aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2014-01-08ui-stats.c: Remove unused macroLukas Fleischer1-2/+0
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-01-08scan-tree.c: Remove unused macroLukas Fleischer1-2/+0
This is no longer needed since commit fb3655df (use struct strbuf instead of static buffers, 2013-04-06). Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-09-14ui-shared: Drop filepair_cb_raw() and helperLukas Fleischer2-73/+0
Remove filepair_cb_raw() and all related functions. These are no longer needed. We now use Git's internal functions for raw diff formatting everywhere. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-09-14ui-diff: Use diff_tree_sha1() for raw diff formattingLukas Fleischer1-2/+21
Use Git's internal diff_tree_sha1() function for the /rawdiff/ command instead of trying to recreate this functionality. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-26tests/: Add t0110-rawdiff.shLukas Fleischer1-0/+42
This adds some basic tests for the /rawdiff/ command. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-26t0108: Add tests for revision rangesLukas Fleischer1-0/+17
Add tests to check whether generating multiple patches at once works. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-26t0108: Compare output with git-format-patch(1)Lukas Fleischer1-0/+7
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-26ui-patch.c: Add additional newline after each patchLukas Fleischer2-3/+3
For consistency with git-format-patch(1). Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-26ui-patch.c: Fix signature delimiterLukas Fleischer1-1/+1
Add a missing space after the "--" marker that introduces the patch signature. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-26t0108: Avoid unnecessary fork()Lukas Fleischer1-1/+1
Use `git rev-list --max-parents=0 HEAD` instead of `git rev-list HEAD | tail -1` to get the root commit. This works since Git 1.7.4.2. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-26git: update to 1.8.4John Keeping2-1/+1
No code changes required, just bump the submodule and makefile versions. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-08-22ui-patch.c: Fix formatting for merge commitsLukas Fleischer1-0/+1
Add max_parents = 1 to the revision walk in order to make sure we do not include the footer signature twice for merge commits. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-20ui-patch: Rename variablesLukas Fleischer2-17/+19
Rename parameters and local variables to match those from ui-diff. Also, convert a "char *" to "const char *". Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-20Allow for creating patch seriesLukas Fleischer3-7/+20
This allows for specifying a revision range using the id2 parameter of /patch/. The output that is produced is similar to $ git format-patch --stdout id2..id Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-20ui-patch.c: Use log_tree_commit() to generate diffsLukas Fleischer1-23/+28
Instead of using our own formatting, use log_tree_commit() from Git to create patches. This removes unnecessary duplicate code and also fixes a bug with e-mail address formatting that existed in our own implementation. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-20ui-diff: Check the return value of get_sha1()Lukas Fleischer1-14/+9
Sync with what we do everywhere else and check the return value of get_sha1() instead of calling sha1_object_info() to validate the object. Note that we later call lookup_commit_reference(), which checks that both SHA1 values refer to commits, anyway. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-16cmd.c: Add a "rawdiff" commandLukas Fleischer1-0/+6
This can be used to generate raw diffs between arbitrary revisions using something like /rawdiff/?id=v0.9&id2=v0.9.1 Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-16Allow for creating raw diffs with cgit_print_diff()Lukas Fleischer4-4/+12
This adds a parameter to cgit_print_diff() to create raw diffs, using the same format as `git diff <commit>`. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-16Extract filepair_cb from ui-patch.cLukas Fleischer3-73/+74
Move filepair_cb() from ui-patch.c to ui-shared.c and rename it to filepair_cb_raw(). This callback will be used in ui-diff.c in a follow-up patch. Note that it is not straightforward to extract filepair_cb() from ui-diff.c which is why it is not done here as well. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-16Fix silly spelling error.Jason A. Donenfeld1-1/+1
2013-08-12Fix section-from-path > 1Lukas Fleischer1-4/+4
When having found the first path separator occurrence at position i, we invoked strchr() on the same position i in subsequent iterations resulting in the same path separator being returned by strchr() over and over again. Increase the position by one to skip the occurrence that has just been found and advance to the next separator. Reported-by: Konstantin Ryabitsev <mricon@kernel.org> Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-12Makefile: Change default prefix to "/usr/local"Lukas Fleischer1-1/+1
