diff options
-rw-r--r-- | COPYING | 39 | ||||
-rw-r--r-- | Makefile | 13 | ||||
-rw-r--r-- | cache.c | 37 | ||||
-rw-r--r-- | cgit-doc.css | 3 | ||||
-rw-r--r-- | cgit.c | 35 | ||||
-rw-r--r-- | cgit.css | 9 | ||||
-rw-r--r-- | cgit.h | 11 | ||||
-rw-r--r-- | cgitrc.5.txt | 234 | ||||
-rw-r--r-- | filters/file-authentication.lua | 352 | ||||
-rw-r--r-- | filters/gentoo-ldap-authentication.lua | 55 | ||||
-rw-r--r-- | filters/simple-authentication.lua | 69 | ||||
m--------- | git | 0 | ||||
-rw-r--r-- | parsing.c | 2 | ||||
-rw-r--r-- | shared.c | 15 | ||||
-rw-r--r-- | ui-blame.c | 25 | ||||
-rw-r--r-- | ui-blob.c | 24 | ||||
-rw-r--r-- | ui-clone.c | 28 | ||||
-rw-r--r-- | ui-commit.c | 5 | ||||
-rw-r--r-- | ui-diff.c | 8 | ||||
-rw-r--r-- | ui-log.c | 10 | ||||
-rw-r--r-- | ui-plain.c | 28 | ||||
-rw-r--r-- | ui-refs.c | 30 | ||||
-rw-r--r-- | ui-repolist.c | 3 | ||||
-rw-r--r-- | ui-shared.c | 70 | ||||
-rw-r--r-- | ui-shared.h | 5 | ||||
-rw-r--r-- | ui-snapshot.c | 103 | ||||
-rw-r--r-- | ui-ssdiff.c | 12 | ||||
-rw-r--r-- | ui-tag.c | 5 | ||||
-rw-r--r-- | ui-tree.c | 44 |
29 files changed, 911 insertions, 363 deletions
@@ -1,12 +1,12 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. - Preamble + Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public @@ -15,7 +15,7 @@ software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to +the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not @@ -55,8 +55,8 @@ patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. - - GNU GENERAL PUBLIC LICENSE + + GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains @@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions: License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) - + These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in @@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. - + 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is @@ -225,7 +225,7 @@ impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. - + 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License @@ -255,7 +255,7 @@ make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. - NO WARRANTY + NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN @@ -277,9 +277,9 @@ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it @@ -303,10 +303,9 @@ the "copyright" line and a pointer to where the full notice is found. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. @@ -336,5 +335,5 @@ necessary. Here is a sample; alter the names: This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General +library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. @@ -1,6 +1,6 @@ all:: -CGIT_VERSION = v1.1 +CGIT_VERSION = v1.2.1 CGIT_SCRIPT_NAME = cgit.cgi CGIT_SCRIPT_PATH = /var/www/htdocs/cgit CGIT_DATA_PATH = $(CGIT_SCRIPT_PATH) @@ -14,7 +14,7 @@ htmldir = $(docdir) pdfdir = $(docdir) mandir = $(prefix)/share/man SHA1_HEADER = <openssl/sha.h> -GIT_VER = 2.16.0 +GIT_VER = 2.18.0 GIT_URL = https://www.kernel.org/pub/software/scm/git/git-$(GIT_VER).tar.gz INSTALL = install COPYTREE = cp -r @@ -24,6 +24,12 @@ DOC_MAN5 = $(patsubst %.txt,%,$(MAN5_TXT)) DOC_HTML = $(patsubst %.txt,%.html,$(MAN_TXT)) DOC_PDF = $(patsubst %.txt,%.pdf,$(MAN_TXT)) +ASCIIDOC = asciidoc +ASCIIDOC_EXTRA = +ASCIIDOC_HTML = xhtml11 +ASCIIDOC_COMMON = $(ASCIIDOC) $(ASCIIDOC_EXTRA) +TXT_TO_HTML = $(ASCIIDOC_COMMON) -b $(ASCIIDOC_HTML) + # Define NO_C99_FORMAT if your formatted IO functions (printf/scanf et.al.) # do not support the 'size specifiers' introduced by C99, namely ll, hh, # j, z, t. (representing long long int, char, intmax_t, size_t, ptrdiff_t). @@ -134,7 +140,8 @@ doc-pdf: $(DOC_PDF) a2x -f manpage $< $(DOC_HTML): %.html : %.txt - a2x -f xhtml --stylesheet=cgit-doc.css --xsltproc-opts="--param generate.consistent.ids 1" $< + $(TXT_TO_HTML) -o $@+ $< && \ + mv $@+ $@ $(DOC_PDF): %.pdf : %.txt a2x -f pdf cgitrc.5.txt @@ -29,6 +29,7 @@ struct cache_slot { cache_fill_fn fn; int cache_fd; int lock_fd; + int stdout_fd; const char *cache_name; const char *lock_name; int match; @@ -197,6 +198,13 @@ static int unlock_slot(struct cache_slot *slot, int replace_old_slot) else err = unlink(slot->lock_name); + /* Restore stdout and close the temporary FD. */ + if (slot->stdout_fd >= 0) { + dup2(slot->stdout_fd, STDOUT_FILENO); + close(slot->stdout_fd); + slot->stdout_fd = -1; + } + if (err) return errno; @@ -208,42 +216,24 @@ static int unlock_slot(struct cache_slot *slot, int replace_old_slot) */ static int fill_slot(struct cache_slot *slot) { - int tmp; - /* Preserve stdout */ - tmp = dup(STDOUT_FILENO); - if (tmp == -1) + slot->stdout_fd = dup(STDOUT_FILENO); + if (slot->stdout_fd == -1) return errno; /* Redirect stdout to lockfile */ - if (dup2(slot->lock_fd, STDOUT_FILENO) == -1) { - close(tmp); + if (dup2(slot->lock_fd, STDOUT_FILENO) == -1) return errno; - } /* Generate cache content */ slot->fn(); /* Make sure any buffered data is flushed to the file */ - if (fflush(stdout)) { - close(tmp); + if (fflush(stdout)) return errno; - } /* update stat info */ - if (fstat(slot->lock_fd, &slot->cache_st)) { - close(tmp); - return errno; - } - - /* Restore stdout */ - if (dup2(tmp, STDOUT_FILENO) == -1) { - close(tmp); - return errno; - } - - /* Close the temporary filedescriptor */ - if (close(tmp)) + if (fstat(slot->lock_fd, &slot->cache_st)) return errno; return 0; @@ -393,6 +383,7 @@ int cache_process(int size, const char *path, const char *key, int ttl, strbuf_addstr(&lockname, ".lock"); slot.fn = fn; slot.ttl = ttl; + slot.stdout_fd = -1; slot.cache_name = filename.buf; slot.lock_name = lockname.buf; slot.key = key; diff --git a/cgit-doc.css b/cgit-doc.css deleted file mode 100644 index 5a399b6..0000000 --- a/cgit-doc.css +++ /dev/null @@ -1,3 +0,0 @@ -div.variablelist dt { - margin-top: 1em; -} @@ -23,7 +23,7 @@ static void add_mimetype(const char *name, const char *value) { struct string_list_item *item; - item = string_list_insert(&ctx.cfg.mimetypes, xstrdup(name)); + item = string_list_insert(&ctx.cfg.mimetypes, name); item->util = xstrdup(value); } @@ -46,6 +46,8 @@ static void repo_config(struct cgit_repo *repo, const char *name, const char *va repo->homepage = xstrdup(value); else if (!strcmp(name, "defbranch")) repo->defbranch = xstrdup(value); + else if (!strcmp(name, "extra-head-content")) + repo->extra_head_content = xstrdup(value); else if (!strcmp(name, "snapshots")) repo->snapshots = ctx.cfg.snapshots & cgit_parse_snapshots_mask(value); else if (!strcmp(name, "enable-commit-graph")) @@ -79,6 +81,8 @@ static void repo_config(struct cgit_repo *repo, const char *name, const char *va item->util = xstrdup(value); } else if (!strcmp(name, "section")) repo->section = xstrdup(value); + else if (!strcmp(name, "snapshot-prefix")) + repo->snapshot_prefix = xstrdup(value); else if (!strcmp(name, "readme") && value != NULL) { if (repo->readme.items == ctx.cfg.readme.items) memset(&repo->readme, 0, sizeof(repo->readme)); @@ -109,7 +113,7 @@ static void config_cb(const char *name, const char *value) { const char *arg; - if (!strcmp(name, "section") || !strcmp(name, "repo.group")) + if (!strcmp(name, "section")) ctx.cfg.section = xstrdup(value); else if (!strcmp(name, "repo.url")) ctx.repo = cgit_add_repo(value); @@ -137,20 +141,14 @@ static void config_cb(const char *name, const char *value) ctx.cfg.header = xstrdup(value); else if (!strcmp(name, "logo")) ctx.cfg.logo = xstrdup(value); - else if (!strcmp(name, "index-header")) - ctx.cfg.index_header = xstrdup(value); - else if (!strcmp(name, "index-info")) - ctx.cfg.index_info = xstrdup(value); else if (!strcmp(name, "logo-link")) ctx.cfg.logo_link = xstrdup(value); else if (!strcmp(name, "module-link")) ctx.cfg.module_link = xstrdup(value); else if (!strcmp(name, "strict-export")) ctx.cfg.strict_export = xstrdup(value); - else if (!strcmp(name, "virtual-root")) { + else if (!strcmp(name, "virtual-root")) ctx.cfg.virtual_root = ensure_end(value, '/'); - } else if (!strcmp(name, "nocache")) - ctx.cfg.nocache = atoi(value); else if (!strcmp(name, "noplainemail")) ctx.cfg.noplainemail = atoi(value); else if (!strcmp(name, "noheader")) @@ -234,7 +232,7 @@ static void config_cb(const char *name, const char *value) else if (!strcmp(name, "project-list")) ctx.cfg.project_list = xstrdup(expand_macros(value)); else if (!strcmp(name, "scan-path")) - if (!ctx.cfg.nocache && ctx.cfg.cache_size) + if (ctx.cfg.cache_size) process_cached_repolist(expand_macros(value)); else if (ctx.cfg.project_list) scan_projects(expand_macros(value), @@ -353,7 +351,6 @@ static void prepare_context(void) { memset(&ctx, 0, sizeof(ctx)); ctx.cfg.agefile = "info/web/last-modified"; - ctx.cfg.nocache = 0; ctx.cfg.cache_size = 0; ctx.cfg.cache_max_create_time = 5; ctx.cfg.cache_root = CGIT_CACHE_ROOT; @@ -419,7 +416,7 @@ static void prepare_context(void) ctx.page.modified = time(NULL); ctx.page.expires = ctx.page.modified; ctx.page.etag = NULL; - memset(&ctx.cfg.mimetypes, 0, sizeof(struct string_list)); + string_list_init(&ctx.cfg.mimetypes, 1); if (ctx.env.script_name) ctx.cfg.script_name = xstrdup(ctx.env.script_name); if (ctx.env.query_string) @@ -662,13 +659,13 @@ static inline void open_auth_filter(const char *function) static inline void authenticate_post(void) { char buffer[MAX_AUTHENTICATION_POST_BYTES]; - unsigned int len; + ssize_t len; open_auth_filter("authenticate-post"); len = ctx.env.content_length; if (len > MAX_AUTHENTICATION_POST_BYTES) len = MAX_AUTHENTICATION_POST_BYTES; - if (read(STDIN_FILENO, buffer, len) < 0) + if ((len = read(STDIN_FILENO, buffer, len)) < 0) die_errno("Could not read POST from stdin"); if (write(STDOUT_FILENO, buffer, len) < 0) die_errno("Could not write POST to stdout"); @@ -763,7 +760,7 @@ static char *build_snapshot_setting(int bitmap) struct strbuf result = STRBUF_INIT; for (f = cgit_snapshot_formats; f->suffix; f++) { - if (f->bit & bitmap) { + if (cgit_snapshot_format_bit(f) & bitmap) { if (result.len) strbuf_addch(&result, ' '); strbuf_addstr(&result, f->suffix); @@ -802,6 +799,8 @@ static void print_repo(FILE *f, struct cgit_repo *repo) } if (repo->defbranch) fprintf(f, "repo.defbranch=%s\n", repo->defbranch); + if (repo->extra_head_content) + fprintf(f, "repo.extra-head-content=%s\n", repo->extra_head_content); if (repo->module_link) fprintf(f, "repo.module-link=%s\n", repo->module_link); if (repo->section) @@ -831,6 +830,8 @@ static void print_repo(FILE *f, struct cgit_repo *repo) fprintf(f, "repo.snapshots=%s\n", tmp ? tmp : ""); free(tmp); } + if (repo->snapshot_prefix) + fprintf(f, "repo.snapshot-prefix=%s\n", repo->snapshot_prefix); if (repo->max_stats != ctx.cfg.max_stats) fprintf(f, "repo.max-stats=%s\n", cgit_find_stats_periodname(repo->max_stats)); @@ -971,8 +972,6 @@ static void cgit_parse_args(int argc, const char **argv) } if (skip_prefix(argv[i], "--cache=", &arg)) { ctx.cfg.cache_root = xstrdup(arg); - } else if (!strcmp(argv[i], "--nocache")) { - ctx.cfg.nocache = 1; } else if (!strcmp(argv[i], "--nohttp")) { ctx.env.no_http = "1"; } else if (skip_prefix(argv[i], "--query=", &arg)) { @@ -1093,8 +1092,6 @@ int cmd_main(int argc, const char **argv) else ctx.page.expires += ttl * 60; if (!ctx.env.authenticated || (ctx.env.request_method && !strcmp(ctx.env.request_method, "HEAD"))) - ctx.cfg.nocache = 1; - if (ctx.cfg.nocache) ctx.cfg.cache_size = 0; err = cache_process(ctx.cfg.cache_size, ctx.cfg.cache_root, ctx.qry.raw, ttl, process_request); @@ -685,6 +685,14 @@ div#cgit a.tag-deco { border: solid 1px #777700; } +div#cgit a.tag-annotated-deco { + color: #000; + margin: 0px 0.5em; + padding: 0px 0.25em; + background-color: #ffcc88; + border: solid 1px #777700; +} + div#cgit a.remote-deco { color: #000; margin: 0px 0.5em; @@ -703,6 +711,7 @@ div#cgit a.deco { div#cgit div.commit-subject a.branch-deco, div#cgit div.commit-subject a.tag-deco, +div#cgit div.commit-subject a.tag-annotated-deco, div#cgit div.commit-subject a.remote-deco, div#cgit div.commit-subject a.deco { margin-left: 1em; @@ -46,6 +46,8 @@ */ #define PAGE_ENCODING "UTF-8" +#define BIT(x) (1U << (x)) + typedef void (*configfn)(const char *name, const char *value); typedef void (*filepair_fn)(struct diff_filepair *pair); typedef void (*linediff_fn)(char *line, int len); @@ -79,6 +81,7 @@ struct cgit_repo { char *name; char *path; char *desc; + char *extra_head_content; char *owner; char *homepage; char *defbranch; @@ -88,6 +91,7 @@ struct cgit_repo { char *clone_url; char *logo; char *logo_link; + char *snapshot_prefix; int snapshots; int enable_commit_graph; int enable_log_filecount; @@ -194,8 +198,6 @@ struct cgit_config { char *footer; char *head_include; char *header; - char *index_header; - char *index_info; char *logo; char *logo_link; char *mimetype_file; @@ -245,7 +247,6 @@ struct cgit_config { int max_repodesc_len; int max_blob_size; int max_stats; - int nocache; int noplainemail; int noheader; int renamelimit; @@ -313,7 +314,6 @@ struct cgit_snapshot_format { const char *suffix; const char *mimetype; write_archive_fn_t write_func; - int bit; }; extern const char *cgit_version; @@ -373,6 +373,9 @@ extern void cgit_parse_url(const char *url); extern const char *cgit_repobasename(const char *reponame); extern int cgit_parse_snapshots_mask(const char *str); +extern const struct object_id *cgit_snapshot_get_sig(const char *ref, + const struct cgit_snapshot_format *f); +extern const unsigned cgit_snapshot_format_bit(const struct cgit_snapshot_format *f); extern int cgit_open_filter(struct cgit_filter *filter, ...); extern int cgit_close_filter(struct cgit_filter *filter); diff --git a/cgitrc.5.txt b/cgitrc.5.txt index 4da166c..34b351b 100644 --- a/cgitrc.5.txt +++ b/cgitrc.5.txt @@ -54,14 +54,10 @@ branch-sort:: list, and when set to "name" enables ordering by branch name. Default value: "name". -cache-root:: - Path used to store the cgit cache entries. Default value: - "/var/cache/cgit". See also: "MACRO EXPANSION". - -cache-static-ttl:: +cache-about-ttl:: Number which specifies the time-to-live, in minutes, for the cached - version of repository pages accessed with a fixed SHA1. See also: - "CACHE". Default value: -1". + version of the repository about page. See also: "CACHE". Default + value: "15". cache-dynamic-ttl:: Number which specifies the time-to-live, in minutes, for the cached @@ -73,6 +69,10 @@ cache-repo-ttl:: version of the repository summary page. See also: "CACHE". Default value: "5". +cache-root:: + Path used to store the cgit cache entries. Default value: + "/var/cache/cgit". See also: "MACRO EXPANSION". + cache-root-ttl:: Number which specifies the time-to-live, in minutes, for the cached version of the repository index page. See also: "CACHE". Default @@ -83,22 +83,22 @@ cache-scanrc-ttl:: of scanning a path for git repositories. See also: "CACHE". Default value: "15". -cache-about-ttl:: - Number which specifies the time-to-live, in minutes, for the cached - version of the repository about page. See also: "CACHE". Default - value: "15". - -cache-snapshot-ttl:: - Number which specifies the time-to-live, in minutes, for the cached - version of snapshots. See also: "CACHE". Default value: "5". +case-sensitive-sort:: + Sort items in the repo list case sensitively. Default value: "1". + See also: repository-sort, section-sort. cache-size:: The maximum number of entries in the cgit cache. When set to "0", caching is disabled. See also: "CACHE". Default value: "0" -case-sensitive-sort:: - Sort items in the repo list case sensitively. Default value: "1". - See also: repository-sort, section-sort. +cache-snapshot-ttl:: + Number which specifies the time-to-live, in minutes, for the cached + version of snapshots. See also: "CACHE". Default value: "5". + +cache-static-ttl:: + Number which specifies the time-to-live, in minutes, for the cached + version of repository pages accessed with a fixed SHA1. See also: + "CACHE". Default value: -1". clone-prefix:: Space-separated list of common prefixes which, when combined with a @@ -159,12 +159,29 @@ enable-follow-links:: Flag which, when set to "1", allows users to follow a file in the log view. Default value: "0". +enable-git-config:: + Flag which, when set to "1", will allow cgit to use git config to set + any repo specific settings. This option is used in conjunction with + "scan-path", and must be defined prior, to augment repo-specific + settings. The keys gitweb.owner, gitweb.category, gitweb.description, + and gitweb.homepage will map to the cgit keys repo.owner, repo.section, + repo.desc, and repo.homepage respectively. All git config keys that begin + with "cgit." will be mapped to the corresponding "repo." key in cgit. + Default value: "0". See also: scan-path, section-from-path. + enable-http-clone:: - If set to "1", cgit will act as an dumb HTTP endpoint for git clones. + If set to "1", cgit will act as a dumb HTTP endpoint for git clones. You can add "http://$HTTP_HOST$SCRIPT_NAME/$CGIT_REPO_URL" to clone-url to expose this feature. If you use an alternate way of serving git repositories, you may wish to disable this. Default value: "1". +enable-html-serving:: + Flag which, when set to "1", will allow the /plain handler to serve + mimetype headers that result in the file being treated as HTML by the + browser. When set to "0", such file types are returned instead as + text/plain or application/octet-stream. Default value: "0". See also: + "repo.enable-html-serving". + enable-index-links:: Flag which, when set to "1", will make cgit generate extra links for each repo in the repository index (specifically, to the "summary", @@ -195,27 +212,10 @@ enable-subject-links:: in commit view. Default value: "0". See also: "repo.enable-subject-links". -enable-html-serving:: - Flag which, when set to "1", will allow the /plain handler to serve - mimetype headers that result in the file being treated as HTML by the - browser. When set to "0", such file types are returned instead as - text/plain or application/octet-stream. Default value: "0". See also: - "repo.enable-html-serving". - enable-tree-linenumbers:: Flag which, when set to "1", will make cgit generate linenumber links for plaintext blobs printed in the tree view. Default value: "1". -enable-git-config:: - Flag which, when set to "1", will allow cgit to use git config to set - any repo specific settings. This option is used in conjunction with - "scan-path", and must be defined prior, to augment repo-specific - settings. The keys gitweb.owner, gitweb.category, gitweb.description, - and gitweb.homepage will map to the cgit keys repo.owner, repo.section, - repo.desc, and repo.homepage respectively. All git config keys that begin - with "cgit." will be mapped to the corresponding "repo." key in cgit. - Default value: "0". See also: scan-path, section-from-path. - favicon:: Url used as link to a shortcut icon for cgit. It is suggested to use the value "/favicon.ico" since certain browsers will ignore other @@ -238,18 +238,6 @@ include:: Name of a configfile to include before the rest of the current config- file is parsed. Default value: none. See also: "MACRO EXPANSION". -index-header:: - The content of the file specified with this option will be included - verbatim above the repository index. This setting is deprecated, and - will not be supported by cgit-1.0 (use root-readme instead). Default - value: none. - -index-info:: - The content of the file specified with this option will be included - verbatim below the heading on the repository index page. This setting - is deprecated, and will not be supported by cgit-1.0 (use root-desc - instead). Default value: none. - local-time:: Flag which, if set to "1", makes cgit print commit and tag times in the servers timezone. Default value: "0". @@ -263,19 +251,14 @@ logo-link:: calculated url of the repository index page will be used. Default value: none. -owner-filter:: - Specifies a command which will be invoked to format the Owner - column of the main page. The command will get the owner on STDIN, - and the STDOUT from the command will be included verbatim in the - table. This can be used to link to additional context such as an - owners home page. When active this filter is used instead of the - default owner query url. Default value: none. - See also: "FILTER API". - max-atom-items:: Specifies the number of items to display in atom feeds view. Default value: "10". +max-blob-size:: + Specifies the maximum size of a blob to display HTML for in KBytes. + Default value: "0" (limit disabled). + max-commit-count:: Specifies the number of entries to list per