Commit Briefs
make got-fetch-http pass "done\n" through rather than faking it
Without this we exit the loop early and got-fetch-pack sees unexpected end-of-file on stdout trying to write its final "done\n" message. ok op@
use unveil to restrict filesystem access of got-fetch-http
With HTTPS we only need to be able to read /etc/ssl/cert.pem. With plaintext HTTP no filesystem access is needed at all.
make got-fetch-http get_refs() understand when packet lines end
Previously it would only exit the loop when reading failed. ok tobhe@
Rewrite got-fetch-http I/O using bufio API. This should help make the
code more portable supports almost everything we need out of the box. pledge needs the rpath promise because of libtls. This was technically also the case with the old API but we didn't actually enable pledge thanks to DEBUG_HTTP. The synchronous bufio wrappers should probably move to lib/bufio.c in the future. ok and feedback from op@
Rename got-http helper to got-fetch-http to match naming scheme.
We aren't planning to support sending anyway. ok stsp@