summaryrefslogtreecommitdiffstatshomepage
path: root/cgit.c
Commit message (Collapse)AuthorAge
* auth: have cgit calculate login addressJason A. Donenfeld2014-01-16
| | | | | | | This way we're sure to use virtual root, or any other strangeness encountered. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* authentication: use hidden form instead of refererJason A. Donenfeld2014-01-16
| | | | | | | This also gives us some CSRF protection. Note that we make use of the hmac to protect the redirect value. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: add basic authentication filter frameworkJason A. Donenfeld2014-01-16
| | | | | | | | | | | | | | | | This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: add support for email filterJason A. Donenfeld2014-01-14
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: basic write hooking infrastructureJason A. Donenfeld2014-01-14
| | | | | | | | | | | | | | | | | Filters can now call hook_write and unhook_write if they want to redirect writing to stdout to a different function. This saves us from potential file descriptor pipes and other less efficient mechanisms. We do this instead of replacing the call in html_raw because some places stdlib's printf functions are used (ui-patch or within git itself), which has its own internal buffering, which makes it difficult to interlace our function calls. So, we dlsym libc's write and then override it in the link stage. While we're at it, we move considerations of argument count into the generic new filter handler. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: allow for cleanup hook for filter typesJason A. Donenfeld2014-01-14
| | | | | | | | | | | | At some point, we're going to want to do lazy deallocation of filters. For example, if we implement lua, we'll want to load the lua runtime once for each filter, even if that filter is called many times. Similarly, for persistent exec filters, we'll want to load it once, despite many open_filter and close_filter calls, and only reap the child process at the end of the cgit process. For this reason, we add here a cleanup function that is called at the end of cgit's main(). Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: add fprintf_filter functionJohn Keeping2014-01-14
| | | | | | | | This stops the code in cgit.c::print_repo needing to inspect the cgit_filter structure, meaning that we can abstract out different filter types that will have different fields that need to be printed. Signed-off-by: John Keeping <john@keeping.me.uk>
* filter: split filter functions into their own fileJason A. Donenfeld2014-01-10
| | | | | | A first step for more interesting things. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* cgit.c: Fix comment on bit mask hackLukas Fleischer2014-01-10
| | | | | | | | | * Formatting and spelling fixes. * A bit mask with the size of one byte only allows for storing 8 (not 255!) different flags. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* cgit.c: Use "else" for mutually exclusive branchesLukas Fleischer2014-01-10
| | | | | | | | When parsing command line arguments, no pair of command line options can ever match simultaneously. Use "else if" blocks to reflect this. This change improves both readability and speed. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Replace most uses of strncmp() with prefixcmp()Lukas Fleischer2014-01-10
| | | | | | | This is a preparation for replacing all prefix checks with either strip_prefix() or starts_with() when Git 1.8.6 is released. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Update copyright informationLukas Fleischer2014-01-08
| | | | | | | | | * Name "cgit Development Team" as copyright holder to avoid listing every single developer. * Update copyright ranges. Signed-off-by: Lukas Fleischer <cgit@crytocrack.de>
* cache: id means static, even if head is specified tooJason A. Donenfeld2013-08-12
| | | | | | | | Pages like /commit?h=wip&id=8a335ce618ba77fbf05148d6f8be17bd48ba4340 were being marked as dynamic, because of h=wip, when it should be static, because of id=. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* cache: document negative ttls and add about ttlJason A. Donenfeld2013-08-12
| | | | | | | | | | | | | | We've long supported negative ttls, for infinite cache, except the documentation incorrectly showed one of our defaults as being 5 and not -1. As well, with a negative ttl, we were actually making the HTTP expired header go backwards. This changes it to go ahead ten years instead. Further, we add an cache-about-ttl option to set a different ttl for about pages, which are now increasingly being filtered through markdown or just sent statically anyway. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* use favicon by defaultChristian Hesse2013-08-12
