===================================================================
RCS file: /cvs/cvsweb/cvsweb.cgi,v
retrieving revision 4.19
retrieving revision 4.31
diff -u -p -r4.19 -r4.31
--- cvsweb/cvsweb.cgi 2019/11/11 14:56:27 4.19
+++ cvsweb/cvsweb.cgi 2019/11/29 14:40:27 4.31
@@ -1,5 +1,5 @@
#!/usr/bin/perl
-# $Id: cvsweb.cgi,v 4.19 2019/11/11 14:56:27 schwarze Exp $
+# $Id: cvsweb.cgi,v 4.31 2019/11/29 14:40:27 schwarze Exp $
# $knu: cvsweb.cgi,v 1.299 2010/11/13 16:37:18 simon
#
# cvsweb - a CGI interface to CVS trees.
@@ -57,20 +57,18 @@ use vars qw (
$VERSION $CheckoutMagic $MimeTypes $DEBUG
$config $allow_version_select
@CVSrepositories @CVSROOT %CVSROOT %CVSROOTdescr
- %MIRRORS %DEFAULTVALUE %ICONS %MTYPES
+ %DEFAULTVALUE %ICONS %MTYPES
%DIFF_COMMANDS @DIFFTYPES %DIFFTYPES @LOGSORTKEYS %LOGSORTKEYS
%alltags %fileinfo %tags @branchnames %nameprinted
%symrev %revsym @allrevisions %date %author @revdisplayorder
@revisions %state %difflines %log %branchpoint @revorder $keywordsubstitution
- $prcgi @prcategories $re_prcategories $prkeyword $re_prkeyword $mancgi
- $doCheckout $scriptname $scriptwhere
+ $mancgi $doCheckout $scriptname $scriptwhere
$where $Browser $nofilelinks $maycompress @stickyvars
$is_links $is_lynx $is_w3m $is_msie $is_mozilla3 $is_textbased
%input $query $barequery $sortby $bydate $byrev $byauthor
$bylog $byfile $defaultDiffType $logsort $cvstree $cvsroot
- $charset $output_filter
- @command_path %CMD $allow_compress $backicon $diricon $fileicon
- $fullname $cvstreedefault $logo $defaulttitle $address $binfileicon
+ $charset $output_filter %CMD $allow_compress $backicon $diricon $fileicon
+ $fullname $logo $defaulttitle $address $binfileicon
$long_intro $short_instruction $shortLogLen $show_author
$tablepadding $hr_breakable $showfunc $hr_ignwhite $hr_ignkeysubst
$inputTextSize $mime_types $allow_annotate $allow_markup $allow_mailtos
@@ -78,11 +76,11 @@ use vars qw (
$edit_option_form
$show_subdir_lastmod $show_log_in_markup $preformat_in_markup
$tabstop $state $annTable $sel @ForbiddenFiles
- $use_descriptions %descriptions @mytz $dwhere
+ $use_descriptions %descriptions $dwhere
$use_moddate $gzip_open $file_list_len
- $allow_tar @tar_options @gzip_options @zip_options @cvs_options
+ $allow_tar @tar_options @cvs_options
@annotate_options @rcsdiff_options
- $HTML_DOCTYPE $HTML_META $cssurl $CSS $cvshistory_url
+ $HTML_DOCTYPE $HTML_META $cssurl $CSS
);
require Compress::Zlib;
@@ -130,6 +128,8 @@ EOM
$MimeTypes = undef if $@;
$CheckoutMagic = '~checkout~';
+ $CMD{$_} = "/usr/bin/$_" for (qw(cvs rcsdiff rlog));
+ $CMD{tar} = "/bin/tar";
}
# -----------------------------------------------------------------------------
@@ -145,7 +145,6 @@ sub spacedHtmlText($;$);
sub link($$);
sub revcmp($$);
sub fatal($$@);
-sub config_error($$);
sub redirect($;$);
sub safeglob($);
sub search_path($);
@@ -169,13 +168,11 @@ sub plural_write($$);
sub readableTime($$);
sub clickablePath($$);
sub chooseCVSRoot();
-sub chooseMirror();
sub fileSortCmp();
sub download_url($$;$);
sub download_link($$$;$);
sub display_url($$;$);
sub display_link($$;$$);
-sub history_link($$;$);
sub toggleQuery($;$);
sub htmlquote($);
sub htmlunquote($);
@@ -193,22 +190,26 @@ sub checkout_to_temp($$$);
# (think mod_perl)...
delete(@ENV{qw(PATH IFS CDPATH ENV BASH_ENV)});
+# Helps to achieve read only access to the repositories
+# with cvs >= 1.12.1 and doesn't hurt other versions.
