Commit Graph

261 Commits

Author SHA1 Message Date
Christian Hesse
cef27b670a git: update to v2.30.0
Update to git version v2.30.0, this requires changes for these
upstream commits:

* 88894aaeeae92e8cb41143cc2e045f50289dc790
  blame: simplify 'setup_scoreboard' interface

* 1fbfdf556f2abc708183caca53ae4e2881b46ae2
  banned.h: mark non-reentrant gmtime, etc as banned

Signed-off-by: Christian Hesse <mail@eworm.de>
2020-12-29 12:29:42 +01:00
Christian Hesse
779631c6dc global: replace references to 'sha1' with 'oid'
For some time now sha1 is considered broken and upstream is working to
replace it with sha256. Replace all references to 'sha1' with 'oid',
just as upstream does.

Signed-off-by: Christian Hesse <mail@eworm.de>
2020-10-20 23:57:12 +02:00
Jason A. Donenfeld
54c407a74a ui-shared: restrict to 15 levels
Perhaps a more ideal version of this would be to not print breadcrumbs
at all for paths that don't exist in the given repo at the given oid.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Fydor Wire Snark <wsnark@tuta.io>
2019-05-20 21:53:16 +02:00
Jason A. Donenfeld
e23f63461f ui-shared: fix broken sizeof in title setting and rewrite
The old algorithm was totally incorrect. While we're at it, use «
instead of \, since it makes more sense.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-02 16:13:57 +01:00
Jason A. Donenfeld
898b9e19e0 auth-filter: pass url with query string attached
Otherwise redirections come out wrong.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-25 06:01:34 +01:00
Christian Hesse
2fc008d6de ui-shared: ban strcat()
Git upstream bans strcat() with commit:

  banned.h: mark strcat() as banned
  1b11b64b815db62f93a04242e4aed5687a448748

To avoid compiler warnings from gcc 8.1.x we get the hard way.

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-09-11 08:47:12 +02:00
Jason A. Donenfeld
08a2b1b8f8 Fix gcc 8.1.1 compiler warnings
CC ../shared.o
../shared.c: In function ‘expand_macro’:
../shared.c:487:3: warning: ‘strncpy’ specified bound depends on the length of the source argument [-Wstringop-overflow=]
   strncpy(name, value, len);
   ^~~~~~~~~~~~~~~~~~~~~~~~~
../shared.c:484:9: note: length computed here
   len = strlen(value);
         ^~~~~~~~~~~~~
../ui-shared.c: In function ‘cgit_repobasename’:
../ui-shared.c:136:2: warning: ‘strncpy’ specified bound 1024 equals destination size [-Wstringop-truncation]
  strncpy(rvbuf, reponame, sizeof(rvbuf));
  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    CC ../ui-ssdiff.o
../ui-ssdiff.c: In function ‘replace_tabs’:
../ui-ssdiff.c:142:4: warning: ‘strncat’ output truncated copying between 1 and 8 bytes from a string of length 8 [-Wstringop-truncation]
    strncat(result, spaces, 8 - (strlen(result) % 8));
    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-04 03:13:41 +02:00
Christian Hesse
7ba41963dd snapshot: support tar signature for compressed tar
This adds support for kernel.org style signatures where the uncompressed
tar archive is signed and compressed later. The signature is valid for
all tar* snapshots.

We have a filter which snapshots may be generated and downloaded. This has
to allow tar signatures now even if tar itself is not allowed. To simplify
things we allow all signatures.

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-07-03 20:37:44 +02:00
Jason A. Donenfeld
b522a302c9 extra-head-content: introduce another option for meta tags
This is to support things like go-import meta tags, which are on a
per-repo basis.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-03 20:37:00 +02:00
Christian Hesse
54d37dc154 global: remove functionality we deprecated for cgit v1.0
The man page states these were deprecated for v1.0. We are past v1.1,
so remove the functionality.

Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
2018-06-27 18:13:03 +02:00
Christian Hesse
2f8648ff7f snapshot: strip bit from struct cgit_snapshot_format
We had a static bit value in struct cgit_snapshot_format. We do not rely
on it and things can be calculated on the fly. So strip it.

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-06-27 18:13:00 +02:00
John Keeping
c712d5ac43 snapshot: support archive signatures
Read signatures from the notes refs refs/notes/signatures/$FORMAT where
FORMAT is one of our archive formats ("tar", "tar.gz", ...).  The note
is expected to simply contain the signature content to be returned when
the snapshot "${filename}.asc" is requested, so the signature for
cgit-1.1.tar.xz can be stored against the v1.1 tag with:

	git notes --ref=refs/notes/signatures/tar.xz add -C "$(
		gpg --output - --armor --detach-sign cgit-1.1.tar.xz |
		git hash-object -w --stdin
	)" v1.1

