Commit Graph

236 Commits

Author SHA1 Message Date
John Keeping
b1f17f168b Fix out-of-bounds memory accesses with virtual_root=""
The CGit configuration variable virtual_root is normalized so that it
does not have a trailing '/' character, but it is allowed to be empty
(the empty string and NULL have different meanings here) and there is
code that is insufficiently cautious when checking if it ends in a '/':

	if (virtual_root[strlen(virtual_root) - 1] != '/')

Clearly this check is redundant, but rather than simply removing it we
get a slight efficiency improvement by switching the normalization so
that the virtual_root variable always ends in '/'.  Do this with a new
"ensure_end" helper.

Signed-off-by: John Keeping <john@keeping.me.uk>
2013-04-08 15:59:46 +02:00
Lukas Fleischer
a92678b5f1 Do not unnecessarily strdup() environment variables
This reverts the memory duplication introduced in commit 60a2627, while
keeping everything else that has been cleaned up. The environment
variables are never modified, so we do not need to call xstrdupn() here.

Also, remove xstrdupn() which is no longer needed.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-04-08 15:43:17 +02:00
Lukas Fleischer
3a84324379 Maŕk cgit_environment members const
These reflect the values of environment variables and should never be
changed. Add another xstrdup() when we assign environment variables to
strings that are potentially non-constant.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-04-08 15:43:17 +02:00
Lukas Fleischer
0ffdc46f08 find_default_branch(): Free refmatch after usage
Fixes following memory leak seen with "PATH_INFO=/cgit/refs/":

    ==13408== 7 bytes in 1 blocks are definitely lost in loss record 4 of 52
    ==13408==    at 0x4C2C04B: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
    ==13408==    by 0x56F2DF1: strdup (in /usr/lib/libc-2.17.so)
    ==13408==    by 0x46CA78: xstrdup (wrapper.c:35)
    ==13408==    by 0x405840: find_current_ref (cgit.c:426)
    ==13408==    by 0x44BE5A: do_one_ref (refs.c:527)
    ==13408==    by 0x44D3E0: do_for_each_ref_in_dir (refs.c:553)
    ==13408==    by 0x44D85A: do_for_each_ref (refs.c:1298)
    ==13408==    by 0x405889: find_default_branch (cgit.c:438)
    ==13408==    by 0x405AC4: prepare_repo_cmd (cgit.c:490)
    ==13408==    by 0x405D97: process_request (cgit.c:557)
    ==13408==    by 0x407490: cache_process (cache.c:322)
    ==13408==    by 0x406C18: main (cgit.c:864)

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-03-04 19:55:34 -05:00
Lukas Fleischer
bafab423f2 Mark several functions/variables static
Spotted by parsing the output of `gcc -Wmissing-prototypes [...]`.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-03-04 19:50:39 -05:00
Lukas Fleischer
fac4da38a0 cgit.c: Remove parameter from guess_defbranch()
We use resolve_ref() since commit 8d7c2ec2, so this is no longer needed.

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-03-04 09:12:55 -05:00
Jason A. Donenfeld
bdae1d8a8d White space around control verbs.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-03-04 09:12:54 -05:00
Lukas Fleischer
53bc747d31 Fix several whitespace errors
* Remove whitespace at the end of lines.
* Replace space indentation by tabs.
* Add whitespace before/after several operators ("+", "-", "*", ...)
* Add whitespace to assignments ("foo = bar;").
* Fix whitespace in parameter lists ("foobar(foo, bar, 42)").

Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-03-04 01:12:48 +01:00
John Keeping
10628b0e52 Update git to v1.7.9.7
resolve_ref() is renamed to resolve_ref_unsafe().  CGit's usage is safe.

Signed-off-by: John Keeping <john@keeping.me.uk>
2013-03-02 10:38:03 -05:00
Florian Pritz
b1e172acca Make "owner" column on index page configurable
This is not really needed for personal sites where all repos belong to
the same person. Since it is pretty useful for shared sites however, it
should be configurable.

Signed-off-by: Florian Pritz <bluewind@xinu.at>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-02-01 12:50:24 +01:00
Tobias Bieniek
792f813d34 ui-log: Add "commit-sort" option for controlling commit ordering
This makes it possible to use strict commit date ordering or strict
topological ordering by passing the corresponding flags to "git log".

