===================================================================
RCS file: /cvs/cvsweb/cvsweb.cgi,v
retrieving revision 4.24
retrieving revision 4.38
diff -u -p -r4.24 -r4.38
--- cvsweb/cvsweb.cgi 2019/11/26 11:28:43 4.24
+++ cvsweb/cvsweb.cgi 2019/11/29 19:30:16 4.38
@@ -1,5 +1,5 @@
#!/usr/bin/perl
-# $Id: cvsweb.cgi,v 4.24 2019/11/26 11:28:43 schwarze Exp $
+# $Id: cvsweb.cgi,v 4.38 2019/11/29 19:30:16 schwarze Exp $
# $knu: cvsweb.cgi,v 1.299 2010/11/13 16:37:18 simon
#
# cvsweb - a CGI interface to CVS trees.
@@ -56,9 +56,8 @@ use filetest qw(access);
use vars qw (
$VERSION $CheckoutMagic $MimeTypes $DEBUG
$config $allow_version_select
- @CVSrepositories @CVSROOT %CVSROOT %CVSROOTdescr
- %MIRRORS %DEFAULTVALUE %ICONS %MTYPES
- %DIFF_COMMANDS @DIFFTYPES %DIFFTYPES @LOGSORTKEYS %LOGSORTKEYS
+ @CVSrepositories @CVSROOT %CVSROOT %CVSROOTdescr %DEFAULTVALUE %MTYPES
+ @DIFFTYPES %DIFFTYPES @LOGSORTKEYS %LOGSORTKEYS
%alltags %fileinfo %tags @branchnames %nameprinted
%symrev %revsym @allrevisions %date %author @revdisplayorder
@revisions %state %difflines %log %branchpoint @revorder $keywordsubstitution
@@ -67,19 +66,17 @@ use vars qw (
$is_links $is_lynx $is_w3m $is_msie $is_mozilla3 $is_textbased
%input $query $barequery $sortby $bydate $byrev $byauthor
$bylog $byfile $defaultDiffType $logsort $cvstree $cvsroot
- $charset $output_filter
- @command_path %CMD $allow_compress $backicon $diricon $fileicon
- $fullname $cvstreedefault $logo $defaulttitle $address $binfileicon
- $long_intro $short_instruction $shortLogLen $show_author
- $tablepadding $hr_breakable $showfunc $hr_ignwhite $hr_ignkeysubst
- $inputTextSize $mime_types $allow_annotate $allow_markup $allow_mailtos
+ %CMD $allow_compress $backicon $diricon $fileicon
+ $fullname $logo $defaulttitle $address $binfileicon $iconsdir
+ $shortLogLen $show_author $hr_breakable $hr_ignwhite $hr_ignkeysubst
+ $mime_types $allow_annotate $allow_markup $allow_mailtos
$allow_log_extra $allow_dir_extra $allow_source_extra
$edit_option_form
$show_subdir_lastmod $show_log_in_markup $preformat_in_markup
$tabstop $state $annTable $sel @ForbiddenFiles
$use_descriptions %descriptions $dwhere
$use_moddate $gzip_open $file_list_len
- $allow_tar @tar_options @gzip_options @zip_options @cvs_options
+ $allow_tar @tar_options @cvs_options
@annotate_options @rcsdiff_options
$HTML_DOCTYPE $HTML_META $cssurl $CSS
);
@@ -89,7 +86,7 @@ use Cwd qw(abs_path);
use File::Path qw(rmtree);
use File::Spec::Functions qw(canonpath catdir catfile curdir devnull rootdir
tmpdir updir);
-use File::Temp qw(tempdir tempfile);
+use File::Temp qw(tempdir);
use IPC::Run qw();
use Time::Local qw(timegm);
use URI::Escape qw(uri_escape uri_unescape);
@@ -129,6 +126,8 @@ EOM
$MimeTypes = undef if $@;
$CheckoutMagic = '~checkout~';
+ $CMD{$_} = "/usr/bin/$_" for (qw(cvs rcsdiff rlog));
+ $CMD{tar} = "/bin/tar";
}
# -----------------------------------------------------------------------------
@@ -150,7 +149,6 @@ sub search_path($);
sub getMimeType($;$);
sub head($;$);
sub scan_directives(@);
-sub openOutputFilter();
sub doAnnotate($$);
sub doCheckout($$$);
sub cvswebMarkup($$$$$$;$);
@@ -167,7 +165,6 @@ sub plural_write($$);
sub readableTime($$);
sub clickablePath($$);
sub chooseCVSRoot();
-sub chooseMirror();
sub fileSortCmp();
sub download_url($$;$);
sub download_link($$$;$);
@@ -184,24 +181,27 @@ sub link_tags($);
sub forbidden($);
sub startproc(@);
sub runproc(@);
-sub checkout_to_temp($$$);
