John Keeping [Fri, 1 Aug 2014 21:14:17 +0000 (22:14 +0100)]
Extract clone URL printing to ui-shared.c
This will allow us to reuse the same logic to add clone URL <link/>
elements to the header of all repo-specific pages in order to support
the rel-vcs microformat.
Christian Hesse [Wed, 10 Sep 2014 09:24:07 +0000 (11:24 +0200)]
filter: fix libravatar email-filter https issue
Serving cgit via https and getting avatar via http gives error messages
about untrusted content. This decides whether or not to use https link
by looking at the environment variable HTTPS, which is set in CGI.
John Keeping [Sun, 5 Oct 2014 09:59:04 +0000 (10:59 +0100)]
Change "ss" diff flag to an enum
This will allow us to introduce a new "stat only" diff mode without
needing an explosion of mutually incompatible flags.
The old "ss" query parameter is still accepted in order to avoid
breaking saved links, but we no longer generate any URIs using it;
instead the new "dt" (diff type) parameter is used.
Specifying a nonexistent README file via the readme option is sometimes
useful, e.g. when using scan-path and setting a global default.
Currently, we check whether there is only one option in the readme
option and, if so, we choose that file without checking whether it
exists. As a consequence, all repositories are equipped with an about
link in the aforementioned scenario, even if there is no about file.
Remove the early check for the number of keys and always check whether
the file exists instead.
John Keeping [Sun, 27 Jul 2014 10:56:19 +0000 (11:56 +0100)]
git: update to v2.0.3
This is slightly more involved than just bumping the version number
because it pulls in a change to convert the commit buffer to a slab,
removing the "buffer" field from "struct commit". All sites that access
"commit->buffer" have been changed to use the new functions provided for
this purpose.
Length truncated to 4096. The cache on disk looks truncated as well, so
the bug must me during the process of saving cache. The same is true for
larger patches:
Since the "html" functions use raw write(2) to STDIO_FILENO, we don't
notice problems with most pages, but raw patches write using printf(3).
This is fine if we're outputting straight to stdout since the buffers
are flushed on exit, but we close the cache output before this, so the
cached output ends up being truncated.
Make sure the buffers are flushed when we finish outputting a patch so
that we avoid this.
No other UIs use printf(3) so we do not need to worry about them.
Actually, it's slightly more interesting than this... since we don't set
GIT_FLUSH, Git decides whether or not it will flush stdout after writing
each commit based on whether or not stdout points to a regular file (in
maybe_flush_or_die()).
Which means that when writing directly to the webserver, Git flushes
stdout for us, but when we redirect stdout to the cache it points to a
regular file so Git no longer flushes the output for us.
The patch is still correct, but perhaps the full explanation is
interesting!
Reported-by: Konstantin Ryabitsev <mricon@kernel.org>
Using something like "range" and "qwerty123456", it returns an "Internal
Server Error" and the following in the logs:
> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] fatal:
> ambiguous argument 'qwerty123456': unknown revision or path not in the
> working tree., referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] Use '--' to
> separate paths from revisions, like this:, referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] 'git <command>
> [<revision>...] -- [<file>...]', referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] Premature end
> of script headers: cgit, referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
The cache will kick in, so if you search for the same string again,
it'll show an empty range, so you have to change the bogus strings each
time.
This is because we just pass the arguments straight to Git's revision
parsing machinery which die()s if it cannot parse an argument, printing
the above to stderr and exiting.
The patch below makes it a bit friendlier by just ignoring unhandled
arguments, but I can't see an easy way to report errors when we can't
parse revision arguments without losing the flexibility of supporting
all of the revision specifiers supported by Git.
Reported-by: Konstantin Ryabitsev <mricon@kernel.org>
Christian Hesse [Thu, 29 May 2014 15:35:46 +0000 (17:35 +0200)]
git: update for git 2.0
prefixcmp() and suffixcmp() have been remove, functionality is now
provided by starts_with() and ends_with(). Retrurn values have been
changed, so instead of just renaming we have to fix logic.
