crtxcr
/
cgitsb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
cgit with patches for sandboxing using qssb
1,414 Commits 1 Branch 0 Tags 2.8 MiB
C 74.2%
Shell 8%
Lua 7.9%
CSS 4%
Python 3.3%
Other 2.6%
Go to file
John Keeping 35df710a1f configfile: fix EOF handling 
Currently we can end up passing EOF to isspace(), which is in fact
libgit's sane_isspace which does:

	((sane_ctype[(unsigned char)(x)] & (GIT_SPACE)) != 0)

It is very unlikely that EOF cast to "unsigned char" will end up in a
character that has the GIT_SPACE bit set, but the standard only requires
that EOF be a negative integer, so it could access any value in the
sane_ctype array.

If it does end up returning true for isspace() then this loop will never
terminate, so handle EOF as a special value in the same way as the other
loops in this function.

Signed-off-by: John Keeping <john@keeping.me.uk>
 		2016-10-01 11:43:33 +01:00
contrib/hooks contrib/hooks: add sample post-receive hook using agefile 2015-08-12 14:06:36 +02:00
filters md2html: use utf-8 and flush output buffer 2016-06-17 12:28:03 +02:00
git@6ebdac1bab git: update to v2.10.0 2016-09-04 12:38:18 +02:00
tests tests: allow shell to be overridden 2015-08-13 15:36:18 +02:00
.gitignore tests/.gitignore: update for using Git's test infrastructure 2013-04-08 22:27:53 +02:00
.gitmodules Delete submodules.sh and prepare for using git-submodule 2007-09-03 22:54:51 +02:00
.mailmap mailmap: source before lighttpd 2014-01-17 16:04:27 +01:00
AUTHORS authors: specify maintainers 2014-01-14 02:00:07 +01:00
COPYING Add license file and copyright notices 2006-12-10 22:41:14 +01:00
Makefile git: update to v2.10.0 2016-09-04 12:38:18 +02:00
README Hosted on HTTPS now 2016-06-07 14:49:35 +02:00
cache.c cache: don't check for match with no key 2016-01-17 17:05:39 +01:00
cache.h Switch to exclusively using global ctx 2014-01-17 00:44:54 +01:00
cgit-doc.css Add cgit-doc.css 2009-02-12 10:24:25 +01:00
cgit.c git: update to v2.10.0 2016-09-04 12:38:18 +02:00
cgit.css css: consistent use of empty lines 2016-07-05 16:15:58 +02:00
cgit.h git: update to v2.10.0 2016-09-04 12:38:18 +02:00
cgit.mk Link with -ldl on GNU/kFreeBSD 2016-07-06 23:58:03 +02:00
cgit.png shrink cgit.png file size 2015-02-15 22:06:24 +01:00
cgitrc.5.txt Fix spelling in man page 2016-07-06 23:45:29 +02:00
cmd.c about: path_info might not be valid 2016-02-26 13:14:52 +01:00
cmd.h cmd: no need for pre function hook now 2015-08-14 15:54:32 +02:00
configfile.c configfile: fix EOF handling 2016-10-01 11:43:33 +01:00
configfile.h Use strbuf for reading configuration files 2013-08-12 13:14:10 -06:00
favicon.ico Add favicon 2013-05-31 02:52:24 +02:00
filter.c filter: don't use dlsym unnecessarily 2015-08-13 15:39:06 +02:00
gen-version.sh gen-version.sh: check if git is available before trying to call it 2014-02-05 15:09:15 +01:00
html.c ui-shared: prevent malicious filename from injecting headers 2016-01-14 14:28:37 +01:00
html.h ui-shared: prevent malicious filename from injecting headers 2016-01-14 14:28:37 +01:00
parsing.c parsing: add timezone to ident structures 2016-02-08 14:20:08 +01:00
robots.txt robots.txt: disallow access to snapshots 2013-08-12 13:14:10 -06:00
scan-tree.c git: update to v2.8.2 2016-05-12 17:23:29 +02:00
scan-tree.h Add support for 'project-list' option 2010-08-04 03:09:32 +02:00
shared.c git: update to v2.10.0 2016-09-04 12:38:18 +02:00
ui-atom.c ui-atom: avoid DATE_STRFTIME 2016-02-08 18:29:11 +01:00
ui-atom.h Add atom-support 2008-08-01 22:12:34 +02:00
ui-blob.c ui-blob: set CSP just in case 2016-01-14 14:43:43 +01:00
ui-blob.h readme: use string_list instead of space deliminations 2013-05-26 16:30:03 +02:00
ui-clone.c git: update to v2.7.0 2016-01-13 17:12:17 +01:00
ui-clone.h Switch to exclusively using global ctx 2014-01-17 00:44:54 +01:00
ui-commit.c Avoid DATE_STRFTIME for long/short dates 2016-02-08 18:28:18 +01:00
ui-commit.h ui-commit: Limit diff based on path limit in qry.path 2010-06-19 10:40:23 +02:00
ui-diff.c git: update to v2.10.0 2016-09-04 12:38:18 +02:00
ui-diff.h git: update to v2.10.0 2016-09-04 12:38:18 +02:00
ui-log.c git: update to v2.10.0 2016-09-04 12:38:18 +02:00
ui-log.h ui-log: Add "commit-sort" option for controlling commit ordering 2012-10-17 16:30:29 +02:00
ui-patch.c git: update to v2.7.0 2016-01-13 17:12:17 +01:00
ui-patch.h ui-patch: Rename variables 2013-08-20 19:55:54 +02:00
ui-plain.c ui-plain: fix to show a repo's root directory listing in plain view 2016-02-22 18:46:33 +01:00
ui-plain.h Switch to exclusively using global ctx 2014-01-17 00:44:54 +01:00
ui-refs.c Avoid ambiguities when prettifying snapshot names 2016-07-05 16:14:40 +02:00
ui-refs.h Fix missing prototype declarations 2016-01-14 14:02:29 +01:00
ui-repolist.c ui: show ages in the originator's timezone 2016-02-08 14:22:21 +01:00
ui-repolist.h Fix missing prototype declarations 2016-01-14 14:02:29 +01:00
ui-shared.c ui-shared: fix segfault when defbranch is NULL 2016-07-06 11:29:23 +02:00
ui-shared.h Avoid ambiguities when prettifying snapshot names 2016-07-05 16:14:40 +02:00
ui-snapshot.c snapshot: don't reimplement cgit_print_error_page() 2015-08-14 15:46:51 +02:00
ui-snapshot.h Remove unused parameter from cgit_print_snapshot() 2014-02-21 18:19:00 +01:00
ui-ssdiff.c git: update to v2.10.0 2016-09-04 12:38:18 +02:00
ui-ssdiff.h Fix missing prototype declarations 2016-01-14 14:02:29 +01:00
ui-stats.c forms: action should not be empty 2016-05-12 21:29:49 +02:00
ui-stats.h ui-stats: make cgit_period definitions 'static const' 2015-03-09 17:40:02 +01:00
ui-summary.c ui-summary: send images plain for about page 2015-08-17 14:42:58 +02:00
ui-summary.h Fix missing prototype declarations 2016-01-14 14:02:29 +01:00
ui-tag.c Avoid DATE_STRFTIME for long/short dates 2016-02-08 18:28:18 +01:00
ui-tag.h Add separate header-files for each page/view 2008-03-24 16:38:47 +01:00
ui-tree.c ui-tree: put reverse path in title 2016-01-18 16:13:29 +01:00
ui-tree.h Add separate header-files for each page/view 2008-03-24 16:38:47 +01:00

