/* ui-snapshot.c: generate snapshot of a commit
*
- * Copyright (C) 2006 Lars Hjemli
- * Copyright (C) 2012 Jason A. Donenfeld <Jason@zx2c4.com>
+ * Copyright (C) 2006-2014 cgit Development Team <cgit@lists.zx2c4.com>
*
* Licensed under GNU General Public License v2
* (see COPYING for full license text)
*/
#include "cgit.h"
+#include "ui-snapshot.h"
#include "html.h"
#include "ui-shared.h"
static int write_archive_type(const char *format, const char *hex, const char *prefix)
{
struct argv_array argv = ARGV_ARRAY_INIT;
+ const char **nargv;
+ int result;
argv_array_push(&argv, "snapshot");
argv_array_push(&argv, format);
if (prefix) {
+ struct strbuf buf = STRBUF_INIT;
+ strbuf_addstr(&buf, prefix);
+ strbuf_addch(&buf, '/');
argv_array_push(&argv, "--prefix");
- argv_array_push(&argv, fmt("%s/", prefix));
+ argv_array_push(&argv, buf.buf);
+ strbuf_release(&buf);
}
argv_array_push(&argv, hex);
- return write_archive(argv.argc, argv.argv, NULL, 1, NULL, 0);
+ /*
+ * Now we need to copy the pointers to arguments into a new
+ * structure because write_archive will rearrange its arguments
+ * which may result in duplicated/missing entries causing leaks
+ * or double-frees in argv_array_clear.
+ */
+ nargv = xmalloc(sizeof(char *) * (argv.argc + 1));
+ /* argv_array guarantees a trailing NULL entry. */
+ memcpy(nargv, argv.argv, sizeof(char *) * (argv.argc + 1));
+
+ result = write_archive(argv.argc, nargv, NULL, NULL, 0);
+ argv_array_clear(&argv);
+ free(nargv);
+ return result;
}
static int write_tar_archive(const char *hex, const char *prefix)
char *filter_argv[])
{
int rv;
- struct cgit_filter f;
+ struct cgit_exec_filter f;
+ cgit_exec_filter_init(&f, filter_argv[0], filter_argv);
- f.cmd = filter_argv[0];
- f.argv = filter_argv;
- cgit_open_filter(&f);
+ cgit_open_filter(&f.base);
rv = write_tar_archive(hex, prefix);
- cgit_close_filter(&f);
+ cgit_close_filter(&f.base);
return rv;
}
}
const struct cgit_snapshot_format cgit_snapshot_formats[] = {
- { ".zip", "application/x-zip", write_zip_archive, 0x01 },
- { ".tar.gz", "application/x-gzip", write_tar_gzip_archive, 0x02 },
- { ".tar.bz2", "application/x-bzip2", write_tar_bzip2_archive, 0x04 },
- { ".tar", "application/x-tar", write_tar_archive, 0x08 },
- { ".tar.xz", "application/x-xz", write_tar_xz_archive, 0x10 },
+ /* .tar must remain the 0 index */
+ { ".tar", "application/x-tar", write_tar_archive },
+ { ".tar.gz", "application/x-gzip", write_tar_gzip_archive },
+ { ".tar.bz2", "application/x-bzip2", write_tar_bzip2_archive },
+ { ".tar.xz", "application/x-xz", write_tar_xz_archive },
+ { ".zip", "application/x-zip", write_zip_archive },
{ NULL }
};
+static struct notes_tree snapshot_sig_notes[ARRAY_SIZE(cgit_snapshot_formats)];
+
+const struct object_id *cgit_snapshot_get_sig(const char *ref,
+ const struct cgit_snapshot_format *f)
+{
+ struct notes_tree *tree;
+ struct object_id oid;
+
+ if (get_oid(ref, &oid))
+ return NULL;
+
+ tree = &snapshot_sig_notes[f - &cgit_snapshot_formats[0]];
+ if (!tree->initialized) {
+ struct strbuf notes_ref = STRBUF_INIT;