page in "log" view. Default value: "50". @@ -292,10 +275,6 @@ max-repodesc-length:: Specifies the maximum number of repo description characters to display on the repository index page. Default value: "80". -max-blob-size:: - Specifies the maximum size of a blob to display HTML for in KBytes. - Default value: "0" (limit disabled). - max-stats:: Set the default maximum statistics period. Valid values are "week", "month", "quarter" and "year". If unspecified, statistics are @@ -323,11 +302,6 @@ module-link:: formatstring are the path and SHA1 of the submodule commit. Default value: none. -nocache:: - If set to the value "1" caching will be disabled. This settings is - deprecated, and will not be honored starting with cgit-1.0. Default - value: "0". - noplainemail:: If set to "1" showing full author email addresses will be disabled. Default value: "0". @@ -336,6 +310,15 @@ noheader:: Flag which, when set to "1", will make cgit omit the standard header on all pages. Default value: none. See also: "embedded". +owner-filter:: + Specifies a command which will be invoked to format the Owner + column of the main page. The command will get the owner on STDIN, + and the STDOUT from the command will be included verbatim in the + table. This can be used to link to additional context such as an + owners home page. When active this filter is used instead of the + default owner query url. Default value: none. + See also: "FILTER API". + project-list:: A list of subdirectories inside of scan-path, relative to it, that should loaded as git repositories. This must be defined prior to @@ -359,10 +342,6 @@ renamelimit:: "-1" uses the compiletime value in git (for further info, look at `man git-diff`). Default value: "-1". -repo.group:: - Legacy alias for "section". This option is deprecated and will not be - supported in cgit-1.0. - repository-sort:: The way in which repositories in each section are sorted. Valid values are "name" for sorting by the repo name or "age" for sorting by the @@ -429,6 +408,7 @@ snapshots:: Text which specifies the default set of snapshot formats that cgit generates links for. The value is a space-separated list of zero or more of the values "tar", "tar.gz", "tar.bz2", "tar.xz" and "zip". + The special value "all" enables all snapshot formats. Default value: none. source-filter:: @@ -501,9 +481,6 @@ repo.defbranch:: repo.desc:: The value to show as repository description. Default value: none. -repo.homepage:: - The value to show as repository homepage. Default value: none. - repo.email-filter:: Override the default email-filter. Default value: none. See also: "enable-filter-overrides". See also: "FILTER API". @@ -512,6 +489,10 @@ repo.enable-commit-graph:: A flag which can be used to disable the global setting `enable-commit-graph'. Default value: none. +repo.enable-html-serving:: + A flag which can be used to override the global setting + `enable-html-serving`. Default value: none. + repo.enable-log-filecount:: A flag which can be used to disable the global setting `enable-log-filecount'. Default value: none. @@ -528,15 +509,18 @@ repo.enable-subject-links:: A flag which can be used to override the global setting `enable-subject-links'. Default value: none. -repo.enable-html-serving:: - A flag which can be used to override the global setting - `enable-html-serving`. Default value: none. +repo.extra-head-content:: + This value will be added verbatim to the head section of each page + displayed for this repo. Default value: none. repo.hide:: Flag which, when set to "1", hides the repository from the repository index. The repository can still be accessed by providing a direct path. Default value: "0". See also: "repo.ignore". +repo.homepage:: + The value to show as repository homepage. Default value: none. + repo.ignore:: Flag which, when set to "1", ignores the repository. The repository is not shown in the index and cannot be accessed by providing a direct @@ -551,10 +535,6 @@ repo.logo-link:: calculated url of the repository index page will be used. Default value: global logo-link. -repo.owner-filter:: - Override the default owner-filter. Default value: none. See also: - "enable-filter-overrides". See also: "FILTER API". - repo.module-link:: Text which will be used as the formatstring for a hyperlink when a submodule is printed in a directory listing. The arguments for the @@ -579,6 +559,10 @@ repo.owner:: A value used to identify the owner of the repository. Default value: none. +repo.owner-filter:: + Override the default owner-filter. Default value: none. See also: + "enable-filter-overrides". See also: "FILTER API". + repo.path:: An absolute path to the repository directory. For non-bare repositories this is the .git-directory. Default value: none. @@ -594,14 +578,21 @@ repo.readme:: are no non-public files located in the same directory as the readme file. Default value: <readme>. +repo.section:: + Override the current section name for this repository. Default value: + none. + repo.snapshots:: A mask of snapshot formats for this repo that cgit generates links for, restricted by the global "snapshots" setting. Default value: <snapshots>. -repo.section:: - Override the current section name for this repository. Default value: - none. +repo.snapshot-prefix:: + Prefix to use for snapshot links instead of the repository basename. + For example, the "linux-stable" repository may wish to set this to + "linux" so that snapshots are in the format "linux-3.15.4" instead + of "linux-stable-3.15.4". Default value: <empty> meaning to use + the repository basename. repo.source-filter:: Override the default source-filter. Default value: none. See also: @@ -675,30 +666,6 @@ about filter:: The about text that is to be filtered is available on standard input and the filtered text is expected on standard output. -commit filter:: - This filter is given no arguments. The commit message text that is to - be filtered is available on standard input and the filtered text is - expected on standard output. - -email filter:: - This filter is given two parameters: the email address of the relevant - author and a string indicating the originating page. The filter will - then receive the text string to format on standard input and is - expected to write to standard output the formatted text to be included - in the page. - -owner filter:: - This filter is given no arguments. The owner text is available on - standard input and the filter is expected to write to standard - output. The output is included in the Owner column. - -source filter:: - This filter is given a single parameter: the filename of the source - file to filter. The filter can use the filename to determine (for - example) the syntax highlighting mode. The contents of the source - file that is to be filtered is available on standard input and the - filtered contents is expected on standard output. - auth filter:: The authentication filter receives 12 parameters: - filter action, explained below, which specifies which action the @@ -725,6 +692,30 @@ auth filter:: Please see `filters/simple-authentication.lua` for a clear example script that may be modified. +commit filter:: + This filter is given no arguments. The commit message text that is to + be filtered is available on standard input and the filtered text is + expected on standard output. + +email filter:: + This filter is given two parameters: the email address of the relevant + author and a string indicating the originating page. The filter will + then receive the text string to format on standard input and is + expected to write to standard output the formatted text to be included + in the page. + +owner filter:: + This filter is given no arguments. The owner text is available on + standard input and the filter is expected to write to standard + output. The output is included in the Owner column. + +source filter:: + This filter is given a single parameter: the filename of the source + file to filter. The filter can use the filename to determine (for + example) the syntax highlighting mode. The contents of the source + file that is to be filtered is available on standard input and the + filtered contents is expected on standard output. + All filters are handed the following environment variables: @@ -768,7 +759,7 @@ the environment variables defined in "FILTER API": CACHE ------- +----- All cache ttl values are in minutes. Negative ttl values indicate that a page type will never expire, and thus the first time a URL is accessed, the result @@ -776,6 +767,33 @@ will be cached indefinitely, even if the underlying git repository changes. Conversely, when a ttl value is zero, the cache is disabled for that particular page type, and the page type is never cached. +SIGNATURES +---------- + +Cgit can host .asc signatures corresponding to various snapshot formats, +through use of git notes. For example, the following command may be used to +add a signature to a .tar.xz archive: + + git notes --ref=refs/notes/signatures/tar.xz add -C "$( + gpg --output - --armor --detach-sign cgit-1.1.tar.xz | + git hash-object -w --stdin + )" v1.1 + +If it is instead desirable to attach a signature of the underlying .tar, this +will be linked, as a special case, beside a .tar.