4458abf641
ctx.env.content_length is an unsigned int, coming from the CONTENT_LENGTH environment variable, which is parsed by strtoul. The HTTP/1.1 spec says that "any Content-Length greater than or equal to zero is a valid value." By storing this into an int, we potentially overflow it, resulting in the following bounding check failing, leading to a buffer overflow. Reported-by: Erik Cabetas <Erik@cabetas.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
1088 sor
34 KiB
C
1088 sor
34 KiB
C
/* cgit.c: cgi for the git scm
|
|
*
|
|
* Copyright (C) 2006-2014 cgit Development Team <cgit@lists.zx2c4.com>
|
|
*
|
|
* Licensed under GNU General Public License v2
|
|
* (see COPYING for full license text)
|
|
*/
|
|
|
|
#include "cgit.h"
|
|
#include "cache.h"
|
|
#include "cmd.h"
|
|
#include "configfile.h"
|
|
#include "html.h"
|
|
#include "ui-shared.h"
|
|
#include "ui-stats.h"
|
|
#include "ui-blob.h"
|
|
#include "ui-summary.h"
|
|
#include "scan-tree.h"
|
|
|
|
const char *cgit_version = CGIT_VERSION;
|
|
|
|
static void add_mimetype(const char *name, const char *value)
|
|
{
|
|
struct string_list_item *item;
|
|
|
|
item = string_list_insert(&ctx.cfg.mimetypes, xstrdup(name));
|
|
item->util = xstrdup(value);
|
|
}
|
|
|
|
static void process_cached_repolist(const char *path);
|
|
|
|
static void repo_config(struct cgit_repo *repo, const char *name, const char *value)
|
|
{
|
|
struct string_list_item *item;
|
|
|
|
if (!strcmp(name, "name"))
|
|
repo->name = xstrdup(value);
|
|
else if (!strcmp(name, "clone-url"))
|
|
repo->clone_url = xstrdup(value);
|
|
else if (!strcmp(name, "desc"))
|
|
repo->desc = xstrdup(value);
|
|
else if (!strcmp(name, "owner"))
|
|
repo->owner = xstrdup(value);
|
|
else if (!strcmp(name, "defbranch"))
|
|
repo->defbranch = xstrdup(value);
|
|
else if (!strcmp(name, "snapshots"))
|
|
repo->snapshots = ctx.cfg.snapshots & cgit_parse_snapshots_mask(value);
|
|
else if (!strcmp(name, "enable-commit-graph"))
|
|
repo->enable_commit_graph = atoi(value);
|
|
else if (!strcmp(name, "enable-log-filecount"))
|
|
repo->enable_log_filecount = atoi(value);
|
|
else if (!strcmp(name, "enable-log-linecount"))
|
|
repo->enable_log_linecount = atoi(value);
|
|
else if (!strcmp(name, "enable-remote-branches"))
|
|
repo->enable_remote_branches = atoi(value);
|
|
else if (!strcmp(name, "enable-subject-links"))
|
|
repo->enable_subject_links = atoi(value);
|
|
else if (!strcmp(name, "branch-sort")) {
|
|
if (!strcmp(value, "age"))
|
|
repo->branch_sort = 1;
|
|
if (!strcmp(value, "name"))
|
|
repo->branch_sort = 0;
|
|
} else if (!strcmp(name, "commit-sort")) {
|
|
if (!strcmp(value, "date"))
|
|
repo->commit_sort = 1;
|
|
if (!strcmp(value, "topo"))
|
|
repo->commit_sort = 2;
|
|
} else if (!strcmp(name, "max-stats"))
|
|
repo->max_stats = cgit_find_stats_period(value, NULL);
|
|
else if (!strcmp(name, "module-link"))
|
|
repo->module_link= xstrdup(value);
|
|
else if (starts_with(name, "module-link.")) {
|
|
item = string_list_append(&repo->submodules, xstrdup(name + 12));
|
|
item->util = xstrdup(value);
|
|
} else if (!strcmp(name, "section"))
|
|
repo->section = xstrdup(value);
|
|
else if (!strcmp(name, "readme") && value != NULL) {
|
|
if (repo->readme.items == ctx.cfg.readme.items)
|
|
memset(&repo->readme, 0, sizeof(repo->readme));
|
|
string_list_append(&repo->readme, xstrdup(value));
|
|
} else if (!strcmp(name, "logo") && value != NULL)
|
|
repo->logo = xstrdup(value);
|
|
else if (!strcmp(name, "logo-link") && value != NULL)
|
|
repo->logo_link = xstrdup(value);
|
|
else if (!strcmp(name, "hide"))
|
|
repo->hide = atoi(value);
|
|
else if (!strcmp(name, "ignore"))
|
|
repo->ignore = atoi(value);
|
|
else if (ctx.cfg.enable_filter_overrides) {
|
|
if (!strcmp(name, "about-filter"))
|
|
repo->about_filter = cgit_new_filter(value, ABOUT);
|
|
else if (!strcmp(name, "commit-filter"))
|
|
repo->commit_filter = cgit_new_filter(value, COMMIT);
|
|
else if (!strcmp(name, "source-filter"))
|
|
repo->source_filter = cgit_new_filter(value, SOURCE);
|
|
else if (!strcmp(name, "email-filter"))
|
|
repo->email_filter = cgit_new_filter(value, EMAIL);
|
|
else if (!strcmp(name, "owner-filter"))
|
|
repo->owner_filter = cgit_new_filter(value, OWNER);
|
|
}
|
|
}
|
|
|
|
static void config_cb(const char *name, const char *value)
|
|
{
|
|
if (!strcmp(name, "section") || !strcmp(name, "repo.group"))
|
|
ctx.cfg.section = xstrdup(value);
|
|
else if (!strcmp(name, "repo.url"))
|
|
ctx.repo = cgit_add_repo(value);
|
|
else if (ctx.repo && !strcmp(name, "repo.path"))
|
|
ctx.repo->path = trim_end(value, '/');
|
|
else if (ctx.repo && starts_with(name, "repo."))