Locally installed packages are usually installed to /usr/local. Packagers can use `make prefix=/usr` to get back the old behavior. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-12Use strbuf for reading configuration filesLukas Fleischer2-31/+35
Use struct strbuf from Git instead of fixed-size buffers to remove the limit on the length of configuration file lines and refactor read_config_line() to improve readability. Note that this also fixes a buffer overflow that existed with the original fixed-size buffer implementation. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-08-12add a note about generating agefile in hookChristian Hesse1-1/+2
2013-08-12cache: id means static, even if head is specified tooJason A. Donenfeld1-3/+3
Pages like /commit?h=wip&id=8a335ce618ba77fbf05148d6f8be17bd48ba4340 were being marked as dynamic, because of h=wip, when it should be static, because of id=. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-08-12cache: document negative ttls and add about ttlJason A. Donenfeld3-13/+31
We've long supported negative ttls, for infinite cache, except the documentation incorrectly showed one of our defaults as being 5 and not -1. As well, with a negative ttl, we were actually making the HTTP expired header go backwards. This changes it to go ahead ten years instead. Further, we add an cache-about-ttl option to set a different ttl for about pages, which are now increasingly being filtered through markdown or just sent statically anyway. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-08-12robots.txt: disallow access to snapshotsJason A. Donenfeld2-0/+4
My dmesg is filled with the oom killer bringing down processes while the Bingbot downloads every snapshot for every commit of the Linux kernel in tar.xz format. Sure, I should be running with memory limits, and now I'm using cgroups, but a more general solution is to prevent crawlers from wasting resources like that in the first place. Suggested-by: Natanael Copa <ncopa@alpinelinux.org> Suggested-by: Julius Plenz <plenz@cis.fu-berlin.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-08-12use favicon by defaultChristian Hesse2-3/+4
2013-05-31Add faviconChristian Hesse2-0/+2
This adds a favicon to cgit. It is not enabled by default, though. The file contains two icons, 16x16 and 32x32 pixels, optimized for size.
2013-05-28ui-summary: do not free refJason A. Donenfeld1-1/+0
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-28filters: toggle perl utf8 situationJason A. Donenfeld1-4/+0
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-27CGIT-0.9.2v0.9.2Jason A. Donenfeld1-2/+2
Features: - update to git v1.8.3. - expanded set of default filters to include markdown, restructuredtext, and man pages. - better sample configuration file in man page. - "readme" may now be specified multiple times, and cgit will choose the first one it finds. - "readme" no longer needs a branch name. If prefixed with simply ":" it will use the default branch. - "branch-sort" allowing branches to be sorted either by "age" or "name", for kernel.org. - "enable-index-owner" allowing the owner column to be disabled in the index page. - print submodule revision next to submodule link. - integrate more closely with git apis, such as strbuf. - rely on git test harness and git makefiles. - more robust test suite. - more rebust makefile dependency accounting. - pager navigation is now unordered list. - span tag wraps commit directions. Behavior changes: - HOME is no longer passed as an environment variable to any filter api scripts. - "about-filter" now receives the filename being filtered as argv[1]. This may disrupt existing scripts, so adjust accordingly. - gitconfig and gitattributes are no longer loaded from any system directories or home directories. Security: - CVE-2013-2117: disallow directory traversal when readme is set to filesystem path. Bug fixes: - ssdiff now correctly manages tab expansion. - support unannotated tags in http git clone. - lots of cleanups of global variables and memory leaks. - do not rely on gettext/libintl. - better C standard compliance. - make several functions and variables static. - improved constification. - remove unused functions. - fix colspan values to correct width. - fix out-of-bounds memory accesses with virtual_root="". - cache repo config more precisely. - die when write fails. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-27README: add trailing slash to homepageJason A. Donenfeld1-1/+1
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-27cgitrc.5: improve example configJason A. Donenfeld1-0/+53
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-27filters: import more modern scriptsJason A. Donenfeld10-15/+1815
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-26readme: use string_list instead of space deliminationsJason A. Donenfeld10-122/+160
Now this is possible in cgitrc - readme=:README.md readme=:readme.md readme=:README.mkd readme=:readme.mkd readme=:README.rst readme=:readme.rst readme=:README.html readme=:readme.html readme=:README.htm readme=:readme.htm readme=:README.txt readme=:readme.txt readme=:README readme=:readme readme=:INSTALL.txt readme=:install.txt readme=:INSTALL readme=:install Suggested-by: John Keeping <john@keeping.me.uk> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25ui-summary: Disallow directory traversalJason A. Donenfeld1-0/+16