Everything else looks just fine.
Christian Hesse [Thu, 20 Feb 2014 19:48:45 +0000 (20:48 +0100)]
print download link for reference string length == 1
I have a number of repositories that start tagging with just '1' and
count up. Actually references with sting length of one are skipped, this
patch changes that.
Lukas Fleischer [Thu, 20 Feb 2014 19:59:22 +0000 (20:59 +0100)]
Skip cache slot when time-to-live is zero
If time-to-live is set to zero, we don't need to regenerate the cache
slots on every request. Instead, just skip the caching process and
immediately provide the dynamically generated version of the page.
Setting time-to-live to zero is useful when you want to disable caching
for certain pages.
Lukas Fleischer [Wed, 5 Feb 2014 09:23:58 +0000 (10:23 +0100)]
Add a cache-snapshot-ttl configuration variable
This can be used to specify the TTL for snapshots. Snapshots are usually
static and do not ever change. On the other hand, tarball generation is
CPU intensive.
One use case of this setting (apart from increasing the lifetime of
snapshot cache slots) is caching of snapshots while disabling the cache
for static/dynamic HTML pages (by setting TTL to zero for everything
except for snapshot requests).
Right now if you visit:
<http://git.zx2c4.com/systemd/diff/src/udev/udev-builtin-input_id.c?id=bcfce235>
you'll see that if you reload the page a few times, a bunch of times the
diffstat comes out with no lines being shown or changed. I'm not
currently sure what the cause of this is, but I suspect it might have to
do with this uninitialized data.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Fabien C [Sat, 1 Feb 2014 15:07:46 +0000 (16:07 +0100)]
gen-version.sh: check if git is available before trying to call it
Some people may clone the cgit repository and compile within a sandbox
or on another machine where git is not necessarily installed. When it
happens, cgit is getting compiled with an empty version number.
cache: use sendfile() instead of a pair of read() + write()
sendfile() does the same job and avoids to copy the content into userland
and back. One has to define NO_SENDFILE in case the OS (kernel / libc)
does not supported. It is disabled by default on non-linux environemnts.
According to the glibc, sendfile64() was added in Linux 2.4 (so it has
been there for a while) but after browsing over the mapage of FreeBSD's I
noticed that the prototype is little different.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
There were no objections (at the time of committing this):
http://lists.zx2c4.com/pipermail/cgit/2013-May/001393.html
http://lists.zx2c4.com/pipermail/cgit/2014-January/001904.html
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.
Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.
Very plugable and extendable depending on user needs.
The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Lukas Fleischer [Wed, 15 Jan 2014 22:09:08 +0000 (23:09 +0100)]
parsing.c: Remove leading space from committer
This did not really break anything in the past since spaces are ignored
when rendering HTML. Remove the preceding space anyway to prevent from
potential future problems.
makefile: auto-detect presence of various Lua, bsd
We favor LuaJIT over Lua. We disable Lua if neither can be found. We
error out if a particular Lua is specified via LUA_IMPLEMENTATION=JIT or
LUA_IMPLEMENTATION=VANILLA, but cannot be found. We print a status
message depending on what happens.
Also, we do not link against libdl on the BSDs, since they include it as
part of libc.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Since the email filter is called from lots of places, the script might
benefit from knowing the origin. That way it can modify its contents
and/or size depending.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
So that we don't have to include the if(filter) open_filter(filter)
block everywhere, we introduce the guard in the function itself. This
should simplify quite a bit of code.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Filters can now call hook_write and unhook_write if they want to
redirect writing to stdout to a different function. This saves us from
potential file descriptor pipes and other less efficient mechanisms.
We do this instead of replacing the call in html_raw because some places
stdlib's printf functions are used (ui-patch or within git itself),
which has its own internal buffering, which makes it difficult to
interlace our function calls. So, we dlsym libc's write and then
override it in the link stage.
While we're at it, we move considerations of argument count into the
generic new filter handler.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
At some point, we're going to want to do lazy deallocation of filters.