|
|
repo_config(ctx.repo, name + 5, value);
|
|
else if (!strcmp(name, "readme"))
|
|
string_list_append(&ctx.cfg.readme, xstrdup(value));
|
|
else if (!strcmp(name, "root-title"))
|
|
ctx.cfg.root_title = xstrdup(value);
|
|
else if (!strcmp(name, "root-desc"))
|
|
ctx.cfg.root_desc = xstrdup(value);
|
|
else if (!strcmp(name, "root-readme"))
|
|
ctx.cfg.root_readme = xstrdup(value);
|
|
else if (!strcmp(name, "css"))
|
|
ctx.cfg.css = xstrdup(value);
|
|
else if (!strcmp(name, "favicon"))
|
|
ctx.cfg.favicon = xstrdup(value);
|
|
else if (!strcmp(name, "footer"))
|
|
ctx.cfg.footer = xstrdup(value);
|
|
else if (!strcmp(name, "head-include"))
|
|
ctx.cfg.head_include = xstrdup(value);
|
|
else if (!strcmp(name, "header"))
|
|
ctx.cfg.header = xstrdup(value);
|
|
else if (!strcmp(name, "logo"))
|
|
ctx.cfg.logo = xstrdup(value);
|
|
else if (!strcmp(name, "index-header"))
|
|
ctx.cfg.index_header = xstrdup(value);
|
|
else if (!strcmp(name, "index-info"))
|
|
ctx.cfg.index_info = xstrdup(value);
|
|
else if (!strcmp(name, "logo-link"))
|
|
ctx.cfg.logo_link = xstrdup(value);
|
|
else if (!strcmp(name, "module-link"))
|
|
ctx.cfg.module_link = xstrdup(value);
|
|
else if (!strcmp(name, "strict-export"))
|
|
ctx.cfg.strict_export = xstrdup(value);
|
|
else if (!strcmp(name, "virtual-root")) {
|
|
ctx.cfg.virtual_root = ensure_end(value, '/');
|
|
} else if (!strcmp(name, "nocache"))
|
|
ctx.cfg.nocache = atoi(value);
|
|
else if (!strcmp(name, "noplainemail"))
|
|
ctx.cfg.noplainemail = atoi(value);
|
|
else if (!strcmp(name, "noheader"))
|
|
ctx.cfg.noheader = atoi(value);
|
|
else if (!strcmp(name, "snapshots"))
|
|
ctx.cfg.snapshots = cgit_parse_snapshots_mask(value);
|
|
else if (!strcmp(name, "enable-filter-overrides"))
|
|
ctx.cfg.enable_filter_overrides = atoi(value);
|
|
else if (!strcmp(name, "enable-follow-links"))
|
|
ctx.cfg.enable_follow_links = atoi(value);
|
|
else if (!strcmp(name, "enable-http-clone"))
|
|
ctx.cfg.enable_http_clone = atoi(value);
|
|
else if (!strcmp(name, "enable-index-links"))
|
|
ctx.cfg.enable_index_links = atoi(value);
|
|
else if (!strcmp(name, "enable-index-owner"))
|
|
ctx.cfg.enable_index_owner = atoi(value);
|
|
else if (!strcmp(name, "enable-commit-graph"))
|
|
ctx.cfg.enable_commit_graph = atoi(value);
|
|
else if (!strcmp(name, "enable-log-filecount"))
|
|
ctx.cfg.enable_log_filecount = atoi(value);
|
|
else if (!strcmp(name, "enable-log-linecount"))
|
|
ctx.cfg.enable_log_linecount = atoi(value);
|
|
else if (!strcmp(name, "enable-remote-branches"))
|
|
ctx.cfg.enable_remote_branches = atoi(value);
|
|
else if (!strcmp(name, "enable-subject-links"))
|
|
ctx.cfg.enable_subject_links = atoi(value);
|
|
else if (!strcmp(name, "enable-tree-linenumbers"))
|
|
ctx.cfg.enable_tree_linenumbers = atoi(value);
|
|
else if (!strcmp(name, "enable-git-config"))
|
|
ctx.cfg.enable_git_config = atoi(value);
|
|
else if (!strcmp(name, "max-stats"))
|
|
ctx.cfg.max_stats = cgit_find_stats_period(value, NULL);
|
|
else if (!strcmp(name, "cache-size"))
|
|
ctx.cfg.cache_size = atoi(value);
|
|
else if (!strcmp(name, "cache-root"))
|
|
ctx.cfg.cache_root = xstrdup(expand_macros(value));
|
|
else if (!strcmp(name, "cache-root-ttl"))
|
|
ctx.cfg.cache_root_ttl = atoi(value);
|
|
else if (!strcmp(name, "cache-repo-ttl"))
|
|
ctx.cfg.cache_repo_ttl = atoi(value);
|
|
else if (!strcmp(name, "cache-scanrc-ttl"))
|
|
ctx.cfg.cache_scanrc_ttl = atoi(value);
|
|
else if (!strcmp(name, "cache-static-ttl"))
|
|
ctx.cfg.cache_static_ttl = atoi(value);
|
|
else if (!strcmp(name, "cache-dynamic-ttl"))
|
|
ctx.cfg.cache_dynamic_ttl = atoi(value);
|
|
else if (!strcmp(name, "cache-about-ttl"))
|
|
ctx.cfg.cache_about_ttl = atoi(value);
|
|
else if (!strcmp(name, "cache-snapshot-ttl"))
|
|
ctx.cfg.cache_snapshot_ttl = atoi(value);
|
|
else if (!strcmp(name, "case-sensitive-sort"))
|
|
ctx.cfg.case_sensitive_sort = atoi(value);
|
|
else if (!strcmp(name, "about-filter"))
|
|
ctx.cfg.about_filter = cgit_new_filter(value, ABOUT);
|
|
else if (!strcmp(name, "commit-filter"))
|
|
ctx.cfg.commit_filter = cgit_new_filter(value, COMMIT);
|
|
else if (!strcmp(name, "email-filter"))
|
|
ctx.cfg.email_filter = cgit_new_filter(value, EMAIL);
|
|
else if (!strcmp(name, "owner-filter"))
|
|
ctx.cfg.owner_filter = cgit_new_filter(value, OWNER);
|
|
else if (!strcmp(name, "auth-filter"))
|
|
ctx.cfg.auth_filter = cgit_new_filter(value, AUTH);
|
|
else if (!strcmp(name, "embedded"))
|
|
ctx.cfg.embedded = atoi(value);
|
|
else if (!strcmp(name, "max-atom-items"))
|
|
ctx.cfg.max_atom_items = atoi(value);
|
|
else if (!strcmp(name, "max-message-length"))
|
|
ctx.cfg.max_msg_len = atoi(value);
|
|
else if (!strcmp(name, "max-repodesc-length"))
|
|
ctx.cfg.max_repodesc_len = atoi(value);
|
|
else if (!strcmp(name, "max-blob-size"))
|
|
ctx.cfg.max_blob_size = atoi(value);
|
|
else if (!strcmp(name, "max-repo-count"))
|
|
ctx.cfg.max_repo_count = atoi(value);
|
|
else if (!strcmp(name, "max-commit-count"))