* link that does not have its +own signature. For example, a signature of a tarball of the latest tag might +be added with a similar command: + + tag="$(git describe --abbrev=0)" + git notes --ref=refs/notes/signatures/tar add -C "$( + git archive --format tar --prefix "cgit-${tag#v}/" "$tag" | + gpg --output - --armor --detach-sign | + git hash-object -w --stdin + )" "$tag" + +Since git-archive(1) is expected to produce stable output between versions, +this allows one to generate a long-term signature of the contents of a given +tag. EXAMPLE CGITRC FILE ------------------- diff --git a/filters/file-authentication.lua b/filters/file-authentication.lua new file mode 100644 index 0000000..6ee1e19 --- /dev/null +++ b/filters/file-authentication.lua @@ -0,0 +1,352 @@ +-- This script may be used with the auth-filter. +-- +-- Requirements: +-- luacrypto >= 0.3 +-- <http://mkottman.github.io/luacrypto/> +-- luaposix +-- <https://github.com/luaposix/luaposix> +-- +local sysstat = require("posix.sys.stat") +local unistd = require("posix.unistd") +local crypto = require("crypto") + + +-- This file should contain a series of lines in the form of: +-- username1:hash1 +-- username2:hash2 +-- username3:hash3 +-- ... +-- Hashes can be generated using something like `mkpasswd -m sha-512 -R 300000`. +-- This file should not be world-readable. +local users_filename = "/etc/cgit-auth/users" + +-- This file should contain a series of lines in the form of: +-- groupname1:username1,username2,username3,... +-- ... +local groups_filename = "/etc/cgit-auth/groups" + +-- This file should contain a series of lines in the form of: +-- reponame1:groupname1,groupname2,groupname3,... +-- ... +local repos_filename = "/etc/cgit-auth/repos" + +-- Set this to a path this script can write to for storing a persistent +-- cookie secret, which should not be world-readable. +local secret_filename = "/var/cache/cgit/auth-secret" + +-- +-- +-- Authentication functions follow below. Swap these out if you want different authentication semantics. +-- +-- + +-- Looks up a hash for a given user. +function lookup_hash(user) + local line + for line in io.lines(users_filename) do + local u, h = string.match(line, "(.-):(.+)") + if u:lower() == user:lower() then + return h + end + end + return nil +end + +-- Looks up users for a given repo. +function lookup_users(repo) + local users = nil + local groups = nil + local line, group, user + for line in io.lines(repos_filename) do + local r, g = string.match(line, "(.-):(.+)") + if r == repo then + groups = { } + for group in string.gmatch(g, "([^,]+)") do + groups[group:lower()] = true + end + break + end + end + if groups == nil then + return nil + end + for line in io.lines(groups_filename) do + local g, u = string.match(line, "(.-):(.+)") + if groups[g:lower()] then + if users == nil then + users = { } + end + for user in string.gmatch(u, "([^,]+)") do + users[user:lower()] = true + end + end + end + return users +end + + +-- Sets HTTP cookie headers based on post and sets up redirection. +function authenticate_post() + local hash = lookup_hash(post["username"]) + local redirect = validate_value("redirect", post["redirect"]) + + if redirect == nil then + not_found() + return 0 + end + + redirect_to(redirect) + + if hash == nil or hash ~= unistd.crypt(post["password"], hash) then + set_cookie("cgitauth", "") + else + -- One week expiration time + local username = secure_value("username", post["username"], os.time() + 604800) + set_cookie("cgitauth", username) + end + + html("\n") + return 0 +end + + +-- Returns 1 if the cookie is valid and 0 if it is not. +function authenticate_cookie() + accepted_users = lookup_users(cgit["repo"]) + if accepted_users == nil then + -- We return as valid if the repo is not protected. + return 1 + end + + local username = validate_value("username", get_cookie(http["cookie"], "cgitauth")) + if username == nil or not accepted_users[username:lower()] then + return 0 + else + return 1 + end +end + +-- Prints the html for the login form. +function body() + html("<h2>Authentication Required</h2>") + html("<form method='post' action='") + html_attr(cgit["login"]) + html("'>") + html("<input type='hidden' name='redirect' value='") + html_attr(secure_value("redirect", cgit["url"], 0)) + html("' />") + html("<table>") + html("<tr><td><label for='username'>Username:</label></td><td><input id='username' name='username' autofocus /></td></tr>") + html("<tr><td><label for='password'>Password:</label></td><td><input id='password' name='password' type='password' /></td></tr>") + html("<tr><td colspan='2'><input value='Login' type='submit' /></td></tr>") + html("</table></form>") + + return 0 +end + + + +-- +-- +-- Wrapper around filter API, exposing the http table, the cgit table, and the post table to the above functions. +-- +-- + +local actions = {} +actions["authenticate-post"] = authenticate_post +actions["authenticate-cookie"] = authenticate_cookie +actions["body"] = body + +function filter_open(...) + action = actions[select(1, ...)] + + http = {} + http["cookie"] = select(2, ...) + http["method"] = select(3, ...) + http["query"] = select(4, ...) + http["referer"] = select(5, ...) + http["path"] = select(6, ...) + http["host"] = select(7, ...) + http["https"] = select(8, ...) + + cgit = {} + cgit["repo"] = select(9, ...) + cgit["page"] = select(10, ...) + cgit["url"] = select(11, ...) + cgit["login"] = select(12, ...) + +end + +function filter_close() + return action() +end + +function filter_write(str) + post = parse_qs(str) +end + + +-- +-- +-- Utility functions based on keplerproject/wsapi. +-- +-- + +function url_decode(str) + if not str then + return "" + end + str = string.gsub(str, "+", " ") + str = string.gsub(str, "%%(%x%x)", function(h) return string.char(tonumber(h, 16)) end) + str = string.gsub(str, "\r\n", "\n") + return str +end + +function url_encode(str) + if not str then + return "" + end + str = string.gsub(str, "\n", "\r\n") + str = string.gsub(str, "([^%w ])", function(c) return string.format("%%%02X", string.byte(c)) end) + str = string.gsub(str, " ", "+") + return str +end + +function parse_qs(qs) + local tab = {} + for key, val in string.gmatch(qs, "([^&=]+)=([^&=]*)&?") do + tab[url_decode(key)] = url_decode(val) + end + return tab +end + +function get_cookie(cookies, name) + cookies = string.gsub(";" .. cookies .. ";", "%s*;%s*", ";") + return url_decode(string.match(cookies, ";" .. name .. "=(.-);")) +end + + +-- +-- +-- Cookie construction and validation helpers. +-- +-- + +local secret = nil + +-- Loads a secret from a file, creates a secret, or returns one from memory. +function get_secret() + if secret ~= nil then + return secret + end + local secret_file = io.open(secret_filename, "r") + if secret_file == nil then + local old_umask = sysstat.umask(63) + local temporary_filename = secret_filename .. ".tmp." .. crypto.hex(crypto.rand.bytes(16)) + local temporary_file = io.open(temporary_filename, "w") + if temporary_file == nil then + os.exit(177) + end + temporary_file:write(crypto.hex(crypto.rand.bytes(32))) + temporary_file:close() + unistd.link(temporary_filename, secret_filename) -- Intentionally fails in the case that another process is doing the same. + unistd.unlink(temporary_filename) + sysstat.umask(old_umask) + secret_file = io.open(secret_filename, "r") + end + if secret_file == nil then + os.exit(177) + end + secret = secret_file:read() + secret_file:close() + if secret:len() ~= 64 then + os.exit(177) + end + return secret +end + +-- Returns value of cookie if cookie is valid. Otherwise returns nil. +function validate_value(expected_field, cookie) + local i = 0 + local value = "" + local field = "" + local expiration = 0 + local salt = "" + local hmac = "" + + if cookie == nil or cookie:len() < 3 or cookie:sub(1, 1) == "|" then + return nil + end + + for component in string.gmatch(cookie, "[^|]+") do + if i == 0 then + field = component + elseif i == 1 then + value = component + elseif i == 2 then + expiration = tonumber(component) + if expiration == nil then + expiration = -1 + end + elseif i == 3 then + salt = component + elseif i == 4 then + hmac = component + else + break + end + i = i + 1 + end + + if hmac == nil or hmac:len() == 0 then + return nil + end + + -- Lua hashes strings, so these comparisons are time invariant. + if hmac ~= crypto.hmac.digest("sha256", field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt, get_secret()) then + return nil + end + + if expiration == -1 or (expiration ~= 0 and expiration <= os.time()) then + return nil + end + + if url_decode(field) ~= expected_field then + return nil + end + + return url_decode(value) +end + +function secure_value(field, value, expiration) + if value == nil or value:len() <= 0 then + return "" + end + + local authstr = "" + local salt = crypto.hex(crypto.rand.bytes(16)) + value = url_encode(value) + field = url_encode(field) + authstr = field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt + authstr = authstr .. "|" .. crypto.hmac.digest("sha256", authstr, get_secret()) + return authstr +end + +function set_cookie(cookie, value) + html("Set-Cookie: " .. cookie .. "=" .. value .. "; HttpOnly") + if http["https"] == "yes" or http["https"] == "on" or http["https"] == "1" then + html("; secure") + end + html("\n") +end + +function redirect_to(url) + html("Status: 302 Redirect\n") + html("Cache-Control: no-cache, no-store\n") + html("Location: " .. url .. "\n") +end + +function not_found() + html("Status: 404 Not Found\n") + html("Cache-Control: no-cache, no-store\n\n") +end diff --git a/filters/gentoo-ldap-authentication.lua b/filters/gentoo-ldap-authentication.lua index 6d8eb3e..b4d98c2 100644 --- a/filters/gentoo-ldap-authentication.lua +++ b/filters/gentoo-ldap-authentication.lua @@ -5,7 +5,13 @@ -- <http://mkottman.github.io/luacrypto/> -- lualdap >= 1.2 -- <https://git.zx2c4.com/lualdap/about/> +-- luaposix +-- <https://github.com/luaposix/luaposix> -- +local sysstat = require("posix.sys.stat") +local unistd = require("posix.unistd") +local crypto = require("crypto") +local lualdap = require("lualdap") -- @@ -21,11 +27,9 @@ local protected_repos = { portage = "dev" } - --- All cookies will be authenticated based on this secret. Make it something --- totally random and impossible to guess. It should be large. -local secret = "BE SURE TO CUSTOMIZE THIS STRING TO SOMETHING BIG AND RANDOM" - +-- Set this to a path this script can write to for storing a persistent +-- cookie secret, which should be guarded. +local secret_filename = "/var/cache/cgit/auth-secret" -- @@ -102,11 +106,9 @@ end -- -- -local lualdap = require("lualdap") - function gentoo_ldap_user_groups(username, password) -- Ensure the user is alphanumeric - if username:match("%W") then + if username == nil or username:match("%W") then return nil end @@ -231,7 +233,38 @@ end -- -- -local crypto = require("crypto") +local secret = nil + +-- Loads a secret from a file, creates a secret, or returns one from memory. +function get_secret() + if secret ~= nil then + return secret + end + local secret_file = io.open(secret_filename, "r") + if secret_file == nil then + local old_umask = sysstat.umask(63) + local temporary_filename = secret_filename .. ".tmp." .. crypto.hex(crypto.rand.bytes(16)) + local