]> git.cameronkatri.com Git - cgit.git/log
cgit.git
10 years agofooter: link back to cgit home page
Jason A. Donenfeld [Wed, 19 Mar 2014 09:11:45 +0000 (03:11 -0600)]
footer: link back to cgit home page

The footer has always been overrideable using the footer= in cgitrc, so
this won't anger anybody who cares about their footer.

10 years agoui-shared: show absolute time in tooltip for relative dates
John Keeping [Sat, 20 Dec 2014 13:59:39 +0000 (13:59 +0000)]
ui-shared: show absolute time in tooltip for relative dates

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agogit: use xz compressed archive for download
Christian Hesse [Wed, 24 Dec 2014 02:14:07 +0000 (19:14 -0700)]
git: use xz compressed archive for download

10 years agomatch other common markdown file extensions
Chris Burroughs [Thu, 17 Jul 2014 13:44:13 +0000 (09:44 -0400)]
match other common markdown file extensions

10 years agorepolist: add owner-filter
Chris Burroughs [Mon, 4 Aug 2014 13:23:08 +0000 (09:23 -0400)]
repolist: add owner-filter

This allows custom links to be used for repository owners by
configuring a filter to be applied in the "Owner" column in the
repository list.

10 years agoui-shared: add rel-vcs microformat links to HTML header
John Keeping [Fri, 1 Aug 2014 21:14:19 +0000 (22:14 +0100)]
ui-shared: add rel-vcs microformat links to HTML header

As described at https://joeyh.name/rfc/rel-vcs/.

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agoui-summary: add "rel='vcs-git'" to clone URL links
John Keeping [Fri, 1 Aug 2014 21:14:18 +0000 (22:14 +0100)]
ui-summary: add "rel='vcs-git'" to clone URL links

This is described in the rel-vcs microformat[1].

[1] https://joeyh.name/rfc/rel-vcs/

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agoExtract clone URL printing to ui-shared.c
John Keeping [Fri, 1 Aug 2014 21:14:17 +0000 (22:14 +0100)]
Extract clone URL printing to ui-shared.c

This will allow us to reuse the same logic to add clone URL <link/>
elements to the header of all repo-specific pages in order to support
the rel-vcs microformat.

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agoRemove trailing slash after remove-suffix
Lukas Fleischer [Sat, 13 Dec 2014 10:40:48 +0000 (11:40 +0100)]
Remove trailing slash after remove-suffix

When removing the ".git" suffix of a non-bare repository, also remove
the trailing slash for compatibility with cgit_repobasename().

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
10 years agogit: update to v2.2.1
Christian Hesse [Fri, 19 Dec 2014 07:28:34 +0000 (00:28 -0700)]
git: update to v2.2.1

Update to git version v2.2.1, including API changes.

Signed-off-by: Christian Hesse <mail@eworm.de>
10 years agofilter: fix libravatar email-filter https issue
Christian Hesse [Wed, 10 Sep 2014 09:24:07 +0000 (11:24 +0200)]
filter: fix libravatar email-filter https issue

Serving cgit via https and getting avatar via http gives error messages
about untrusted content. This decides whether or not to use https link
by looking at the environment variable HTTPS, which is set in CGI.

10 years agoui-diff: add "stat only" diff type
John Keeping [Sun, 5 Oct 2014 09:59:05 +0000 (10:59 +0100)]
ui-diff: add "stat only" diff type

This prints the diffstat but stops before printing (or generating) any
of the body of the diff.

No cgitrc option is added here so that we can wait to see how useful
this is before letting people set it as the default.

Suggested-by: Konstantin Ryabitsev <mricon@kernel.org>
Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agoChange "ss" diff flag to an enum
John Keeping [Sun, 5 Oct 2014 09:59:04 +0000 (10:59 +0100)]
Change "ss" diff flag to an enum

This will allow us to introduce a new "stat only" diff mode without
needing an explosion of mutually incompatible flags.

The old "ss" query parameter is still accepted in order to avoid
breaking saved links, but we no longer generate any URIs using it;
instead the new "dt" (diff type) parameter is used.

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agoui-shared: remove toggle_ssdiff arg to cgit_diff_link()
John Keeping [Sun, 5 Oct 2014 09:59:03 +0000 (10:59 +0100)]
ui-shared: remove toggle_ssdiff arg to cgit_diff_link()

This argument is never used with a value other than zero, so remove it
and simplify the code.

