aboutsummaryrefslogtreecommitdiffstatshomepage
Commit message (Expand)AuthorAge
* tests: skip tests if strace is not functionalChristian Hesse2019-12-11
* git: update to v2.24.1Christian Hesse2019-12-10
* ui-repolist: do not return unsigned (negative) valueChristian Hesse2019-11-22
* git: update to v2.24.0Christian Hesse2019-11-08
* git: update to v2.23.0Christian Hesse2019-10-25
* git: update to v2.22.0Christian Hesse2019-10-25
* ui-tree: allow per repository override for enable-blameChristian Hesse2019-06-25
* tests: successfully validate rc versionsChristian Hesse2019-06-05
* git: update to v2.21.0Christian Hesse2019-06-05
* ui-ssdiff: ban strncat()Christian Hesse2019-06-05
* global: make 'char *path' const where possibleChristian Hesse2019-06-05
* ui-shared: restrict to 15 levelsJason A. Donenfeld2019-05-20
* ui-diff,ui-tag: don't use htmlf with non-formatted stringsChris Mayo2019-02-23
* ui-ssdiff: resolve HTML5 validation errorsChris Mayo2019-02-23
* filters: migrate from luacrypto to luaosslJason A. Donenfeld2019-01-03
* ui-shared: fix broken sizeof in title setting and rewriteJason A. Donenfeld2019-01-02
* git: update to v2.20.0Christian Hesse2018-12-09
* ui-blame: set repo for sbJason A. Donenfeld2018-11-25
* auth-filter: pass url with query string attachedJason A. Donenfeld2018-11-25
* git: use xz compressed archive for downloadChristian Hesse2018-11-21
* git: update to v2.19.1Christian Hesse2018-10-12
* ui-ssdiff: ban strcat()Christian Hesse2018-09-11
* ui-ssdiff: ban strncpy()Christian Hesse2018-09-11
* ui-shared: ban strcat()Christian Hesse2018-09-11
* ui-patch: ban sprintf()Christian Hesse2018-09-11
* ui-log: ban strncpy()Christian Hesse2018-09-11
* ui-log: ban strcpy()Christian Hesse2018-09-11
* parsing: ban sprintf()Christian Hesse2018-09-11
* parsing: ban strncpy()Christian Hesse2018-09-11
* filters: generate anchor links from markdownChristian Hesse2018-08-28
* Bump version.v1.2.1Jason A. Donenfeld2018-08-03
* clone: fix directory traversalJason A. Donenfeld2018-08-03
* config: record repo.snapshot-prefix in the per-repo configKonstantin Ryabitsev2018-08-03
* auth-filters: add simple file-based authentication schemeJason A. Donenfeld2018-08-03
* auth-filters: use crypt() in simple-authenticationJason A. Donenfeld2018-07-15
* auth-filters: generate secret securelyJason A. Donenfeld2018-07-15
* auth-filters: do not crash on nil usernameJason A. Donenfeld2018-07-14
* auth-filter: do not write more than we've readJason A. Donenfeld2018-07-14
* auth-filters: do not use HMAC-SHA1Jason A. Donenfeld2018-07-14
* Bump version.v1.2Jason A. Donenfeld2018-07-13
* Update COPYINGTodd Zullinger2018-07-10
* css: use correct size in annotated decorationJason A. Donenfeld2018-07-08
* cgitrc.5: add local tar signature exampleJason A. Donenfeld2018-07-05
* Fix gcc 8.1.1 compiler warningsJason A. Donenfeld2018-07-04
* cgitrc.5: document new signature notesJason A. Donenfeld2018-07-03
* snapshot: support tar signature for compressed tarChristian Hesse2018-07-03
* extra-head-content: introduce another option for meta tagsJason A. Donenfeld2018-07-03
* Use string list strdup_strings for mimetypesJohn Keeping2018-06-27
* manpage: fix sorting orderAndy Green2018-06-27
* cache: close race window when unlocking slotsJohn Keeping2018-06-27
ef='#n404'>404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439
/* cache.c: cache management
 *
 * Copyright (C) 2006 Lars Hjemli
 *
 * Licensed under GNU General Public License v2
 *   (see COPYING for full license text)
 *
 *
 * The cache is just a directory structure where each file is a cache slot,
 * and each filename is based on the hash of some key (e.g. the cgit url).
 * Each file contains the full key followed by the cached content for that
 * key.
 *
 */