# Get rid of unsafe environment vars. Don't do this in the BEGIN block
# (think mod_perl)...
delete(@ENV{qw(PATH IFS CDPATH ENV BASH_ENV)});
+# Helps to achieve read only access to the repositories
+# with cvs >= 1.12.1 and doesn't hurt other versions.
+$ENV{CVSREADONLYFS} = 1;
+
# Location of the configuration file inside the web server chroot:
$config = '/conf/cvsweb/cvsweb.conf';
######## Configuration parameters #########
-@CVSrepositories = @CVSROOT = %CVSROOT = %MIRRORS = %DEFAULTVALUE = %ICONS =
- %MTYPES = %tags = %alltags = %fileinfo = %DIFF_COMMANDS = ();
+@CVSrepositories = @CVSROOT = %CVSROOT = %DEFAULTVALUE =
+ %MTYPES = %tags = %alltags = %fileinfo = ();
-$cvstreedefault = $logo = $defaulttitle =
- $address = $long_intro = $short_instruction = $shortLogLen = $show_author =
- $tablepadding = $hr_breakable = $showfunc = $hr_ignwhite =
- $hr_ignkeysubst = $inputTextSize = $mime_types = $allow_annotate =
+$logo = $defaulttitle =
+ $address = $shortLogLen = $show_author =
+ $hr_breakable = $hr_ignwhite =
+ $hr_ignkeysubst = $mime_types = $allow_annotate =
$allow_markup = $allow_compress = $edit_option_form =
$show_subdir_lastmod = $show_log_in_markup = $preformat_in_markup =
$tabstop = $use_moddate = $gzip_open = $DEBUG =
@@ -472,7 +472,6 @@ for (my $i = 0; $i < scalar(@CVSrepositories); $i += 2
next;
}
$rootfound ||= 1;
- $cvstreedefault = $key unless defined($cvstreedefault);
$CVSROOTdescr{$key} = $descr;
$CVSROOT{$key} = $root;
push(@CVSROOT, $key);
@@ -485,20 +484,8 @@ unless ($rootfound) {
}
undef $rootfound;
-#
-# Default CVS root
-#
-if (!defined($CVSROOT{$cvstreedefault})) {
- fatal("500 Internal Error",
- '$cvstreedefault
points to a repository (%s) not ' .
- 'defined in @CVSrepositories
in your configuration ' .
- 'file (%s
).',
- $cvstreedefault,
- $config);
-}
+$DEFAULTVALUE{cvsroot} = $CVSrepositories[0];
-$DEFAULTVALUE{cvsroot} = $cvstreedefault;