|
* readme: use string_list instead of space deliminationsJason A. Donenfeld2013-05-26
| | | | | | | | | | | | | | | | | | | | | | | | | | Now this is possible in cgitrc - readme=:README.md readme=:readme.md readme=:README.mkd readme=:readme.mkd readme=:README.rst readme=:readme.rst readme=:README.html readme=:readme.html readme=:README.htm readme=:readme.htm readme=:README.txt readme=:readme.txt readme=:README readme=:readme readme=:INSTALL.txt readme=:install.txt readme=:INSTALL readme=:install Suggested-by: John Keeping <john@keeping.me.uk> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* readme: Accept multiple candidates and test them.Jason A. Donenfeld2013-05-25
| | | | | | | | | | | The readme variable may now contain multiple space deliminated entries, which per usual are either a filepath or a git ref filepath. If multiple are specified, cgit will now select the first one in the list that exists. This is to make it easier to specify multiple default readme types in the main cgitrc file and have them automatically get applied to each repo based on what exists. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ui-summary: Pass filename to about-filterJason A. Donenfeld2013-05-25
| | | | | | | | | | This gives the about-filter API the same semantics as source-filter, where the filter receives the filename so it can decide what to do next with it. While we're at it, plug a memory leak. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* cgit.c: Do not reset HOME after unsetting it.Jason A. Donenfeld2013-05-25
| | | | | | | | | | The number of odd cases in which git will try to read config is far too great to keep putting a bandaid over each one, so we'll just unset it. If it turns out that scripts really liked to know about $HOME, we can always reset it in the filter forks. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* cgit.c: sync repo config printing with struct cgit_repoJason A. Donenfeld2013-05-25
| | | | | | | | We've now added quite a few config keys for repositories, but we've forgotten to update the printing of it for cache files. Synchronize the two. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Add branch-sort and repo.branch-sort options.Jason A. Donenfeld2013-04-10
| | | | | | | | | | | When set to "name", branches are sorted by name, which is the current default. When set to "age", branches are sorted by the age of the repository. This feature was requested by Konstantin Ryabitsev for use on kernel.org. Proposed-by: Konstantin Ryabitsev <mricon@kernel.org>
* cgit.c: Do not restore unset environment variablesLukas Fleischer2013-04-10
| | | | | | | | | | | getenv() returns a NULL pointer if the specified variable name cannot be found in the environment. However, some setenv() implementations crash if a NULL pointer is passed as second argument. Only restore variables that are not NULL. See commit d96d2c98ebc4c2d3765f5b35c4142e0e828a421b for a related patch. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Do not load user or system gitconfig and gitattributesJason A. Donenfeld2013-04-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | While doing any kind of git loading, unset HOME variables and set NOSYSTEM variables so that cgit does not load any settings that a user may have set for his own /usr/bin/git usage. This fixes a fatal error introduced with git 1.8, whereupon git would fatally exit when failing to access particular files. The result of this is that only repo-local configuration files are accessed: zx2c4@thinkpad ~/Projects/cgit $ HOME=/root QUERY_STRING="url=foo/log" CGIT_CONFIG=tests/trash/cgitrc strace -e access ./cgit >/dev/null access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) access("repos/foo/.git/objects", X_OK) = 0 access("repos/foo/.git/refs", X_OK) = 0 access("repos/foo/.git/config", R_OK) = 0 access("repos/foo/.git/config", R_OK) = 0 access("repos/foo/.git/objects/b3/bafdbf0183f4897ef8b1319cb8c490ed54717e", F_OK) = 0 access("repos/foo/.git/objects/b3/bafdbf0183f4897ef8b1319cb8c490ed54717e", F_OK) = 0 access("repos/foo/.git/objects/b3/bafdbf0183f4897ef8b1319cb8c490ed54717e", F_OK) = 0 access("repos/foo/.git/objects/b3/bafdbf0183f4897ef8b1319cb8c490ed54717e", F_OK) = 0 +++ exited with 0 +++ Reported-by: Ferry Huberts <ferry.huberts@pelagic.nl> Tested-by: Jason A. Donenfeld <Jason@zx2c4.com> Tested-by: Ferry Huberts <ferry.huberts@pelagic.nl> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* use struct strbuf instead of static buffersJohn Keeping2013-04-08
