557 100644
--- a/skel/gitano-admin/rules/selfchecks.lace
+++ b/skel/gitano-admin/rules/selfchecks.lace
@@ -3,3 +3,5 @@
 allow "You may ask who you are" op_whoami
 
 allow "You may manage your own ssh keys" op_sshkey
+
+allow "You may change your own password" op_passwd
-- 
cgit v1.2.1


From 3b5ef2dc366ae22a30d6a1095d69fc8a9f8313d5 Mon Sep 17 00:00:00 2001
From: Richard Ipsum <richard.ipsum@codethink.co.uk>
Date: Mon, 10 Feb 2014 12:40:18 +0000
Subject: Can't close if we haven't a handle

---
 lib/gitano/repository.lua | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/gitano/repository.lua b/lib/gitano/repository.lua
index 5d4a194..a15fcbe 100644
--- a/lib/gitano/repository.lua
+++ b/lib/gitano/repository.lua
@@ -183,8 +183,13 @@ function repo_method:check_local_git_files()
    end
    if anonexport then
       log.ddebug("<" .. self.name .. ">: Anonymous read allowed")
-      local fh = sio.open(self:fs_path() .. "/git-daemon-export-ok", "wc")
-      fh:close()
+      local fh, errmsg = sio.open(self:fs_path() .. "/git-daemon-export-ok", "wc")
+
+      if fh then
+        fh:close()
+      else
+        log.warn("Can't create git-daemon-export file:", errmsg)
+      end
    else
       log.ddebug("<" .. self.name .. ">: Anonymous read not allowed")
       luxio.unlink(self:fs_path() .. "/git-daemon-export-ok")
-- 
cgit v1.2.1


From c1c99359b03c099048ac4fc5bbeb48d672d56d62 Mon Sep 17 00:00:00 2001
From: Richard Ipsum <richard.ipsum@codethink.co.uk>
Date: Tue, 11 Feb 2014 12:19:57 +0000
Subject: Make gitano-setup ask whether we will use htpasswd

---
 bin/gitano-setup.in | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/gitano-setup.in b/bin/gitano-setup.in
index fbfa58a..61a3246 100644
--- a/bin/gitano-setup.in
+++ b/bin/gitano-setup.in
@@ -161,6 +161,7 @@ validate_name(ask_for("admin.keyname", "Key name for administrator",
 
 ask_for("site.name", "Site name", "a random Gitano instance")
 ask_for("log.prefix", "Site log prefix", "gitano")
+ask_for("use.htpasswd", "Store passwords with htpasswd? (needed for http authentication)", "no")
 
 gitano.log.chat("Step 2: Gather required content")
 
@@ -169,6 +170,7 @@ local completely_flat = {}
 local site_conf = clod.parse("")
 site_conf.settings["site_name"] = get "site.name"
 site_conf.settings["log.prefix"] = get "log.prefix"
+site_conf.settings["use_htpasswd"] = get "use.htpasswd"
 completely_flat["site.conf"] = site_conf:serialise()
 
 -- Acquire the contents of the skeleton gitano-admin repository
-- 
cgit v1.2.1


From f0822b03e200b808588e5a016d188d179f9c0432 Mon Sep 17 00:00:00 2001
From: Richard Ipsum <richard.ipsum@codethink.co.uk>
Date: Tue, 18 Feb 2014 17:02:13 +0000
Subject: Fatal should write contents of LogBuf to stderr

---
 lib/gitano/log.lua | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/gitano/log.lua b/lib/gitano/log.lua
index 34a7dd1..e1df00b 100644
--- a/lib/gitano/log.lua
+++ b/lib/gitano/log.lua
@@ -147,7 +147,9 @@ local function fatal(...)
    syslog_write(luxio.LOG_CRIT, ...)
    AT(ERRS, "FATAL:", ...)
 
-   if not is_buffered_output() then
+   if is_buffered_output() then
+      sio.stderr:write(get_buffered_output())
+   else
       stream:close()
    end
 
-- 
cgit v1.2.1


From 7a294503b0c54eaf8ba01603046693fee5e96fc4 Mon Sep 17 00:00:00 2001
From: Daniel Silverstone <dsilvers@digital-scurf.org>
Date: Thu, 6 Mar 2014 15:21:02 +0000
Subject: Mention lua-scrypt which will be mentioned on the website

---
 README | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README b/README
index cd89cfd..10fe364 100644
--- a/README
+++ b/README
@@ -11,8 +11,9 @@ http://git.gitano.org.uk/ -- Enjoy them.
 
 ## Dependencies
 
-Gitano depends on [Luxio], [Lace], [Supple], [Gall] and [Clod].
+Gitano depends on [lua-scrypt], [Luxio], [Lace], [Supple], [Gall] and [Clod].
 
+[lua-scrypt]: http://www.gitano.org.uk/lua-scrypt/
 [Luxio]: http://www.gitano.org.uk/luxio/
 [Lace]: http://www.gitano.org.uk/lace/
 [Supple]: http://www.gitano.org.uk/supple/
-- 
cgit v1.2.1


From 03a610591f9c57b58164f3de10d525a67bcccf63 Mon Sep 17 00:00:00 2001
From: Daniel Silverstone <dsilvers@digital-scurf.org>
Date: Thu, 6 Mar 2014 15:50:23 +0000
Subject: Ignore generated CGIs

---
 bin/.gitignore | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/bin/.gitignore b/bin/.gitignore
index d0e0d7e..48c3c13 100644
--- a/bin/.gitignore
+++ b/bin/.gitignore
@@ -4,3 +4,5 @@ gitano-update-hook
 gitano-update-ssh
 gitano-setup
 gitano-pre-receive-hook
+gitano-command.cgi
+gitano-smart-http.cgi
-- 
cgit v1.2.1


From 2a078069dcfd01c7bf573d53340c8264c3dc4263 Mon Sep 17 00:00:00 2001
From: Daniel Silverstone <dsilvers@digital-scurf.org>
Date: Thu, 6 Mar 2014 15:50:42 +0000
Subject: use passwd.method and passwd.hash instead

---
 lib/gitano/usercommand.lua | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/lib/gitano/usercommand.lua b/lib/gitano/usercommand.lua
index 3c8b467..2e4f1b7 100644
--- a/lib/gitano/usercommand.lua
+++ b/lib/gitano/usercommand.lua
@@ -279,22 +279,22 @@ end
 local function builtin_passwd_run(conf, _, cmdline, env)
    local user = env.GITANO_USER
 
-   local password = sio.stdin:read("*l")
+   local password = sio.stdin:read("*l") or ""
    local method, hash = util.hash_password(password)
 
-   if conf.users[user].hash == nil and password == "" then
+   if conf.users[user]["passwd.hash"] == nil and password == "" then
       log.chat(string.format("Password for %s is not set and no password was"
          .. " provided, no action taken.", user))
       return "exit", 0
    end
 
    if password ~= "" then
-      conf.users[user].method = method
-      conf.users[user].hash = hash
+      conf.users[user]["passwd.method"] = method
+      conf.users[user]["passwd.hash"] = hash
    else
       -- user's password will be removed
-      conf.users[user].method = nil
-      conf.users[user].hash = nil
+      conf.users[user]["passwd.method"] = nil
+      conf.users[user]["passwd.hash"] = nil
    end
 
    local ok, msg
-- 
cgit v1.2.1