README 

cgit - CGI for Git
==================

This is an attempt to create a fast web interface for the Git SCM, using a
built-in cache to decrease server I/O pressure.

Installation
------------

Building cgit involves building a proper version of Git. How to do this
depends on how you obtained the cgit sources:

a) If you're working in a cloned cgit repository, you first need to
initialize and update the Git submodule:

    $ git submodule init     # register the Git submodule in .git/config
    $ $EDITOR .git/config    # if you want to specify a different url for git
    $ git submodule update   # clone/fetch and checkout correct git version

b) If you're building from a cgit tarball, you can download a proper git
version like this:

    $ make get-git

When either a) or b) has been performed, you can build and install cgit like
this:

    $ make
    $ sudo make install

This will install `cgit.cgi` and `cgit.css` into `/var/www/htdocs/cgit`. You
can configure this location (and a few other things) by providing a `cgit.conf`
file (see the Makefile for details).

If you'd like to compile without Lua support, you may use:

    $ make NO_LUA=1

And if you'd like to specify a Lua implementation, you may use:

    $ make LUA_PKGCONFIG=lua5.1

If this is not specified, the Lua implementation will be auto-detected,
preferring LuaJIT if many are present. Acceptable values are generally "lua",
"luajit", "lua5.1", and "lua5.2".


Dependencies
------------

* libzip
* libcrypto (OpenSSL)
* libssl (OpenSSL)
* optional: luajit or lua, most reliably used when pkg-config is available

Apache configuration
--------------------

A new `Directory` section must probably be added for cgit, possibly something
like this:

    <Directory "/var/www/htdocs/cgit/">
        AllowOverride None
        Options +ExecCGI
        Order allow,deny
        Allow from all
    </Directory>


Runtime configuration
---------------------

The file `/etc/cgitrc` is read by cgit before handling a request. In addition
to runtime parameters, this file may also contain a list of repositories
displayed by cgit (see `cgitrc.5.txt` for further details).

The cache
---------

When cgit is invoked it looks for a cache file matching the request and
returns it to the client. If no such cache file exists (or if it has expired),
the content for the request is written into the proper cache file before the
file is returned.

If the cache file has expired but cgit is unable to obtain a lock for it, the
stale cache file is returned to the client. This is done to favour page
throughput over page freshness.

The generated content contains the complete response to the client, including
the HTTP headers `Modified` and `Expires`.

Online presence
---------------

* The cgit homepage is hosted by cgit at <https://git.zx2c4.com/cgit/about/>

* Patches, bug reports, discussions and support should go to the cgit
  mailing list: <cgit@lists.zx2c4.com>. To sign up, visit
  <https://lists.zx2c4.com/mailman/listinfo/cgit>