about summary refs log tree commit diff
Commit message (Collapse)AuthorAge
...
* auth: lua string comparisons are time invariantJason A. Donenfeld2014-01-16
| | | | | | By default, strings are compared by hash, so we can remove this comment. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* authentication: use hidden form instead of refererJason A. Donenfeld2014-01-16
| | | | | | | This also gives us some CSRF protection. Note that we make use of the hmac to protect the redirect value. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: add basic authentication filter frameworkJason A. Donenfeld2014-01-16
| | | | | | | | | | | | | | | | This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* t0111: Additions and fixesLukas Fleischer2014-01-16
| | | | | | | | | * Rename the capitalize-* filters to dump.* since they also dump the arguments. * Add full argument validation to the email filters. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* parsing.c: Remove leading space from committerLukas Fleischer2014-01-16
| | | | | | | | This did not really break anything in the past since spaces are ignored when rendering HTML. Remove the preceding space anyway to prevent from potential future problems. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Add .mailmapLukas Fleischer2014-01-15
| | | | Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* t0111: Add basic tests for Lua filtersLukas Fleischer2014-01-15
| | | | | | | | | | | | | | | * Validate the email filter by manipulating stdin. Additional checks for all the arguments can be added in a later patch. * Add the exec prefix to all informational messages. * Rename the filter repository to filter-exec. The Git repository itself is not renamed since it can be shared amongst all filter types. * In the filter checks, check whether all arguments are passed properly instead of validating the buffer/stdin only. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* email-gravatar: fix html syntax issuesChristian Hesse2014-01-15
| | | | | an attribute value specification must be an attribute value literal unless SHORTTAG YES is specified
* email-gravatar: do not scale icons upJason A. Donenfeld2014-01-14
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: allow returning exit code from filterJason A. Donenfeld2014-01-14
| | | | | | | Filters can now indicate a status back to cgit by means of the exit code for exec, or the return value from close for Lua. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* tests/: Add t0111-filter.shLukas Fleischer2014-01-14
| | | | | | This adds basic tests for all types of exec filters. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* email-gravatar: fix html syntax issuesChristian Hesse2014-01-14
| | | | | | * make ampersand a html entity * add required alt attribute * add required img end tag
* email-gravatar.py: fix UTF-8Christian Hesse2014-01-14
|
* email-gravatar.lua: fix for lua 5.2Christian Hesse2014-01-14
|
* makefile: only display lua message onceJason A. Donenfeld2014-01-14
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* README: document lua makefile flagsJason A. Donenfeld2014-01-14
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* cgitrc.5.txt: Fix documentation of the snapshot maskLukas Fleischer2014-01-14
| | | | | | | | Mention that the snapshot setting only specifies the formats that links are generated for and not the set of formats that are accessible via HTTP. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* makefile: auto-detect presence of various Lua, bsdJason A. Donenfeld2014-01-14
| | | | | | | | | | | | We favor LuaJIT over Lua. We disable Lua if neither can be found. We error out if a particular Lua is specified via LUA_IMPLEMENTATION=JIT or LUA_IMPLEMENTATION=VANILLA, but cannot be found. We print a status message depending on what happens. Also, we do not link against libdl on the BSDs, since they include it as part of libc. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: style tweaksJason A. Donenfeld2014-01-14
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: add page source to email filterJason A. Donenfeld2014-01-14
| | | | | | | | Since the email filter is called from lots of places, the script might benefit from knowing the origin. That way it can modify its contents and/or size depending. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: add gravatar scriptsJason A. Donenfeld2014-01-14
| | | | | | | The lua one is hugely faster than the python one, but both are included for comparison. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: add support for email filterJason A. Donenfeld2014-01-14
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: return on null filter from open and closeJason A. Donenfeld2014-01-14