|
|
ctx.cfg.max_commit_count = atoi(value);
|
|
else if (!strcmp(name, "project-list"))
|
|
ctx.cfg.project_list = xstrdup(expand_macros(value));
|
|
else if (!strcmp(name, "scan-path"))
|
|
if (!ctx.cfg.nocache && ctx.cfg.cache_size)
|
|
process_cached_repolist(expand_macros(value));
|
|
else if (ctx.cfg.project_list)
|
|
scan_projects(expand_macros(value),
|
|
ctx.cfg.project_list, repo_config);
|
|
else
|
|
scan_tree(expand_macros(value), repo_config);
|
|
else if (!strcmp(name, "scan-hidden-path"))
|
|
ctx.cfg.scan_hidden_path = atoi(value);
|
|
else if (!strcmp(name, "section-from-path"))
|
|
ctx.cfg.section_from_path = atoi(value);
|
|
else if (!strcmp(name, "repository-sort"))
|
|
ctx.cfg.repository_sort = xstrdup(value);
|
|
else if (!strcmp(name, "section-sort"))
|
|
ctx.cfg.section_sort = atoi(value);
|
|
else if (!strcmp(name, "source-filter"))
|
|
ctx.cfg.source_filter = cgit_new_filter(value, SOURCE);
|
|
else if (!strcmp(name, "summary-log"))
|
|
ctx.cfg.summary_log = atoi(value);
|
|
else if (!strcmp(name, "summary-branches"))
|
|
ctx.cfg.summary_branches = atoi(value);
|
|
else if (!strcmp(name, "summary-tags"))
|
|
ctx.cfg.summary_tags = atoi(value);
|
|
else if (!strcmp(name, "side-by-side-diffs"))
|
|
ctx.cfg.difftype = atoi(value) ? DIFF_SSDIFF : DIFF_UNIFIED;
|
|
else if (!strcmp(name, "agefile"))
|
|
ctx.cfg.agefile = xstrdup(value);
|
|
else if (!strcmp(name, "mimetype-file"))
|
|
ctx.cfg.mimetype_file = xstrdup(value);
|
|
else if (!strcmp(name, "renamelimit"))
|
|
ctx.cfg.renamelimit = atoi(value);
|
|
else if (!strcmp(name, "remove-suffix"))
|
|
ctx.cfg.remove_suffix = atoi(value);
|
|
else if (!strcmp(name, "robots"))
|
|
ctx.cfg.robots = xstrdup(value);
|
|
else if (!strcmp(name, "clone-prefix"))
|
|
ctx.cfg.clone_prefix = xstrdup(value);
|
|
else if (!strcmp(name, "clone-url"))
|
|
ctx.cfg.clone_url = xstrdup(value);
|
|
else if (!strcmp(name, "local-time"))
|
|
ctx.cfg.local_time = atoi(value);
|
|
else if (!strcmp(name, "commit-sort")) {
|
|
if (!strcmp(value, "date"))
|
|
ctx.cfg.commit_sort = 1;
|
|
if (!strcmp(value, "topo"))
|
|
ctx.cfg.commit_sort = 2;
|
|
} else if (!strcmp(name, "branch-sort")) {
|
|
if (!strcmp(value, "age"))
|
|
ctx.cfg.branch_sort = 1;
|
|
if (!strcmp(value, "name"))
|
|
ctx.cfg.branch_sort = 0;
|
|
} else if (starts_with(name, "mimetype."))
|
|
add_mimetype(name + 9, value);
|
|
else if (!strcmp(name, "include"))
|
|
parse_configfile(expand_macros(value), config_cb);
|
|
}
|
|
|
|
static void querystring_cb(const char *name, const char *value)
|
|
{
|
|
if (!value)
|
|
value = "";
|
|
|
|
if (!strcmp(name,"r")) {
|
|
ctx.qry.repo = xstrdup(value);
|
|
ctx.repo = cgit_get_repoinfo(value);
|
|
} else if (!strcmp(name, "p")) {
|
|
ctx.qry.page = xstrdup(value);
|
|
} else if (!strcmp(name, "url")) {
|
|
if (*value == '/')
|
|
value++;
|
|
ctx.qry.url = xstrdup(value);
|
|
cgit_parse_url(value);
|
|
} else if (!strcmp(name, "qt")) {
|
|
ctx.qry.grep = xstrdup(value);
|
|
} else if (!strcmp(name, "q")) {
|
|
ctx.qry.search = xstrdup(value);
|
|
} else if (!strcmp(name, "h")) {
|
|
ctx.qry.head = xstrdup(value);
|
|
ctx.qry.has_symref = 1;
|
|
} else if (!strcmp(name, "id")) {
|
|
ctx.qry.sha1 = xstrdup(value);
|
|
ctx.qry.has_sha1 = 1;
|
|
} else if (!strcmp(name, "id2")) {
|
|
ctx.qry.sha2 = xstrdup(value);
|
|
ctx.qry.has_sha1 = 1;
|
|
} else if (!strcmp(name, "ofs")) {
|
|
ctx.qry.ofs = atoi(value);
|
|
} else if (!strcmp(name, "path")) {
|
|
ctx.qry.path = trim_end(value, '/');
|
|
} else if (!strcmp(name, "name")) {
|
|
ctx.qry.name = xstrdup(value);
|
|
} else if (!strcmp(name, "mimetype")) {
|
|
ctx.qry.mimetype = xstrdup(value);
|
|
} else if (!strcmp(name, "s")) {
|
|
ctx.qry.sort = xstrdup(value);
|
|
} else if (!strcmp(name, "showmsg")) {
|
|
ctx.qry.showmsg = atoi(value);
|
|
} else if (!strcmp(name, "period")) {
|
|
ctx.qry.period = xstrdup(value);
|
|
} else if (!strcmp(name, "dt")) {
|
|
ctx.qry.difftype = atoi(value);
|
|
ctx.qry.has_difftype = 1;
|
|
} else if (!strcmp(name, "ss")) {
|
|
/* No longer generated, but there may be links out there. */
|
|
ctx.qry.difftype = atoi(value) ? DIFF_SSDIFF : DIFF_UNIFIED;
|
|
ctx.qry.has_difftype = 1;
|
|
} else if (!strcmp(name, "all")) {
|
|
ctx.qry.show_all = atoi(value);
|
|
} else if (!strcmp(name, "context")) {
|
|
ctx.qry.context = atoi(value);
|
|
} else if (!strcmp(name, "ignorews")) {
|
|
ctx.qry.ignorews = atoi(value);
|
|
} else if (!strcmp(name, "follow")) {
|
|
ctx.qry.follow = atoi(value);
|
|
}
|
|
}
|
|
|
|
static void prepare_context(void)
|
|
{
|
|
memset(&ctx, 0, sizeof(ctx));
|
|
ctx.cfg.agefile = "info/web/last-modified";
|
|
ctx.cfg.nocache = 0;
|
|
ctx.cfg.cache_size = 0;
|
|
ctx.cfg.cache_max_create_time = 5;
|
|
ctx.cfg.cache_root = CGIT_CACHE_ROOT;
|
|
ctx.cfg.cache_about_ttl = 15;
|
|
ctx.cfg.cache_snapshot_ttl = 5;
|
|
ctx.cfg.cache_repo_ttl = 5;
|
|
ctx.cfg.cache_root_ttl = 5;
|
|
ctx.cfg.cache_scanrc_ttl = 15;
|
|