temporary_file = io.open(temporary_filename, "w") + if temporary_file == nil then + os.exit(177) + end + temporary_file:write(crypto.hex(crypto.rand.bytes(32))) + temporary_file:close() + unistd.link(temporary_filename, secret_filename) -- Intentionally fails in the case that another process is doing the same. + unistd.unlink(temporary_filename) + sysstat.umask(old_umask) + secret_file = io.open(secret_filename, "r") + end + if secret_file == nil then + os.exit(177) + end + secret = secret_file:read() + secret_file:close() + if secret:len() ~= 64 then + os.exit(177) + end + return secret +end -- Returns value of cookie if cookie is valid. Otherwise returns nil. function validate_value(expected_field, cookie) @@ -271,7 +304,7 @@ function validate_value(expected_field, cookie) end -- Lua hashes strings, so these comparisons are time invariant. - if hmac ~= crypto.hmac.digest("sha1", field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt, secret) then + if hmac ~= crypto.hmac.digest("sha256", field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt, get_secret()) then return nil end @@ -296,7 +329,7 @@ function secure_value(field, value, expiration) value = url_encode(value) field = url_encode(field) authstr = field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt - authstr = authstr .. "|" .. crypto.hmac.digest("sha1", authstr, secret) + authstr = authstr .. "|" .. crypto.hmac.digest("sha256", authstr, get_secret()) return authstr end diff --git a/filters/simple-authentication.lua b/filters/simple-authentication.lua index de34d09..77d1fd0 100644 --- a/filters/simple-authentication.lua +++ b/filters/simple-authentication.lua @@ -3,7 +3,12 @@ -- Requirements: -- luacrypto >= 0.3 -- <http://mkottman.github.io/luacrypto/> +-- luaposix +-- <https://github.com/luaposix/luaposix> -- +local sysstat = require("posix.sys.stat") +local unistd = require("posix.unistd") +local crypto = require("crypto") -- @@ -18,24 +23,16 @@ local protected_repos = { qt = { jason = true, bob = true } } --- Please note that, in production, you'll want to replace this simple lookup --- table with either a table of salted and hashed passwords (using something --- smart like scrypt), or replace this table lookup with an external support, --- such as consulting your system's pam / shadow system, or an external --- database, or an external validating web service. For testing, or for --- extremely low-security usage, you may be able, however, to get away with --- compromising on hardcoding the passwords in cleartext, as we have done here. +-- A list of users and hashes, generated with `mkpasswd -m sha-512 -R 300000`. local users = { - jason = "secretpassword", - laurent = "s3cr3t", - bob = "ilikelua" + jason = "$6$rounds=300000$YYJct3n/o.ruYK$HhpSeuCuW1fJkpvMZOZzVizeLsBKcGA/aF2UPuV5v60JyH2MVSG6P511UMTj2F3H75.IT2HIlnvXzNb60FcZH1", + laurent = "$6$rounds=300000$dP0KNHwYb3JKigT$pN/LG7rWxQ4HniFtx5wKyJXBJUKP7R01zTNZ0qSK/aivw8ywGAOdfYiIQFqFhZFtVGvr11/7an.nesvm8iJUi.", + bob = "$6$rounds=300000$jCLCCt6LUpTz$PI1vvd1yaVYcCzqH8QAJFcJ60b6W/6sjcOsU7mAkNo7IE8FRGW1vkjF8I/T5jt/auv5ODLb1L4S2s.CAyZyUC" } --- All cookies will be authenticated based on this secret. Make it something --- totally random and impossible to guess. It should be large. -local secret = "BE SURE TO CUSTOMIZE THIS STRING TO SOMETHING BIG AND RANDOM" - - +-- Set this to a path this script can write to for storing a persistent +-- cookie secret, which should be guarded. +local secret_filename = "/var/cache/cgit/auth-secret" -- -- @@ -45,7 +42,7 @@ local secret = "BE SURE TO CUSTOMIZE THIS STRING TO SOMETHING BIG AND RANDOM" -- Sets HTTP cookie headers based on post and sets up redirection. function authenticate_post() - local password = users[post["username"]] + local hash = users[post["username"]] local redirect = validate_value("redirect", post["redirect"]) if redirect == nil then @@ -55,8 +52,7 @@ function authenticate_post() redirect_to(redirect) - -- Lua hashes strings, so these comparisons are time invariant. - if password == nil or password ~= post["password"] then + if hash == nil or hash ~= unistd.crypt(post["password"], hash) then set_cookie("cgitauth", "") else -- One week expiration time @@ -191,7 +187,38 @@ end -- -- -local crypto = require("crypto") +local secret = nil + +-- Loads a secret from a file, creates a secret, or returns one from memory. +function get_secret() + if secret ~= nil then + return secret + end + local secret_file = io.open(secret_filename, "r") + if secret_file == nil then + local old_umask = sysstat.umask(63) + local temporary_filename = secret_filename .. ".tmp." .. crypto.hex(crypto.rand.bytes(16)) + local temporary_file = io.open(temporary_filename, "w") + if temporary_file == nil then + os.exit(177) + end + temporary_file:write(crypto.hex(crypto.rand.bytes(32))) + temporary_file:close() + unistd.link(temporary_filename, secret_filename) -- Intentionally fails in the case that another process is doing the same. + unistd.unlink(temporary_filename) + sysstat.umask(old_umask) + secret_file = io.open(secret_filename, "r") + end + if secret_file == nil then + os.exit(177) + end + secret = secret_file:read() + secret_file:close() + if secret:len() ~= 64 then + os.exit(177) + end + return secret +end -- Returns value of cookie if cookie is valid. Otherwise returns nil. function validate_value(expected_field, cookie) @@ -231,7 +258,7 @@ function validate_value(expected_field, cookie) end -- Lua hashes strings, so these comparisons are time invariant. - if hmac ~= crypto.hmac.digest("sha1", field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt, secret) then + if hmac ~= crypto.hmac.digest("sha256", field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt, get_secret()) then return nil end @@ -256,7 +283,7 @@ function secure_value(field, value, expiration) value = url_encode(value) field = url_encode(field) authstr = field .. "|" .. value .. "|" .. tostring(expiration) .. "|" .. salt - authstr = authstr .. "|" .. crypto.hmac.digest("sha1", authstr, secret) + authstr = authstr .. "|" .. crypto.hmac.digest("sha256", authstr, get_secret()) return authstr end diff --git a/git b/git -Subproject 2512f15446149235156528dafbe75930c712b29 +Subproject 53f9a3e157dbbc901a02ac2c73346d375e24978 @@ -200,7 +200,7 @@ struct taginfo *cgit_parse_tag(struct tag *tag) const char *p; struct taginfo *ret = NULL; - data = read_sha1_file(tag->object.oid.hash, &type, &size); + data = read_object_file(&tag->object.oid, &type, &size); if (!data || type != OBJ_TAG) goto cleanup; @@ -53,6 +53,7 @@ struct cgit_repo *cgit_add_repo(const char *url) ret->name = ret->url; ret->path = NULL; ret->desc = cgit_default_repo_desc; + ret->extra_head_content = NULL; ret->owner = NULL; ret->homepage = NULL; ret->section = ctx.cfg.section; @@ -239,7 +240,7 @@ static int load_mmfile(mmfile_t *file, const struct object_id *oid) file->ptr = (char *)""; file->size = 0; } else { - file->ptr = read_sha1_file(oid->hash, &type, + file->ptr = read_object_file(oid, &type, (unsigned long *)&file->size); } return 1; @@ -390,6 +391,9 @@ int cgit_parse_snapshots_mask(const char *str) if (atoi(str)) return 1; + if (strcmp(str, "all") == 0) + return INT_MAX; + string_list_split(&tokens, str, ' ', -1); string_list_remove_empty_items(&tokens, 0); @@ -397,7 +401,7 @@ int cgit_parse_snapshots_mask(const char *str) for (f = cgit_snapshot_formats; f->suffix; f++) { if (!strcmp(item->string, f->suffix) || !strcmp(item->string, f->suffix + 1)) { - rv |= f->bit; + rv |= cgit_snapshot_format_bit(f); break; } } @@ -472,15 +476,16 @@ static int is_token_char(char c) static char *expand_macro(char *name, int maxlength) { char *value; - int len; + size_t len; len = 0; value = getenv(name); if (value) { - len = strlen(value); + len = strlen(value) + 1; if (len > maxlength) len = maxlength; - strncpy(name, value, len); + strlcpy(name, value, len); + --len; } return name + len; } @@ -49,7 +49,7 @@ static void emit_blame_entry_hash(struct blame_entry *ent) char *detail = emit_suspect_detail(suspect); html("<span class='sha1'>"); - cgit_commit_link(find_unique_abbrev(oid->hash, DEFAULT_ABBREV), detail, + cgit_commit_link(find_unique_abbrev(oid, DEFAULT_ABBREV), detail, NULL, ctx.qry.head, oid_to_hex(oid), suspect->path); html("</span>"); free(detail); @@ -98,7 +98,7 @@ struct walk_tree_context { int state; }; -static void print_object(const unsigned char *sha1, const char *path, +static void print_object(const struct object_id *oid, const char *path, const char *basename, const char *rev) { enum object_type type; @@ -110,17 +110,17 @@ static void print_object(const unsigned char *sha1, const char *path, struct blame_origin *o; struct blame_entry *ent = NULL; - type = sha1_object_info(sha1, &size); + type = oid_object_info(the_repository, oid, &size); if (type == OBJ_BAD) { cgit_print_error_page(404, "Not found", "Bad object name: %s", - sha1_to_hex(sha1)); + oid_to_hex(oid)); return; } - buf = read_sha1_file(sha1, &type, &size); + buf = read_object_file(oid, &type, &size); if (!buf) { cgit_print_error_page(500, "Internal server error", - "Error reading object %s", sha1_to_hex(sha1)); + "Error reading object %s", oid_to_hex(oid)); return; } @@ -144,7 +144,7 @@ static void print_object(const unsigned char *sha1, const char *path, cgit_set_title_from_path(path); cgit_print_layout_start(); - htmlf("blob: %s (", sha1_to_hex(sha1)); + htmlf("blob: %s (", oid_to_hex(oid)); cgit_plain_link("plain", NULL, NULL, ctx.qry.head, rev, path); html(") ("); cgit_tree_link("tree", NULL, NULL, ctx.qry.head, rev, path); @@ -154,7 +154,7 @@ static void print_object(const unsigned char *sha1, const char *path, htmlf("<div class='error'>blob size (%ldKB)" " exceeds display size limit (%dKB).