| | | | | | | | | | | | | | | | | | | Use "struct strbuf" from Git to remove the limit on file path length. Notes on scan-tree: This is slightly involved since I decided to pass the strbuf into add_repo() and modify if whenever a new file name is required, which should avoid any extra allocations within that function. The pattern there is to append the filename, use it and then reset the buffer to its original length (retaining a trailing '/'). Notes on ui-snapshot: Since write_archive modifies the argv array passed to it we copy the argv_array values into a new array of char* and then free the original argv_array structure and the new array without worrying about what the values now look like. Signed-off-by: John Keeping <john@keeping.me.uk>
* Convert cgit_print_error to a variadic functionJohn Keeping2013-04-08
| | | | | | | | | This removes many uses of "fmt" which uses a fixed size static pool of fixed size buffers. Instead of relying on these, we now pass around argument lists for as long as possible before using a strbuf to render content of an arbitrary size. Signed-off-by: John Keeping <john@keeping.me.uk>
* Fix out-of-bounds memory accesses with virtual_root=""John Keeping2013-04-08
| | | | | | | | | | | | | | | | The CGit configuration variable virtual_root is normalized so that it does not have a trailing '/' character, but it is allowed to be empty (the empty string and NULL have different meanings here) and there is code that is insufficiently cautious when checking if it ends in a '/': if (virtual_root[strlen(virtual_root) - 1] != '/') Clearly this check is redundant, but rather than simply removing it we get a slight efficiency improvement by switching the normalization so that the virtual_root variable always ends in '/'. Do this with a new "ensure_end" helper. Signed-off-by: John Keeping <john@keeping.me.uk>
* Do not unnecessarily strdup() environment variablesLukas Fleischer2013-04-08
| | | | | | | | | | This reverts the memory duplication introduced in commit 60a2627, while keeping everything else that has been cleaned up. The environment variables are never modified, so we do not need to call xstrdupn() here. Also, remove xstrdupn() which is no longer needed. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Maŕk cgit_environment members constLukas Fleischer2013-04-08
| | | | | | | | These reflect the values of environment variables and should never be changed. Add another xstrdup() when we assign environment variables to strings that are potentially non-constant. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* find_default_branch(): Free refmatch after usageLukas Fleischer2013-03-04
| | | | | | | | | | | | | | | | | | | | Fixes following memory leak seen with "PATH_INFO=/cgit/refs/": ==13408== 7 bytes in 1 blocks are definitely lost in loss record 4 of 52 ==13408== at 0x4C2C04B: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==13408== by 0x56F2DF1: strdup (in /usr/lib/libc-2.17.so) ==13408== by 0x46CA78: xstrdup (wrapper.c:35) ==13408== by 0x405840: find_current_ref (cgit.c:426) ==13408== by 0x44BE5A: do_one_ref (refs.c:527) ==13408== by 0x44D3E0: do_for_each_ref_in_dir (refs.c:553) ==13408== by 0x44D85A: do_for_each_ref (refs.c:1298) ==13408== by 0x405889: find_default_branch (cgit.c:438) ==13408== by 0x405AC4: prepare_repo_cmd (cgit.c:490) ==13408== by 0x405D97: process_request (cgit.c:557) ==13408== by 0x407490: cache_process (cache.c:322) ==13408== by 0x406C18: main (cgit.c:864) Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Mark several functions/variables staticLukas Fleischer2013-03-04
| | | | | | Spotted by parsing the output of `gcc -Wmissing-prototypes [...]`. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* cgit.c: Remove parameter from guess_defbranch()Lukas Fleischer2013-03-04
| | | | | | We use resolve_ref() since commit 8d7c2ec2, so this is no longer needed. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* White space around control verbs.Jason A. Donenfeld2013-03-04
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Fix several whitespace errorsLukas Fleischer2013-03-04
| | | | | | | | | | * Remove whitespace at the end of lines. * Replace space indentation by tabs. * Add whitespace before/after several operators ("+", "-", "*", ...) * Add whitespace to assignments ("foo = bar;"). * Fix whitespace in parameter lists ("foobar(foo, bar, 42)"). Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Update git to v1.7.9.7John Keeping2013-03-02
| | | | | | resolve_ref() is renamed to resolve_ref_unsafe(). CGit's usage is safe. Signed-off-by: John Keeping <john@keeping.me.uk>
* Make "owner" column on index page configurableFlorian Pritz2013-02-01
| | | | | | | | | This is not really needed for personal sites where all repos belong to the same person. Since it is pretty useful for shared sites however, it should be configurable. Signed-off-by: Florian Pritz <bluewind@xinu.at> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ui-log: Add "commit-sort" option for controlling commit orderingTobias Bieniek2012-10-17