ctx.cfg.cache_dynamic_ttl = 5;
|
|
ctx.cfg.cache_static_ttl = -1;
|
|
ctx.cfg.case_sensitive_sort = 1;
|
|
ctx.cfg.branch_sort = 0;
|
|
ctx.cfg.commit_sort = 0;
|
|
ctx.cfg.css = "/cgit.css";
|
|
ctx.cfg.logo = "/cgit.png";
|
|
ctx.cfg.favicon = "/favicon.ico";
|
|
ctx.cfg.local_time = 0;
|
|
ctx.cfg.enable_http_clone = 1;
|
|
ctx.cfg.enable_index_owner = 1;
|
|
ctx.cfg.enable_tree_linenumbers = 1;
|
|
ctx.cfg.enable_git_config = 0;
|
|
ctx.cfg.max_repo_count = 50;
|
|
ctx.cfg.max_commit_count = 50;
|
|
ctx.cfg.max_lock_attempts = 5;
|
|
ctx.cfg.max_msg_len = 80;
|
|
ctx.cfg.max_repodesc_len = 80;
|
|
ctx.cfg.max_blob_size = 0;
|
|
ctx.cfg.max_stats = 0;
|
|
ctx.cfg.project_list = NULL;
|
|
ctx.cfg.renamelimit = -1;
|
|
ctx.cfg.remove_suffix = 0;
|
|
ctx.cfg.robots = "index, nofollow";
|
|
ctx.cfg.root_title = "Git repository browser";
|
|
ctx.cfg.root_desc = "a fast webinterface for the git dscm";
|
|
ctx.cfg.scan_hidden_path = 0;
|
|
ctx.cfg.script_name = CGIT_SCRIPT_NAME;
|
|
ctx.cfg.section = "";
|
|
ctx.cfg.repository_sort = "name";
|
|
ctx.cfg.section_sort = 1;
|
|
ctx.cfg.summary_branches = 10;
|
|
ctx.cfg.summary_log = 10;
|
|
ctx.cfg.summary_tags = 10;
|
|
ctx.cfg.max_atom_items = 10;
|
|
ctx.cfg.difftype = DIFF_UNIFIED;
|
|
ctx.env.cgit_config = getenv("CGIT_CONFIG");
|
|
ctx.env.http_host = getenv("HTTP_HOST");
|
|
ctx.env.https = getenv("HTTPS");
|
|
ctx.env.no_http = getenv("NO_HTTP");
|
|
ctx.env.path_info = getenv("PATH_INFO");
|
|
ctx.env.query_string = getenv("QUERY_STRING");
|
|
ctx.env.request_method = getenv("REQUEST_METHOD");
|
|
ctx.env.script_name = getenv("SCRIPT_NAME");
|
|
ctx.env.server_name = getenv("SERVER_NAME");
|
|
ctx.env.server_port = getenv("SERVER_PORT");
|
|
ctx.env.http_cookie = getenv("HTTP_COOKIE");
|
|
ctx.env.http_referer = getenv("HTTP_REFERER");
|
|
ctx.env.content_length = getenv("CONTENT_LENGTH") ? strtoul(getenv("CONTENT_LENGTH"), NULL, 10) : 0;
|
|
ctx.env.authenticated = 0;
|
|
ctx.page.mimetype = "text/html";
|
|
ctx.page.charset = PAGE_ENCODING;
|
|
ctx.page.filename = NULL;
|
|
ctx.page.size = 0;
|
|
ctx.page.modified = time(NULL);
|
|
ctx.page.expires = ctx.page.modified;
|
|
ctx.page.etag = NULL;
|
|
memset(&ctx.cfg.mimetypes, 0, sizeof(struct string_list));
|
|
if (ctx.env.script_name)
|
|
ctx.cfg.script_name = xstrdup(ctx.env.script_name);
|
|
if (ctx.env.query_string)
|
|
ctx.qry.raw = xstrdup(ctx.env.query_string);
|
|
if (!ctx.env.cgit_config)
|
|
ctx.env.cgit_config = CGIT_CONFIG;
|
|
}
|
|
|
|
struct refmatch {
|
|
char *req_ref;
|
|
char *first_ref;
|
|
int match;
|
|
};
|
|
|
|
static int find_current_ref(const char *refname, const struct object_id *oid,
|
|
int flags, void *cb_data)
|
|
{
|
|
struct refmatch *info;
|
|
|
|
info = (struct refmatch *)cb_data;
|
|
if (!strcmp(refname, info->req_ref))
|
|
info->match = 1;
|
|
if (!info->first_ref)
|
|
info->first_ref = xstrdup(refname);
|
|
return info->match;
|
|
}
|
|
|
|
static void free_refmatch_inner(struct refmatch *info)
|
|
{
|
|
if (info->first_ref)
|
|
free(info->first_ref);
|
|
}
|
|
|
|
static char *find_default_branch(struct cgit_repo *repo)
|
|
{
|
|
struct refmatch info;
|
|
char *ref;
|
|
|
|
info.req_ref = repo->defbranch;
|
|
info.first_ref = NULL;
|
|
info.match = 0;
|
|
for_each_branch_ref(find_current_ref, &info);
|
|
if (info.match)
|
|
ref = info.req_ref;
|
|
else
|
|
ref = info.first_ref;
|
|
if (ref)
|
|
ref = xstrdup(ref);
|
|
free_refmatch_inner(&info);
|
|
|
|
return ref;
|
|
}
|
|
|
|
static char *guess_defbranch(void)
|
|
{
|
|
const char *ref;
|
|
unsigned char sha1[20];
|
|
|
|
ref = resolve_ref_unsafe("HEAD", 0, sha1, NULL);
|
|
if (!ref || !starts_with(ref, "refs/heads/"))
|
|
return "master";
|
|
return xstrdup(ref + 11);
|
|
}
|
|
/* The caller must free filename and ref after calling this. */
|
|
static inline void parse_readme(const char *readme, char **filename, char **ref, struct cgit_repo *repo)
|
|
{
|
|
const char *colon;
|
|
|
|
*filename = NULL;
|
|
*ref = NULL;
|
|
|
|
if (!readme || !readme[0])
|
|
return;
|
|
|
|
/* Check if the readme is tracked in the git repo. */
|
|
colon = strchr(readme, ':');
|
|
if (colon && strlen(colon) > 1) {
|
|
/* If it starts with a colon, we want to use
|
|
* the default branch */
|
|
if (colon == readme && repo->defbranch)
|
|
*ref = xstrdup(repo->defbranch);
|
|
else
|
|
*ref = xstrndup(readme, colon - readme);
|
|
readme = colon + 1;
|
|
}
|
|
|
|
/* Prepend repo path to relative readme path unless tracked. */
|
|
if (!(*ref) && readme[0] != '/')
|
|
*filename = fmtalloc("%s/%s", repo->path, readme);
|
|
else
|
|
*filename = xstrdup(readme);
|
|
}
|
|
static void choose_readme(struct cgit_repo *repo)
|
|
{
|
|
int found;
|
|
char *filename, *ref;
|
|
struct string_list_item *entry;
|
|
|
|
if (!repo->readme.nr)
|
|
return;
|
|
|
|
found = 0;
|
|
for_each_string_list_item(entry, &repo->readme) {
|
|
parse_readme(entry->string, &filename, &ref, repo);
|
|
if (!filename) {
|
|
free(filename);
|
|