| | | | | | | | So that we don't have to include the if(filter) open_filter(filter) block everywhere, we introduce the guard in the function itself. This should simplify quite a bit of code. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: add lua supportJason A. Donenfeld2014-01-14
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: basic write hooking infrastructureJason A. Donenfeld2014-01-14
| | | | | | | | | | | | | | | | | Filters can now call hook_write and unhook_write if they want to redirect writing to stdout to a different function. This saves us from potential file descriptor pipes and other less efficient mechanisms. We do this instead of replacing the call in html_raw because some places stdlib's printf functions are used (ui-patch or within git itself), which has its own internal buffering, which makes it difficult to interlace our function calls. So, we dlsym libc's write and then override it in the link stage. While we're at it, we move considerations of argument count into the generic new filter handler. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: allow for cleanup hook for filter typesJason A. Donenfeld2014-01-14
| | | | | | | | | | | | At some point, we're going to want to do lazy deallocation of filters. For example, if we implement lua, we'll want to load the lua runtime once for each filter, even if that filter is called many times. Similarly, for persistent exec filters, we'll want to load it once, despite many open_filter and close_filter calls, and only reap the child process at the end of the cgit process. For this reason, we add here a cleanup function that is called at the end of cgit's main(). Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: introduce "filter type" prefixJohn Keeping2014-01-14
| | | | | | | | This allows different filter implementations to be specified in the configuration file. Currently only "exec" is supported, but it may now be specified either with or without the "exec:" prefix. Signed-off-by: John Keeping <john@keeping.me.uk>
* filter: add interface layerJohn Keeping2014-01-14
| | | | | | | | | | | | | | Change the existing cgit_{open,close,fprintf}_filter functions to delegate to filter-specific implementations accessed via function pointers on the cgit_filter object. We treat the "exec" filter type slightly specially here by putting its structure definition in the header file and providing an "init" function to set up the function pointers. This is required so that the ui-snapshot.c code that applies a compression filter can continue to use the filter interface to do so. Signed-off-by: John Keeping <john@keeping.me.uk>
* filter: add fprintf_filter functionJohn Keeping2014-01-14
| | | | | | | | This stops the code in cgit.c::print_repo needing to inspect the cgit_filter structure, meaning that we can abstract out different filter types that will have different fields that need to be printed. Signed-off-by: John Keeping <john@keeping.me.uk>
* authors: specify maintainersJason A. Donenfeld2014-01-14
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filters: Improved syntax-highlighting.pyStefan Tatschner2014-01-13
| | | | | | | | | | | | | | | | - Switched back to python2 according to a problem in pygments with python3. With the next release of pygments this problem should be fixed. Issue see here: https://bitbucket.org/birkenfeld/pygments-main/issue/901/problems-with-python3 - Just read the stdin, decode it to utf-8 and ignore unknown signs. This ensures that even destroyed files do not cause any errors in the filter. - Improved language guessing: -> At first use guess_lexer_for_filename for a better detection of the used programming languages (even mixed cases will be detected, e.g. php + html). -> If nothing was found look if there is a shebang and use guess_lexer. -> As default/fallback choose TextLexer. Signed-off-by: Stefan Tatschner <stefan@sevenbyte.org>
* tests: add CGIT_TEST_OPTS variable to MakefileJohn Keeping2014-01-12
| | | | | | | | | This allows running the entire test suite with a set of command-line options. For example: make test CGIT_TEST_OPTS=--valgrind Signed-off-by: John Keeping <john@keeping.me.uk>
* ui-repolist: HTML-escape cgit_rooturl() responseJohn Keeping2014-01-12
| | | | | | | This is for consistency with other callers. The value returned from cgit_rooturl is not guaranteed to be HTML-safe. Signed-off-by: John Keeping <john@keeping.me.uk>
* ui-shared: URL-escape script_nameJohn Keeping2014-01-12
| | | | | | | | As far as I know, there is no requirement that $SCRIPT_NAME contain only URL-safe characters, so we need to make sure that any special characters are escaped. Signed-off-by: John Keeping <john@keeping.me.uk>
* ui-refs: escape HTML chars in author and tagger namesJohn Keeping2014-01-12
| | | | | | | Everywhere else we use html_txt to escape any special characters in these variables. Do so here as well. Signed-off-by: John Keeping <john@keeping.me.uk>
* filter: pass extra arguments via cgit_open_filterJohn Keeping2014-01-12