For example, if we implement lua, we'll want to load the lua runtime
once for each filter, even if that filter is called many times.
Similarly, for persistent exec filters, we'll want to load it once,
despite many open_filter and close_filter calls, and only reap the child
process at the end of the cgit process. For this reason, we add here a
cleanup function that is called at the end of cgit's main().
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
John Keeping [Sun, 12 Jan 2014 17:13:53 +0000 (17:13 +0000)]
filter: introduce "filter type" prefix
This allows different filter implementations to be specified in the
configuration file. Currently only "exec" is supported, but it may now
be specified either with or without the "exec:" prefix.
John Keeping [Sun, 12 Jan 2014 17:13:52 +0000 (17:13 +0000)]
filter: add interface layer
Change the existing cgit_{open,close,fprintf}_filter functions to
delegate to filter-specific implementations accessed via function
pointers on the cgit_filter object.
We treat the "exec" filter type slightly specially here by putting its
structure definition in the header file and providing an "init" function
to set up the function pointers. This is required so that the
ui-snapshot.c code that applies a compression filter can continue to use
the filter interface to do so.
John Keeping [Sun, 12 Jan 2014 17:13:51 +0000 (17:13 +0000)]
filter: add fprintf_filter function
This stops the code in cgit.c::print_repo needing to inspect the
cgit_filter structure, meaning that we can abstract out different filter
types that will have different fields that need to be printed.
Stefan Tatschner [Mon, 13 Jan 2014 21:10:45 +0000 (22:10 +0100)]
filters: Improved syntax-highlighting.py
- Switched back to python2 according to a problem in pygments with python3.
With the next release of pygments this problem should be fixed.
Issue see here:
https://bitbucket.org/birkenfeld/pygments-main/issue/901/problems-with-python3
- Just read the stdin, decode it to utf-8 and ignore unknown signs. This ensures
that even destroyed files do not cause any errors in the filter.
- Improved language guessing:
-> At first use guess_lexer_for_filename for a better detection of the used
programming languages (even mixed cases will be detected, e.g. php + html).
-> If nothing was found look if there is a shebang and use guess_lexer.
-> As default/fallback choose TextLexer.
Signed-off-by: Stefan Tatschner <stefan@sevenbyte.org>
John Keeping [Sun, 12 Jan 2014 19:45:16 +0000 (19:45 +0000)]
ui-shared: URL-escape script_name
As far as I know, there is no requirement that $SCRIPT_NAME contain only
URL-safe characters, so we need to make sure that any special characters
are escaped.
John Keeping [Sun, 12 Jan 2014 17:13:50 +0000 (17:13 +0000)]
filter: pass extra arguments via cgit_open_filter
This avoids poking into the filter data structure at various points in
the code. We rely on the fact that the number of arguments is fixed
based on the filter type (set in cgit_new_filter) and that the call
sites all know which filter type they're using.
John Keeping [Sun, 12 Jan 2014 17:13:49 +0000 (17:13 +0000)]
ui-snapshot: set unused cgit_filter fields to zero
By switching the assignment of fields in the cgit_filter structure to
use designated initializers, the compiler will initialize all other
fields to their default value. This will be needed when we add the
extra_args field in the next patch.
==18344== Conditional jump or move depends on uninitialised value(s)
==18344== at 0x406C83: open_slot (cache.c:63)
==18344== by 0x407478: cache_ls (cache.c:403)
==18344== by 0x404C9A: process_request (cgit.c:639)
==18344== by 0x406BD2: fill_slot (cache.c:190)
==18344== by 0x4071A0: cache_process (cache.c:284)
==18344== by 0x404461: main (cgit.c:952)
==18344== Uninitialised value was created by a stack allocation
==18344== at 0x40738B: cache_ls (cache.c:375)
This is caused by the keylen field being used to calculate whether or
not a slot is matched. We never then check the value of this and the
length of data read depends on the key length read from the file so this
isn't dangerous, but it's nice to avoid branching based on uninitialized
data.