free(ref);
|
|
continue;
|
|
}
|
|
if (ref) {
|
|
if (cgit_ref_path_exists(filename, ref, 1)) {
|
|
found = 1;
|
|
break;
|
|
}
|
|
}
|
|
else if (!access(filename, R_OK)) {
|
|
found = 1;
|
|
break;
|
|
}
|
|
free(filename);
|
|
free(ref);
|
|
}
|
|
repo->readme.strdup_strings = 1;
|
|
string_list_clear(&repo->readme, 0);
|
|
repo->readme.strdup_strings = 0;
|
|
if (found)
|
|
string_list_append(&repo->readme, filename)->util = ref;
|
|
}
|
|
|
|
static void print_no_repo_clone_urls(const char *url)
|
|
{
|
|
html("<tr><td><a rel='vcs-git' href='");
|
|
html_url_path(url);
|
|
html("' title='");
|
|
html_attr(ctx.repo->name);
|
|
html(" Git repository'>");
|
|
html_txt(url);
|
|
html("</a></td></tr>\n");
|
|
}
|
|
|
|
static int prepare_repo_cmd(void)
|
|
{
|
|
unsigned char sha1[20];
|
|
int nongit = 0;
|
|
int rc;
|
|
|
|
/* The path to the git repository. */
|
|
setenv("GIT_DIR", ctx.repo->path, 1);
|
|
|
|
/* Do not look in /etc/ for gitconfig and gitattributes. */
|
|
setenv("GIT_CONFIG_NOSYSTEM", "1", 1);
|
|
setenv("GIT_ATTR_NOSYSTEM", "1", 1);
|
|
unsetenv("HOME");
|
|
unsetenv("XDG_CONFIG_HOME");
|
|
|
|
/* Setup the git directory and initialize the notes system. Both of these
|
|
* load local configuration from the git repository, so we do them both while
|
|
* the HOME variables are unset. */
|
|
setup_git_directory_gently(&nongit);
|
|
init_display_notes(NULL);
|
|
|
|
if (nongit) {
|
|
const char *name = ctx.repo->name;
|
|
rc = errno;
|
|
ctx.page.title = fmtalloc("%s - %s", ctx.cfg.root_title,
|
|
"config error");
|
|
ctx.repo = NULL;
|
|
cgit_print_http_headers();
|
|
cgit_print_docstart();
|
|
cgit_print_pageheader();
|
|
cgit_print_error("Failed to open %s: %s", name,
|
|
rc ? strerror(rc) : "Not a valid git repository");
|
|
cgit_print_docend();
|
|
return 1;
|
|
}
|
|
ctx.page.title = fmtalloc("%s - %s", ctx.repo->name, ctx.repo->desc);
|
|
|
|
if (!ctx.repo->defbranch)
|
|
ctx.repo->defbranch = guess_defbranch();
|
|
|
|
if (!ctx.qry.head) {
|
|
ctx.qry.nohead = 1;
|
|
ctx.qry.head = find_default_branch(ctx.repo);
|
|
}
|
|
|
|
if (!ctx.qry.head) {
|
|
cgit_print_http_headers();
|
|
cgit_print_docstart();
|
|
cgit_print_pageheader();
|
|
cgit_print_error("Repository seems to be empty");
|
|
if (!strcmp(ctx.qry.page, "summary")) {
|
|
html("<table class='list'><tr class='nohover'><td> </td></tr><tr class='nohover'><th class='left'>Clone</th></tr>\n");
|
|
cgit_prepare_repo_env(ctx.repo);
|
|
cgit_add_clone_urls(print_no_repo_clone_urls);
|
|
html("</table>\n");
|
|
}
|
|
cgit_print_docend();
|
|
return 1;
|
|
}
|
|
|
|
if (get_sha1(ctx.qry.head, sha1)) {
|
|
char *tmp = xstrdup(ctx.qry.head);
|
|
ctx.qry.head = ctx.repo->defbranch;
|
|
cgit_print_error_page(404, "Not found",
|
|
"Invalid branch: %s", tmp);
|
|
free(tmp);
|
|
return 1;
|
|
}
|
|
string_list_sort(&ctx.repo->submodules);
|
|
cgit_prepare_repo_env(ctx.repo);
|
|
choose_readme(ctx.repo);
|
|
return 0;
|
|
}
|
|
|
|
static inline void open_auth_filter(const char *function)
|
|
{
|
|
cgit_open_filter(ctx.cfg.auth_filter, function,
|
|
ctx.env.http_cookie ? ctx.env.http_cookie : "",
|
|
ctx.env.request_method ? ctx.env.request_method : "",
|
|
ctx.env.query_string ? ctx.env.query_string : "",
|
|
ctx.env.http_referer ? ctx.env.http_referer : "",
|
|
ctx.env.path_info ? ctx.env.path_info : "",
|
|
ctx.env.http_host ? ctx.env.http_host : "",
|
|
ctx.env.https ? ctx.env.https : "",
|
|
ctx.qry.repo ? ctx.qry.repo : "",
|
|
ctx.qry.page ? ctx.qry.page : "",
|
|
ctx.qry.url ? ctx.qry.url : "",
|
|
cgit_loginurl());
|
|
}
|
|
|
|
/* We intentionally keep this rather small, instead of looping and
|
|
* feeding it to the filter a couple bytes at a time. This way, the
|
|
* filter itself does not need to handle any denial of service or
|
|
* buffer bloat issues. If this winds up being too small, people
|
|
* will complain on the mailing list, and we'll increase it as needed. */
|
|
#define MAX_AUTHENTICATION_POST_BYTES 4096
|
|
/* The filter is expected to spit out "Status: " and all headers. */
|
|
static inline void authenticate_post(void)
|
|
{
|
|
char buffer[MAX_AUTHENTICATION_POST_BYTES];
|
|
unsigned int len;
|
|
|
|
open_auth_filter("authenticate-post");
|
|
len = ctx.env.content_length;
|
|
if (len > MAX_AUTHENTICATION_POST_BYTES)
|
|
len = MAX_AUTHENTICATION_POST_BYTES;
|
|
if (read(STDIN_FILENO, buffer, len) < 0)
|
|
die_errno("Could not read POST from stdin");
|
|
if (write(STDOUT_FILENO, buffer, len) < 0)
|
|
die_errno("Could not write POST to stdout");
|
|
cgit_close_filter(ctx.cfg.auth_filter);
|
|
exit(0);
|
|
}
|
|
|
|
static inline void authenticate_cookie(void)
|
|
{
|
|
/* If we don't have an auth_filter, consider all cookies valid, and thus return early. */
|
|
if (!ctx.cfg.auth_filter) {
|
|
ctx.env.authenticated = 1;
|
|
return;
|
|
}
|
|
|
|
/* If we're having something POST'd to /login, we're authenticating POST,
|
|
* instead of the cookie, so call authenticate_post and bail out early.