-
while (my ($key, $defval) = each %DEFAULTVALUE) {
# Replace not given parameters with defaults.
@@ -576,22 +563,25 @@ $logsort = $input{logsort};
if ($input{cvsroot} && $CVSROOT{$input{cvsroot}}) {
$cvstree = $input{cvsroot};
} else {
- $cvstree = $cvstreedefault;
+ $cvstree = $CVSrepositories[0];
}
$cvsroot = $CVSROOT{$cvstree};
-# create icons out of description
-foreach my $k (keys %ICONS) {
- my ($itxt, $ipath, $iwidth, $iheight) = @{$ICONS{$k}};
- no strict 'refs';
- if ($ipath) {
- ${"${k}icon"} =
- sprintf('',
- htmlquote($ipath), htmlquote($itxt), $iwidth, $iheight);
- } else {
- ${"${k}icon"} = $itxt;
- }
+if ($iconsdir) {
+ $backicon = '';
+ $diricon = '';
+ $fileicon = '';
+ $binfileicon = '';
+} else {
+ $backicon = 'back';
+ $diricon = 'dir';
+ $fileicon = 'file';
+ $binfileicon = 'binfile';
}
my $config_cvstree = "$config-$cvstree";
@@ -650,7 +640,7 @@ if ($input{tarball}) {
my ($module) = ($where =~ m,^/?(.*),); # untaint
$module =~ s,/([^/]*)$,,;
- my ($ext) = ($1 =~ /(\.t(?:ar\.)?gz|\.zip)$/);
+ my ($ext) = ($1 =~ /(\.t(?:ar\.)?gz)$/);
my ($basedir) = ($module =~ m,([^/]+)$,);
if ($basedir eq '' || $module eq '') {
@@ -658,18 +648,9 @@ if ($input{tarball}) {
'You cannot download the top level directory.');
}
- my $istar = ($ext eq '.tar.gz' || $ext eq '.tgz');
- if ($istar) {
- fatal('500 Internal Error', 'tar command not found.') unless $CMD{tar};
- fatal('500 Internal Error', 'gzip command not found.') unless $CMD{gzip};
+ unless ($ext eq '.tar.gz' || $ext eq '.tgz') {
+ fatal('404 Not Found', 'Unsupported archive type.');
}
- my $iszip = ($ext eq '.zip');
- if ($iszip && !$CMD{zip}) {
- fatal('500 Internal Error', 'zip command not found.');
- }
- if (!$istar && !$iszip) {
- fatal('500 Internal Error', 'Unsupported archive type.');
- }
my $tmpexportdir;
eval {
@@ -700,35 +681,20 @@ if ($input{tarball}) {
('500 Internal Error',
'Export failure (exit status %s), output:
%s', $errcode, $err || $export_err); - } else { - $| = 1; # Essential to get the buffering right. local (*TAR_OUT); - - my (@cmd, $ctype); - if ($istar) { - my @tar = ($CMD{tar}, @tar_options, '-cf', '-', $basedir); - my @gzip = ($CMD{gzip}, @gzip_options, '-c'); - push(@cmd, \@tar, '|', \@gzip); - $ctype = 'application/x-gzip'; - } elsif ($iszip) { - my @zip = ($CMD{zip}, @zip_options, '-r', '-', $basedir); - push(@cmd, \@zip, \''); - $ctype = 'application/zip'; - } - push(@cmd, '>pipe', \*TAR_OUT); - - my ($h, $err) = startproc(@cmd); + my ($h, $err) = startproc($CMD{tar}, @tar_options, '-czf', '-', + $basedir, '>pipe', \*TAR_OUT); if ($h) { - print "Content-Type: $ctype\r\n\r\n"; + print "Content-Type: application/x-gzip\r\n\r\n"; local $/ = undef; print
%s', - $istar ? 'Tar' : 'Zip', $? >> 8 || -1, $err); + 'tar failure (exit status %s), output:
%s', + $? >> 8 || -1, $err); } } @@ -755,8 +721,6 @@ if (-d $fullname) { if ($where eq '/') { html_header($defaulttitle); - $long_intro =~ s/!!CVSROOTdescr!!/$CVSROOTdescr{$cvstree}/g; - print $long_intro; } else { html_header($where); my $html = (-f catfile($fullname, 'README.cvs.html,v') || @@ -793,7 +757,6 @@ if (-d $fullname) { } $h->finish(); } - print $short_instruction; } if ($use_descriptions && @@ -810,9 +773,7 @@ if (-d $fullname) { # give direct access to dirs if ($where eq '/') { - chooseMirror(); chooseCVSRoot(); - } else { print '
Current directory: ', clickablePath($where, 0), ''; print "
\n"; @@ -824,8 +785,8 @@ if (-d $fullname) { my $infocols = 1; - printf(<%s
" in ' .
