Commit Graph

1608 Commits

Author SHA1 Message Date
Jason A. Donenfeld
6a8d6d4b50 global: use proper accessors for maybe_tree
A previous commit changed ->tree to ->maybe_tree throughout, which may
have worked at the time, but wasn't safe, because maybe_tree is loaded
lazily. This manifested itself in crashes when using the "follow" log
feature. The proper fix is to use the correct contextual accessors
everytime we want access to maybe_tree. Thankfully, the commit.cocci
script takes care of creating mostly-correct patches that we could then
fix up, resulting in this commit here.

Fixes: 255b78f ("git: update to v2.18.0")
Reviewed-by: Christian Hesse <mail@eworm.de>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-03-13 17:48:34 -06:00
Christian Hesse
892ba8c3cc ui-snapshot: add support for zstd compression
This patch adds support for zstd [0] compressed snapshots (*.tar.zst).
We enable multiple working threads (-T0), but keep default compression
level. The latter can be influenced by environment variable.

[0] https://www.zstd.net/

Signed-off-by: Christian Hesse <mail@eworm.de>
2020-03-12 19:56:39 -06:00
Christian Hesse
cc230bf044 tests: add tests for xz compressed snapshots
Signed-off-by: Christian Hesse <mail@eworm.de>
2020-03-12 19:56:39 -06:00
Hanspeter Portner
06671f4b21 ui-snapshot: add support for lzip compression
This patch adds support for lzip [1] compressed snapshots (*.tar.lz)

[1] https://www.nongnu.org/lzip/

Signed-off-by: Hanspeter Portner <dev@open-music-kontrollers.ch>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-02-26 09:57:40 +08:00
Christian Hesse
fde897b817 git: update to v2.25.1
Update to git version v2.25.1.

No changes required.
2020-02-17 13:08:02 +01:00
Christian Hesse
5e49023b01 tests: allow to skip git version tests
This allows to run tests non-tagged git checkout or when bisecting.

Signed-off-by: Christian Hesse <mail@eworm.de>
2020-01-13 15:17:19 -05:00
Jason A. Donenfeld
fa146ccabd Bump version
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-01-13 15:04:14 -05:00
Christian Hesse
bd68c98879 git: update to v2.25.0
Update to git version v2.25.0.

Upstream renamed 'init_display_notes()' to 'load_display_notes()' in
commit 1e6ed5441a61b5085978e0429691e2e2425f6846 ("notes: rename to
load_display_notes()").

Signed-off-by: Christian Hesse <mail@eworm.de>
2020-01-13 14:50:55 -05:00
Christian Hesse
ca98c9e7bf tests: skip tests if strace is not functional
Chances are that strace is available but not functional due to
restricted permissions:

strace: test_ptrace_get_syscall_info: PTRACE_TRACEME: Operation not permitted
strace: ptrace(PTRACE_TRACEME, ...): Operation not permitted
+++ exited with 1 +++

Just skip the tests then.

Signed-off-by: Christian Hesse <mail@eworm.de>
2019-12-11 11:04:02 +01:00
Christian Hesse
d8e5dd25a0 git: update to v2.24.1
Update to git version v2.24.1.

No changes required.

Signed-off-by: Christian Hesse <mail@eworm.de>
2019-12-10 20:57:24 +01:00
Christian Hesse
583aa5d80e ui-repolist: do not return unsigned (negative) value
The function read_agefile() returns time_t, which is a signed datatime.
We should not return unsigned (negative) value here.

Reported-by: Johannes Stezenbach <js@linuxtv.org>
Signed-off-by: Christian Hesse <mail@eworm.de>
2019-11-22 13:35:50 +01:00
Christian Hesse
bfabd4519c git: update to v2.24.0
Update to git version v2.24.0.

Never use get_cached_commit_buffer() directly, use repo_get_commit_buffer()
instead. The latter calls the former anyway. This fixes segmentation fault
when commit-graph is enabled and get_cached_commit_buffer() does not return
the expected result.

Signed-off-by: Christian Hesse <mail@eworm.de>
2019-11-08 22:55:58 +01:00
Christian Hesse
8fc0c81bbb git: update to v2.23.0
Update to git version v2.23.0.

No changes required.

Signed-off-by: Christian Hesse <mail@eworm.de>
2019-10-25 11:40:17 +02:00
Christian Hesse
034e3c7d56 git: update to v2.22.0
Update to git version v2.22.0.

Upstream commit bce9db6d ("trace2: use system/global config for default
trace2 settings") caused a regression. We have to unset HOME and
XDG_CONFIG_HOME before early loading of config from trace2 code kicks in.

Signed-off-by: Christian Hesse <mail@eworm.de>
2019-10-25 11:40:17 +02:00
Christian Hesse
e1ad15d368 ui-tree: allow per repository override for enable-blame
The blame operation can cause high cost in terms of CPU load for huge
repositories. Let's add a per repository override for enable-blame.

