Commit Graph

1496 Commits

Author SHA1 Message Date
Jason A. Donenfeld
efa2879ad7 cgitrc.5: we mean a cgi response, not request 2014-08-01 17:37:27 +02:00
John Keeping
2eea471a78 ui-stats.c: set parent pointer to NULL after freeing it
We do this everywhere else, so we should be doing it here as well.

Signed-off-by: John Keeping <john@keeping.me.uk>
2014-07-28 02:01:47 +02:00
John Keeping
865afe0eb1 git: update to v2.0.3
This is slightly more involved than just bumping the version number
because it pulls in a change to convert the commit buffer to a slab,
removing the "buffer" field from "struct commit".  All sites that access
"commit->buffer" have been changed to use the new functions provided for
this purpose.

Signed-off-by: John Keeping <john@keeping.me.uk>
2014-07-28 02:01:35 +02:00
John Keeping
93d8ef8f1d parsing.c: make commit buffer const
This will be required in order to incorporate the changes to commit
buffer handling in Git 2.0.2.

Signed-off-by: John Keeping <john@keeping.me.uk>
2014-07-28 02:01:23 +02:00
Jason A. Donenfeld
eeaffc3343 Bump version. 2014-06-30 15:15:35 +02:00
Christian Hesse
4b91269bdb remove debug fprinf() calls that sneaked in with commit 79c985 2014-06-29 20:18:42 +02:00
Christian Hesse
390ffad022 git: update to 2.0.1
Everything works just bumping the version in Makefile and commit hash in
submodule. No code changes required.
2014-06-28 16:07:30 +02:00
John Keeping
2efb59ed0f ui-patch: Flush stdout after outputting data
It looks like cached patches are truncated to the nearest 1024-byte
boundary in the patch body. E.g.:

> mricon@nikko:[/tmp]$ wget -O no-cache
> "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=6e1b4fdad5157bb9e88777d525704aba24389bee"
...
> 2014-06-11 15:34:51 (80.4 MB/s) - ‘no-cache’ saved [4767]

Patch is complete, without truncation. Next hit, with cache in place:

> mricon@nikko:[/tmp]$ wget -O yes-cache
> "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=6e1b4
> fdad5157bb9e88777d525704aba24389bee"
...
> 2014-06-11 15:35:01 (17.0 MB/s) - ‘yes-cache’ saved [4096/4096]

Length truncated to 4096. The cache on disk looks truncated as well, so
the bug must me during the process of saving cache. The same is true for
larger patches:

> mricon@nikko:[/tmp]$ wget -O no-cache
> "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=2840c566e95599cd60c7143762ca8b49d9395050"
...
> 2014-06-11 15:41:33 (1.07 MB/s) - ‘no-cache’ saved [979644]

979644 bytes with a cache-miss

> mricon@nikko:[/tmp]$ wget -O yes-cache
> "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/patch/?id=2840c
> 566e95599cd60c7143762ca8b49d9395050"
...
> 2014-06-11 15:41:46 (1.05 MB/s) - ‘yes-cache’ saved [978944]

978944 (956KB exactly) with a cache-hit

Since the "html" functions use raw write(2) to STDIO_FILENO, we don't
notice problems with most pages, but raw patches write using printf(3).
This is fine if we're outputting straight to stdout since the buffers
are flushed on exit, but we close the cache output before this, so the
cached output ends up being truncated.

Make sure the buffers are flushed when we finish outputting a patch so
that we avoid this.

No other UIs use printf(3) so we do not need to worry about them.

Actually, it's slightly more interesting than this... since we don't set
GIT_FLUSH, Git decides whether or not it will flush stdout after writing
each commit based on whether or not stdout points to a regular file (in
maybe_flush_or_die()).

Which means that when writing directly to the webserver, Git flushes
stdout for us, but when we redirect stdout to the cache it points to a
regular file so Git no longer flushes the output for us.

The patch is still correct, but perhaps the full explanation is
interesting!

Reported-by: Konstantin Ryabitsev <mricon@kernel.org>
2014-06-28 15:59:15 +02:00
John Keeping
4046e8ef66 ui-log: ignore unhandled arguments
If you search for a bogus range string here:

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/

Using something like "range" and "qwerty123456", it returns an "Internal
Server Error" and the following in the logs:

> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] fatal:
> ambiguous argument 'qwerty123456': unknown revision or path not in the
> working tree., referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] Use '--' to
> separate paths from revisions, like this:, referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] 'git <command>
> [<revision>...] -- [<file>...]', referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/
> [Tue Jun 10 17:45:32 2014] [error] [client 172.21.1.6] Premature end
> of script headers: cgit, referer:
> http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/

The cache will kick in, so if you search for the same string again,
it'll show an empty range, so you have to change the bogus strings each
time.

This is because we just pass the arguments straight to Git's revision
parsing machinery which die()s if it cannot parse an argument, printing
the above to stderr and exiting.

The patch below makes it a bit friendlier by just ignoring unhandled
arguments, but I can't see an easy way to report errors when we can't
parse revision arguments without losing the flexibility of supporting
all of the revision specifiers supported by Git.