and then downloaded by simply appending ".asc" to the archive URL.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
2018-06-27 18:11:19 +02:00
John Keeping
e491eaa5df ui-shared: pass separator in to cgit_print_snapshot_links()
cgit_print_snapshot_links() is almost identical to
print_tag_downloads(), so let's extract the difference to a parameter in
preparation for removing print_tag_downloads() in the next commit.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
2018-06-27 18:11:19 +02:00
John Keeping
5b1f42ffee ui-shared: use the same snapshot logic as ui-refs
Make snapshot links in the commit UI use the same prefix algorithm as
those in the summary UI, so that refs starting with the snapshot prefix
are used as-is rather than composed with the prefix repeated.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
2018-06-27 18:11:19 +02:00
John Keeping
82aadcfc51 ui-shared: rename parameter to cgit_print_snapshot_links()
This is expected to be a ref not a hex object ID, so name it more
appropriately.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
2018-06-27 18:11:19 +02:00
John Keeping
63da41a915 ui-shared: remove unused parameter
The "head" parameter to cgit_print_snapshot_links() is never used, so
remove it.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
2018-06-27 18:11:19 +02:00
John Keeping
c1572bb5ec Add "snapshot-prefix" repo configuration
Allow using a user-specified value for the prefix in snapshot files
instead of the repository basename.  For example, files downloaded from
the linux-stable.git repository should be named linux-$VERSION and not
linux-stable-$VERSION, which can be achieved by setting:

	repo.snapshot-prefix=linux

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
2018-06-27 18:11:19 +02:00
John Keeping
bd1b281478 ui-shared: pass repo object to print_snapshot_links()
Both call sites of cgit_print_snapshot_links() use the same values for
the snapshot mask and repository name, which are derived from the
cgit_repo structure so let's pass in the structure and access the fields
directly.

Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
2018-06-27 18:11:19 +02:00
Christian Hesse
e65ea965a0 print git version string in footer
This helps tracking what git version cgit uses. The security implications are
low as anybody can look up the version of our submodule anyway. The paranoid
can use a custom footer. :-p

On the other hand this brings potential security issues to the
administrators eyes...

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-06-27 18:01:29 +02:00
Christian Hesse
fb804a3537 git: update to v2.17.1
Update to git version v2.17.1. Required changes:

* The function 'typename' has been renamed to 'type_name'
  (upstream commit debca9d2fe784193dc2d9f98b5edac605ddfefbb)

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-06-27 18:01:29 +02:00
Ville Skyttä
98abe5bb9e ui-shared: use type='search' for the search box
Signed-off-by: Ville Skyttä <ville.skytta@iki.fi>
2017-10-15 18:43:57 +02:00
Jeff Smith
1649afdc9b ui-tree: link to blame UI if enabled
Create links to the blame page.

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
2017-10-03 19:19:34 +01:00
Jeff Smith
f6ffe40d1a ui-shared: make a char* parameter const
All cgit_xxx_link functions take const char* for the 'name' parameter,
except for cgit_commit_link, which takes a char* and subsequently
modifies the contents.  Avoiding the content changes, and making it
const char* will avoid the need to make copies of const char* strings
being passed to cgit_commit_link.

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
2017-10-03 19:19:34 +01:00
Jeff Smith
9337c7ee83 ui-tree: move set_title_from_path to ui-shared
The ui-blame code will also need to call set_title_from_path, so go
ahead and move it to ui-shared.

Signed-off-by: Jeff Smith <whydoubt@gmail.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
2017-10-03 19:19:34 +01:00
John Keeping
1b4ef6783a ui-shared: don't print path crumbs without a repo
cgit_print_path_crumbs() can call repolink() which assumes that ctx.repo
is non-null.  Currently we don't have any commands that set want_vpath
without also setting want_repo so it shouldn't be possible to fail this
test, but the check in cgit.c is in the wrong order so it is possible to
specify a query string like "?p=log&path=foo/bar" to end up here without
a valid repository.

This was found by American fuzzy lop [0].

[0] http://lcamtuf.coredump.cx/afl/

Signed-off-by: John Keeping <john@keeping.me.uk>
2017-08-10 16:05:07 +02:00
Christian Hesse
6bef566f99 ui-shared: replace 'unsigned char sha1[20]' with 'struct object_id oid'
Upstream git is replacing 'unsigned char sha1[20]' with 'struct object_id
oid'. We have some code that can be changed independent from upstream. So
here we go...
2016-10-04 09:47:18 +02:00
John Keeping
bead27b730 ui-shared: fix decl-after-statement warnings
git.git's coding style avoids decl-after-statement and we generally try
to follow it but a few warnings have crept in recently.  Fix the ones in
ui-shared.c

Signed-off-by: John Keeping <john@keeping.me.uk>
2016-10-01 11:43:45 +01:00
Eric Wong
590ba455d6 ui-shared: fix segfault when defbranch is NULL
Not sure if there's a better fix for this.  defbranch is
NULL here on my setup when a crawler hit an invalid URL,
causing strcmp to segfault.

Signed-off-by: Eric Wong <normalperson@yhbt.net>
2016-07-06 11:29:23 +02:00
Lukas Fleischer
9984e7ab49 Avoid ambiguities when prettifying snapshot names
When composing snapshot file names for a tag with a prefix of the form
v[0-9] (resp. V[0-9]), the leading "v" (resp. "V") is stripped. This
leads to conflicts if a tag with the stripped name already exists or if
there are tags only differing in the capitalization of the leading "v".
Make sure we do not strip the "v" in these cases.