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agoui-shared: remove toggle_ssdiff arg to cgit_commit_link()
John Keeping [Sun, 5 Oct 2014 09:59:02 +0000 (10:59 +0100)]
ui-shared: remove toggle_ssdiff arg to cgit_commit_link()

This argument is never used with a value other than zero, so remove it
and simplify the code.

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agogit: update to v2.0.4
John Keeping [Sun, 3 Aug 2014 14:51:42 +0000 (15:51 +0100)]
git: update to v2.0.4

No CGit changes required.

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agoAlways check if README exists in choose_readme()
Lukas Fleischer [Sun, 27 Jul 2014 18:50:59 +0000 (20:50 +0200)]
Always check if README exists in choose_readme()

Specifying a nonexistent README file via the readme option is sometimes
useful, e.g. when using scan-path and setting a global default.
Currently, we check whether there is only one option in the readme
option and, if so, we choose that file without checking whether it
exists. As a consequence, all repositories are equipped with an about
link in the aforementioned scenario, even if there is no about file.
Remove the early check for the number of keys and always check whether
the file exists instead.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
10 years agocgitrc.5: we mean a cgi response, not request
Jason A. Donenfeld [Fri, 1 Aug 2014 15:37:27 +0000 (17:37 +0200)]
cgitrc.5: we mean a cgi response, not request

10 years agoui-stats.c: set parent pointer to NULL after freeing it
John Keeping [Sun, 27 Jul 2014 10:56:20 +0000 (11:56 +0100)]
ui-stats.c: set parent pointer to NULL after freeing it

We do this everywhere else, so we should be doing it here as well.

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agogit: update to v2.0.3
John Keeping [Sun, 27 Jul 2014 10:56:19 +0000 (11:56 +0100)]
git: update to v2.0.3

This is slightly more involved than just bumping the version number
because it pulls in a change to convert the commit buffer to a slab,
removing the "buffer" field from "struct commit".  All sites that access
"commit->buffer" have been changed to use the new functions provided for
this purpose.

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agoparsing.c: make commit buffer const
John Keeping [Sun, 27 Jul 2014 10:56:18 +0000 (11:56 +0100)]
parsing.c: make commit buffer const

This will be required in order to incorporate the changes to commit
buffer handling in Git 2.0.2.

Signed-off-by: John Keeping <john@keeping.me.uk>
10 years agoBump version. v0.10.2
Jason A. Donenfeld [Mon, 30 Jun 2014 13:15:35 +0000 (15:15 +0200)]
Bump version.

10 years agoremove debug fprinf() calls that sneaked in with commit 79c985
Christian Hesse [Sun, 29 Jun 2014 16:52:16 +0000 (18:52 +0200)]
remove debug fprinf() calls that sneaked in with commit 79c985

10 years agogit: update to 2.0.1
Christian Hesse [Sat, 28 Jun 2014 14:04:17 +0000 (16:04 +0200)]
git: update to 2.0.1

Everything works just bumping the version in Makefile and commit hash in
submodule. No code changes required.

10 years agoui-patch: Flush stdout after outputting data
John Keeping [Wed, 11 Jun 2014 20:01:50 +0000 (21:01 +0100)]
ui-patch: Flush stdout after outputting data

It looks like cached patches are truncated to the nearest 1024-byte
boundary in the patch body. E.g.:

> mricon@nikko:[/tmp]$ wget -O no-cache
> "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=6e1b4fdad5157bb9e88777d525704aba24389bee"
...
> 2014-06-11 15:34:51 (80.4 MB/s) - ‘no-cache’ saved [4767]

Patch is complete, without truncation. Next hit, with cache in place:

> mricon@nikko:[/tmp]$ wget -O yes-cache
> "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=6e1b4
fdad5157bb9e88777d525704aba24389bee"
...
> 2014-06-11 15:35:01 (17.0 MB/s) - ‘yes-cache’ saved [4096/4096]

Length truncated to 4096. The cache on disk looks truncated as well, so
the bug must me during the process of saving cache. The same is true for
larger patches:

> mricon@nikko:[/tmp]$ wget -O no-cache
> "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=2840c566e95599cd60c7143762ca8b49d9395050"
...
> 2014-06-11 15:41:33 (1.07 MB/s) - ‘no-cache’ saved [979644]

979644 bytes with a cache-miss

> mricon@nikko:[/tmp]$ wget -O yes-cache
> "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=2840c
566e95599cd60c7143762ca8b49d9395050"
...
> 2014-06-11 15:41:46 (1.05 MB/s) - ‘yes-cache’ saved [978944]

978944 (956KB exactly) with a cache-hit

Since the "html" functions use raw write(2) to STDIO_FILENO, we don't
notice problems with most pages, but raw patches write using printf(3).
This is fine if we're outputting straight to stdout since the buffers
are flushed on exit, but we close the cache output before this, so the
cached output ends up being truncated.