| | | | | | | This makes it possible to use strict commit date ordering or strict topological ordering by passing the corresponding flags to "git log". Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ui-repolist: Add "section-sort" flag to control section sorting.Tobias Bieniek2012-10-17
| | | | | | | | Flag which, when set to "1", will sort the sections on the repository listing by name. Set this flag to "0" if the order in the cgitrc file should be preserved. Default value: "1". Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* scan-tree: Unify gitweb.* and cgit.* settings into one config option.Jason A. Donenfeld2012-10-17
| | | | | | | | | | | | | | | | | | | | | | | | | | After some back and forth with Jamie and René, it looks like the git config semantics are going to be like this: - gitweb.category maps to the cgit repo config key "section" - gitweb.description maps to the cgit repo config key "desc" - gitweb.owner maps to the cgit repo config key "owner" - cgit.* maps to all cgit repo config keys This option can be enabled with "enable-git-config=1", and replaces all previous "enable-gitweb-*" config keys. The order of operations is as follows: - git config settings are applied in the order that they exist in the git config file - if the owner is not set from git config, get the owner using the usual getpwuid call - if the description is not set from git config, look inside the static $path/description file - if section-from-path=1, override whatever previous settings were inside of git config using the section-from-path logic - parse $path/cgitrc for local repo.* settings, that override all previous settings
* ui-repolist: Rename section-sort to repository-sort.Jason A. Donenfeld2012-10-16
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* repo_config: do not let globals override repo settingsTobias Bieniek2012-10-16
| | | | | | | | | | | | This makes it possible to activate the enable_commit_graph, enable_log_filecount, and enable_log_linecount for individual repositories, even if the global setting is "0" (default). The commit that introduced the broken behavior was e189344, and the commit message of that makes it clear that this wasn't the intended behavior. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Update copyright headers to have latest dates.Jason A. Donenfeld2012-07-12
|
* ui-repolist: Case insensitive sorting and age sortJason A. Donenfeld2012-07-12
| | | | | | Add two options, one for doing the ordinary name sorts in a case-insensitive manner, and another for choosing to sort repos in each section by age instead of by name.
* scan-tree: Support gitweb.category.Jason A. Donenfeld2012-07-12
| | | | | Use gitweb.category from git config to determine repo's section, if option is enabled.
* scan-tree: Support gitweb.description.Jason A. Donenfeld2012-07-12
| | | | | Use gitweb.description instead of description file to determine description, if option is enabled.
* Merge branch 'fh/mimetypes'Lars Hjemli2012-03-18
|\
| * ui_plain: automatically lookup mimetype when mimetype-file is setFerry Huberts2011-07-19
| | | | | | | | | | | | | | | | | | | | | | | | For sites that do not want to configure mime types by hand but still want the correct mime type for 'plain' blobs, configuring a mime type file is made possible. This is handy since such a file is normally already provided (at least on Linux systems). Also, this reflects the gitweb option '$mimetypes_file' Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* | Merge branch 'jp/defbranch'Lars Hjemli2012-03-18
|\ \
| * | cgit.c: use resolve_ref() to guess_defbranch()Lars Hjemli2011-06-20
| | | | | | | | | | | | | | | | | | | | | | | | The resolve_ref() function handles reading of git- and filesystem symbolic links (including proper whitespace trimming) and packed refs. There's no point in reimplementing this function in cgit. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
| * | Only guess default branch when a repo page is requestedLars Hjemli2011-06-20
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | There's no need to invoke guess_defbranch() for each repo during scan-path, since repo.defbranch is only used when repo content is being displayed. Also, some users prefer to register their projects manually in cgitrc but they got no benefit from the new repo.defbranch handling. This patch tries to rectify these issues by only invoking guess_defbranch() when needed, regardless of how the repo was registered. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* | Merge branch 'lh/module-links'Lars Hjemli2012-03-18
|\ \