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2012-10-17 16:30:29 +02:00
Tobias Bieniek
7a4e7c8ffb ui-repolist: Add "section-sort" flag to control section sorting.
Flag which, when set to "1", will sort the sections on the repository
listing by name. Set this flag to "0" if the order in the cgitrc file
should be preserved. Default value: "1".

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2012-10-17 16:30:22 +02:00
Jason A. Donenfeld
521e10c884 scan-tree: Unify gitweb.* and cgit.* settings into one config option.
After some back and forth with Jamie and René, it looks like the git
config semantics are going to be like this:

- gitweb.category maps to the cgit repo config key "section"
- gitweb.description maps to the cgit repo config key "desc"
- gitweb.owner maps to the cgit repo config key "owner"
- cgit.* maps to all cgit repo config keys

This option can be enabled with "enable-git-config=1", and replaces
all previous "enable-gitweb-*" config keys.

The order of operations is as follows:

- git config settings are applied in the order that they exist in
  the git config file
- if the owner is not set from git config, get the owner using the
  usual getpwuid call
- if the description is not set from git config, look inside the
  static $path/description file
- if section-from-path=1, override whatever previous settings were
  inside of git config using the section-from-path logic
- parse $path/cgitrc for local repo.* settings, that override all
  previous settings
2012-10-17 16:30:09 +02:00
Jason A. Donenfeld
fdfb6a6d80 ui-repolist: Rename section-sort to repository-sort.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2012-10-16 23:32:53 +02:00
Tobias Bieniek
8f40be229c repo_config: do not let globals override repo settings
This makes it possible to activate the enable_commit_graph,
enable_log_filecount, and enable_log_linecount for individual
repositories, even if the global setting is "0" (default).

The commit that introduced the broken behavior was e189344, and the
commit message of that makes it clear that this wasn't the intended
behavior.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2012-10-16 23:00:50 +02:00
Jason A. Donenfeld
7f08e03941 Update copyright headers to have latest dates. 2012-07-12 20:01:46 +02:00
Jason A. Donenfeld
184c5655b2 ui-repolist: Case insensitive sorting and age sort
Add two options, one for doing the ordinary name sorts in a
case-insensitive manner, and another for choosing to sort repos in each
section by age instead of by name.
2012-07-12 20:01:46 +02:00
Jason A. Donenfeld
fc9181ff3d scan-tree: Support gitweb.category.
Use gitweb.category from git config to determine repo's section, if
option is enabled.
2012-07-12 20:01:46 +02:00
Jason A. Donenfeld
b56be4ba3a scan-tree: Support gitweb.description.
Use gitweb.description instead of description file to determine
description, if option is enabled.
2012-07-12 20:01:46 +02:00
Lars Hjemli
ae90a0b2d1 Merge branch 'fh/mimetypes' 2012-03-18 21:01:28 +00:00
Lars Hjemli
181b6e789b Merge branch 'jp/defbranch' 2012-03-18 21:00:18 +00:00
Lars Hjemli
2b9fab8d30 Merge branch 'lh/module-links' 2012-03-18 20:59:36 +00:00
Lars Hjemli
04254fa903 Merge branch 'stable' 2012-01-03 16:06:58 +00:00
Tim Chen
f2ced535e9 Fix diff mode switching when side-by-side-diffs=1
When side-by-side-diffs=1 was set in cgitrc, specyfing 'ss=0' in the query-
string would not switch to unified diffs. This patch fixes the issue by
introducing a separate variable to track the occurrence of "ss" in the
querystring.
2012-01-03 16:02:14 +00:00
Ferry Huberts
d01c600c17 ui_plain: automatically lookup mimetype when mimetype-file is set
For sites that do not want to configure mime types by hand but
still want the correct mime type for 'plain' blobs, configuring
a mime type file is made possible. This is handy since such a
file is normally already provided (at least on Linux systems).

Also, this reflects the gitweb option '$mimetypes_file'

Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-07-19 09:30:07 +00:00
Lars Hjemli
8d7c2ec295 cgit.c: use resolve_ref() to guess_defbranch()
The resolve_ref() function handles reading of git- and filesystem
symbolic links (including proper whitespace trimming) and packed refs.
There's no point in reimplementing this function in cgit.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-20 23:23:57 +00:00
Lars Hjemli
e95c70d4ea Only guess default branch when a repo page is requested
There's no need to invoke guess_defbranch() for each repo during
scan-path, since repo.defbranch is only used when repo content is
being displayed.