Make sure the buffers are flushed when we finish outputting a patch so
that we avoid this.

No other UIs use printf(3) so we do not need to worry about them.

Actually, it's slightly more interesting than this... since we don't set
GIT_FLUSH, Git decides whether or not it will flush stdout after writing
each commit based on whether or not stdout points to a regular file (in
maybe_flush_or_die()).

Which means that when writing directly to the webserver, Git flushes
stdout for us, but when we redirect stdout to the cache it points to a
regular file so Git no longer flushes the output for us.

The patch is still correct, but perhaps the full explanation is
interesting!

Reported-by: Konstantin Ryabitsev <mricon@kernel.org>
10 years agoui-log: ignore unhandled arguments
John Keeping [Sat, 28 Jun 2014 13:55:06 +0000 (15:55 +0200)]
ui-log: ignore unhandled arguments

If you search for a bogus range string here:

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/

Using something like "range" and "qwerty123456", it returns an "Internal
Server Error" and the following in the logs:

> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] fatal:
> ambiguous argument 'qwerty123456': unknown revision or path not in the
> working tree., referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] Use '--' to
> separate paths from revisions, like this:, referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] 'git <command>
> [<revision>...] -- [<file>...]', referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] Premature end
> of script headers: cgit, referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/

The cache will kick in, so if you search for the same string again,
it'll show an empty range, so you have to change the bogus strings each
time.

This is because we just pass the arguments straight to Git's revision
parsing machinery which die()s if it cannot parse an argument, printing
the above to stderr and exiting.

The patch below makes it a bit friendlier by just ignoring unhandled
arguments, but I can't see an easy way to report errors when we can't
parse revision arguments without losing the flexibility of supporting
all of the revision specifiers supported by Git.

Reported-by: Konstantin Ryabitsev <mricon@kernel.org>
10 years agogit: update for git 2.0
Christian Hesse [Thu, 29 May 2014 15:35:46 +0000 (17:35 +0200)]
git: update for git 2.0

prefixcmp() and suffixcmp() have been remove, functionality is now
provided by starts_with() and ends_with(). Retrurn values have been
changed, so instead of just renaming we have to fix logic.
Everything else looks just fine.

10 years agoremove trailing whitespaces from source files
Christian Hesse [Thu, 17 Apr 2014 09:55:46 +0000 (11:55 +0200)]
remove trailing whitespaces from source files

10 years agogit: update to 1.9.2
Christian Hesse [Thu, 10 Apr 2014 03:34:34 +0000 (05:34 +0200)]
git: update to 1.9.2

Everything works just bumping the version in Makefile and commit hash in
submodule. No code changes required.

10 years agoFix cgit_parse_url when a repo url is contained in another repo url
Julian Maurice [Fri, 28 Mar 2014 22:18:29 +0000 (23:18 +0100)]
Fix cgit_parse_url when a repo url is contained in another repo url

For example, if I have two repos (remove-suffix is enabled):
  /foo
  /foo/bar

http://cgit/foo/bar/ is interpreted as "repository 'foo', command 'bar'"
instead of "repository 'foo/bar'"

10 years agoMakefile: use more reliable git tarball mirror
Jason A. Donenfeld [Thu, 20 Mar 2014 17:20:01 +0000 (11:20 -0600)]
Makefile: use more reliable git tarball mirror

10 years agogit: update to 1.9.1
Christian Hesse [Thu, 20 Mar 2014 13:41:16 +0000 (14:41 +0100)]
git: update to 1.9.1

Everything works just bumping the version in Makefile and commit hash
in submodule. No code changes required.

10 years agofilter: add libravatar email-filter lua script
Christian Hesse [Thu, 13 Mar 2014 10:55:49 +0000 (11:55 +0100)]
filter: add libravatar email-filter lua script

10 years agoBump version. v0.10.1
Jason A. Donenfeld [Thu, 27 Feb 2014 23:12:08 +0000 (00:12 +0100)]
Bump version.

