This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.
Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.
Very plugable and extendable depending on user needs.
The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
As far as I know, there is no requirement that $SCRIPT_NAME contain only
URL-safe characters, so we need to make sure that any special characters
are escaped.
Signed-off-by: John Keeping <john@keeping.me.uk>
This is a preparation for replacing all prefix checks with either
strip_prefix() or starts_with() when Git 1.8.6 is released.
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Name "cgit Development Team" as copyright holder to avoid listing
every single developer.
* Update copyright ranges.
Signed-off-by: Lukas Fleischer <cgit@crytocrack.de>
Remove filepair_cb_raw() and all related functions. These are no longer
needed. We now use Git's internal functions for raw diff formatting
everywhere.
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Move filepair_cb() from ui-patch.c to ui-shared.c and rename it to
filepair_cb_raw(). This callback will be used in ui-diff.c in a
follow-up patch.
Note that it is not straightforward to extract filepair_cb() from
ui-diff.c which is why it is not done here as well.
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Now this is possible in cgitrc -
readme=:README.md
readme=:readme.md
readme=:README.mkd
readme=:readme.mkd
readme=:README.rst
readme=:readme.rst
readme=:README.html
readme=:readme.html
readme=:README.htm
readme=:readme.htm
readme=:README.txt
readme=:readme.txt
readme=:README
readme=:readme
readme=:INSTALL.txt
readme=:install.txt
readme=:INSTALL
readme=:install
Suggested-by: John Keeping <john@keeping.me.uk>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Use "struct strbuf" from Git to remove the limit on file path length.
Notes on scan-tree:
This is slightly involved since I decided to pass the strbuf into
add_repo() and modify if whenever a new file name is required, which
should avoid any extra allocations within that function. The pattern
there is to append the filename, use it and then reset the buffer to its
original length (retaining a trailing '/').
Notes on ui-snapshot:
Since write_archive modifies the argv array passed to it we
copy the argv_array values into a new array of char* and then free the
original argv_array structure and the new array without worrying about
what the values now look like.
Signed-off-by: John Keeping <john@keeping.me.uk>
This removes many uses of "fmt" which uses a fixed size static pool of
fixed size buffers. Instead of relying on these, we now pass around
argument lists for as long as possible before using a strbuf to render
content of an arbitrary size.
Signed-off-by: John Keeping <john@keeping.me.uk>
The CGit configuration variable virtual_root is normalized so that it
does not have a trailing '/' character, but it is allowed to be empty
(the empty string and NULL have different meanings here) and there is
code that is insufficiently cautious when checking if it ends in a '/':
if (virtual_root[strlen(virtual_root) - 1] != '/')
Clearly this check is redundant, but rather than simply removing it we
get a slight efficiency improvement by switching the normalization so
that the virtual_root variable always ends in '/'. Do this with a new
"ensure_end" helper.
Signed-off-by: John Keeping <john@keeping.me.uk>
While doing this, remove declarations from header files where the
corresponding definition is declared "static" in order to avoid build
errors.
Also re-order existing headers in ui-*.c so that the file-specific
header always comes immediately after "cgit.h", helping with future
consistency.
Signed-off-by: John Keeping <john@keeping.me.uk>
The return values of these functions are essentially constant and should
never be modified.
Note that this will introduce a compiler warning when we try to free the
return value of any of these functions. However, given that all of these
currently return statically allocated strings in some cases, they need
to be refactored before this can be done anyway.
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
Since tail is initialized to 0, we will never get a warning on the last
if statement, but recent gcc complains anyway. So, we initialize len as
well. Future gcc versions should be able to optimize this out anyway.
cgit_self_link() is a void function but implements each case it handles
by doing "return <another_void_function>" which is not valid C; section
6.8.6.4 of C11 says:
A return statement with an expression shall not appear in a
function whose return type is void.
Fix this by removing the return keywords and converting the final code
block into an "else".
Signed-off-by: John Keeping <john@keeping.me.uk>
Fixes following memory leak seen with "PATH_INFO=/cgit/commit/":
==16894== 12 bytes in 1 blocks are definitely lost in loss record 9 of 92
==16894== at 0x4C2C04B: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==16894== by 0x56F2DF1: strdup (in /usr/lib/libc-2.17.so)
==16894== by 0x46CAC8: xstrdup (wrapper.c:35)
==16894== by 0x414E34: cgit_print_snapshot_links (ui-shared.c:926)
==16894== by 0x40CFA1: cgit_print_commit (ui-commit.c:102)
==16894== by 0x407B06: commit_fn (cmd.c:54)
==16894== by 0x405E16: process_request (cgit.c:574)
==16894== by 0x4074C8: cache_process (cache.c:322)
==16894== by 0x406C4F: main (cgit.c:872)
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Remove whitespace at the end of lines.
* Replace space indentation by tabs.
* Add whitespace before/after several operators ("+", "-", "*", ...)