- '%%DIFF_COMMANDS
.',
- $diffcmd->{name});
- }
-
- (my $cvsname = $where) =~ s/\.diff$//;
-
- # Create two temporary files with the two revisions
- my $temp_fn1 = checkout_to_temp($cvsroot, $cvsname, $rev1);
- my $temp_fn2 = checkout_to_temp($cvsroot, $cvsname, $rev2);
-
- # Execute chosen diff binary.
- local (*DIFF_OUT);
- my @cmd = ($diffcmd->{cmd});
- push(@cmd, @{$diffcmd->{args}}) if $diffcmd->{args};
- push(@cmd, $temp_fn1, $temp_fn2);
- my ($h, $err) = startproc(\@cmd, \"", '>pipe', \*DIFF_OUT);
- if (!$h) {
- unlink($temp_fn1);
- unlink($temp_fn2);
- fatal('500 Internal Error',
- 'Diff failure (exit status %s), output: %s', - $? >> 8 || -1, $err); - } - - http_header($diffcmd->{type} || 'text/plain'); - local $/ = undef; - print
@command_path
in your configuration file correctly? (Currently: "%s
")',
- htmlquote(join(', ', @files)), join(':', @command_path));
+ 'Failed to spawn rlog on "%s"',
+ htmlquote(join(', ', @files)));
}
-
return @unreadable;
}
@@ -2477,7 +2351,6 @@ sub readLog($;$)
my $fh = do { local (*FH); };
if (!open($fh, "-|")) { # child
- openOutputFilter();
$revision = defined($revision) ? "-r$revision" : '';
if ($revision =~ /\./) {
# Normal revision, not a branch/tag name.
@@ -2703,13 +2576,6 @@ sub getDiffLinks($$$)
&link(htmlquote(lc($DIFFTYPES{$difftype}{descr})), "$url;f=$f"));
}
}
- if (my $extdiffs = $DIFF_COMMANDS{lc($mimetype)}) {
- for my $i (0 .. scalar(@$extdiffs)-1) {
- my $extdiff = $extdiffs->[$i];
- push(@links, &link(htmlquote($extdiff->{name}), "$url;f=ext$i"))
- if ($extdiff->{cmd} && $extdiff->{name});
- }
- }
return @links;
}
@@ -2985,8 +2851,8 @@ EOF
my $diffrev = defined($input{r1}) ?
$input{r1} : $revdisplayorder[$#revdisplayorder];
- printf(<\nThis CVSweb is mirrored in\n"; - - my @tmp = map(&link(htmlquote($_), $MIRRORS{$_}), sort keys %MIRRORS); - my $tmp = pop (@tmp); - - if (scalar(@tmp)) { - print join (', ', @tmp), ' and '; - } - - print "$tmp.\n
\n"; -} - - sub fileSortCmp() { (my $af = $a) =~ s/,v$//; @@ -3718,10 +3563,8 @@ sub http_header(;$$) { my ($content_type, $moddate) = @_; $content_type ||= 'text/html'; + $content_type .= '; charset="UTF-8"' if $content_type =~ /^text\//; - $content_type .= "; charset=$charset" - if ($charset && $content_type =~ m,^text/,); - # Note that in the following, we explicitly join() and concatenate the # headers instead of printing them as an array. This is because some # systems, eg. early versions of mod_perl 2 don't quite get it if the @@ -3847,37 +3690,6 @@ sub runproc(@) $errormsg = "'@{$_[0]}' failed: $@"; } return ($exitcode, $errormsg); -} - -# -# Check out a file to a temporary file. -# -sub checkout_to_temp($$$) -{ - my ($cvsroot, $cvsname, $rev) = @_; - - # Pipe given cvs file into a temporary place. - my ($temp_fh, $temp_fn) = tempfile('.cvsweb.XXXXXXXX', DIR => tmpdir()); - - my @cmd = ($CMD{cvs}, @cvs_options, '-Qd', $cvsroot, - 'co', '-p', "-r$rev", $cvsname); - - local (*DIFF_OUT); - my ($h, $err) = startproc(\@cmd, \"", '>pipe', \*DIFF_OUT); - if ($h) { - local $/ = undef; - print $temp_fh%s', - $? >> 8 || -1, $err); - } - - return $temp_fn; } #