10 years agoui-refs: simplify cmp_age logic
Jason A. Donenfeld [Wed, 26 Feb 2014 15:57:15 +0000 (16:57 +0100)]
ui-refs: simplify cmp_age logic

The check in parse_user that eventually makes it into committer_date and
tagger_date is:

else if (mode == 3 && isdigit(*p)) {
    *date = atol(p);
    mode++;
}

Since isdigit('-') is always false, date will never be negative. Thus
the sign of this function:

static int cmp_age(int age1, int age2)
{
    if (age1 != 0 && age2 != 0)
        return age2 - age1;

    if (age1 == 0 && age2 == 0)
        return 0;

    if (age1 == 0)
        return +1;

    return -1;
}

Will always be the same as the sign of this function:

static inline int cmp_age(int age1, int age2)
{
    return age2 - age1;
}

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Idea-by: Lukas Fleischer <cgit@cryptocrack.de>
10 years agoRemove unused parameter from cgit_print_snapshot()
Lukas Fleischer [Sat, 8 Feb 2014 13:37:29 +0000 (14:37 +0100)]
Remove unused parameter from cgit_print_snapshot()

10 years agoprint download link for reference string length == 1
Christian Hesse [Thu, 20 Feb 2014 19:48:45 +0000 (20:48 +0100)]
print download link for reference string length == 1

I have a number of repositories that start tagging with just '1' and
count up. Actually references with sting length of one are skipped, this
patch changes that.

10 years agoClean up cache documentation.
Jason A. Donenfeld [Fri, 21 Feb 2014 00:36:20 +0000 (01:36 +0100)]
Clean up cache documentation.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
10 years agoSkip cache slot when time-to-live is zero
Lukas Fleischer [Thu, 20 Feb 2014 19:59:22 +0000 (20:59 +0100)]
Skip cache slot when time-to-live is zero

If time-to-live is set to zero, we don't need to regenerate the cache
slots on every request. Instead, just skip the caching process and
immediately provide the dynamically generated version of the page.
Setting time-to-live to zero is useful when you want to disable caching
for certain pages.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
10 years agogit: Update to 1.9.0
Lukas Fleischer [Thu, 20 Feb 2014 19:58:13 +0000 (20:58 +0100)]
git: Update to 1.9.0

No code changes required, just bump the submodule and Makefile versions.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
10 years agoMakefile: suppress pkg-config error
Jason A. Donenfeld [Thu, 20 Feb 2014 19:06:29 +0000 (20:06 +0100)]
Makefile: suppress pkg-config error

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
10 years agoAdd a cache-snapshot-ttl configuration variable
Lukas Fleischer [Wed, 5 Feb 2014 09:23:58 +0000 (10:23 +0100)]
Add a cache-snapshot-ttl configuration variable

This can be used to specify the TTL for snapshots. Snapshots are usually
static and do not ever change. On the other hand, tarball generation is
CPU intensive.

One use case of this setting (apart from increasing the lifetime of
snapshot cache slots) is caching of snapshots while disabling the cache
for static/dynamic HTML pages (by setting TTL to zero for everything
except for snapshot requests).

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
10 years agodiffstat: do not rely on uninitialized data
Jason A. Donenfeld [Thu, 20 Feb 2014 18:48:24 +0000 (19:48 +0100)]
diffstat: do not rely on uninitialized data

Right now if you visit:
<http://git.zx2c4.com/systemd/diff/src/udev/udev-builtin-input_id.c?id=bcfce235>
you'll see that if you reload the page a few times, a bunch of times the
diffstat comes out with no lines being shown or changed. I'm not
currently sure what the cause of this is, but I suspect it might have to
do with this uninitialized data.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
10 years agogen-version.sh: check if git is available before trying to call it
Fabien C [Sat, 1 Feb 2014 15:07:46 +0000 (16:07 +0100)]
gen-version.sh: check if git is available before trying to call it

Some people may clone the cgit repository and compile within a sandbox
or on another machine where git is not necessarily installed. When it
happens, cgit is getting compiled with an empty version number.

This commit fixes this.

11 years agosimple-authentication: style
Jason A. Donenfeld [Wed, 22 Jan 2014 23:58:07 +0000 (00:58 +0100)]
simple-authentication: style

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agomakefile: use LUA_PKGCONFIG to set Lua implementation
Natanael Copa [Wed, 22 Jan 2014 12:15:08 +0000 (13:15 +0100)]
makefile: use LUA_PKGCONFIG to set Lua implementation

This breaks compat with the previous LUA_IMPLEMENTATION but gives more
flexibility in that user can specify the pkg-config package name
directly.

Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
11 years agotests: only do lua tests if lua is compiled-in
Jason A. Donenfeld [Mon, 20 Jan 2014 12:11:10 +0000 (13:11 +0100)]
tests: only do lua tests if lua is compiled-in

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agocgit: add --version argument for printing info
Jason A. Donenfeld [Mon, 20 Jan 2014 12:05:08 +0000 (13:05 +0100)]
cgit: add --version argument for printing info

We need this to do runtime tests for make test.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agocache: use sendfile() instead of a pair of read() + write()
Sebastian Andrzej Siewior [Sat, 18 Jan 2014 20:24:58 +0000 (21:24 +0100)]
cache: use sendfile() instead of a pair of read() + write()

sendfile() does the same job and avoids to copy the content into userland
and back. One has to define NO_SENDFILE in case the OS (kernel / libc)
does not supported. It is disabled by default on non-linux environemnts.
According to the glibc, sendfile64() was added in Linux 2.4 (so it has
been there for a while) but after browsing over the mapage of FreeBSD's I
noticed that the prototype is little different.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
11 years agoREADME: document pkg-config for luajit
Jason A. Donenfeld [Fri, 17 Jan 2014 23:45:01 +0000 (00:45 +0100)]
README: document pkg-config for luajit

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agomakefile: bump version v0.10
Jason A. Donenfeld [Fri, 17 Jan 2014 15:09:16 +0000 (16:09 +0100)]
makefile: bump version

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agomailmap: source before lighttpd
Jason A. Donenfeld [Fri, 17 Jan 2014 15:04:12 +0000 (16:04 +0100)]
mailmap: source before lighttpd

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agoui-shared: do not allow negative minutes
Jason A. Donenfeld [Fri, 17 Jan 2014 14:41:41 +0000 (15:41 +0100)]
ui-shared: do not allow negative minutes

Do to timestamp differences, sometimes cgit would should "-0 min", which
doesn't make any sense.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agoauth: document tweakables in lua script
Jason A. Donenfeld [Fri, 17 Jan 2014 14:34:44 +0000 (15:34 +0100)]
auth: document tweakables in lua script

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agorepolist: make owner clickable to search
Jason A. Donenfeld [Thu, 16 Jan 2014 21:54:23 +0000 (22:54 +0100)]
repolist: make owner clickable to search

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agoui-shared: move about tab all the way to the left
Jason A. Donenfeld [Fri, 17 Jan 2014 12:53:37 +0000 (13:53 +0100)]
ui-shared: move about tab all the way to the left

There were no objections (at the time of committing this):
   http://lists.zx2c4.com/pipermail/cgit/2013-May/001393.html
   http://lists.zx2c4.com/pipermail/cgit/2014-January/001904.html

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: don't forget to reap the auth filter
Jason A. Donenfeld [Fri, 17 Jan 2014 12:53:02 +0000 (13:53 +0100)]
filter: don't forget to reap the auth filter

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agocgit.c: free tmp variable
Jason A. Donenfeld [Thu, 16 Jan 2014 23:48:17 +0000 (00:48 +0100)]
cgit.c: free tmp variable

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agoSwitch to exclusively using global ctx
Lukas Fleischer [Wed, 15 Jan 2014 20:53:15 +0000 (21:53 +0100)]
Switch to exclusively using global ctx

Drop the context parameter from the following functions (and all static
helpers used by them) and use the global context instead:

* cgit_print_http_headers()
* cgit_print_docstart()
* cgit_print_pageheader()

Remove context parameter from all commands

Drop the context parameter from the following functions (and all static
helpers used by them) and use the global context instead:

* cgit_get_cmd()
* All cgit command functions.
* cgit_clone_info()
* cgit_clone_objects()
* cgit_clone_head()
* cgit_print_plain()
* cgit_show_stats()

In initialization routines, use the global context variable instead of
passing a pointer around locally.

Remove callback data parameter for cache slots

This is no longer needed since the context is always read from the
global context variable.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
11 years agoauth: have cgit calculate login address
Jason A. Donenfeld [Thu, 16 Jan 2014 22:21:54 +0000 (23:21 +0100)]
auth: have cgit calculate login address

This way we're sure to use virtual root, or any other strangeness
encountered.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agoauth: lua string comparisons are time invariant
Jason A. Donenfeld [Thu, 16 Jan 2014 18:47:35 +0000 (19:47 +0100)]
auth: lua string comparisons are time invariant

By default, strings are compared by hash, so we can remove this comment.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agoauthentication: use hidden form instead of referer
Jason A. Donenfeld [Thu, 16 Jan 2014 10:39:17 +0000 (11:39 +0100)]
authentication: use hidden form instead of referer

This also gives us some CSRF protection. Note that we make use of the
hmac to protect the redirect value.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agoauth: add basic authentication filter framework
Jason A. Donenfeld [Tue, 14 Jan 2014 20:49:31 +0000 (21:49 +0100)]
auth: add basic authentication filter framework

This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.

Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.

Very plugable and extendable depending on user needs.

The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agot0111: Additions and fixes
Lukas Fleischer [Wed, 15 Jan 2014 22:11:19 +0000 (23:11 +0100)]
t0111: Additions and fixes

* Rename the capitalize-* filters to dump.* since they also dump the
  arguments.

* Add full argument validation to the email filters.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
11 years agoparsing.c: Remove leading space from committer
Lukas Fleischer [Wed, 15 Jan 2014 22:09:08 +0000 (23:09 +0100)]
parsing.c: Remove leading space from committer

This did not really break anything in the past since spaces are ignored
when rendering HTML. Remove the preceding space anyway to prevent from
potential future problems.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
11 years agoAdd .mailmap
Lukas Fleischer [Tue, 14 Jan 2014 20:35:00 +0000 (21:35 +0100)]
Add .mailmap

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
11 years agot0111: Add basic tests for Lua filters
Lukas Fleischer [Tue, 14 Jan 2014 21:25:45 +0000 (22:25 +0100)]
t0111: Add basic tests for Lua filters

* Validate the email filter by manipulating stdin. Additional checks for
  all the arguments can be added in a later patch.

* Add the exec prefix to all informational messages.

* Rename the filter repository to filter-exec. The Git repository itself
  is not renamed since it can be shared amongst all filter types.

* In the filter checks, check whether all arguments are passed properly
  instead of validating the buffer/stdin only.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
11 years agoemail-gravatar: fix html syntax issues
Christian Hesse [Wed, 15 Jan 2014 12:39:54 +0000 (13:39 +0100)]
email-gravatar: fix html syntax issues

an attribute value specification must be an attribute value literal
unless SHORTTAG YES is specified

11 years agoemail-gravatar: do not scale icons up
Jason A. Donenfeld [Tue, 14 Jan 2014 17:57:36 +0000 (18:57 +0100)]
email-gravatar: do not scale icons up

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: allow returning exit code from filter
Jason A. Donenfeld [Tue, 14 Jan 2014 17:07:23 +0000 (18:07 +0100)]
filter: allow returning exit code from filter

Filters can now indicate a status back to cgit by means of the exit code
for exec, or the return value from close for Lua.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agotests/: Add t0111-filter.sh
Lukas Fleischer [Tue, 14 Jan 2014 11:01:06 +0000 (12:01 +0100)]
tests/: Add t0111-filter.sh

This adds basic tests for all types of exec filters.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
11 years agoemail-gravatar: fix html syntax issues
Christian Hesse [Tue, 14 Jan 2014 11:01:58 +0000 (12:01 +0100)]
email-gravatar: fix html syntax issues

* make ampersand a html entity
* add required alt attribute
* add required img end tag

11 years agoemail-gravatar.py: fix UTF-8
Christian Hesse [Tue, 14 Jan 2014 10:11:23 +0000 (11:11 +0100)]
email-gravatar.py: fix UTF-8

11 years agoemail-gravatar.lua: fix for lua 5.2
Christian Hesse [Tue, 14 Jan 2014 10:32:54 +0000 (11:32 +0100)]
email-gravatar.lua: fix for lua 5.2

11 years agomakefile: only display lua message once
Jason A. Donenfeld [Tue, 14 Jan 2014 12:47:28 +0000 (13:47 +0100)]
makefile: only display lua message once

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agoREADME: document lua makefile flags
Jason A. Donenfeld [Tue, 14 Jan 2014 02:48:23 +0000 (03:48 +0100)]
README: document lua makefile flags

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agocgitrc.5.txt: Fix documentation of the snapshot mask
Lukas Fleischer [Mon, 13 Jan 2014 23:49:48 +0000 (00:49 +0100)]
cgitrc.5.txt: Fix documentation of the snapshot mask

Mention that the snapshot setting only specifies the formats that links
are generated for and not the set of formats that are accessible via
HTTP.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
11 years agomakefile: auto-detect presence of various Lua, bsd
Jason A. Donenfeld [Tue, 14 Jan 2014 00:50:31 +0000 (01:50 +0100)]
makefile: auto-detect presence of various Lua, bsd

We favor LuaJIT over Lua. We disable Lua if neither can be found. We
error out if a particular Lua is specified via LUA_IMPLEMENTATION=JIT or
LUA_IMPLEMENTATION=VANILLA, but cannot be found. We print a status
message depending on what happens.