* Add whitespace to assignments ("foo = bar;").
* Fix whitespace in parameter lists ("foobar(foo, bar, 42)").
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
ctx.qry.head can be NULL in some cases due to bad requests
by weird bots. I managed to reproduce with:
PATH_INFO=/repo.git/shop.php QUERY_STRING=id=
Signed-off-by: Eric Wong <normalperson@yhbt.net>
When a repository is empty, the ATOM feed link is written in the header,
but this involves formatting ctx->qry.head which is NULL in this case.
With glibc, vsnprintf formats "%s" with a NULL input as "(null)" but on
Solaris this results in a segmentation fault. Since we don't have a
meaningful head for the atom feed in an empty repository, it's simplest
not to write out the link element at all.
Signed-off-by: John Keeping <john@metanate.com>
When the repolist is paged, the page-links are missing the sort parameter,
causing the initial page to be custom sorted, but any clicked page will
then be with the default sort order again.
The current 'repo.module-link' option is sufficient when all gitlinks
in a repository can be converted to commit links in a uniform way, but
not when different submodules/paths needs different settings.
This patch adds support for 'repo.module-link.<path>', which will be
used for linking to submodules at paths matching one such entry.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Allow for per repo logo and logo-link; Use global logo and logo-link per
default.
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
warning: format ‘%ld’ expects type ‘long int’, but argument 2 has type
‘size_t’
Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Add a link to the "Diffstat" line to ignore/show whitespace changes in the
generated diff.
To support this, cgit_commit_link() and cgit_diff_link() has learned to
preserve the ctx.qry.ignorews variable.
Signed-off-by: Johan Herland <johan@herland.net>
Add two links to the "Diffstat" line to show more/less context lines in the
generated diff.
To support this, cgit_commit_link() and cgit_diff_link() has learned to
preserve the ctx.qry.context variable.
Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When using the "tab bar" in the pageheader to navigate between pages, any
path limit in effect on the current page is forgotten in the link to the
target page, even if the target page can interpret and use the path limit
constructively.
Instead, preserve the current page's path limit in the "tab bar" links to
other pages, where the path limit is useful to the target page.
Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This includes adding a path argument to cgit_commit_link() and updating all
its callers. The callers from within the commit page (i.e. the "commit",
"unidiff"/"side-by-side diff" and "parent" links) all preserve the path
limit of the current commit page. All other callers pass NULL (i.e. no path
limit).
Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Also indicate in the comment section of the patch that a path limit was
applied, too easily see when a generated patch is only partial.
Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When a path limit is in effect, and displayed directly beneath the tab bar,
it should offer breadcrumb navigation (like what the 'tree' page does), to
allow changing the path limit easily.
Implementing this requires a robust way to link back to the current page with
a changed ctx->qry.path, but without losing track of the other query
arguments. This is solved by adding the new cgit_self_link() function, which
is then invoked repeatedly by the new cgit_print_path_crumbs() function while
manipulating ctx->qry.path.
Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Design-wise, the path is shown by "expanding" the grey border between the
tab bar and the content area of the page to house the current path limit.
This is only displayed on pages where the path limit is relevant, and only
when a path limit is in effect.
Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
In all cases where ui-shared uses ctx.qry.path, it is done so in the context
of a in-project path, and not in the context in which the 'refs' page or the
'clone'-related functionality uses ctx.qry.path. Make this explicit by using
ctx.qry.vpath instead.
This path introduces no fundamental difference in functionality except for
fixing some minor bugs, for example the Atom feed reference from a
"$repo/refs/heads/" page.
Note that the usage of ctx.qry.path in the other ui-<page>.c files is ok,
since that code presumably is only executed in the context of its own <page>,
so the correct interpretation of ctx.qry.path is never in question.
Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
The call to cgit_get_cmd() and the following fallback handling (to "summary"
or "repoindex") in cgit_print_pageheader() is unnecessary, since the same
fallback handling was already done when ctx.qry.page was set when
cgit_get_cmd() was called from process_request() in cgit.c.
As such, hc() can also be rewritten to simply compare the given 'page' string
against ctx.qry.page.
Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This is needed to prevent const-related warnings in later patches.
Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
PATH_INFO="/$REPONAME/commit/?id=1" QUERY_STRING="id=1" ./cgit.cgi
triggers segfault when the repository is empty and therefore
ctx.qry.head is unset
Signed-off-by: Florian Pritz <bluewind@xssn.at>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
A new config option side-by-side-diffs added, defaulting to 0,
meaning unidiff. Also a query option (ss) is used toggle this.
In the commit page you can switch between the two diff formats by
clicking on the link on the "commit"-row, to the right of (patch).
In the diff page you can switch by using the link at the start
of the page.
All commit-links and diff-links will remember the choice.
Signed-off-by: Ragnar Ouchterlony <ragnar@lysator.liu.se>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When embedded=1, cgit used to ignore the header and footer options.