+
+ strbuf_addf(¬es_ref, "refs/notes/signatures/%s",
+ f->suffix + 1);
+
+ init_notes(tree, notes_ref.buf, combine_notes_ignore, 0);
+ strbuf_release(¬es_ref);
+ }
+
+ return get_note(tree, &oid);
+}
+
static const struct cgit_snapshot_format *get_format(const char *filename)
{
const struct cgit_snapshot_format *fmt;
- int fl, sl;
- fl = strlen(filename);
for (fmt = cgit_snapshot_formats; fmt->suffix; fmt++) {
- sl = strlen(fmt->suffix);
- if (sl >= fl)
- continue;
- if (!strcmp(fmt->suffix, filename + fl - sl))
+ if (ends_with(filename, fmt->suffix))
return fmt;
}
return NULL;
}
+const unsigned cgit_snapshot_format_bit(const struct cgit_snapshot_format *f)
+{
+ return BIT(f - &cgit_snapshot_formats[0]);
+}
+
static int make_snapshot(const struct cgit_snapshot_format *format,
const char *hex, const char *prefix,
const char *filename)
{
- unsigned char sha1[20];
+ struct object_id oid;
- if (get_sha1(hex, sha1)) {
- cgit_print_error(fmt("Bad object id: %s", hex));
+ if (get_oid(hex, &oid)) {
+ cgit_print_error_page(404, "Not found",
+ "Bad object id: %s", hex);
return 1;
}
- if (!lookup_commit_reference(sha1)) {
- cgit_print_error(fmt("Not a commit reference: %s", hex));
+ if (!lookup_commit_reference(&oid)) {
+ cgit_print_error_page(400, "Bad request",
+ "Not a commit reference: %s", hex);
return 1;
}
+ ctx.page.etag = oid_to_hex(&oid);
ctx.page.mimetype = xstrdup(format->mimetype);
ctx.page.filename = xstrdup(filename);
- cgit_print_http_headers(&ctx);
+ cgit_print_http_headers();
format->write_func(hex, prefix);
return 0;
}
+static int write_sig(const struct cgit_snapshot_format *format,
+ const char *hex, const char *archive,
+ const char *filename)
+{
+ const struct object_id *note = cgit_snapshot_get_sig(hex, format);
+ enum object_type type;
+ unsigned long size;
+ char *buf;
+
+ if (!note) {
+ cgit_print_error_page(404, "Not found",
+ "No signature for %s", archive);
+ return 0;
+ }
+
+ buf = read_object_file(note, &type, &size);
+ if (!buf) {
+ cgit_print_error_page(404, "Not found", "Not found");
+ return 0;
+ }
+
+ html("X-Content-Type-Options: nosniff\n");
+ html("Content-Security-Policy: default-src 'none'\n");
+ ctx.page.etag = oid_to_hex(note);
+ ctx.page.mimetype = xstrdup("application/pgp-signature");
+ ctx.page.filename = xstrdup(filename);
+ cgit_print_http_headers();
+
+ html_raw(buf, size);
+ free(buf);
+ return 0;
+}
+
/* Try to guess the requested revision from the requested snapshot name.
* First the format extension is stripped, e.g. "cgit-0.7.2.tar.gz" become
* "cgit-0.7.2". If this is a valid commit object name we've got a winner.
* repo_basename(), we strip the basename and any following '-' and '_'
* characters ("cgit-0.7.2" -> "0.7.2") and check the resulting name once
* more. If this still isn't a valid commit object name, we check if pre-
- * pending a 'v' to the remaining snapshot name ("0.7.2" -> "v0.7.2") gives
- * us something valid.
+ * pending a 'v' or a 'V' to the remaining snapshot name ("0.7.2" ->
+ * "v0.7.2") gives us something valid.