Signed-off-by: Christian Hesse <mail@eworm.de>
2019-06-25 21:40:59 +02:00
Christian Hesse
27a6d69ab3 tests: successfully validate rc versions
For testing versions the version string differs for git tag (v2.22.0-rc3)
and tarball file name (2.22.0.rc3). Let's fix validation for testing
versions.

Signed-off-by: Christian Hesse <mail@eworm.de>
2019-06-05 15:38:14 +02:00
Christian Hesse
985fba80d0 git: update to v2.21.0
Update to git version v2.21.0. Required changes follow upstream commits:

* 6a7895fd8a3bd409f2b71ffc355d5142172cc2a0
  (commit: prepare free_commit_buffer and release_commit_memory for
  any repo)

* e092073d643b17c82d72cf692fbfaea9c9796f11
  (tree.c: make read_tree*() take 'struct repository *')

Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
2019-06-05 15:37:49 +02:00
Christian Hesse
68de710c1c ui-ssdiff: ban strncat()
Git version v2.21.0 marks strncat() as banned (commit
ace5707a803eda0f1dde3d776dc3729d3bc7759a), so replace it.

Signed-off-by: Christian Hesse <mail@eworm.de>
2019-06-05 15:37:49 +02:00
Christian Hesse
ccba7eb9d0 global: make 'char *path' const where possible
Signed-off-by: Christian Hesse <mail@eworm.de>
2019-06-05 15:37:49 +02:00
Jason A. Donenfeld
54c407a74a ui-shared: restrict to 15 levels
Perhaps a more ideal version of this would be to not print breadcrumbs
at all for paths that don't exist in the given repo at the given oid.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Fydor Wire Snark <wsnark@tuta.io>
2019-05-20 21:53:16 +02:00
Chris Mayo
bd0293f570 ui-diff,ui-tag: don't use htmlf with non-formatted strings
Signed-off-by: Chris Mayo <aklhfex@gmail.com>
2019-02-23 00:09:17 +01:00
Chris Mayo
5bd7e9bc1b ui-ssdiff: resolve HTML5 validation errors
- Remove ids from anchor elements. They were unusable because they were
  duplicated between files and versions of files.
- Always close span, with html().
- Fix missing / on closing tr element in cgit_ssdiff_header_end().

Signed-off-by: Chris Mayo <aklhfex@gmail.com>
2019-02-23 00:08:50 +01:00
Jason A. Donenfeld
7d87cd3a21 filters: migrate from luacrypto to luaossl
luaossl has no upstream anymore and doesn't support OpenSSL 1.1,
whereas luaossl is quite active.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-03 02:12:16 +01:00
Jason A. Donenfeld
e23f63461f ui-shared: fix broken sizeof in title setting and rewrite
The old algorithm was totally incorrect. While we're at it, use «
instead of \, since it makes more sense.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-01-02 16:13:57 +01:00
Christian Hesse
55ebd5e97c git: update to v2.20.0
Update to git version v2.20.0. Required changes follow upstream commits:

* 00436bf1b1c2a8fe6cf5d2c2457d419d683042f4
  (archive: initialize archivers earlier)

* 611e42a5980a3a9f8bb3b1b49c1abde63c7a191e
  (xdiff: provide a separate emit callback for hunks)

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-12-09 23:28:26 +01:00
Jason A. Donenfeld
441dac1d74 ui-blame: set repo for sb
Otherwise recent git complains and crashes with: "BUG: blame.c:1787:
repo is NULL".

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-25 06:01:34 +01:00
Jason A. Donenfeld
898b9e19e0 auth-filter: pass url with query string attached
Otherwise redirections come out wrong.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-11-25 06:01:34 +01:00
Christian Hesse
a22855747e git: use xz compressed archive for download
Upstream will stop providing gz compressed source tarballs [0], so stop
using them.

[0] https://lists.zx2c4.com/pipermail/cgit/2018-November/004254.html

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-11-21 02:30:41 +01:00
Christian Hesse
2c9f56f3e1 git: update to v2.19.1
Update to git version v2.19.1. Required changes follow upstream commits:

* commit: add repository argument to get_cached_commit_buffer
  (3ce85f7e5a41116145179f0fae2ce6d86558d099)

* commit: add repository argument to lookup_commit_reference
  (2122f6754c93be8f02bfb5704ed96c88fc9837a8)

* object: add repository argument to parse_object
  (109cd76dd3467bd05f8d2145b857006649741d5c)

* tag: add repository argument to deref_tag
  (a74093da5ed601a09fa158e5ba6f6f14c1142a3e)

* tag: add repository argument to lookup_tag
  (ce71efb713f97f476a2d2ab541a0c73f684a5db3)

* tree: add repository argument to lookup_tree
  (f86bcc7b2ce6cad68ba1a48a528e380c6126705e)

* archive.c: avoid access to the_index
  (b612ee202a48f129f81f8f6a5af6cf71d1a9caef)

* for_each_*_object: move declarations to object-store.h
  (0889aae1cd18c1804ba01c1a4229e516dfb9fe9b)