Also, we do not link against libdl on the BSDs, since they include it as
part of libc.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: style tweaks
Jason A. Donenfeld [Mon, 13 Jan 2014 22:54:28 +0000 (23:54 +0100)]
filter: style tweaks

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: add page source to email filter
Jason A. Donenfeld [Mon, 13 Jan 2014 15:24:40 +0000 (16:24 +0100)]
filter: add page source to email filter

Since the email filter is called from lots of places, the script might
benefit from knowing the origin. That way it can modify its contents
and/or size depending.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: add gravatar scripts
Jason A. Donenfeld [Fri, 10 Jan 2014 05:17:09 +0000 (06:17 +0100)]
filter: add gravatar scripts

The lua one is hugely faster than the python one, but both are included
for comparison.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: add support for email filter
Jason A. Donenfeld [Mon, 13 Jan 2014 03:04:52 +0000 (04:04 +0100)]
filter: add support for email filter

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: return on null filter from open and close
Jason A. Donenfeld [Mon, 13 Jan 2014 02:56:50 +0000 (03:56 +0100)]
filter: return on null filter from open and close

So that we don't have to include the if(filter) open_filter(filter)
block everywhere, we introduce the guard in the function itself. This
should simplify quite a bit of code.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: add lua support
Jason A. Donenfeld [Mon, 13 Jan 2014 13:18:51 +0000 (14:18 +0100)]
filter: add lua support

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: basic write hooking infrastructure
Jason A. Donenfeld [Mon, 13 Jan 2014 13:16:18 +0000 (14:16 +0100)]
filter: basic write hooking infrastructure

Filters can now call hook_write and unhook_write if they want to
redirect writing to stdout to a different function. This saves us from
potential file descriptor pipes and other less efficient mechanisms.

We do this instead of replacing the call in html_raw because some places
stdlib's printf functions are used (ui-patch or within git itself),
which has its own internal buffering, which makes it difficult to
interlace our function calls. So, we dlsym libc's write and then
override it in the link stage.

While we're at it, we move considerations of argument count into the
generic new filter handler.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: allow for cleanup hook for filter types
Jason A. Donenfeld [Sun, 12 Jan 2014 19:58:21 +0000 (20:58 +0100)]
filter: allow for cleanup hook for filter types

At some point, we're going to want to do lazy deallocation of filters.
For example, if we implement lua, we'll want to load the lua runtime
once for each filter, even if that filter is called many times.
Similarly, for persistent exec filters, we'll want to load it once,
despite many open_filter and close_filter calls, and only reap the child
process at the end of the cgit process. For this reason, we add here a
cleanup function that is called at the end of cgit's main().

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilter: introduce "filter type" prefix
John Keeping [Sun, 12 Jan 2014 17:13:53 +0000 (17:13 +0000)]
filter: introduce "filter type" prefix

This allows different filter implementations to be specified in the
configuration file.  Currently only "exec" is supported, but it may now
be specified either with or without the "exec:" prefix.

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agofilter: add interface layer
John Keeping [Sun, 12 Jan 2014 17:13:52 +0000 (17:13 +0000)]
filter: add interface layer

Change the existing cgit_{open,close,fprintf}_filter functions to
delegate to filter-specific implementations accessed via function
pointers on the cgit_filter object.

We treat the "exec" filter type slightly specially here by putting its
structure definition in the header file and providing an "init" function
to set up the function pointers.  This is required so that the
ui-snapshot.c code that applies a compression filter can continue to use
the filter interface to do so.

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agofilter: add fprintf_filter function
John Keeping [Sun, 12 Jan 2014 17:13:51 +0000 (17:13 +0000)]
filter: add fprintf_filter function

This stops the code in cgit.c::print_repo needing to inspect the
cgit_filter structure, meaning that we can abstract out different filter
types that will have different fields that need to be printed.