Reported-by: Konstantin Ryabitsev <mricon@kernel.org>
2014-06-28 15:57:02 +02:00
Christian Hesse
79c985e13c git: update for git 2.0
prefixcmp() and suffixcmp() have been remove, functionality is now
provided by starts_with() and ends_with(). Retrurn values have been
changed, so instead of just renaming we have to fix logic.
Everything else looks just fine.
2014-06-28 15:14:56 +02:00
Christian Hesse
b431282c91 remove trailing whitespaces from source files 2014-04-17 12:55:09 +02:00
Christian Hesse
dcb16f0d11 git: update to 1.9.2
Everything works just bumping the version in Makefile and commit hash in
submodule. No code changes required.
2014-04-12 18:05:43 +02:00
Julian Maurice
10451797fa Fix cgit_parse_url when a repo url is contained in another repo url
For example, if I have two repos (remove-suffix is enabled):
  /foo
  /foo/bar

http://cgit/foo/bar/ is interpreted as "repository 'foo', command 'bar'"
instead of "repository 'foo/bar'"
2014-04-05 19:05:36 -03:00
Jason A. Donenfeld
88b9311323 Makefile: use more reliable git tarball mirror 2014-03-20 11:20:01 -06:00
Christian Hesse
45315f846c git: update to 1.9.1
Everything works just bumping the version in Makefile and commit hash
in submodule. No code changes required.
2014-03-20 11:14:03 -06:00
Christian Hesse
e22e985416 filter: add libravatar email-filter lua script 2014-03-13 04:57:01 -06:00
Jason A. Donenfeld
f2fa9c56e2 Bump version. 2014-02-28 00:12:08 +01:00
Jason A. Donenfeld
4930611026 ui-refs: simplify cmp_age logic
The check in parse_user that eventually makes it into committer_date and
tagger_date is:

else if (mode == 3 && isdigit(*p)) {
    *date = atol(p);
    mode++;
}

Since isdigit('-') is always false, date will never be negative. Thus
the sign of this function:

static int cmp_age(int age1, int age2)
{
    if (age1 != 0 && age2 != 0)
        return age2 - age1;

    if (age1 == 0 && age2 == 0)
        return 0;

    if (age1 == 0)
        return +1;

    return -1;
}

Will always be the same as the sign of this function:

static inline int cmp_age(int age1, int age2)
{
    return age2 - age1;
}

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Idea-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-02-26 16:57:15 +01:00
Lukas Fleischer
3e9578e9a3 Remove unused parameter from cgit_print_snapshot() 2014-02-21 18:19:00 +01:00
Christian Hesse
e6749644bc print download link for reference string length == 1
I have a number of repositories that start tagging with just '1' and
count up. Actually references with sting length of one are skipped, this
patch changes that.
2014-02-21 01:41:23 +01:00
Jason A. Donenfeld
2e8e9af1d4 Clean up cache documentation.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-02-21 01:36:20 +01:00
Lukas Fleischer
6ceba453a2 Skip cache slot when time-to-live is zero
If time-to-live is set to zero, we don't need to regenerate the cache
slots on every request. Instead, just skip the caching process and
immediately provide the dynamically generated version of the page.
Setting time-to-live to zero is useful when you want to disable caching
for certain pages.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-02-21 01:19:45 +01:00
Lukas Fleischer
8033dc01f4 git: Update to 1.9.0
No code changes required, just bump the submodule and Makefile versions.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-02-21 01:18:54 +01:00
Jason A. Donenfeld
8acfa51a8b Makefile: suppress pkg-config error
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-02-20 20:06:29 +01:00
Lukas Fleischer
a3722ec3c6 Add a cache-snapshot-ttl configuration variable
This can be used to specify the TTL for snapshots. Snapshots are usually
static and do not ever change. On the other hand, tarball generation is
CPU intensive.

One use case of this setting (apart from increasing the lifetime of
snapshot cache slots) is caching of snapshots while disabling the cache
for static/dynamic HTML pages (by setting TTL to zero for everything
except for snapshot requests).

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-02-20 19:56:44 +01:00
Jason A. Donenfeld
7e1c0ed2aa diffstat: do not rely on uninitialized data
Right now if you visit:
<http://git.zx2c4.com/systemd/diff/src/udev/udev-builtin-input_id.c?id=bcfce235>
you'll see that if you reload the page a few times, a bunch of times the
diffstat comes out with no lines being shown or changed. I'm not
currently sure what the cause of this is, but I suspect it might have to
do with this uninitialized data.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-02-20 19:48:24 +01:00
Fabien C
e8cacb5981 gen-version.sh: check if git is available before trying to call it
Some people may clone the cgit repository and compile within a sandbox
or on another machine where git is not necessarily installed. When it
happens, cgit is getting compiled with an empty version number.

This commit fixes this.
2014-02-05 15:09:15 +01:00
Jason A. Donenfeld
aa6d5b105d simple-authentication: style
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-23 00:58:07 +01:00
Natanael Copa
44ccae4227 makefile: use LUA_PKGCONFIG to set Lua implementation
This breaks compat with the previous LUA_IMPLEMENTATION but gives more
flexibility in that user can specify the pkg-config package name
directly.

Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
2014-01-22 15:41:17 +01:00
Jason A. Donenfeld
f759cc0f08 tests: only do lua tests if lua is compiled-in
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-20 13:11:10 +01:00
Jason A. Donenfeld
6a1563343c cgit: add --version argument for printing info
We need this to do runtime tests for make test.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-20 13:05:08 +01:00
Sebastian Andrzej Siewior
d3581b5889 cache: use sendfile() instead of a pair of read() + write()
sendfile() does the same job and avoids to copy the content into userland
and back. One has to define NO_SENDFILE in case the OS (kernel / libc)
does not supported. It is disabled by default on non-linux environemnts.
According to the glibc, sendfile64() was added in Linux 2.4 (so it has
been there for a while) but after browsing over the mapage of FreeBSD's I
noticed that the prototype is little different.

Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
2014-01-19 15:08:49 +01:00
Jason A. Donenfeld
ea7210bef3 README: document pkg-config for luajit
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-19 15:07:56 +01:00
Jason A. Donenfeld
6952f164c1 makefile: bump version
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-17 16:09:16 +01:00
Jason A. Donenfeld
bdbe03af61 mailmap: source before lighttpd
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-17 16:04:27 +01:00
Jason A. Donenfeld
bb3cc0d966 ui-shared: do not allow negative minutes
Do to timestamp differences, sometimes cgit would should "-0 min", which
doesn't make any sense.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-17 15:41:41 +01:00
Jason A. Donenfeld
9dde6d38e9 auth: document tweakables in lua script
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-17 15:34:44 +01:00
Jason A. Donenfeld
a2b6b37175 repolist: make owner clickable to search
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-17 14:01:27 +01:00
Jason A. Donenfeld
3cbbb8ea39 ui-shared: move about tab all the way to the left
There were no objections (at the time of committing this):
   http://lists.zx2c4.com/pipermail/cgit/2013-May/001393.html
   http://lists.zx2c4.com/pipermail/cgit/2014-January/001904.html

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-17 13:53:37 +01:00
Jason A. Donenfeld
9786f4613d filter: don't forget to reap the auth filter
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-17 13:53:02 +01:00
Jason A. Donenfeld
9999b0a3e9 cgit.c: free tmp variable
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-17 00:48:17 +01:00
Lukas Fleischer
f60ffa143c Switch to exclusively using global ctx
Drop the context parameter from the following functions (and all static
helpers used by them) and use the global context instead:

* cgit_print_http_headers()
* cgit_print_docstart()
* cgit_print_pageheader()

Remove context parameter from all commands

Drop the context parameter from the following functions (and all static
helpers used by them) and use the global context instead:

* cgit_get_cmd()
* All cgit command functions.
* cgit_clone_info()
* cgit_clone_objects()
* cgit_clone_head()
* cgit_print_plain()
* cgit_show_stats()

In initialization routines, use the global context variable instead of
passing a pointer around locally.

Remove callback data parameter for cache slots

This is no longer needed since the context is always read from the
global context variable.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-01-17 00:44:54 +01:00
Jason A. Donenfeld
a431326e8f auth: have cgit calculate login address
This way we're sure to use virtual root, or any other strangeness
encountered.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-16 23:21:54 +01:00
Jason A. Donenfeld
df00ab1096 auth: lua string comparisons are time invariant
By default, strings are compared by hash, so we can remove this comment.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-16 19:47:35 +01:00
Jason A. Donenfeld
b826537cb4 authentication: use hidden form instead of referer
This also gives us some CSRF protection. Note that we make use of the
hmac to protect the redirect value.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-16 12:13:39 +01:00
Jason A. Donenfeld
d6e9200cc3 auth: add basic authentication filter framework
This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.

Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.

Very plugable and extendable depending on user needs.

The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2014-01-16 02:28:12 +01:00
Lukas Fleischer
3741254a69 t0111: Additions and fixes
* Rename the capitalize-* filters to dump.* since they also dump the
  arguments.

* Add full argument validation to the email filters.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-01-16 00:53:18 +01:00
Lukas Fleischer
2a7dd4bf67 parsing.c: Remove leading space from committer
This did not really break anything in the past since spaces are ignored
when rendering HTML. Remove the preceding space anyway to prevent from
potential future problems.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-01-16 00:53:08 +01:00
Lukas Fleischer
c01fb69fc9 Add .mailmap
Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-01-15 23:18:04 +01:00
Lukas Fleischer
caf557a2ba t0111: Add basic tests for Lua filters
* Validate the email filter by manipulating stdin. Additional checks for
  all the arguments can be added in a later patch.

* Add the exec prefix to all informational messages.

* Rename the filter repository to filter-exec. The Git repository itself
  is not renamed since it can be shared amongst all filter types.

* In the filter checks, check whether all arguments are passed properly
  instead of validating the buffer/stdin only.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2014-01-15 14:45:21 +01:00