#include "cgit.h"
#include "cache.h"

#define CACHE_BUFSIZE (1024 * 4)

struct cache_slot {
	const char *key;
	int keylen;
	int ttl;
	cache_fill_fn fn;
	void *cbdata;
	int cache_fd;
	int lock_fd;
	const char *cache_name;
	const char *lock_name;
	int match;
	struct stat cache_st;
	struct stat lock_st;
	int bufsize;
	char buf[CACHE_BUFSIZE];
};

/* Open an existing cache slot and fill the cache buffer with
 * (part of) the content of the cache file. Return 0 on success
 * and errno otherwise.
 */
static int open_slot(struct cache_slot *slot)
{
	char *bufz;
	int bufkeylen = -1;

	slot->cache_fd = open(slot->cache_name, O_RDONLY);
	if (slot->cache_fd == -1)
		return errno;

	if (fstat(slot->cache_fd, &slot->cache_st))
		return errno;

	slot->bufsize = xread(slot->cache_fd, slot->buf, sizeof(slot->buf));
	if (slot->bufsize < 0)
		return errno;

	bufz = memchr(slot->buf, 0, slot->bufsize);
	if (bufz)
		bufkeylen = bufz - slot->buf;

	slot->match = bufkeylen == slot->keylen &&
	    !memcmp(slot->key, slot->buf, bufkeylen + 1);

	return 0;
}

/* Close the active cache slot */
static int close_slot(struct cache_slot *slot)
{
	int err = 0;
	if (slot->cache_fd > 0) {
		if (close(slot->cache_fd))
			err = errno;
		else
			slot->cache_fd = -1;
	}
	return err;
}

/* Print the content of the active cache slot (but skip the key). */
static int print_slot(struct cache_slot *slot)
{
	ssize_t i, j;

	i = lseek(slot->cache_fd, slot->keylen + 1, SEEK_SET);
	if (i != slot->keylen + 1)
		return errno;

	do {
		i = j = xread(slot->cache_fd, slot->buf, sizeof(slot->buf));
		if (i > 0)
			j = xwrite(STDOUT_FILENO, slot->buf, i);
	} while (i > 0 && j == i);

	if (i < 0 || j != i)
		return errno;
	else
		return 0;
}

/* Check if the slot has expired */
static int is_expired(struct cache_slot *slot)
{
	if (slot->ttl < 0)
		return 0;
	else
		return slot->cache_st.st_mtime + slot->ttl * 60 < time(NULL);
}

/* Check if the slot has been modified since we opened it.
 * NB: If stat() fails, we pretend the file is modified.
 */
static int is_modified(struct cache_slot *slot)
{
	struct stat st;

	if (stat(slot->cache_name, &st))
		return 1;
	return (st.st_ino != slot->cache_st.st_ino ||
		st.st_mtime != slot->cache_st.st_mtime ||
		st.st_size != slot->cache_st.st_size);
}

/* Close an open lockfile */
static int close_lock(struct cache_slot *slot)
{
	int err = 0;
	if (slot->lock_fd > 0) {
		if (close(slot->lock_fd))
			err = errno;
		else
			slot->lock_fd = -1;
	}
	return err;
}

/* Create a lockfile used to store the generated content for a cache
 * slot, and write the slot key + \0 into it.
 * Returns 0 on success and errno otherwise.
 */
static int lock_slot(struct cache_slot *slot)
{
	slot->lock_fd = open(slot->lock_name, O_RDWR | O_CREAT | O_EXCL,
			     S_IRUSR | S_IWUSR);
	if (slot->lock_fd == -1)
		return errno;
	if (xwrite(slot->lock_fd, slot->key, slot->keylen + 1) < 0)
		return errno;
	return 0;
}