Using the url= query string, it was possible request arbitrary files from the filesystem if the readme for a given page was set to a filesystem file. The following request would return my /etc/passwd file: http://git.zx2c4.com/?url=/somerepo/about/../../../../etc/passwd http://data.zx2c4.com/cgit-directory-traversal.png This fix uses realpath(3) to canonicalize all paths, and then compares the base components. This fix introduces a subtle timing attack, whereby a client can check whether or not strstr is called using timing measurements in order to determine if a given file exists on the filesystem. This fix also does not account for filesystem race conditions (TOCTOU) in resolving symlinks. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25cgitrc.5: information on directory traversal and multiple readme filesJason A. Donenfeld1-6/+11
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25readme: Accept multiple candidates and test them.Jason A. Donenfeld5-31/+95
The readme variable may now contain multiple space deliminated entries, which per usual are either a filepath or a git ref filepath. If multiple are specified, cgit will now select the first one in the list that exists. This is to make it easier to specify multiple default readme types in the main cgitrc file and have them automatically get applied to each repo based on what exists. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25ui-summary: Pass filename to about-filterJason A. Donenfeld4-8/+22
This gives the about-filter API the same semantics as source-filter, where the filter receives the filename so it can decide what to do next with it. While we're at it, plug a memory leak. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25ui-summary: Use default branch for readme if : prefixJason A. Donenfeld2-2/+9
If the readme value begins with ":", and has no specified branch before it, use the repository's default branch. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25cgit.c: Do not reset HOME after unsetting it.Jason A. Donenfeld2-22/+0
The number of odd cases in which git will try to read config is far too great to keep putting a bandaid over each one, so we'll just unset it. If it turns out that scripts really liked to know about $HOME, we can always reset it in the filter forks. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25cgit.c: sync repo config printing with struct cgit_repoJason A. Donenfeld1-0/+14
We've now added quite a few config keys for repositories, but we've forgotten to update the printing of it for cache files. Synchronize the two. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25git: update to 1.8.3John Keeping2-1/+1
No changes required, just bump the submodule and Makefile versions. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-05-22cache.c: cache ls_cache output properlyJohn Keeping2-7/+14
By using the standard library's printf, cache_ls does not redirect its output to the cache when we change the process' stdout file descriptor to point to the cache file. Fix this by using "htmlf" in the same way that we do for writing HTTP headers. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-05-22tests: introduce strip_header() helper functionJohn Keeping2-2/+10
This means that we can avoid hardcoding the number of headers we expect CGit to generate in test cases and simply remove whatever headers happen to by there when we are checking body content. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-05-22shared.c: use die_errno() where appropriateJohn Keeping1-5/+4
This replaces some code that is re-implementing die_errno by just calling the function. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-05-22html.c: die when write failsJohn Keeping1-1/+1
If we fail to write HTML output once, there's no point carrying on so just write a failure message once and die. By using Git's die_errno function we also let the user know in what way the write failed. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-05-22ui-log: add <span/> around commit decorationsJohn Keeping1-0/+2
This helps projects that have a large number of tags to display them all using custom CSS. The default stylesheet has not been updated since what is useful for projects with a lot of tags is not the same as what is useful for projects with only a small number of decorations per commit. Suggested-by: Konstantin Ryabitsev <mricon@kernel.org> Signed-off-by: John Keeping <john@keeping.me.uk>
2013-05-22Makefile: fix parallel "make test"John Keeping1-5/+3
When building the "test" target we depend on both cgit and building the Git tools. By doing this with two targets we end up running make in the git/ directory twice, concurrently if using parallel make, which causes us to build more than we need and potentially builds incorrectly if multi-step build-then-move operations overlap. Fix this by instead calling back into the makefile so that we alter the "cgit" target to also build the Git tools. Signed-off-by: John Keeping <john@keeping.me.uk>