But honoring these options when embedded=1 makes it possible to "frame"
the html fragment generated by cgit with any kind of static content,
i.e. it should become easier to integrate cgit with site-specfic
layouts.
Original-patch-by: Mark Constable <markc@renta.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
cgit_print_http_headers() used to do nothing if 'embedded' was
specified in cgitrc, but that was wrong - we never want to skip the
headers when invoked as a CGI app. Sadly, there's no easy way to
detect if we're invoked as a CGI app or if we're invoked by another
CGI app, so for the latter case cgit needs to be invoked with either
--nohttp on the command line or NO_HTTP=1 in the environment.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This option can be used to disable the standard cgit page header, which
might be useful in combination with the 'embedded' option.
Suggested-by: Mark Constable <markc@renta.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This patch adds an option to the configuration file, "head-include",
which works just like "header" or "footer", except the content is put
into the HTML's <head> tag.
When downloading a blob identified by its path, the client might want
to know if the blob has been modified since a previous download of the
same path. To this end, an ETag containing the blob SHA1 seems to be
ideal.
Todo: add support for HEAD requests...
Suggested-by: Owen Taylor <otaylor@redhat.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When activated, cgit will neither generate http headers nor any 'framing'
html elements (like <html> and <body>). Also, all page content is now
wrapped in a <div id='cgit'> element to make it easier to select the
correct cgit classes when embedded/themed.
Suggested-by: Matt Sealey <matt@genesi-usa.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When an unknown page is requested, either on the querystring or via
PATH_INFO, we end up with a null-referencing cgit_cmd. This null-
pointer is then used as argument to the hc() function (which decides
what tab to render as 'active'), but this function failed to check if a
valid cmd was specified and a SEGFAULT would occur. This patch fixes the
issue by introducing a 'fallback-cmd' which specifies what tab to render
as 'active' when no valid cmd is requested.
While at it, we now also keep track of the active repository even if an
invalid cmd was requested since we want to show the error message about
the invalid request in the correct context.
Noticed-by: Robin Redeker <elmex@ta-sa.org>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
The new 'max-stats' and 'repo.max-stats' settings makes it possible to
define the maximum statistics period, both globally and per repo. Hence,
it is now feasible to allow statistics on repositories with a high commit
frequency, like linux-2.6, by setting repo.max-stats to e.g. 'month'.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This new page, which is disabled by default, can be used to print some
statistics about the number of commits per period in the repository,
where period can be either weeks, months, quarters or years.
The function can be activated globally by setting 'enable-stats=1' in
cgitrc and disabled for individual repos by setting 'repo.enable-stats=0'.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Such links was printed as the object type followed by the objects complete
sha1. We still use the complete sha1 in the link but we no longer show it
in all its glory; only the first 10 hex chars are printed.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Since we know that ui-snapshot.c is able to extract the revision from the
filename, there's no longer necessary to specify the revision with a 'id'
querystring argument.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
Some users prefer to see the full message, so to make these users happy
the new querystring parameter "showmsg" can be used to print the full
commit message per log entry.
A link is provided in the log heading to make this function accessible,
and all links and forms tries to preserve the users preference.
Note: the new link is not displayed on the summary page since the point
of the summary page is to be a summary, but it is still obeyed if specified
manually.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When a repo uses an url with e.g. '#' or '?' characters this needs to be
properly escaped when used as action in a form tag.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This makes is possible to use cgit with repository urls containing special
url characters like '#' and '?'.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
The link-generating functions are updated to use the new html_url_arg
function, thereby fixing links to strange repos, branches and files.
Also, the test-suite is updated to verify some cases of strange urls.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
I run an instance of lighttpd for cgit behind nginx (nginx
doesn't execute CGI). So the port (SERVER_PORT=33333) that
lighttpd runs on sends to cgit is different from the standard
port 80 that public clients connect to (via nginx).
This was causing the Atom feed URL to show the private port
number that lighttpd was running on.
Since the HTTP/1.1 "Host" header includes the port number if
running on a non-standard port, it allows non-client-facing HTTP
servers to transparently generate public URLs that clients can
see.
So use the "Host" header if it is available and fall back to
SERVER_NAME/SERVER_PORT for some clients that don't set
HTTP_HOST.
Signed-off-by: Eric Wong <normalperson@yhbt.net>
The urls for plain view makes it possible to download blobs without knowing
their SHA1, but the function needs to be promoted and the link from tree
view seems like a perfect fit.
PS: Although hidden, the blob view still is nice for direct blob access so
there's no point in removing it.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
This enables a page which generates atom feeds for the current branch and
path, heavily inspired by the atom-support in gitweb.
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
When `local-time` is set, commit, tag and patch timestamps will be printed
in the servers timezone. Also, regardless of the value of `local-time`,
these timestamps will now always show the timezone.
Signed-off-by: Stefan Naewe <stefan.naewe@atlas-elektronik.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