</div>", size / 1024, ctx.cfg.max_blob_size); - return; + goto cleanup; } html("<table class='blame blob'>\n<tr>\n"); @@ -213,9 +213,12 @@ static void print_object(const unsigned char *sha1, const char *path, html("</tr>\n</table>\n"); cgit_print_layout_end(); + +cleanup: + free(buf); } -static int walk_tree(const unsigned char *sha1, struct strbuf *base, +static int walk_tree(const struct object_id *oid, struct strbuf *base, const char *pathname, unsigned mode, int stage, void *cbdata) { @@ -226,7 +229,7 @@ static int walk_tree(const unsigned char *sha1, struct strbuf *base, struct strbuf buffer = STRBUF_INIT; strbuf_addbuf(&buffer, base); strbuf_addstr(&buffer, pathname); - print_object(sha1, buffer.buf, pathname, + print_object(oid, buffer.buf, pathname, walk_tree_ctx->curr_rev); strbuf_release(&buffer); walk_tree_ctx->state = 1; @@ -286,7 +289,7 @@ void cgit_print_blame(void) walk_tree_ctx.match_baselen = (path_items.match) ? basedir_len(path_items.match) : -1; - read_tree_recursive(commit->tree, "", 0, 0, &paths, walk_tree, + read_tree_recursive(commit->maybe_tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); if (!walk_tree_ctx.state) cgit_print_error_page(404, "Not found", "Not found"); @@ -18,7 +18,7 @@ struct walk_tree_context { unsigned int file_only:1; }; -static int walk_tree(const unsigned char *sha1, struct strbuf *base, +static int walk_tree(const struct object_id *oid, struct strbuf *base, const char *pathname, unsigned mode, int stage, void *cbdata) { struct walk_tree_context *walk_tree_ctx = cbdata; @@ -28,7 +28,7 @@ static int walk_tree(const unsigned char *sha1, struct strbuf *base, if (strncmp(base->buf, walk_tree_ctx->match_path, base->len) || strcmp(walk_tree_ctx->match_path + base->len, pathname)) return READ_TREE_RECURSIVE; - hashcpy(walk_tree_ctx->matched_oid->hash, sha1); + oidcpy(walk_tree_ctx->matched_oid, oid); walk_tree_ctx->found_path = 1; return 0; } @@ -54,9 +54,9 @@ int cgit_ref_path_exists(const char *path, const char *ref, int file_only) if (get_oid(ref, &oid)) goto done; - if (sha1_object_info(oid.hash, &size) != OBJ_COMMIT) + if (oid_object_info(the_repository, &oid, &size) != OBJ_COMMIT) goto done; - read_tree_recursive(lookup_commit_reference(&oid)->tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); + read_tree_recursive(lookup_commit_reference(&oid)->maybe_tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); done: free(path_items.match); @@ -87,17 +87,17 @@ int cgit_print_file(char *path, const char *head, int file_only) if (get_oid(head, &oid)) return -1; - type = sha1_object_info(oid.hash, &size); + type = oid_object_info(the_repository, &oid, &size); if (type == OBJ_COMMIT) { commit = lookup_commit_reference(&oid); - read_tree_recursive(commit->tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); + read_tree_recursive(commit->maybe_tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); if (!walk_tree_ctx.found_path) return -1; - type = sha1_object_info(oid.hash, &size); + type = oid_object_info(the_repository, &oid, &size); } if (type == OBJ_BAD) return -1; - buf = read_sha1_file(oid.hash, &type, &size); + buf = read_object_file(&oid, &type, &size); if (!buf) return -1; buf[size] = '\0'; @@ -142,12 +142,12 @@ void cgit_print_blob(const char *hex, char *path, const char *head, int file_onl } } - type = sha1_object_info(oid.hash, &size); + type = oid_object_info(the_repository, &oid, &size); if ((!hex) && type == OBJ_COMMIT && path) { commit = lookup_commit_reference(&oid); - read_tree_recursive(commit->tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); - type = sha1_object_info(oid.hash, &size); + read_tree_recursive(commit->maybe_tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); + type = oid_object_info(the_repository, &oid, &size); } if (type == OBJ_BAD) { @@ -156,7 +156,7 @@ void cgit_print_blob(const char *hex, char *path, const char *head, int file_onl return; } - buf = read_sha1_file(oid.hash, &type, &size); + buf = read_object_file(&oid, &type, &size); if (!buf) { cgit_print_error_page(500, "Internal server error", "Error reading object %s", hex); @@ -12,6 +12,7 @@ #include "html.h" #include "ui-shared.h" #include "packfile.h" +#include "object-store.h" static int print_ref_info(const char *refname, const struct object_id *oid, int flags, void *cb_data) @@ -38,8 +39,8 @@ static void print_pack_info(void) ctx.page.mimetype = "text/plain"; ctx.page.filename = "objects/info/packs"; cgit_print_http_headers(); - prepare_packed_git(); - for (pack = packed_git; pack; pack = pack->next) { + reprepare_packed_git(the_repository); + for (pack = get_packed_git(the_repository); pack; pack = pack->next) { if (pack->pack_local) { offset = strrchr(pack->pack_name, '/'); if (offset && offset[1] != '\0') @@ -91,17 +92,32 @@ void cgit_clone_info(void) void cgit_clone_objects(void) { - if (!ctx.qry.path) { - cgit_print_error_page(400, "Bad request", "Bad request"); - return; - } + char *p; + + if (!ctx.qry.path) + goto err; if (!strcmp(ctx.qry.path, "info/packs")) { print_pack_info(); return; } + /* Avoid directory traversal by forbidding "..", but also work around + * other funny business by just specifying a fairly strict format. For + * example, now we don't have to stress out about the Cygwin port. + */ + for (p = ctx.qry.path; *p; ++p) { + if (*p == '.' && *(p + 1) == '.') + goto err; + if (!isalnum(*p) && *p != '/' && *p != '.' && *p != '-') + goto err; + } + send_file(git_path("objects/%s", ctx.qry.path)); + return; + +err: + cgit_print_error_page(400, "Bad request", "Bad request"); } void cgit_clone_head(void) diff --git a/ui-commit.c b/ui-commit.c index abf58f6..995cb93 100644 --- a/ui-commit.c +++ b/ui-commit.c @@ -78,7 +78,7 @@ void cgit_print_commit(char *hex, const char *prefix) html(")</td></tr>\n"); html("<tr><th>tree</th><td colspan='2' class='sha1'>"); tmp = xstrdup(hex); - cgit_tree_link(oid_to_hex(&commit->tree->object.oid), NULL, NULL, + cgit_tree_link(oid_to_hex(&commit->maybe_tree->object.oid), NULL, NULL, ctx.qry.head, tmp, NULL); if (prefix) { html(" /"); @@ -110,8 +110,7 @@ void cgit_print_commit(char *hex, const char *prefix) } if (ctx.repo->snapshots) { html("<tr><th>download</th><td colspan='2' class='sha1'>"); - cgit_print_snapshot_links(ctx.qry.repo, ctx.qry.head, - hex, ctx.repo->snapshots); + cgit_print_snapshot_links(ctx.repo, hex, "<br/>"); html("</td></tr>"); } html("</table>\n"); @@ -258,8 +258,8 @@ static void header(const struct object_id *oid1, char *path1, int mode1, htmlf("<br/>deleted file mode %.6o", mode1); if (!subproject) { - abbrev1 = xstrdup(find_unique_abbrev(oid1->hash, DEFAULT_ABBREV)); - abbrev2 = xstrdup(find_unique_abbrev(oid2->hash, DEFAULT_ABBREV)); + abbrev1 = xstrdup(find_unique_abbrev(oid1, DEFAULT_ABBREV)); + abbrev2 = xstrdup(find_unique_abbrev(oid2, DEFAULT_ABBREV)); htmlf("<br/>index %s..%s", abbrev1, abbrev2); free(abbrev1); free(abbrev2); @@ -413,7 +413,7 @@ void cgit_print_diff(const char *new_rev, const char *old_rev, "Bad commit: %s", oid_to_hex(new_rev_oid)); return; } - new_tree_oid = &commit->tree->object.oid; + new_tree_oid = &commit->maybe_tree->object.oid; if (old_rev) { if (get_oid(old_rev, old_rev_oid)) { @@ -434,7 +434,7 @@ void cgit_print_diff(const char *new_rev, const char *old_rev, "Bad commit: %s", oid_to_hex(old_rev_oid)); return; } - old_tree_oid = &commit2->tree->object.oid; + old_tree_oid = &commit2->maybe_tree->object.oid; } else { old_tree_oid = NULL; } @@ -65,6 +65,8 @@ void show_commit_decorations(struct commit *commit) return; html("<span class='decoration'>"); while (deco) { + struct object_id peeled; + int is_annotated = 0; strncpy(buf, prettify_refname(deco->name), sizeof(buf) - 1); switch(deco->type) { case DECORATION_NONE: @@ -77,7 +79,9 @@ void show_commit_decorations(struct commit *commit) ctx.qry.showmsg, 0); break; case DECORATION_REF_TAG: - cgit_tag_link(buf, NULL, "tag-deco", buf); + if (!peel_ref(deco->name, &peeled)) + is_annotated = !oidcmp(&commit->object.oid, &peeled); + cgit_tag_link(buf, NULL, is_annotated ? "tag-annotated-deco" : "tag-deco", buf); break; case DECORATION_REF_REMOTE: if (!ctx.repo->enable_remote_branches) @@ -149,8 +153,8 @@ static int show_commit(struct commit *commit, struct rev_info *revs) rem_lines = 0; revs->diffopt.flags.recursive = 1; - diff_tree_oid(&parent->tree->object.oid, - &commit->tree->object.oid, + diff_tree_oid(&parent->maybe_tree->object.oid, + &commit->maybe_tree->object.oid, "", &revs->diffopt); diffcore_std(&revs->diffopt); @@ -16,19 +16,19 @@ struct walk_tree_context { int match; }; -static int print_object(const unsigned char *sha1, const char *path) +static int print_object(const struct object_id *oid, const char *path) { enum object_type type; char *buf, *mimetype; unsigned long size; - type = sha1_object_info(sha1, &size); + type = oid_object_info(the_repository, oid, &size); if (type == OBJ_BAD) { cgit_print_error_page(404, "Not found", "Not found"); return 0; } - buf = read_sha1_file(sha1, &type, &size); + buf = read_object_file(oid, &type, &size); if (!buf) { cgit_print_error_page(404, "Not found", "Not found"); return 0; @@ -57,7 +57,7 @@ static int print_object(const unsigned char *sha1, const char *path) } ctx.page.filename = path; ctx.page.size = size; - ctx.page.etag = sha1_to_hex(sha1); + ctx.page.etag = oid_to_hex(oid); cgit_print_http_headers(); html_raw(buf, size); free(mimetype); @@ -73,7 +73,7 @@ static char *buildpath(const char *base, int baselen, const char *path) return fmtalloc("%.