1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
/* ui-clone.c: functions for http cloning, based on
* git's http-backend.c by Shawn O. Pearce
*
* Copyright (C) 2006-2014 cgit Development Team <cgit@lists.zx2c4.com>
*
* Licensed under GNU General Public License v2
* (see COPYING for full license text)
*/
#define USE_THE_REPOSITORY_VARIABLE
#include "cgit.h"
#include "ui-clone.h"
#include "html.h"
#include "ui-shared.h"
#include "packfile.h"
#include "object-store.h"
static int print_ref_info(const char *refname, const char *referent UNUSED,
const struct object_id *oid, int flags, void *cb_data)
{
struct object *obj;
if (!(obj = parse_object(the_repository, oid)))
return 0;
htmlf("%s\t%s\n", oid_to_hex(oid), refname);
if (obj->type == OBJ_TAG) {
if (!(obj = deref_tag(the_repository, obj, refname, 0)))
return 0;
htmlf("%s\t%s^{}\n", oid_to_hex(&obj->oid), refname);
}
return 0;
}
static void print_pack_info(void)
{
struct packed_git *pack;
char *offset;
ctx.page.mimetype = "text/plain";
ctx.page.filename = "objects/info/packs";
cgit_print_http_headers();
reprepare_packed_git(the_repository);
for (pack = get_packed_git(the_repository); pack; pack = pack->next) {
if (pack->pack_local) {
offset = strrchr(pack->pack_name, '/');
if (offset && offset[1] != '\0')
++offset;
else
offset = pack->pack_name;
htmlf("P %s\n", offset);
}
}
}
static void send_file(const char *path)
{
struct stat st;
if (stat(path, &st)) {
switch (errno) {
case ENOENT:
cgit_print_error_page(404, "Not found", "Not found");
break;
case EACCES:
cgit_print_error_page(403, "Forbidden", "Forbidden");
break;
default:
cgit_print_error_page(400, "Bad request", "Bad request");
}
return;
}
ctx.page.mimetype = "application/octet-stream";
ctx.page.filename = path;
skip_prefix(path, ctx.repo->path, &ctx.page.filename);
skip_prefix(ctx.page.filename, "/", &ctx.page.filename);
cgit_print_http_headers();
html_include(path);
}
void cgit_clone_info(void)
{
if (!ctx.qry.path || strcmp(ctx.qry.path, "refs")) {
cgit_print_error_page(400, "Bad request", "Bad request");
return;
}
ctx.page.mimetype = "text/plain";
ctx.page.filename = "info/refs";
cgit_print_http_headers();
refs_for_each_ref(get_main_ref_store(the_repository),
print_ref_info, NULL);
}
void cgit_clone_objects(void)
{
char *p;
if (!ctx.qry.path)
goto err;
if (!strcmp(ctx.qry.path, "info/packs")) {
print_pack_info();
return;
}
/* Avoid directory traversal by forbidding "..", but also work around
* other funny business by just specifying a fairly strict format. For
* example, now we don't have to stress out about the Cygwin port.
*/
for (p = ctx.qry.path; *p; ++p) {
if (*p == '.' && *(p + 1) == '.')
goto err;
if (!isalnum(*p) && *p != '/' && *p != '.' && *p != '-')
goto err;
}
send_file(git_path("objects/%s", ctx.qry.path));
return;
err:
cgit_print_error_page(400, "Bad request", "Bad request");
}
void cgit_clone_head(void)
{
send_file(git_path("%s", "HEAD"));
}
|