|
|
* This pattern here should match /?p=login with POST. */
|
|
if (ctx.env.request_method && ctx.qry.page && !ctx.repo && \
|
|
!strcmp(ctx.env.request_method, "POST") && !strcmp(ctx.qry.page, "login")) {
|
|
authenticate_post();
|
|
return;
|
|
}
|
|
|
|
/* If we've made it this far, we're authenticating the cookie for real, so do that. */
|
|
open_auth_filter("authenticate-cookie");
|
|
ctx.env.authenticated = cgit_close_filter(ctx.cfg.auth_filter);
|
|
}
|
|
|
|
static void process_request(void)
|
|
{
|
|
struct cgit_cmd *cmd;
|
|
|
|
/* If we're not yet authenticated, no matter what page we're on,
|
|
* display the authentication body from the auth_filter. This should
|
|
* never be cached. */
|
|
if (!ctx.env.authenticated) {
|
|
ctx.page.title = "Authentication Required";
|
|
cgit_print_http_headers();
|
|
cgit_print_docstart();
|
|
cgit_print_pageheader();
|
|
open_auth_filter("body");
|
|
cgit_close_filter(ctx.cfg.auth_filter);
|
|
cgit_print_docend();
|
|
return;
|
|
}
|
|
|
|
cmd = cgit_get_cmd();
|
|
if (!cmd) {
|
|
ctx.page.title = "cgit error";
|
|
cgit_print_error_page(404, "Not found", "Invalid request");
|
|
return;
|
|
}
|
|
|
|
if (!ctx.cfg.enable_http_clone && cmd->is_clone) {
|
|
ctx.page.title = "cgit error";
|
|
cgit_print_error_page(404, "Not found", "Invalid request");
|
|
return;
|
|
}
|
|
|
|
/* If cmd->want_vpath is set, assume ctx.qry.path contains a "virtual"
|
|
* in-project path limit to be made available at ctx.qry.vpath.
|
|
* Otherwise, no path limit is in effect (ctx.qry.vpath = NULL).
|
|
*/
|
|
ctx.qry.vpath = cmd->want_vpath ? ctx.qry.path : NULL;
|
|
|
|
if (cmd->want_repo && !ctx.repo) {
|
|
cgit_print_error_page(400, "Bad request",
|
|
"No repository selected");
|
|
return;
|
|
}
|
|
|
|
if (ctx.repo && prepare_repo_cmd())
|
|
return;
|
|
|
|
cmd->fn();
|
|
}
|
|
|
|
static int cmp_repos(const void *a, const void *b)
|
|
{
|
|
const struct cgit_repo *ra = a, *rb = b;
|
|
return strcmp(ra->url, rb->url);
|
|
}
|
|
|
|
static char *build_snapshot_setting(int bitmap)
|
|
{
|
|
const struct cgit_snapshot_format *f;
|
|
struct strbuf result = STRBUF_INIT;
|
|
|
|
for (f = cgit_snapshot_formats; f->suffix; f++) {
|
|
if (f->bit & bitmap) {
|
|
if (result.len)
|
|
strbuf_addch(&result, ' ');
|
|
strbuf_addstr(&result, f->suffix);
|
|
}
|
|
}
|
|
return strbuf_detach(&result, NULL);
|
|
}
|
|
|
|
static char *get_first_line(char *txt)
|
|
{
|
|
char *t = xstrdup(txt);
|
|
char *p = strchr(t, '\n');
|
|
if (p)
|
|
*p = '\0';
|
|
return t;
|
|
}
|
|
|
|
static void print_repo(FILE *f, struct cgit_repo *repo)
|
|
{
|
|
struct string_list_item *item;
|
|
fprintf(f, "repo.url=%s\n", repo->url);
|
|
fprintf(f, "repo.name=%s\n", repo->name);
|
|
fprintf(f, "repo.path=%s\n", repo->path);
|
|
if (repo->owner)
|
|
fprintf(f, "repo.owner=%s\n", repo->owner);
|
|
if (repo->desc) {
|
|
char *tmp = get_first_line(repo->desc);
|
|
fprintf(f, "repo.desc=%s\n", tmp);
|
|
free(tmp);
|
|
}
|
|
for_each_string_list_item(item, &repo->readme) {
|
|
if (item->util)
|
|
fprintf(f, "repo.readme=%s:%s\n", (char *)item->util, item->string);
|
|
else
|
|
fprintf(f, "repo.readme=%s\n", item->string);
|
|
}
|
|
if (repo->defbranch)
|
|
fprintf(f, "repo.defbranch=%s\n", repo->defbranch);
|
|
if (repo->module_link)
|
|
fprintf(f, "repo.module-link=%s\n", repo->module_link);
|
|
if (repo->section)
|
|
fprintf(f, "repo.section=%s\n", repo->section);
|
|
if (repo->clone_url)
|
|
fprintf(f, "repo.clone-url=%s\n", repo->clone_url);
|
|
fprintf(f, "repo.enable-commit-graph=%d\n",
|
|
repo->enable_commit_graph);
|
|
fprintf(f, "repo.enable-log-filecount=%d\n",
|
|
repo->enable_log_filecount);
|
|
fprintf(f, "repo.enable-log-linecount=%d\n",
|
|
repo->enable_log_linecount);
|
|
if (repo->about_filter && repo->about_filter != ctx.cfg.about_filter)
|
|
cgit_fprintf_filter(repo->about_filter, f, "repo.about-filter=");
|
|
if (repo->commit_filter && repo->commit_filter != ctx.cfg.commit_filter)
|
|
cgit_fprintf_filter(repo->commit_filter, f, "repo.commit-filter=");