*/
-static const char *get_ref_from_filename(const char *url, const char *filename,
+static const char *get_ref_from_filename(const struct cgit_repo *repo,
+ const char *filename,
const struct cgit_snapshot_format *format)
{
const char *reponame;
- unsigned char sha1[20];
- char *snapshot;
+ struct object_id oid;
+ struct strbuf snapshot = STRBUF_INIT;
+ int result = 1;
- snapshot = xstrdup(filename);
- snapshot[strlen(snapshot) - strlen(format->suffix)] = '\0';
+ strbuf_addstr(&snapshot, filename);
+ strbuf_setlen(&snapshot, snapshot.len - strlen(format->suffix));
- if (get_sha1(snapshot, sha1) == 0)
- return snapshot;
+ if (get_oid(snapshot.buf, &oid) == 0)
+ goto out;
- reponame = cgit_repobasename(url);
- if (prefixcmp(snapshot, reponame) == 0) {
- snapshot += strlen(reponame);
- while (snapshot && (*snapshot == '-' || *snapshot == '_'))
- snapshot++;
+ reponame = cgit_snapshot_prefix(repo);
+ if (starts_with(snapshot.buf, reponame)) {
+ const char *new_start = snapshot.buf;
+ new_start += strlen(reponame);
+ while (new_start && (*new_start == '-' || *new_start == '_'))
+ new_start++;
+ strbuf_splice(&snapshot, 0, new_start - snapshot.buf, "", 0);
}
- if (get_sha1(snapshot, sha1) == 0)
- return snapshot;
+ if (get_oid(snapshot.buf, &oid) == 0)
+ goto out;
- snapshot = fmt("v%s", snapshot);
- if (get_sha1(snapshot, sha1) == 0)
- return snapshot;
+ strbuf_insert(&snapshot, 0, "v", 1);
+ if (get_oid(snapshot.buf, &oid) == 0)
+ goto out;
- return NULL;
-}
+ strbuf_splice(&snapshot, 0, 1, "V", 1);
+ if (get_oid(snapshot.buf, &oid) == 0)
+ goto out;
-static void show_error(char *msg)
-{
- ctx.page.mimetype = "text/html";
- cgit_print_http_headers(&ctx);
- cgit_print_docstart(&ctx);
- cgit_print_pageheader(&ctx);
- cgit_print_error(msg);
- cgit_print_docend();
+ result = 0;
+ strbuf_release(&snapshot);
+
+out:
+ return result ? strbuf_detach(&snapshot, NULL) : NULL;
}
void cgit_print_snapshot(const char *head, const char *hex,
- const char *filename, int snapshots, int dwim)
+ const char *filename, int dwim)
{
const struct cgit_snapshot_format* f;
+ const char *sig_filename = NULL;
+ char *adj_filename = NULL;
char *prefix = NULL;
if (!filename) {
- show_error("No snapshot name specified");
+ cgit_print_error_page(400, "Bad request",
+ "No snapshot name specified");
return;
}
+ if (ends_with(filename, ".asc")) {
+ sig_filename = filename;
+
+ /* Strip ".asc" from filename for common format processing */
+ adj_filename = xstrdup(filename);
+ adj_filename[strlen(adj_filename) - 4] = '\0';
+ filename = adj_filename;
+ }
+
f = get_format(filename);
- if (!f) {
- show_error(xstrdup(fmt("Unsupported snapshot format: %s",
- filename)));
+ if (!f || (!sig_filename && !(ctx.repo->snapshots & cgit_snapshot_format_bit(f)))) {
+ cgit_print_error_page(400, "Bad request",
+ "Unsupported snapshot format: %s", filename);
return;
}
if (!hex && dwim) {
- hex = get_ref_from_filename(ctx.repo->url, filename, f);
+ hex = get_ref_from_filename(ctx.repo, filename, f);
if (hex == NULL) {
- html_status(404, "Not found", 0);
+ cgit_print_error_page(404, "Not found", "Not found");
return;
}
prefix = xstrdup(filename);
hex = head;
if (!prefix)
- prefix = xstrdup(cgit_repobasename(ctx.repo->url));
+ prefix = xstrdup(cgit_snapshot_prefix(ctx.repo));
+
+ if (sig_filename)
+ write_sig(f, hex, filename, sig_filename);
+ else
+ make_snapshot(f, hex, prefix, filename);
- make_snapshot(f, hex, prefix, filename);
free(prefix);
+ free(adj_filename);
}
git.ckatri.com / cgit.git / blobdiff