/* Release the current lockfile. If `replace_old_slot` is set the
 * lockfile replaces the old cache slot, otherwise the lockfile is
 * just deleted.
 */
static int unlock_slot(struct cache_slot *slot, int replace_old_slot)
{
	int err;

	if (replace_old_slot)
		err = rename(slot->lock_name, slot->cache_name);
	else
		err = unlink(slot->lock_name);

	if (err)
		return errno;

	return 0;
}

/* Generate the content for the current cache slot by redirecting
 * stdout to the lock-fd and invoking the callback function
 */
static int fill_slot(struct cache_slot *slot)
{
	int tmp;

	/* Preserve stdout */
	tmp = dup(STDOUT_FILENO);
	if (tmp == -1)
		return errno;

	/* Redirect stdout to lockfile */
	if (dup2(slot->lock_fd, STDOUT_FILENO) == -1)
		return errno;

	/* Generate cache content */
	slot->fn(slot->cbdata);

	/* Restore stdout */
	if (dup2(tmp, STDOUT_FILENO) == -1)
		return errno;

	/* Close the temporary filedescriptor */
	if (close(tmp))
		return errno;

	return 0;
}

/* Crude implementation of 32-bit FNV-1 hash algorithm,
 * see http://www.isthe.com/chongo/tech/comp/fnv/ for details
 * about the magic numbers.
 */
#define FNV_OFFSET 0x811c9dc5
#define FNV_PRIME  0x01000193

unsigned long hash_str(const char *str)
{
	unsigned long h = FNV_OFFSET;
	unsigned char *s = (unsigned char *)str;

	if (!s)
		return h;

	while (*s) {
		h *= FNV_PRIME;
		h ^= *s++;
	}
	return h;
}

static int process_slot(struct cache_slot *slot)
{
	int err;

	err = open_slot(slot);
	if (!err && slot->match) {
		if (is_expired(slot)) {
			if (!lock_slot(slot)) {
				/* If the cachefile has been replaced between
				 * `open_slot` and `lock_slot`, we'll just
				 * serve the stale content from the original
				 * cachefile. This way we avoid pruning the
				 * newly generated slot. The same code-path
				 * is chosen if fill_slot() fails for some
				 * reason.
				 *
				 * TODO? check if the new slot contains the
				 * same key as the old one, since we would
				 * prefer to serve the newest content.
				 * This will require us to open yet another
				 * file-descriptor and read and compare the
				 * key from the new file, so for now we're
				 * lazy and just ignore the new file.
				 */
				if (is_modified(slot) || fill_slot(slot)) {
					unlock_slot(slot, 0);
					close_lock(slot);
				} else {
					close_slot(slot);
					unlock_slot(slot, 1);
					slot->cache_fd = slot->lock_fd;
				}
			}
		}
		if ((err = print_slot(slot)) != 0) {
			cache_log("[cgit] error printing cache %s: %s (%d)\n",
				  slot->cache_name,
				  strerror(err),
				  err);
		}
		close_slot(slot);
		return err;
	}

	/* If the cache slot does not exist (or its key doesn't match the
	 * current key), lets try to create a new cache slot for this
	 * request. If this fails (for whatever reason), lets just generate
	 * the content without caching it and fool the caller to belive
	 * everything worked out (but print a warning on stdout).
	 */

	close_slot(slot);
	if ((err = lock_slot(slot)) != 0) {
		cache_log("[cgit] Unable to lock slot %s: %s (%d)\n",
			  slot->lock_name, strerror(err), err);
		slot->fn(slot->cbdata);
		return 0;
	}

	if ((err = fill_slot(slot)) != 0) {
		cache_log("[cgit] Unable to fill slot %s: %s (%d)\n",
			  slot->lock_name, strerror(err), err);
		unlock_slot(slot, 0);
		close_lock(slot);
		slot->fn(slot->cbdata);
		return 0;
	}
	// We've got a valid cache slot in the lock file, which
	// is about to replace the old cache slot. But if we
	// release the lockfile and then try to open the new cache
	// slot, we might get a race condition with a concurrent
	// writer for the same cache slot (with a different key).
	// Lets avoid such a race by just printing the content of
	// the lock file.
	slot->cache_fd = slot->lock_fd;
	unlock_slot(slot, 1);
	if ((err = print_slot(slot)) != 0) {
		cache_log("[cgit] error printing cache %s: %s (%d)\n",
			  slot->cache_name,
			  strerror(err),
			  err);
	}
	close_slot(slot);
	return err;
}