|
|
if (repo->source_filter && repo->source_filter != ctx.cfg.source_filter)
|
|
cgit_fprintf_filter(repo->source_filter, f, "repo.source-filter=");
|
|
if (repo->email_filter && repo->email_filter != ctx.cfg.email_filter)
|
|
cgit_fprintf_filter(repo->email_filter, f, "repo.email-filter=");
|
|
if (repo->owner_filter && repo->owner_filter != ctx.cfg.owner_filter)
|
|
cgit_fprintf_filter(repo->owner_filter, f, "repo.owner-filter=");
|
|
if (repo->snapshots != ctx.cfg.snapshots) {
|
|
char *tmp = build_snapshot_setting(repo->snapshots);
|
|
fprintf(f, "repo.snapshots=%s\n", tmp ? tmp : "");
|
|
free(tmp);
|
|
}
|
|
if (repo->max_stats != ctx.cfg.max_stats)
|
|
fprintf(f, "repo.max-stats=%s\n",
|
|
cgit_find_stats_periodname(repo->max_stats));
|
|
if (repo->logo)
|
|
fprintf(f, "repo.logo=%s\n", repo->logo);
|
|
if (repo->logo_link)
|
|
fprintf(f, "repo.logo-link=%s\n", repo->logo_link);
|
|
fprintf(f, "repo.enable-remote-branches=%d\n", repo->enable_remote_branches);
|
|
fprintf(f, "repo.enable-subject-links=%d\n", repo->enable_subject_links);
|
|
if (repo->branch_sort == 1)
|
|
fprintf(f, "repo.branch-sort=age\n");
|
|
if (repo->commit_sort) {
|
|
if (repo->commit_sort == 1)
|
|
fprintf(f, "repo.commit-sort=date\n");
|
|
else if (repo->commit_sort == 2)
|
|
fprintf(f, "repo.commit-sort=topo\n");
|
|
}
|
|
fprintf(f, "repo.hide=%d\n", repo->hide);
|
|
fprintf(f, "repo.ignore=%d\n", repo->ignore);
|
|
fprintf(f, "\n");
|
|
}
|
|
|
|
static void print_repolist(FILE *f, struct cgit_repolist *list, int start)
|
|
{
|
|
int i;
|
|
|
|
for (i = start; i < list->count; i++)
|
|
print_repo(f, &list->repos[i]);
|
|
}
|
|
|
|
/* Scan 'path' for git repositories, save the resulting repolist in 'cached_rc'
|
|
* and return 0 on success.
|
|
*/
|
|
static int generate_cached_repolist(const char *path, const char *cached_rc)
|
|
{
|
|
struct strbuf locked_rc = STRBUF_INIT;
|
|
int result = 0;
|
|
int idx;
|
|
FILE *f;
|
|
|
|
strbuf_addf(&locked_rc, "%s.lock", cached_rc);
|
|
f = fopen(locked_rc.buf, "wx");
|
|
if (!f) {
|
|
/* Inform about the error unless the lockfile already existed,
|
|
* since that only means we've got concurrent requests.
|
|
*/
|
|
result = errno;
|
|
if (result != EEXIST)
|
|
fprintf(stderr, "[cgit] Error opening %s: %s (%d)\n",
|
|
locked_rc.buf, strerror(result), result);
|
|
goto out;
|
|
}
|
|
idx = cgit_repolist.count;
|
|
if (ctx.cfg.project_list)
|
|
scan_projects(path, ctx.cfg.project_list, repo_config);
|
|
else
|
|
scan_tree(path, repo_config);
|
|
print_repolist(f, &cgit_repolist, idx);
|
|
if (rename(locked_rc.buf, cached_rc))
|
|
fprintf(stderr, "[cgit] Error renaming %s to %s: %s (%d)\n",
|
|
locked_rc.buf, cached_rc, strerror(errno), errno);
|
|
fclose(f);
|
|
out:
|
|
strbuf_release(&locked_rc);
|
|
return result;
|
|
}
|
|
|
|
static void process_cached_repolist(const char *path)
|
|
{
|
|
struct stat st;
|
|
struct strbuf cached_rc = STRBUF_INIT;
|
|
time_t age;
|
|
unsigned long hash;
|
|
|
|
hash = hash_str(path);
|
|
if (ctx.cfg.project_list)
|
|
hash += hash_str(ctx.cfg.project_list);
|
|
strbuf_addf(&cached_rc, "%s/rc-%8lx", ctx.cfg.cache_root, hash);
|
|
|
|
if (stat(cached_rc.buf, &st)) {
|
|
/* Nothing is cached, we need to scan without forking. And
|
|
* if we fail to generate a cached repolist, we need to
|
|
* invoke scan_tree manually.
|
|
*/
|
|
if (generate_cached_repolist(path, cached_rc.buf)) {
|
|
if (ctx.cfg.project_list)
|
|
scan_projects(path, ctx.cfg.project_list,
|
|
repo_config);
|
|
else
|
|
scan_tree(path, repo_config);
|
|
}
|
|
goto out;
|
|
}
|
|
|
|
parse_configfile(cached_rc.buf, config_cb);
|
|
|
|
/* If the cached configfile hasn't expired, lets exit now */
|
|
age = time(NULL) - st.st_mtime;
|
|
if (age <= (ctx.cfg.cache_scanrc_ttl * 60))
|
|
goto out;
|
|
|
|
/* The cached repolist has been parsed, but it was old. So lets
|
|
* rescan the specified path and generate a new cached repolist
|
|
* in a child-process to avoid latency for the current request.