| | | | | | | | | This avoids poking into the filter data structure at various points in the code. We rely on the fact that the number of arguments is fixed based on the filter type (set in cgit_new_filter) and that the call sites all know which filter type they're using. Signed-off-by: John Keeping <john@keeping.me.uk>
* ui-snapshot: set unused cgit_filter fields to zeroJohn Keeping2014-01-12
| | | | | | | | | By switching the assignment of fields in the cgit_filter structure to use designated initializers, the compiler will initialize all other fields to their default value. This will be needed when we add the extra_args field in the next patch. Signed-off-by: John Keeping <john@keeping.me.uk>
* html: remove redundant htmlfd variableJohn Keeping2014-01-12
| | | | | | | This is never changed from STDOUT_FILENO, so just use that value directly. Signed-off-by: John Keeping <john@keeping.me.uk>
* tests: add Valgrind supportJohn Keeping2014-01-12
| | | | | | | Now running tests with the "--valgrind" option will run cgit under Valgrind instead of all Git commands. Signed-off-by: John Keeping <john@keeping.me.uk>
* cache: don't leave cache_slot fields uninitializedJohn Keeping2014-01-12
| | | | | | | | | | | | | | | | | | | | | | Valgrind says: ==18344== Conditional jump or move depends on uninitialised value(s) ==18344== at 0x406C83: open_slot (cache.c:63) ==18344== by 0x407478: cache_ls (cache.c:403) ==18344== by 0x404C9A: process_request (cgit.c:639) ==18344== by 0x406BD2: fill_slot (cache.c:190) ==18344== by 0x4071A0: cache_process (cache.c:284) ==18344== by 0x404461: main (cgit.c:952) ==18344== Uninitialised value was created by a stack allocation ==18344== at 0x40738B: cache_ls (cache.c:375) This is caused by the keylen field being used to calculate whether or not a slot is matched. We never then check the value of this and the length of data read depends on the key length read from the file so this isn't dangerous, but it's nice to avoid branching based on uninitialized data. Signed-off-by: John Keeping <john@keeping.me.uk>
* filter: split filter functions into their own fileJason A. Donenfeld2014-01-10
| | | | | | A first step for more interesting things. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: make exit status localJason A. Donenfeld2014-01-10
| | | | | | | | It's only used in one place, and not useful to have around since close_filter will die() if exit_status isn't what it expects, anyway. So this is best as just a local variable instead of as part of the struct. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* parsing: fix header typoJason A. Donenfeld2014-01-10
|
* cgit.c: Fix comment on bit mask hackLukas Fleischer2014-01-10
| | | | | | | | | * Formatting and spelling fixes. * A bit mask with the size of one byte only allows for storing 8 (not 255!) different flags. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* cgit.c: Use "else" for mutually exclusive branchesLukas Fleischer2014-01-10
| | | | | | | | When parsing command line arguments, no pair of command line options can ever match simultaneously. Use "else if" blocks to reflect this. This change improves both readability and speed. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* ui-snapshot.c: Do not reinvent suffixcmp()Lukas Fleischer2014-01-10
| | | | | | | Use suffixcmp() from Git instead of reimplementing it. This is a preparation for moving to ends_with() in Git 1.8.6. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Refactor cgit_parse_snapshots_mask()Lukas Fleischer2014-01-10
| | | | | | | Use Git string lists instead of str{spn,cspn,ncmp}() magic. This significantly improves readability. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Disallow use of undocumented snapshot delimitersLukas Fleischer2014-01-10
| | | | | | | | | | | | | | | Since the introduction of selective snapshot format configuration in dc3c9b5 (allow selective enabling of snapshots, 2007-07-21), we allowed seven different delimiters for snapshot formats, while the documentation has always been clear about spaces being the only valid delimiter: The value is a space-separated list of zero or more of the values "tar", "tar.gz", "tar.bz2", "tar.xz" and "zip". Supporting the undocumented delimiters makes the code unnecessarily complex. Remove them. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* Replace most uses of strncmp() with prefixcmp()Lukas Fleischer2014-01-10
| | | | | | | This is a preparation for replacing all prefix checks with either strip_prefix() or starts_with() when Git 1.8.6 is released. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
* README: Fix dependenciesLukas Fleischer2014-01-09
| | | | | | | | | * Remove the dependency on Git (which can be obtained automatically when building, using either the Git submodule or `make get-git`). * Use proper upstream names of dependencies. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>