/* Print cached content to stdout, generate the content if necessary. */
int cache_process(int size, const char *path, const char *key, int ttl,
		  cache_fill_fn fn, void *cbdata)
{
	unsigned long hash;
	int len, i;
	char filename[1024];
	char lockname[1024 + 5];  /* 5 = ".lock" */
	struct cache_slot slot;

	/* If the cache is disabled, just generate the content */
	if (size <= 0) {
		fn(cbdata);
		return 0;
	}

	/* Verify input, calculate filenames */
	if (!path) {
		cache_log("[cgit] Cache path not specified, caching is disabled\n");
		fn(cbdata);
		return 0;
	}
	len = strlen(path);
	if (len > sizeof(filename) - 10) { /* 10 = "/01234567\0" */
		cache_log("[cgit] Cache path too long, caching is disabled: %s\n",
			  path);
		fn(cbdata);
		return 0;
	}
	if (!key)
		key = "";
	hash = hash_str(key) % size;
	strcpy(filename, path);
	if (filename[len - 1] != '/')
		filename[len++] = '/';
	for (i = 0; i < 8; i++) {
		sprintf(filename + len++, "%x",
			(unsigned char)(hash & 0xf));
		hash >>= 4;
	}
	filename[len] = '\0';
	strcpy(lockname, filename);
	strcpy(lockname + len, ".lock");
	slot.fn = fn;
	slot.cbdata = cbdata;
	slot.ttl = ttl;
	slot.cache_name = filename;
	slot.lock_name = lockname;
	slot.key = key;
	slot.keylen = strlen(key);
	return process_slot(&slot);
}

/* Return a strftime formatted date/time
 * NB: the result from this function is to shared memory
 */
static char *sprintftime(const char *format, time_t time)
{
	static char buf[64];
	struct tm *tm;

	if (!time)
		return NULL;
	tm = gmtime(&time);
	strftime(buf, sizeof(buf)-1, format, tm);
	return buf;
}

int cache_ls(const char *path)
{
	DIR *dir;
	struct dirent *ent;
	int err = 0;
	struct cache_slot slot;
	char fullname[1024];
	char *name;

	if (!path) {
		cache_log("[cgit] cache path not specified\n");
		return -1;
	}
	if (strlen(path) > 1024 - 10) {
		cache_log("[cgit] cache path too long: %s\n",
			  path);
		return -1;
	}
	dir = opendir(path);
	if (!dir) {
		err = errno;
		cache_log("[cgit] unable to open path %s: %s (%d)\n",
			  path, strerror(err), err);
		return err;
	}
	strcpy(fullname, path);
	name = fullname + strlen(path);
	if (*(name - 1) != '/') {
		*name++ = '/';
		*name = '\0';
	}
	slot.cache_name = fullname;
	while ((ent = readdir(dir)) != NULL) {
		if (strlen(ent->d_name) != 8)
			continue;
		strcpy(name, ent->d_name);
		if ((err = open_slot(&slot)) != 0) {
			cache_log("[cgit] unable to open path %s: %s (%d)\n",
				  fullname, strerror(err), err);
			continue;
		}
		printf("%s %s %10"PRIuMAX" %s\n",
		       name,
		       sprintftime("%Y-%m-%d %H:%M:%S",
				   slot.cache_st.st_mtime),
		       (uintmax_t)slot.cache_st.st_size,
		       slot.buf);
		close_slot(&slot);
	}
	closedir(dir);
	return 0;
}

/* Print a message to stdout */
void cache_log(const char *format, ...)
{
	va_list args;
	va_start(args, format);
	vfprintf(stderr, format, args);
	va_end(args);
}