+$ENV{CVSREADONLYFS} = 1;
+
# Location of the configuration file inside the web server chroot:
$config = '/conf/cvsweb/cvsweb.conf';
######## Configuration parameters #########
-@CVSrepositories = @CVSROOT = %CVSROOT = %MIRRORS = %DEFAULTVALUE = %ICONS =
+@CVSrepositories = @CVSROOT = %CVSROOT = %DEFAULTVALUE = %ICONS =
%MTYPES = %tags = %alltags = %fileinfo = %DIFF_COMMANDS = ();
-$cvstreedefault = $logo = $defaulttitle =
+$logo = $defaulttitle =
$address = $long_intro = $short_instruction = $shortLogLen = $show_author =
$tablepadding = $hr_breakable = $showfunc = $hr_ignwhite =
$hr_ignkeysubst = $inputTextSize = $mime_types = $allow_annotate =
$allow_markup = $allow_compress = $edit_option_form =
$show_subdir_lastmod = $show_log_in_markup = $preformat_in_markup =
$tabstop = $use_moddate = $gzip_open = $DEBUG =
- $cvshistory_url = $allow_tar = undef;
+ $allow_tar = undef;
$allow_version_select = $allow_mailtos = $allow_log_extra = 1;
@@ -264,7 +265,7 @@ $scriptname = '' unless defined($scriptname);
$where = $pathinfo;
$doCheckout = $where =~ s|^/$CheckoutMagic/|/|o;
$where =~ s|^/||;
-$scriptname =~ s|^/*|/|;
+$scriptname =~ s|^/+||;
# Let's workaround thttpd's stupidity..
if ($scriptname =~ m|/$|) {
@@ -272,6 +273,7 @@ if ($scriptname =~ m|/$|) {
my $re = quotemeta $pathinfo;
$scriptname =~ s/$re$//;
}
+$scriptname = "/$scriptname" if $scriptname;
# $scriptname : the URI escaped path to this script
# $where : the path in the CVS repository (without leading /, or only /)
@@ -316,14 +318,18 @@ $maycompress = (
qw(cvsroot hideattic ignorecase sortby logsort f only_with_tag ln
hidecvsroot hidenonreadable);
-#
# Load configuration.
-#
-if (-f $config) {
- do "$config" or config_error($config, $@);
-} else {
- fatal("500 Internal Error",
- 'Configuration not found. Set the parameter $config
in cvsweb.cgi to your cvsweb.conf configuration file first.');
+{
+ $config =~ m|^/| or fatal '500 Internal Error',
+ 'Configuration file name "%s
" is not an absolute path.',
+ $config;
+ defined do $config and last;
+ $@ and fatal '500 Internal Error',
+ 'Error loading configuration file "%s
":
%s', + $config, $@; + fatal '500 Internal Error', + 'Cannot read configuration file "
%s
": %s',
+ $config, $! || 'unknown error';
}
# Try to find a readable dir where we can cd into. Some abs_path()
@@ -470,7 +476,6 @@ for (my $i = 0; $i < scalar(@CVSrepositories); $i += 2
next;
}
$rootfound ||= 1;
- $cvstreedefault = $key unless defined($cvstreedefault);
$CVSROOTdescr{$key} = $descr;
$CVSROOT{$key} = $root;
push(@CVSROOT, $key);
@@ -483,20 +488,8 @@ unless ($rootfound) {
}
undef $rootfound;
-#
-# Default CVS root
-#
-if (!defined($CVSROOT{$cvstreedefault})) {
- fatal("500 Internal Error",
- '$cvstreedefault
points to a repository (%s) not ' .
- 'defined in @CVSrepositories
in your configuration ' .
- 'file (%s
).',
- $cvstreedefault,
- $config);
-}
+$DEFAULTVALUE{cvsroot} = $CVSrepositories[0];
-$DEFAULTVALUE{cvsroot} = $cvstreedefault;