*s/", baselen, base); } -static void print_dir(const unsigned char *sha1, const char *base, +static void print_dir(const struct object_id *oid, const char *base, int baselen, const char *path) { char *fullpath, *slash; @@ -81,7 +81,7 @@ static void print_dir(const unsigned char *sha1, const char *base, fullpath = buildpath(base, baselen, path); slash = (fullpath[0] == '/' ? "" : "/"); - ctx.page.etag = sha1_to_hex(sha1); + ctx.page.etag = oid_to_hex(oid); cgit_print_http_headers(); htmlf("<html><head><title>%s", slash); html_txt(fullpath); @@ -106,7 +106,7 @@ static void print_dir(const unsigned char *sha1, const char *base, free(fullpath); } -static void print_dir_entry(const unsigned char *sha1, const char *base, +static void print_dir_entry(const struct object_id *oid, const char *base, int baselen, const char *path, unsigned mode) { char *fullpath; @@ -116,7 +116,7 @@ static void print_dir_entry(const unsigned char *sha1, const char *base, fullpath[strlen(fullpath) - 1] = 0; html(" <li>"); if (S_ISGITLINK(mode)) { - cgit_submodule_link(NULL, fullpath, sha1_to_hex(sha1)); + cgit_submodule_link(NULL, fullpath, oid_to_hex(oid)); } else cgit_plain_link(path, NULL, NULL, ctx.qry.head, ctx.qry.sha1, fullpath); @@ -129,22 +129,22 @@ static void print_dir_tail(void) html(" </ul>\n</body></html>\n"); } -static int walk_tree(const unsigned char *sha1, struct strbuf *base, +static int walk_tree(const struct object_id *oid, struct strbuf *base, const char *pathname, unsigned mode, int stage, void *cbdata) { struct walk_tree_context *walk_tree_ctx = cbdata; if (base->len == walk_tree_ctx->match_baselen) { if (S_ISREG(mode) || S_ISLNK(mode)) { - if (print_object(sha1, pathname)) + if (print_object(oid, pathname)) walk_tree_ctx->match = 1; } else if (S_ISDIR(mode)) { - print_dir(sha1, base->buf, base->len, pathname); + print_dir(oid, base->buf, base->len, pathname); walk_tree_ctx->match = 2; return READ_TREE_RECURSIVE; } } else if (base->len < INT_MAX && (int)base->len > walk_tree_ctx->match_baselen) { - print_dir_entry(sha1, base->buf, base->len, pathname, mode); + print_dir_entry(oid, base->buf, base->len, pathname, mode); walk_tree_ctx->match = 2; } else if (S_ISDIR(mode)) { return READ_TREE_RECURSIVE; @@ -193,12 +193,12 @@ void cgit_print_plain(void) if (!path_items.match) { path_items.match = ""; walk_tree_ctx.match_baselen = -1; - print_dir(commit->tree->object.oid.hash, "", 0, ""); + print_dir(&commit->maybe_tree->object.oid, "", 0, ""); walk_tree_ctx.match = 2; } else walk_tree_ctx.match_baselen = basedir_len(path_items.match); - read_tree_recursive(commit->tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); + read_tree_recursive(commit->maybe_tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); if (!walk_tree_ctx.match) cgit_print_error_page(404, "Not found", "Not found"); else if (walk_tree_ctx.match == 2) @@ -90,34 +90,6 @@ static void print_tag_header(void) "<th class='left' colspan='2'>Age</th></tr>\n"); } -static void print_tag_downloads(const struct cgit_repo *repo, const char *ref) -{ - const struct cgit_snapshot_format* f; - const char *basename; - struct strbuf filename = STRBUF_INIT; - size_t prefixlen; - - if (!ref || strlen(ref) < 1) - return; - - basename = cgit_repobasename(repo->url); - if (starts_with(ref, basename)) - strbuf_addstr(&filename, ref); - else - cgit_compose_snapshot_prefix(&filename, basename, ref); - prefixlen = filename.len; - for (f = cgit_snapshot_formats; f->suffix; f++) { - if (!(repo->snapshots & f->bit)) - continue; - strbuf_setlen(&filename, prefixlen); - strbuf_addstr(&filename, f->suffix); - cgit_snapshot_link(filename.buf, NULL, NULL, NULL, NULL, filename.buf); - html(" "); - } - - strbuf_release(&filename); -} - static int print_tag(struct refinfo *ref) { struct tag *tag = NULL; @@ -137,7 +109,7 @@ static int print_tag(struct refinfo *ref) cgit_tag_link(name, NULL, NULL, name); html("</td><td>"); if (ctx.repo->snapshots && (obj->type == OBJ_COMMIT)) - print_tag_downloads(ctx.repo, name); + cgit_print_snapshot_links(ctx.repo, name, " "); else cgit_object_link(obj); html("</td><td>"); diff --git a/ui-repolist.c b/ui-repolist.c index af52f9b..41424c0 100644 --- a/ui-repolist.c +++ b/ui-repolist.c @@ -288,9 +288,6 @@ void cgit_print_repolist(void) cgit_print_docstart(); cgit_print_pageheader(); - if (ctx.cfg.index_header) - html_include(ctx.cfg.index_header); - if (ctx.qry.sort) sorted = sort_repolist(ctx.qry.sort); else if (ctx.cfg.section_sort) diff --git a/ui-shared.c b/ui-shared.c index 9d8f66b..739505a 100644 --- a/ui-shared.c +++ b/ui-shared.c @@ -10,6 +10,7 @@ #include "ui-shared.h" #include "cmd.h" #include "html.h" +#include "version.h" static const char cgit_doctype[] = "<!DOCTYPE html>\n"; @@ -132,25 +133,38 @@ const char *cgit_repobasename(const char *reponame) static char rvbuf[1024]; int p; const char *rv; - strncpy(rvbuf, reponame, sizeof(rvbuf)); - if (rvbuf[sizeof(rvbuf)-1]) + size_t len; + + len = strlcpy(rvbuf, reponame, sizeof(rvbuf)); + if (len >= sizeof(rvbuf)) die("cgit_repobasename: truncated repository name '%s'", reponame); - p = strlen(rvbuf)-1; + p = len - 1; /* strip trailing slashes */ - while (p && rvbuf[p] == '/') rvbuf[p--] = 0; + while (p && rvbuf[p] == '/') + rvbuf[p--] = '\0'; /* strip trailing .git */ if (p >= 3 && starts_with(&rvbuf[p-3], ".git")) { - p -= 3; rvbuf[p--] = 0; + p -= 3; + rvbuf[p--] = '\0'; } /* strip more trailing slashes if any */ - while ( p && rvbuf[p] == '/') rvbuf[p--] = 0; + while (p && rvbuf[p] == '/') + rvbuf[p--] = '\0'; /* find last slash in the remaining string */ - rv = strrchr(rvbuf,'/'); + rv = strrchr(rvbuf, '/'); if (rv) return ++rv; return rvbuf; } +const char *cgit_snapshot_prefix(const struct cgit_repo *repo) +{ + if (repo->snapshot_prefix) + return repo->snapshot_prefix; + + return cgit_repobasename(repo->url); +} + static void site_url(const char *page, const char *search, const char *sort, int ofs, int always_root) { char *delim = "?"; @@ -545,7 +559,7 @@ void cgit_object_link(struct object *obj) page = "tag"; else page = "blob"; - name = fmt("%s %s...", typename(obj->type), shortrev); + name = fmt("%s %s...", type_name(obj->type), shortrev); reporevlink(page, name, NULL, NULL, ctx.qry.head, fullrev, NULL); } @@ -766,6 +780,8 @@ void cgit_print_docstart(void) cgit_add_clone_urls(print_rel_vcs_link); if (ctx.cfg.head_include) html_include(ctx.cfg.head_include); + if (ctx.repo && ctx.repo->extra_head_content) + html(ctx.repo->extra_head_content); html("</head>\n"); html("<body>\n"); if (ctx.cfg.header) @@ -785,8 +801,8 @@ void cgit_print_docend(void) if (ctx.cfg.footer) html_include(ctx.cfg.footer); else { - htmlf("<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit %s</a> at ", - cgit_version); + htmlf("<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit %s</a> " + "(<a href='https://git-scm.com/'>git %s</a>) at ", cgit_version, git_version_string); html_txt(show_date(time(NULL), 0, cgit_date_mode(DATE_ISO8601))); html("</div>\n"); } @@ -968,8 +984,6 @@ static void print_header(void) } else { if (ctx.cfg.root_desc) html_txt(ctx.cfg.root_desc); - else if (ctx.cfg.index_info) - html_include(ctx.cfg.index_info); } html("</td></tr></table>\n"); } @@ -1102,23 +1116,43 @@ void cgit_compose_snapshot_prefix(struct strbuf *filename, const char *base, strbuf_addf(filename, "%s-%s", base, ref); } -void cgit_print_snapshot_links(const char *repo, const char *head, - const char *hex, int snapshots) +void cgit_print_snapshot_links(const struct cgit_repo *repo, const char *ref, + const char *separator) { - const struct cgit_snapshot_format* f; + const struct cgit_snapshot_format *f; struct strbuf filename = STRBUF_INIT; + const char *basename; size_t prefixlen; - cgit_compose_snapshot_prefix(&filename, cgit_repobasename(repo), hex); + basename = cgit_snapshot_prefix(repo); + if (starts_with(ref, basename)) + strbuf_addstr(&filename, ref); + else + cgit_compose_snapshot_prefix(&filename, basename, ref); + prefixlen = filename.len; for (f = cgit_snapshot_formats; f->suffix; f++) { - if (!(snapshots & f->bit)) + if (!(repo->snapshots & cgit_snapshot_format_bit(f))) continue; strbuf_setlen(&filename, prefixlen); strbuf_addstr(&filename, f->suffix); cgit_snapshot_link(filename.buf, NULL, NULL, NULL, NULL, filename.buf); - html("<br/>"); + if (cgit_snapshot_get_sig(ref, f)) { + strbuf_addstr(&filename, ".asc"); + html(" ("); + cgit_snapshot_link("sig", NULL, NULL, NULL, NULL, + filename.buf); + html(")"); + } else if (starts_with(f->suffix, ".tar") && cgit_snapshot_get_sig(ref, &cgit_snapshot_formats[0])) { + strbuf_setlen(&filename, strlen(filename.buf) - strlen(f->suffix)); + strbuf_addstr(&filename, ".tar.asc"); + html(" ("); + cgit_snapshot_link("sig", NULL, NULL, NULL, NULL, + filename.buf); + html(")"); + } + html(separator); } strbuf_release(&filename); } diff --git a/ui-shared.h b/ui-shared.h index b760a17..4d5978b 100644 --- a/ui-shared.h +++ b/ui-shared.h @@ -76,8 +76,9 @@ extern void cgit_print_pageheader(void); extern void cgit_print_filemode(unsigned short mode); extern void cgit_compose_snapshot_prefix(struct strbuf *filename, const char *base, const char *ref); -extern void cgit_print_snapshot_links(const char *repo, const char *head, - const char *hex, int snapshots); +extern void cgit_print_snapshot_links(const struct cgit_repo *repo, + const char *ref, const char *separator); +extern const char *cgit_snapshot_prefix(const struct cgit_repo *repo); extern void cgit_add_hidden_formfields(int incl_head, int incl_search, const char *page); diff --git a/ui-snapshot.c b/ui-snapshot.c index b2d95f7..fa3ceaf 100644 --- a/ui-snapshot.c +++ b/ui-snapshot.c @@ -86,14 +86,40 @@ static int write_tar_xz_archive(const char *hex, const char *prefix) } const struct cgit_snapshot_format cgit_snapshot_formats[] = { - { ".zip", "application/x-zip", write_zip_archive, 0x01 }, - { ".tar.gz", "application/x-gzip", write_tar_gzip_archive, 0x02 }, - { ".tar.bz2", "application/x-bzip2", write_tar_bzip2_archive, 0x04 }, - { ".tar", "application/x-tar", write_tar_archive, 0x08 }, - { ".tar.xz", "application/x-xz", write_tar_xz_archive, 0x10 }, + /* .tar must remain the 0 index */ + { ".tar", "application/x-tar", write_tar_archive }, + { ".tar.gz", "application/x-gzip", write_tar_gzip_archive }, + { ".tar.bz2", "application/x-bzip2", write_tar_bzip2_archive }, + { ".tar.xz", "application/x-xz", write_tar_xz_archive }, + { ".zip", "application/x-zip", write_zip_archive }, { NULL } }; +static struct notes_tree snapshot_sig_notes[ARRAY_SIZE(cgit_snapshot_formats)]; + +const struct object_id *cgit_snapshot_get_sig(const char *ref, + const struct cgit_snapshot_format *f) +{ + struct notes_tree *tree; + struct object_id oid; + + if (get_oid(ref, &oid)) + return NULL; + + tree = &snapshot_sig_notes[f - &cgit_snapshot_formats[0]]; + if (!tree->initialized) { + struct strbuf notes_ref = STRBUF_INIT; + + strbuf_addf(¬es_ref, "refs/notes/signatures/%s", + f->suffix + 1); + + init_notes(tree, notes_ref.buf, combine_notes_ignore, 0); + strbuf_release(¬es_ref); + } + + return get_note(tree, &oid); +} + static const struct cgit_snapshot_format *get_format(const char *filename) { const struct cgit_snapshot_format *fmt; @@ -105,6 +131,11 @@ static const struct cgit_snapshot_format *get_format(const char *filename) return NULL; } +const unsigned cgit_snapshot_format_bit(const struct cgit_snapshot_format *f) +{ + return BIT(f - &cgit_snapshot_formats[0]); +} + static int make_snapshot(const struct cgit_snapshot_format *format, const