=================================================================== RCS file: /cvs/cvsweb/cvsweb.cgi,v retrieving revision 1.1.1.15 retrieving revision 1.1.1.16 diff -u -p -r1.1.1.15 -r1.1.1.16 --- cvsweb/cvsweb.cgi 2000/12/18 04:35:54 1.1.1.15 +++ cvsweb/cvsweb.cgi 2000/12/28 18:37:25 1.1.1.16 @@ -43,7 +43,7 @@ # SUCH DAMAGE. # # $zId: cvsweb.cgi,v 1.104 2000/11/01 22:05:12 hnordstrom Exp $ -# $kId: cvsweb.cgi,v 1.45 2000/12/18 04:25:30 knu Exp $ +# $kId: cvsweb.cgi,v 1.47 2000/12/28 18:07:20 knu Exp $ # ### @@ -79,7 +79,7 @@ use vars qw ( $navigationHeaderColor $tableBorderColor $markupLogColor $tabstop $state $annTable $sel $curbranch @HideModules $module $use_descriptions %descriptions @mytz $dwhere $moddate - $use_moddate $has_zlib $gzip_open + $use_moddate $has_zlib $gzip_open $allow_tar $LOG_FILESEPARATOR $LOG_REVSEPARATOR ); @@ -228,9 +228,10 @@ $verbose = $v; $checkoutMagic = "~checkout~"; $pathinfo = defined($ENV{PATH_INFO}) ? $ENV{PATH_INFO} : ''; $where = $pathinfo; +$where =~ tr|/|/|s; $doCheckout = ($where =~ /^\/$checkoutMagic/); $where =~ s|^/($checkoutMagic)?||; -$where =~ s|/+$||; +$where =~ s|/$||; $scriptname = defined($ENV{SCRIPT_NAME}) ? $ENV{SCRIPT_NAME} : ''; $scriptname =~ s|^/?|/|; $scriptname =~ s|/+$||; @@ -294,6 +295,7 @@ $query = $ENV{QUERY_STRING}; if (defined($query) && $query ne '') { foreach (split(/&/, $query)) { + y/+/ /; s/%(..)/sprintf("%c", hex($1))/ge; # unquote %-quoted if (/(\S+)=(.*)/) { $input{$1} = $2 if ($2 ne ""); @@ -404,7 +406,7 @@ foreach $k (keys %ICONS) { my ($itxt,$ipath,$iwidth,$iheight) = @{$ICONS{$k}}; if ($ipath) { ${"${k}icon"} = sprintf('', - htmlquote($ipath), htmlquote($itxt), $iwidth, $iheight) + hrefquote($ipath), htmlquote($itxt), $iwidth, $iheight) } else { ${"${k}icon"} = $itxt; @@ -471,10 +473,68 @@ $module = $1; if ($module && &forbidden_module($module)) { &fatal("403 Forbidden", "Access to $where forbidden."); } + +# +# Handle tarball downloads before any headers are output. +# +if ($input{tarball}) { + &fatal("403 Forbidden", "Downloading tarballs is prohibited.") + unless $allow_tar; + $where =~ s,/[^/]*$,,; + $where =~ s,^/,,; + my($basedir) = ($where =~ m,([^/]+)$,); + + if ($basedir eq '' || $where eq '') { + &fatal("500 Internal Error", "You cannot download the top level directory."); + } + + my $tmpdir = "/tmp/.cvsweb.$$." . int(time); + + mkdir($tmpdir, 0700) + or &fatal("500 Internal Error", "Unable to make temporary directory: $!"); + + my $fatal = ''; + + do { + chdir $tmpdir + or $fatal = "500 Internal Error", "Unable to cd to temporary directory: $!" + && last; + + my @params = (exists $input{only_with_tag} && length $input{only_with_tag}) + ? ("-r", $input{only_with_tag}) : (); + + system "cvs", "-RlQd", $cvsroot, "co", @params, $where + and $fatal = "500 Internal Error","cvs co failure: $!: $where" + && last; + + chdir "$where/.." + or $fatal = "500 Internal Error","Cannot find expected directory in checkout" + && last; + + $| = 1; # Essential to get the buffering right. + + print "Content-type: application/x-gzip\r\n\r\n"; + + system "tar", "--ignore-failed-read", "--exclude", "CVS", "-zcf", "-", $basedir + and $fatal = "500 Internal Error","tar zc failure: $!: $basedir" + && last; + + chdir $tmpdir + or $fatal = "500 Internal Error","Unable to cd to temporary directory: $!" + && last; + } while (0); + + system "rm", "-rf", $tmpdir if -d $tmpdir; + + &fatal($fatal) if $fatal; + + exit; +} + ############################## # View a directory ############################### -elsif (-d $fullname) { +if (-d $fullname) { my $dh = do {local(*DH);}; opendir($dh, $fullname) || &fatal("404 Not Found","$where: $!"); my @dir = readdir($dh); @@ -812,6 +872,22 @@ elsif (-d $fullname) { print "\n"; print "\n"; } + + if ($allow_tar) { + my($basefile) = ($where =~ m,(?:.*/)?([^/]+),); + + if ($basefile ne '') { + print "