This can happen if the user goes directly to /ikiwiki.cgi?do=login and
logs in, since nothing redirected them to there, there's no postsignin
value set. It can also happen when cookies are disabled, or perhaps
other problems.
This also exercises the typical centralized git repository workflow,
where changes flow from a non-bare clone (for example on a laptop)
to a centralized bare repository, then from the centralized bare
repository to a non-bare clone that is ikiwiki's srcdir.
Signed-off-by: Simon McVittie <smcv@debian.org>
Since git 2.11, git has stored the proposed push in a "quarantine
area" until it is accepted by the pre-receive hook, and passed
extra environment variables to the pre-receive hook so that it can
read objects from the quarantine area.
This fixes untrusted push on modern git versions.
Signed-off-by: Simon McVittie <smcv@debian.org>
On GNU/Linux, it isn't declared in stdio.h unless we define
_GNU_SOURCE, which we don't; using the implicit declaration risks
crashes on platforms where sizeof(pointer) != sizeof(int). On other
platforms it isn't guaranteed to exist at all.
Signed-off-by: Simon McVittie <smcv@debian.org>
Due to the use/abuse of CGI::Session to generate a token for the login
process, a new session database was created for each login, and left behind
afterwards. While each file is small, with many logings this could bloat
the size of /tmp significantly. Fixed by making CGI::Session write to
/dev/null, since there does not seem to be a way to entirely prevent the
writing.
This commit was sponsored by Henrik Riomar on Patreon.