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agoauthors: specify maintainers
Jason A. Donenfeld [Tue, 14 Jan 2014 00:59:28 +0000 (01:59 +0100)]
authors: specify maintainers

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
11 years agofilters: Improved syntax-highlighting.py
Stefan Tatschner [Mon, 13 Jan 2014 21:10:45 +0000 (22:10 +0100)]
filters: Improved syntax-highlighting.py

- Switched back to python2 according to a problem in pygments with python3.
  With the next release of pygments this problem should be fixed.
  Issue see here:
  https://bitbucket.org/birkenfeld/pygments-main/issue/901/problems-with-python3
- Just read the stdin, decode it to utf-8 and ignore unknown signs. This ensures
  that even destroyed files do not cause any errors in the filter.
- Improved language guessing:
  -> At first use guess_lexer_for_filename for a better detection of the used
     programming languages (even mixed cases will be detected, e.g. php + html).
  -> If nothing was found look if there is a shebang and use guess_lexer.
  -> As default/fallback choose TextLexer.

Signed-off-by: Stefan Tatschner <stefan@sevenbyte.org>
11 years agotests: add CGIT_TEST_OPTS variable to Makefile
John Keeping [Sun, 12 Jan 2014 19:46:42 +0000 (19:46 +0000)]
tests: add CGIT_TEST_OPTS variable to Makefile

This allows running the entire test suite with a set of command-line
options.  For example:

make test CGIT_TEST_OPTS=--valgrind

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agoui-repolist: HTML-escape cgit_rooturl() response
John Keeping [Sun, 12 Jan 2014 19:45:17 +0000 (19:45 +0000)]
ui-repolist: HTML-escape cgit_rooturl() response

This is for consistency with other callers.  The value returned from
cgit_rooturl is not guaranteed to be HTML-safe.

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agoui-shared: URL-escape script_name
John Keeping [Sun, 12 Jan 2014 19:45:16 +0000 (19:45 +0000)]
ui-shared: URL-escape script_name

As far as I know, there is no requirement that $SCRIPT_NAME contain only
URL-safe characters, so we need to make sure that any special characters
are escaped.

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agoui-refs: escape HTML chars in author and tagger names
John Keeping [Sun, 12 Jan 2014 19:45:15 +0000 (19:45 +0000)]
ui-refs: escape HTML chars in author and tagger names

Everywhere else we use html_txt to escape any special characters in
these variables.  Do so here as well.

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agofilter: pass extra arguments via cgit_open_filter
John Keeping [Sun, 12 Jan 2014 17:13:50 +0000 (17:13 +0000)]
filter: pass extra arguments via cgit_open_filter

This avoids poking into the filter data structure at various points in
the code.  We rely on the fact that the number of arguments is fixed
based on the filter type (set in cgit_new_filter) and that the call
sites all know which filter type they're using.

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agoui-snapshot: set unused cgit_filter fields to zero
John Keeping [Sun, 12 Jan 2014 17:13:49 +0000 (17:13 +0000)]
ui-snapshot: set unused cgit_filter fields to zero

By switching the assignment of fields in the cgit_filter structure to
use designated initializers, the compiler will initialize all other
fields to their default value.  This will be needed when we add the
extra_args field in the next patch.

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agohtml: remove redundant htmlfd variable
John Keeping [Sun, 12 Jan 2014 17:13:48 +0000 (17:13 +0000)]
html: remove redundant htmlfd variable

This is never changed from STDOUT_FILENO, so just use that value
directly.

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agotests: add Valgrind support
John Keeping [Mon, 8 Apr 2013 19:12:38 +0000 (20:12 +0100)]
tests: add Valgrind support

Now running tests with the "--valgrind" option will run cgit under
Valgrind instead of all Git commands.

Signed-off-by: John Keeping <john@keeping.me.uk>
11 years agocache: don't leave cache_slot fields uninitialized
John Keeping [Sun, 12 Jan 2014 16:49:40 +0000 (16:49 +0000)]
cache: don't leave cache_slot fields uninitialized

Valgrind says:

==18344== Conditional jump or move depends on uninitialised value(s)
==18344==    at 0x406C83: open_slot (cache.c:63)
==18344==    by 0x407478: cache_ls (cache.c:403)
==18344==    by 0x404C9A: process_request (cgit.c:639)
==18344==    by 0x406BD2: fill_slot (cache.c:190)
==18344==    by 0x4071A0: cache_process (cache.c:284)
==18344==    by 0x404461: main (cgit.c:952)
==18344==  Uninitialised value was created by a stack allocation
==18344==    at 0x40738B: cache_ls (cache.c:375)

This is caused by the keylen field being used to calculate whether or
not a slot is matched.  We never then check the value of this and the
length of data read depends on the key length read from the file so this
isn't dangerous, but it's nice to avoid branching based on uninitialized
data.

Signed-off-by: John Keeping <john@keeping.me.uk>