char *hex, const char *prefix, const char *filename) @@ -129,6 +160,39 @@ static int make_snapshot(const struct cgit_snapshot_format *format, return 0; } +static int write_sig(const struct cgit_snapshot_format *format, + const char *hex, const char *archive, + const char *filename) +{ + const struct object_id *note = cgit_snapshot_get_sig(hex, format); + enum object_type type; + unsigned long size; + char *buf; + + if (!note) { + cgit_print_error_page(404, "Not found", + "No signature for %s", archive); + return 0; + } + + buf = read_object_file(note, &type, &size); + if (!buf) { + cgit_print_error_page(404, "Not found", "Not found"); + return 0; + } + + html("X-Content-Type-Options: nosniff\n"); + html("Content-Security-Policy: default-src 'none'\n"); + ctx.page.etag = oid_to_hex(note); + ctx.page.mimetype = xstrdup("application/pgp-signature"); + ctx.page.filename = xstrdup(filename); + cgit_print_http_headers(); + + html_raw(buf, size); + free(buf); + return 0; +} + /* Try to guess the requested revision from the requested snapshot name. * First the format extension is stripped, e.g. "cgit-0.7.2.tar.gz" become * "cgit-0.7.2". If this is a valid commit object name we've got a winner. @@ -139,7 +203,8 @@ static int make_snapshot(const struct cgit_snapshot_format *format, * pending a 'v' or a 'V' to the remaining snapshot name ("0.7.2" -> * "v0.7.2") gives us something valid. */ -static const char *get_ref_from_filename(const char *url, const char *filename, +static const char *get_ref_from_filename(const struct cgit_repo *repo, + const char *filename, const struct cgit_snapshot_format *format) { const char *reponame; @@ -153,7 +218,7 @@ static const char *get_ref_from_filename(const char *url, const char *filename, if (get_oid(snapshot.buf, &oid) == 0) goto out; - reponame = cgit_repobasename(url); + reponame = cgit_snapshot_prefix(repo); if (starts_with(snapshot.buf, reponame)) { const char *new_start = snapshot.buf; new_start += strlen(reponame); @@ -184,6 +249,8 @@ void cgit_print_snapshot(const char *head, const char *hex, const char *filename, int dwim) { const struct cgit_snapshot_format* f; + const char *sig_filename = NULL; + char *adj_filename = NULL; char *prefix = NULL; if (!filename) { @@ -192,15 +259,24 @@ void cgit_print_snapshot(const char *head, const char *hex, return; } + if (ends_with(filename, ".asc")) { + sig_filename = filename; + + /* Strip ".asc" from filename for common format processing */ + adj_filename = xstrdup(filename); + adj_filename[strlen(adj_filename) - 4] = '\0'; + filename = adj_filename; + } + f = get_format(filename); - if (!f) { + if (!f || (!sig_filename && !(ctx.repo->snapshots & cgit_snapshot_format_bit(f)))) { cgit_print_error_page(400, "Bad request", "Unsupported snapshot format: %s", filename); return; } if (!hex && dwim) { - hex = get_ref_from_filename(ctx.repo->url, filename, f); + hex = get_ref_from_filename(ctx.repo, filename, f); if (hex == NULL) { cgit_print_error_page(404, "Not found", "Not found"); return; @@ -213,8 +289,13 @@ void cgit_print_snapshot(const char *head, const char *hex, hex = head; if (!prefix) - prefix = xstrdup(cgit_repobasename(ctx.repo->url)); + prefix = xstrdup(cgit_snapshot_prefix(ctx.repo)); + + if (sig_filename) + write_sig(f, hex, filename, sig_filename); + else + make_snapshot(f, hex, prefix, filename); - make_snapshot(f, hex, prefix, filename); free(prefix); + free(adj_filename); } diff --git a/ui-ssdiff.c b/ui-ssdiff.c index 7f261ed..68c2044 100644 --- a/ui-ssdiff.c +++ b/ui-ssdiff.c @@ -114,11 +114,10 @@ static char *replace_tabs(char *line) { char *prev_buf = line; char *cur_buf; - int linelen = strlen(line); + size_t linelen = strlen(line); int n_tabs = 0; int i; char *result; - char *spaces = " "; if (linelen == 0) { result = xmalloc(1); @@ -126,20 +125,23 @@ static char *replace_tabs(char *line) return result; } - for (i = 0; i < linelen; i++) + for (i = 0; i < linelen; i++) { if (line[i] == '\t') n_tabs += 1; + } result = xmalloc(linelen + n_tabs * 8 + 1); result[0] = '\0'; - while (1) { + for (;;) { cur_buf = strchr(prev_buf, '\t'); if (!cur_buf) { strcat(result, prev_buf); break; } else { strncat(result, prev_buf, cur_buf - prev_buf); - strncat(result, spaces, 8 - (strlen(result) % 8)); + linelen = strlen(result); + memset(&result[linelen], ' ', 8 - (linelen % 8)); + result[linelen + 8 - (linelen % 8)] = '\0'; } prev_buf = cur_buf + 1; } @@ -34,8 +34,7 @@ static void print_tag_content(char *buf) static void print_download_links(char *revname) { html("<tr><th>download</th><td class='sha1'>"); - cgit_print_snapshot_links(ctx.qry.repo, ctx.qry.head, - revname, ctx.repo->snapshots); + cgit_print_snapshot_links(ctx.repo, revname, "<br/>"); html("</td></tr>"); } @@ -107,7 +106,7 @@ void cgit_print_tag(char *revname) htmlf("<tr><td>tag name</td><td>"); html_txt(revname); html("</td></tr>\n"); - html("<tr><td>Tagged object</td><td class='sha1'>"); + html("<tr><td>tagged object</td><td class='sha1'>"); cgit_object_link(obj); html("</td></tr>\n"); if (ctx.repo->snapshots) @@ -84,30 +84,30 @@ static void print_binary_buffer(char *buf, unsigned long size) html("</table>\n"); } -static void print_object(const unsigned char *sha1, char *path, const char *basename, const char *rev) +static void print_object(const struct object_id *oid, char *path, const char *basename, const char *rev) { enum object_type type; char *buf; unsigned long size; - type = sha1_object_info(sha1, &size); + type = oid_object_info(the_repository, oid, &size); if (type == OBJ_BAD) { cgit_print_error_page(404, "Not found", - "Bad object name: %s", sha1_to_hex(sha1)); + "Bad object name: %s", oid_to_hex(oid)); return; } - buf = read_sha1_file(sha1, &type, &size); + buf = read_object_file(oid, &type, &size); if (!buf) { cgit_print_error_page(500, "Internal server error", - "Error reading object %s", sha1_to_hex(sha1)); + "Error reading object %s", oid_to_hex(oid)); return; } cgit_set_title_from_path(path); cgit_print_layout_start(); - htmlf("blob: %s (", sha1_to_hex(sha1)); + htmlf("blob: %s (", oid_to_hex(oid)); cgit_plain_link("plain", NULL, NULL, ctx.qry.head, rev, path); if (ctx.cfg.enable_blame) { @@ -127,6 +127,8 @@ static void print_object(const unsigned char *sha1, char *path, const char *base print_binary_buffer(buf, size); else print_text_buffer(basename, buf, size); + + free(buf); } struct single_tree_ctx { @@ -136,7 +138,7 @@ struct single_tree_ctx { size_t count; }; -static int single_tree_cb(const unsigned char *sha1, struct strbuf *base, +static int single_tree_cb(const struct object_id *oid, struct strbuf *base, const char *pathname, unsigned mode, int stage, void *cbdata) { @@ -151,12 +153,12 @@ static int single_tree_cb(const unsigned char *sha1, struct strbuf *base, } ctx->name = xstrdup(pathname); - hashcpy(ctx->oid.hash, sha1); + oidcpy(&ctx->oid, oid); strbuf_addf(ctx->path, "/%s", pathname); return 0; } -static void write_tree_link(const unsigned char *sha1, char *name, +static void write_tree_link(const struct object_id *oid, char *name, char *rev, struct strbuf *fullpath) { size_t initial_length = fullpath->len; @@ -169,7 +171,7 @@ static void write_tree_link(const unsigned char *sha1, char *name, .nr = 0 }; - hashcpy(tree_ctx.oid.hash, sha1); + oidcpy(&tree_ctx.oid, oid); while (tree_ctx.count == 1) { cgit_tree_link(name, NULL, "ls-dir", ctx.qry.head, rev, @@ -196,7 +198,7 @@ static void write_tree_link(const unsigned char *sha1, char *name, strbuf_setlen(fullpath, initial_length); } -static int ls_item(const unsigned char *sha1, struct strbuf *base, +static int ls_item(const struct object_id *oid, struct strbuf *base, const char *pathname, unsigned mode, int stage, void *cbdata) { struct walk_tree_context *walk_tree_ctx = cbdata; @@ -211,11 +213,11 @@ static int ls_item(const unsigned char *sha1, struct strbuf *base, ctx.qry.path ? "/" : "", name); if (!S_ISGITLINK(mode)) { - type = sha1_object_info(sha1, &size); + type = oid_object_info(the_repository, oid, &size); if (type == OBJ_BAD) { htmlf("<tr><td colspan='3'>Bad object: %s %s</td></tr>", name, - sha1_to_hex(sha1)); + oid_to_hex(oid)); free(name); return 0; } @@ -225,9 +227,9 @@ static int ls_item(const unsigned char *sha1, struct strbuf *base, cgit_print_filemode(mode); html("</td><td>"); if (S_ISGITLINK(mode)) { - cgit_submodule_link("ls-mod", fullpath.buf, sha1_to_hex(sha1)); + cgit_submodule_link("ls-mod", fullpath.buf, oid_to_hex(oid)); } else if (S_ISDIR(mode)) { - write_tree_link(sha1, name, walk_tree_ctx->curr_rev, + write_tree_link(oid, name, walk_tree_ctx->curr_rev, &fullpath); } else { char *ext = strrchr(name, '.'); @@ -287,7 +289,7 @@ static void ls_tree(const struct object_id *oid, char *path, struct walk_tree_co tree = parse_tree_indirect(oid); if (!tree) { cgit_print_error_page(404, "Not found", - "Not a tree object: %s", sha1_to_hex(oid->hash)); + "Not a tree object: %s", oid_to_hex(oid)); return; } @@ -297,7 +299,7 @@ static void ls_tree(const struct object_id *oid, char *path, struct walk_tree_co } -static int walk_tree(const unsigned char *sha1, struct strbuf *base, +static int walk_tree(const struct object_id *oid, struct strbuf *base, const char *pathname, unsigned mode, int stage, void *cbdata) { struct walk_tree_context *walk_tree_ctx = cbdata; @@ -318,12 +320,12 @@ static int walk_tree(const unsigned char *sha1, struct strbuf *base, return READ_TREE_RECURSIVE; } else { walk_tree_ctx->state = 2; - print_object(sha1, buffer.buf, pathname, walk_tree_ctx->curr_rev); + print_object(oid, buffer.buf, pathname, walk_tree_ctx->curr_rev); strbuf_release(&buffer); return 0; } } - ls_item(sha1, base, pathname, mode, stage, walk_tree_ctx); + ls_item(oid, base, pathname, mode, stage, walk_tree_ctx); return 0; } @@ -367,11 +369,11 @@ void cgit_print_tree(const char *rev, char *path) walk_tree_ctx.curr_rev = xstrdup(rev); if (path == NULL) { - ls_tree(&commit->tree->object.oid, NULL, &walk_tree_ctx); + ls_tree(&commit->maybe_tree->object.oid, NULL, &walk_tree_ctx); goto cleanup; } - read_tree_recursive(commit->tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); + read_tree_recursive(commit->maybe_tree, "", 0, 0, &paths, walk_tree, &walk_tree_ctx); if (walk_tree_ctx.state == 1) ls_tail(); else if (walk_tree_ctx.state == 2) |