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-10-12 23:06:02 +02:00
Christian Hesse
a96f2890f4 ui-ssdiff: ban strcat()
Git upstream bans strcat() with commit:

  banned.h: mark strcat() as banned
  1b11b64b815db62f93a04242e4aed5687a448748

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-09-11 08:47:12 +02:00
Christian Hesse
0899eb644f ui-ssdiff: ban strncpy()
Git upstream bans strncpy() with commit:

  banned.h: mark strncpy() as banned
  e488b7aba743d23b830d239dcc33d9ca0745a9ad

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-09-11 08:47:12 +02:00
Christian Hesse
2fc008d6de ui-shared: ban strcat()
Git upstream bans strcat() with commit:

  banned.h: mark strcat() as banned
  1b11b64b815db62f93a04242e4aed5687a448748

To avoid compiler warnings from gcc 8.1.x we get the hard way.

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-09-11 08:47:12 +02:00
Christian Hesse
edb3403f00 ui-patch: ban sprintf()
Git upstream bans sprintf() with commit:

  banned.h: mark sprintf() as banned
  cc8fdaee1eeaf05d8dd55ff11f111b815f673c58

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-09-11 08:47:12 +02:00
Christian Hesse
7f75647b55 ui-log: ban strncpy()
Git upstream bans strncpy() with commit:

  banned.h: mark strncpy() as banned
  e488b7aba743d23b830d239dcc33d9ca0745a9ad

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-09-11 08:47:12 +02:00
Christian Hesse
71ba7187e5 ui-log: ban strcpy()
Git upstream bans strcpy() with commit:

  automatically ban strcpy()
  c8af66ab8ad7cd78557f0f9f5ef6a52fd46ee6dd

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-09-11 08:47:12 +02:00
Christian Hesse
60a930044d parsing: ban sprintf()
Git upstream bans sprintf() with commit:

  banned.h: mark sprintf() as banned
  cc8fdaee1eeaf05d8dd55ff11f111b815f673c58

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-09-11 08:47:12 +02:00
Christian Hesse
7cde5885d8 parsing: ban strncpy()
Git upstream bans strncpy() with commit:

  banned.h: mark strncpy() as banned
  e488b7aba743d23b830d239dcc33d9ca0745a9ad

Signed-off-by: Christian Hesse <mail@eworm.de>
2018-09-11 08:47:12 +02:00
Christian Hesse
b0fc647fe6 filters: generate anchor links from markdown
This makes the markdown filter generate anchor links for headings.

Signed-off-by: Christian Hesse <mail@eworm.de>
Tested-by: jean-christophe manciot <actionmystique@gmail.com>
2018-08-28 14:37:19 +02:00
Jason A. Donenfeld
824138e591 Bump version.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-08-03 17:04:03 +02:00
Jason A. Donenfeld
53efaf30b5 clone: fix directory traversal
This was introduced in the initial version of this code, way back when
in 2008.

$ curl http://127.0.0.1/cgit/repo/objects/?path=../../../../../../../../../etc/passwd
root0:0:root:/root:/bin/sh
...

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Jann Horn <jannh@google.com>
2018-08-03 17:04:03 +02:00
Konstantin Ryabitsev
c679d90104 config: record repo.snapshot-prefix in the per-repo config
Even if we find snapshot-prefix in the repo configuration, we are not
writing it out into the rc- file, so setting the value does not have any
effect.

Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
2018-08-03 16:12:21 +02:00
Jason A. Donenfeld
77b6f83344 auth-filters: add simple file-based authentication scheme
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-08-03 16:12:21 +02:00
Jason A. Donenfeld
82856923bf auth-filters: use crypt() in simple-authentication
There's no use in giving a silly example to folks who will just copy it,
so instead try to do something slightly better.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-15 04:18:03 +02:00
Jason A. Donenfeld
b73df8098f auth-filters: generate secret securely
This is much better than having the user generate it themselves.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-15 03:30:57 +02:00
Jason A. Donenfeld
c4d23d02ec auth-filters: do not crash on nil username
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-14 05:10:28 +02:00
Jason A. Donenfeld
93a2c33051 auth-filter: do not write more than we've read
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-14 05:09:27 +02:00
Jason A. Donenfeld
c3b5b5f648 auth-filters: do not use HMAC-SHA1
Though SHA1 is broken, HMAC-SHA1 is still fine. But let's not push our
luck; SHA256 is more sensible anyway.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-14 03:33:56 +02:00
Jason A. Donenfeld
c132ef2462 Bump version.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-13 22:40:42 +02:00
Todd Zullinger
5dec7f4a91 Update COPYING
The address of the Free Software Foundation has changed since the
license was added in 7640d90 ("Add license file and copyright notices",
2006-12-10).  Update the license file from gnu.org¹.

The only non-whitespace changes are the updated FSF address and two
references to the L in LGPL changed from Library to Lesser.

¹ https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt

Signed-off-by: Todd Zullinger <tmz@pobox.com>
2018-07-10 16:40:15 +02:00
Jason A. Donenfeld
089b29a7e1 css: use correct size in annotated decoration
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-07-08 19:14:51 +02:00