Reported-by: Juuso Lapinlampi <wub@partyvan.eu>
Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
2016-07-05 16:14:40 +02:00
Jason A. Donenfeld
d88ec849c4 Hosted on HTTPS now 2016-06-07 14:49:35 +02:00
Jason A. Donenfeld
c34e28835b forms: action should not be empty
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-05-12 21:29:49 +02:00
Juuso Lapinlampi
9afda36ed7 ui-shared: Remove a name attribute with an empty value
The name attribute is optional in an input element, but it must not be
an empty value.

See: https://html.spec.whatwg.org/#attr-fe-name
See: https://html.spec.whatwg.org/#the-input-element
2016-05-12 17:43:36 +02:00
Juuso Lapinlampi
8d05b398bb ui-shared: HTML-ize DOCTYPE and <html>
Get rid of the XHTML headers, bringing cgit slowly to the modern age of
HTML.
2016-05-12 17:38:01 +02:00
Juuso Lapinlampi
80f12b3e7e ui-shared: Simplify cgit_print_error_page() logic 2016-05-12 17:38:00 +02:00
Jason A. Donenfeld
e9cbdf6463 ui-shared: redirect should not exit early for cache
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-02-26 13:24:35 +01:00
Jason A. Donenfeld
c424b5cb02 tabs: do not use target=_blank 2016-02-23 15:35:32 +01:00
Jason A. Donenfeld
5f2664f13c ui-shared: add homepage to tabs
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2016-02-22 18:40:13 +01:00
John Keeping
9c15f3c695 Avoid DATE_STRFTIME for long/short dates
Git's DATE_STRFTIME ignores the timezone argument and just uses the
local timezone regardless of whether the "local" flag is set.

Since our existing FMT_LONGDATE and FMT_SHORTDATE are pretty-much
perfect matches to DATE_ISO8601 and DATE_SHORT, switch to taking a
date_mode_type directly in cgit_date_mode().

Signed-off-by: John Keeping <john@keeping.me.uk>
2016-02-08 18:28:18 +01:00
John Keeping
17c74eefa4 ui-shared: remove cgit_print_date()
There are no longer any users of this function.

Signed-off-by: John Keeping <john@keeping.me.uk>
2016-02-08 14:23:16 +01:00
John Keeping
e68c86e8c5 ui-shared: use show_date for footer timestamp
Signed-off-by: John Keeping <john@keeping.me.uk>
2016-02-08 14:22:42 +01:00
John Keeping
f2a901d2e1 ui: show ages in the originator's timezone
This affects the tooltip showing the full time and the case when a date
is sufficiently old to be shown in full rather than as an offset.

Signed-off-by: John Keeping <john@keeping.me.uk>
2016-02-08 14:22:21 +01:00
John Keeping
360af46fac ui-shared: add cgit_date_mode()
This returns the correct mode value for use with Git's show_date() based
on the current CGit configuration and will be used in the following
patches.

Signed-off-by: John Keeping <john@keeping.me.uk>
2016-02-08 14:21:34 +01:00
John Keeping
57ea1aa2a5 ui-shared: remove "format" from cgit_print_age()
We never use any format other than FMT_SHORTDATE, so move that into the
function.

Signed-off-by: John Keeping <john@keeping.me.uk>
2016-02-08 14:19:33 +01:00
Jason A. Donenfeld
513b3863d9 ui-shared: prevent malicious filename from injecting headers 2016-01-14 14:28:37 +01:00
Jason A. Donenfeld
4291453ec3 ui-shared: Avoid new line injection into redirect header 2016-01-14 14:18:17 +01:00
Lukas Fleischer
da1b89710f Fix segmentation fault in hc()
The ctx.qry.page variable might be unset at this point, e.g. when an
invalid command is passed and cgit_print_pageheader() is called to show
an error message.

Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
2016-01-13 17:14:01 +01:00
Christian Hesse
559ab5ecc4 git: update to v2.7.0
Update to git version v2.7.0.

* Upstream commit ed1c9977cb1b63e4270ad8bdf967a2d02580aa08 (Remove
  get_object_hash.) changed API:

  Convert all instances of get_object_hash to use an appropriate
  reference to the hash member of the oid member of struct object.
  This provides no functional change, as it is essentially a macro
  substitution.

Signed-off-by: Christian Hesse <mail@eworm.de>
2016-01-13 17:12:17 +01:00
Christian Hesse
6edfc1672c ui-shared: fix resource leak: free allocation from cgit_hosturl
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 14:04:42 +02:00
Christian Hesse
f77e2a8cfa ui-shared: return value of cgit_hosturl is not const
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 14:04:27 +02:00
Christian Hesse
3e244a0cca ui-shared: fix resource leak: free allocation from cgit_currenturl
Coverity-id: 13927
Signed-off-by: Christian Hesse <mail@eworm.de>
2015-10-09 14:02:41 +02:00