Also, some users prefer to register their projects manually in cgitrc
but they got no benefit from the new repo.defbranch handling.

This patch tries to rectify these issues by only invoking guess_defbranch()
when needed, regardless of how the repo was registered.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-20 20:59:10 +02:00
Lars Hjemli
b0d72da028 Merge branch 'stable' 2011-06-18 14:59:51 +02:00
Lars Hjemli
9900ac022e cgit.c: improve error message when git repo cannot be accessed
The current 'Not a git repository' error message is not very helpful,
since it doesn't state the cause of the problem.

This patch uses errno to provide a hint of the underlying problem. It
would have been even better to give the exact cause (e.g. for ENOENT it
would be nice to know which file/directory is missing), but that would
require reimplementing setup_git_directory_gently() which seems a bit
overkill.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-18 14:59:01 +02:00
Lars Hjemli
3fbaf09715 Do not provide a default value for module-link
The old default value was an abomination which never should have been
allowed to see the light of day.

This patch removes the default, which is a backwards incompatible change
with low probability of causing anyone any real trouble (a repo with
submodules, displayed by cgit using the default value of `module-link`,
is very unlikely to actually generate working links).

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-15 10:40:13 +02:00
Lars Hjemli
6857bec50a ui-tree.c: add support for path-selected submodule links
The current 'repo.module-link' option is sufficient when all gitlinks
in a repository can be converted to commit links in a uniform way, but
not when different submodules/paths needs different settings.

This patch adds support for 'repo.module-link.<path>', which will be
used for linking to submodules at paths matching one such entry.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-15 10:40:13 +02:00
Lars Hjemli
a1429dbc89 cgit.c: add 'clone-url' setting with support for macro expansion
The current 'clone-prefix' setting has some known issues:
* All repos get the same 'clone-prefix' value since the setting is not
  adopted during repo registration (in cgitrc, or during scan-path traversal),
  but only when the setting is used.
* The generated clone-urls for a repo is a combination of 'clone-prefix', a
  slash and the repo url. This doesn't work well with e.g. ssh-style urls
  like 'git@example.org:repo.git', since the inserted slash will make the
  repo relative to the filesystem root.
* If 'remove-suffix' is enabled, the generated clone-urls will not work for
  cloning (except for http-urls to cgit itself) since they miss the '.git'
  suffix.

The new 'clone-url' setting is designed to avoid the mentioned issues:
* Each repo adopts the default 'clone-url' when the repo is defined. This
  allows different groups of repos to adopt different values.
* The clone-urls for a repo is generated by expanding environment variables
  in a string template without inserting arbitrary characters, hence any
  kind of clone-url can be generated.
* Macro expansion also eases the 'remove-suffix' pain since it's now
  possible to define e.g. 'clone-url=git://foo.org/$CGIT_REPO_URL.git' for
  a set of repos. A furter improvement would be to define e.g.
  $CGIT_REPO_SUFFIX to '.git' for all repos which had their url prettified,
  or to store the original $CGIT_REPO_URL in e.g. $CGIT_REPO_REAL_URL before
  suffix removal.

Reviewed-by: Ferry Huberts <mailings@hupie.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13 23:04:30 +00:00
Lars Hjemli
3ec6b30950 cgit.c: always setup cgit repo environment variables
When cgit learned to setup environment variables for certain repo
settings before invoking a filter process, the setup occurred inside
cgit_open_filter().

This patch moves the setup out of cgit_open_filter() and into
prepare_repo_cmd() to prepare for additional uses of these variables.

Reviewed-by: Ferry Huberts <mailings@hupie.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13 23:03:46 +00:00
Lars Hjemli
ab350a77b1 Merge branch 'fh/filter-api'
Conflicts:
	cgit.c
2011-05-23 23:28:38 +02:00
Lars Hjemli
652a5a18db Merge branch 'stable' 2011-05-23 23:26:10 +02:00
Mark Lodato
ec79265f20 fix virtual-root if script-name is ""
In d0cb841 (Avoid trailing slash in virtual-root), virtual-root was set
from script-name using trim_end().  However, if script-name was the
empty string (""), which happens when cgit is used to serve the root
path on a domain (/), trim_end() returns NULL and cgit acts like
virtual-root is not available.  Now, set virtual-root to "" in this
case, which fixes this bug.

Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-05-23 23:20:59 +02:00
Lars Hjemli
4837fddc35 Merge branch 'dm/disable-clone' 2011-05-14 20:00:33 +02:00
Ferry Huberts
5db02854e6 new_filter: correctly initialise all arguments for a new filter
Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-26 15:13:35 +01:00
Ferry Huberts
9240a828d1 new_filter: determine extra_args from filter type
Currently the number of extra arguments is linked hard to the type of
the filter. This is also logical since it would be confusing to have
a different number of arguments for the same type of filter depending
on the context under which the filter is run (unless ofcourse one the
parameters would make the context clear, which is currently not the
case).

Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-26 11:03:41 +01:00
Lars Hjemli
1b09cbd303 Merge branch 'stable' 2011-03-05 14:01:59 +01:00
Lars Hjemli
d0cb8413ff Avoid trailing slash in virtual-root
When setting virtual-root from cgitrc, care is taken to avoid trailing
slashes. But when no virtual-root setting is specified, SCRIPT_FILE
from the web server is used without similar checks. This patch fixes the
inconsistency, which could lead to double-slashes in generated links.

Noticed-by: Wouter Van Hemel <wouter@duodecim.org>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-05 13:50:40 +01:00
Dan McGee
aae067197f Return 404 on command not found
We were returning 200 before. Even 404 is questionable in all cases, but
200 was totally wrong. Also match the case of all of the "Not found"
status messsages.

Signed-off-by: Dan McGee <dpmcgee@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 15:00:18 +01:00
Dan McGee
42231328d3 Allow disabling of HTTP clone URLs
If advertising other URLs to your users, you may not want to make this
available through cgit (e.g. if you have the smart HTTP transport set up
elsewhere). Allow disabling the three magic commands that simulate the
git server, but default it to enabled.

Signed-off-by: Dan McGee <dpmcgee@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 15:00:18 +01:00
Lars Hjemli
979c460e7f Merge branch 'br/misc'
* br/misc:
  Use transparent background for the cgit logo
  ssdiff: anchors for ssdiff
  implement repo.logo and repo.logo-link
2011-02-19 14:51:00 +01:00
Bernhard Reutner-Fischer
808c685ebb implement repo.logo and repo.logo-link
Allow for per repo logo and logo-link; Use global logo and logo-link per
default.

Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-02-19 14:41:39 +01:00
Lars Hjemli
fb9e6d1594 Merge branch 'jh/scan-path'
* jh/scan-path:
  scan_path(): Do not recurse into hidden directories by default
  scan_path(): Improve handling of inaccessible directories
2011-02-19 14:25:55 +01:00
Johan Herland
df522794c3 scan_path(): Do not recurse into hidden directories by default
Paths that start with a period ('.') are considered hidden in the Unix world.
scan_path() should arguably not recurse into these directories by default.
This patch makes it so, and introduces the "scan-hidden-path" config variable
for overriding the new default and revert to the old behaviour (scanning _all_
directories, including hidden .directories).

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <larsh@prediktor.no>
2011-02-19 14:25:14 +01:00
Johan Herland
9a8d39c668 ui-log: Implement support for commit graphs
Teach CGit to print an ASCII art commit graph to the left of the commit
message, similar to 'git log --graph'. The graph adds extra lines (table
rows) to the log when needed to add/remove/shuffle edges in the graph.

When 'showmsg' is enabled, the graph is automatically padded to account
for the extra lines added by the commit message/notes.

This feature is controlled by a new config variable: "enable-commit-graph"
(disabled by default), and individual repos can control it by setting
"repo.enable-commit-graph".

Signed-off-by: Johan Herland <johan@herland.net>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-16 08:18:36 +01:00
Felix Hanley
e0c6f23789 Add strict-export option
This option is used to specify a filename which needs to be present in
the repositories found during `scan-path` processing. By setting this
option to 'git-daemon-export-ok', only repositories explicitly marked
for git daemon export will be included in the cgit configuration.

Signed-off-by: Felix Hanley <felix@seconddrawer.com.au>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-08 19:41:13 +01:00
Lars Hjemli
82a883ede7 Use GIT-1.7.3
This fixes http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2542.

Noticed-by: Silvio Cesare <silvio.cesare@gmail.com>
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-09-27 07:58:13 +02:00