-
while (my ($key, $defval) = each %DEFAULTVALUE) {
# Replace not given parameters with defaults.
@@ -574,7 +567,7 @@ $logsort = $input{logsort};
if ($input{cvsroot} && $CVSROOT{$input{cvsroot}}) {
$cvstree = $input{cvsroot};
} else {
- $cvstree = $cvstreedefault;
+ $cvstree = $CVSrepositories[0];
}
$cvsroot = $CVSROOT{$cvstree};
@@ -603,10 +596,6 @@ if (-f $config_cvstree) {
}
undef $config_cvstree;
-$re_prcategories = '(?:' . join ('|', @prcategories) . ')' if @prcategories;
-$re_prkeyword = quotemeta($prkeyword) if defined($prkeyword);
-$prcgi .= '%s' if defined($prcgi) && $prcgi !~ /%s/;
-
$fullname = catfile($cvsroot, $where);
my $rewrite = 0;
@@ -652,7 +641,7 @@ if ($input{tarball}) {
my ($module) = ($where =~ m,^/?(.*),); # untaint
$module =~ s,/([^/]*)$,,;
- my ($ext) = ($1 =~ /(\.t(?:ar\.)?gz|\.zip)$/);
+ my ($ext) = ($1 =~ /(\.t(?:ar\.)?gz)$/);
my ($basedir) = ($module =~ m,([^/]+)$,);
if ($basedir eq '' || $module eq '') {
@@ -660,18 +649,9 @@ if ($input{tarball}) {
'You cannot download the top level directory.');
}
- my $istar = ($ext eq '.tar.gz' || $ext eq '.tgz');
- if ($istar) {
- fatal('500 Internal Error', 'tar command not found.') unless $CMD{tar};
- fatal('500 Internal Error', 'gzip command not found.') unless $CMD{gzip};
+ unless ($ext eq '.tar.gz' || $ext eq '.tgz') {
+ fatal('404 Not Found', 'Unsupported archive type.');
}
- my $iszip = ($ext eq '.zip');
- if ($iszip && !$CMD{zip}) {
- fatal('500 Internal Error', 'zip command not found.');
- }
- if (!$istar && !$iszip) {
- fatal('500 Internal Error', 'Unsupported archive type.');
- }
my $tmpexportdir;
eval {
@@ -702,35 +682,20 @@ if ($input{tarball}) {
('500 Internal Error',
'Export failure (exit status %s), output: %s', $errcode, $err || $export_err); - } else { - $| = 1; # Essential to get the buffering right. local (*TAR_OUT); - - my (@cmd, $ctype); - if ($istar) { - my @tar = ($CMD{tar}, @tar_options, '-cf', '-', $basedir); - my @gzip = ($CMD{gzip}, @gzip_options, '-c'); - push(@cmd, \@tar, '|', \@gzip); - $ctype = 'application/x-gzip'; - } elsif ($iszip) { - my @zip = ($CMD{zip}, @zip_options, '-r', '-', $basedir); - push(@cmd, \@zip, \''); - $ctype = 'application/zip'; - } - push(@cmd, '>pipe', \*TAR_OUT); - - my ($h, $err) = startproc(@cmd); + my ($h, $err) = startproc($CMD{tar}, @tar_options, '-czf', '-', + $basedir, '>pipe', \*TAR_OUT); if ($h) { - print "Content-Type: $ctype\r\n\r\n"; + print "Content-Type: application/x-gzip\r\n\r\n"; local $/ = undef; print
%s', - $istar ? 'Tar' : 'Zip', $? >> 8 || -1, $err); + 'tar failure (exit status %s), output:
%s', + $? >> 8 || -1, $err); } } @@ -812,15 +777,9 @@ if (-d $fullname) { # give direct access to dirs if ($where eq '/') { - chooseMirror(); chooseCVSRoot(); - } else { print '
Current directory: ', clickablePath($where, 0), ''; - if ($cvshistory_url) { - (my $d = $where) =~ s|^/*(.*?)/*$|$1|; - print ' - ', history_link($d, ''); - } print "
\n"; print "Current tag: ", htmlquote($input{only_with_tag}), "
\n" if $input{only_with_tag}; @@ -1125,18 +1084,14 @@ EOF if ($allow_tar && $filesfound) { my ($basefile) = ($where =~ m,(?:.*/)?([^/]+),); - my $havetar = $CMD{tar} && $CMD{gzip}; - my $havezip = $CMD{zip}; - if (defined($basefile) && $basefile ne '' && ($havetar || $havezip)) { + if (defined($basefile) && $basefile ne '') { my $q = ($query ? "$query;" : '?') . 'tarball=1'; print "@command_path
in your configuration file correctly? (Currently: "%s
")',
- htmlquote(join(', ', @files)), join(':', @command_path));
+ 'Failed to spawn rlog on "%s"',
+ htmlquote(join(', ', @files)));
}
-
return @unreadable;
}
@@ -2825,12 +2721,7 @@ sub printLog($$$;$$)
print "\n "; print &link('Request diff between arbitrary revisions', '#diff'); - if ($cvshistory_url) { - (my $d = $upwhere) =~ s|/+$||; - print ' - ', history_link($d, $filename); - } print "\n
\n\n"; @@ -3566,27 +3453,6 @@ EOF } -sub chooseMirror() -{ - # This code comes from the original BSD-cvsweb - # and may not be useful for your site; If you don't - # set %MIRRORS this won't show up, anyway. - scalar(%MIRRORS) or return; - - # Should perhaps exclude the current site somehow... - print "\n
\nThis CVSweb is mirrored in\n"; - - my @tmp = map(&link(htmlquote($_), $MIRRORS{$_}), sort keys %MIRRORS); - my $tmp = pop (@tmp); - - if (scalar(@tmp)) { - print join (', ', @tmp), ' and '; - } - - print "$tmp.\n
\n"; -} - - sub fileSortCmp() { (my $af = $a) =~ s/,v$//; @@ -3711,21 +3577,6 @@ sub display_link($$;$$) return sprintf('%s', display_url($url, $revision, $mtype) . $barequery, htmlquote($textlink)); -} - -# -# Returns a link to CVSHistory for the given directory and filename. -# -sub history_link($$;$) -{ - my ($dir, $file, $text) = @_; - $dir ||= ''; - $file ||= ''; - $text ||= 'History'; - return &link($text, - sprintf('%s?cvsroot=%s;dsearch=%s;fsearch=%s;limit=1', - $cvshistory_url, uri_escape($input{cvsroot} || ''), - uri_escape($dir), uri_escape($file))); } # Returns a Query string with the