|
|
*/
|
|
if (fork())
|
|
goto out;
|
|
|
|
exit(generate_cached_repolist(path, cached_rc.buf));
|
|
out:
|
|
strbuf_release(&cached_rc);
|
|
}
|
|
|
|
static void cgit_parse_args(int argc, const char **argv)
|
|
{
|
|
int i;
|
|
int scan = 0;
|
|
|
|
for (i = 1; i < argc; i++) {
|
|
if (!strcmp(argv[i], "--version")) {
|
|
printf("CGit %s | http://git.zx2c4.com/cgit/\n\nCompiled in features:\n", CGIT_VERSION);
|
|
#ifdef NO_LUA
|
|
printf("[-] ");
|
|
#else
|
|
printf("[+] ");
|
|
#endif
|
|
printf("Lua scripting\n");
|
|
#ifndef HAVE_LINUX_SENDFILE
|
|
printf("[-] ");
|
|
#else
|
|
printf("[+] ");
|
|
#endif
|
|
printf("Linux sendfile() usage\n");
|
|
|
|
exit(0);
|
|
}
|
|
if (starts_with(argv[i], "--cache=")) {
|
|
ctx.cfg.cache_root = xstrdup(argv[i] + 8);
|
|
} else if (!strcmp(argv[i], "--nocache")) {
|
|
ctx.cfg.nocache = 1;
|
|
} else if (!strcmp(argv[i], "--nohttp")) {
|
|
ctx.env.no_http = "1";
|
|
} else if (starts_with(argv[i], "--query=")) {
|
|
ctx.qry.raw = xstrdup(argv[i] + 8);
|
|
} else if (starts_with(argv[i], "--repo=")) {
|
|
ctx.qry.repo = xstrdup(argv[i] + 7);
|
|
} else if (starts_with(argv[i], "--page=")) {
|
|
ctx.qry.page = xstrdup(argv[i] + 7);
|
|
} else if (starts_with(argv[i], "--head=")) {
|
|
ctx.qry.head = xstrdup(argv[i] + 7);
|
|
ctx.qry.has_symref = 1;
|
|
} else if (starts_with(argv[i], "--sha1=")) {
|
|
ctx.qry.sha1 = xstrdup(argv[i] + 7);
|
|
ctx.qry.has_sha1 = 1;
|
|
} else if (starts_with(argv[i], "--ofs=")) {
|
|
ctx.qry.ofs = atoi(argv[i] + 6);
|
|
} else if (starts_with(argv[i], "--scan-tree=") ||
|
|
starts_with(argv[i], "--scan-path=")) {
|
|
/*
|
|
* HACK: The global snapshot bit mask defines the set
|
|
* of allowed snapshot formats, but the config file
|
|
* hasn't been parsed yet so the mask is currently 0.
|
|
* By setting all bits high before scanning we make
|
|
* sure that any in-repo cgitrc snapshot setting is
|
|
* respected by scan_tree().
|
|
*
|
|
* NOTE: We assume that there aren't more than 8
|
|
* different snapshot formats supported by cgit...
|
|
*/
|
|
ctx.cfg.snapshots = 0xFF;
|
|
scan++;
|
|
scan_tree(argv[i] + 12, repo_config);
|
|
}
|
|
}
|
|
if (scan) {
|
|
qsort(cgit_repolist.repos, cgit_repolist.count,
|
|
sizeof(struct cgit_repo), cmp_repos);
|
|
print_repolist(stdout, &cgit_repolist, 0);
|
|
exit(0);
|
|
}
|
|
}
|
|
|
|
static int calc_ttl(void)
|
|
{
|
|
if (!ctx.repo)
|
|
return ctx.cfg.cache_root_ttl;
|
|
|
|
if (!ctx.qry.page)
|
|
return ctx.cfg.cache_repo_ttl;
|
|
|
|
if (!strcmp(ctx.qry.page, "about"))
|
|
return ctx.cfg.cache_about_ttl;
|
|
|
|
if (!strcmp(ctx.qry.page, "snapshot"))
|
|
return ctx.cfg.cache_snapshot_ttl;
|
|
|
|
if (ctx.qry.has_sha1)
|
|
return ctx.cfg.cache_static_ttl;
|
|
|
|
if (ctx.qry.has_symref)
|
|
return ctx.cfg.cache_dynamic_ttl;
|
|
|
|
return ctx.cfg.cache_repo_ttl;
|
|
}
|
|
|
|
int main(int argc, const char **argv)
|
|
{
|
|
const char *path;
|
|
int err, ttl;
|
|
|
|
cgit_init_filters();
|
|
atexit(cgit_cleanup_filters);
|
|
|
|
prepare_context();
|
|
cgit_repolist.length = 0;
|
|
cgit_repolist.count = 0;
|
|
cgit_repolist.repos = NULL;
|
|
|
|
cgit_parse_args(argc, argv);
|
|
parse_configfile(expand_macros(ctx.env.cgit_config), config_cb);
|
|
ctx.repo = NULL;
|
|
http_parse_querystring(ctx.qry.raw, querystring_cb);
|
|
|
|
/* If virtual-root isn't specified in cgitrc, lets pretend
|
|
* that virtual-root equals SCRIPT_NAME, minus any possibly
|
|
* trailing slashes.
|
|
*/
|
|
if (!ctx.cfg.virtual_root && ctx.cfg.script_name)
|
|
ctx.cfg.virtual_root = ensure_end(ctx.cfg.script_name, '/');
|
|
|
|
/* If no url parameter is specified on the querystring, lets
|
|
* use PATH_INFO as url. This allows cgit to work with virtual
|
|
* urls without the need for rewriterules in the webserver (as
|
|
* long as PATH_INFO is included in the cache lookup key).
|
|
*/
|
|
path = ctx.env.path_info;
|
|
if (!ctx.qry.url && path) {
|
|
if (path[0] == '/')
|
|
path++;
|
|
ctx.qry.url = xstrdup(path);
|
|
if (ctx.qry.raw) {
|
|
char *newqry = fmtalloc("%s?%s", path, ctx.qry.raw);
|
|
free(ctx.qry.raw);
|
|
ctx.qry.raw = newqry;
|
|
} else
|
|
ctx.qry.raw = xstrdup(ctx.qry.url);
|
|
cgit_parse_url(ctx.qry.url);
|
|
}
|
|
|
|
/* Before we go any further, we set ctx.env.authenticated by checking to see
|
|
* if the supplied cookie is valid. All cookies are valid if there is no
|
|
* auth_filter. If there is an auth_filter, the filter decides. */
|
|
authenticate_cookie();
|
|
|
|
ttl = calc_ttl();
|
|
if (ttl < 0)
|
|
ctx.page.expires += 10 * 365 * 24 * 60 * 60; /* 10 years */
|
|
else
|
|
ctx.page.expires += ttl * 60;
|
|
if (!ctx.env.authenticated || (ctx.env.request_method && !strcmp(ctx.env.request_method, "HEAD")))
|
|
ctx.cfg.nocache = 1;
|
|
if (ctx.cfg.nocache)
|
|
ctx.cfg.cache_size = 0;
|
|
err = cache_process(ctx.cfg.cache_size, ctx.cfg.cache_root,
|
|
ctx.qry.raw, ttl, process_request);
|
|
cgit_cleanup_filters();
|
|
if (err)
|
|
cgit_print_error("Error processing page: %s (%d)",
|
|
strerror(err), err);
|
|
return err;
|
|
}
|