=================================================================== RCS file: /cvs/cvsweb/cvsweb.cgi,v retrieving revision 1.1.1.30 retrieving revision 1.1.1.31 diff -u -p -r1.1.1.30 -r1.1.1.31 --- cvsweb/cvsweb.cgi 2002/05/22 07:00:03 1.1.1.30 +++ cvsweb/cvsweb.cgi 2002/05/22 08:16:25 1.1.1.31 @@ -43,7 +43,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: projects/cvsweb/cvsweb.cgi,v 1.102 2002/05/22 06:51:59 knu Exp $ +# $FreeBSD: projects/cvsweb/cvsweb.cgi,v 1.104 2002/05/22 08:10:18 knu Exp $ # $zId: cvsweb.cgi,v 1.112 2001/07/24 13:03:16 hzeller Exp $ # $Idaemons: /home/cvs/cvsweb/cvsweb.cgi,v 1.84 2001/10/07 20:50:10 knu Exp $ # @@ -104,7 +104,7 @@ sub htmlify($;$); sub spacedHtmlText($;$); sub link($$); sub revcmp($$); -sub fatal($$); +sub fatal($$@); sub redirect($); sub safeglob($); sub search_path($); @@ -147,7 +147,7 @@ sub forbidden_module($); ##### Start of Configuration Area ######## delete $ENV{PATH}; -$cvsweb_revision = '2.0.2'; +$cvsweb_revision = '2.0.3'; use File::Basename (); @@ -305,19 +305,13 @@ $maycompress = @unsafevars = qw(logsort only_with_tag r1 r2 rev sortby tr1 tr2); if (-f $config) { - do "$config" or &fatal( - "500 Internal Error", - sprintf( - 'Error in loading configuration file: %s

%s
', - $config, - &htmlify($@) - ) - ); + do "$config" or fatal("500 Internal Error", + 'Error in loading configuration file: %s

%s
', + $config, $@); } else { - &fatal("500 Internal Error", - 'Configuration not found. Set the variable $config ' - . 'in cvsweb.cgi to your cvsweb.conf configuration file first.' - ); + fatal("500 Internal Error", + 'Configuration not found. Set the variable $config in cvsweb.cgi to your cvsweb.conf configuration file first.' + ); } undef %input; @@ -341,9 +335,11 @@ $input{only_with_tag} = $input{only_on_branch} # Prevent cross-site scripting foreach (@unsafevars) { - if (defined($input{$_}) && $input{$_} =~ /[^\w\-.]/) { - fatal("500 Internal Error", "Malformed query string ($_)"); - } + if (defined($input{$_}) && $input{$_} =~ /[^\w\-.]/) { + fatal("500 Internal Error", + 'Malformed query (%s=%s)', + $_, $input{$_}); + } } if (defined($input{"content-type"})) { @@ -447,10 +443,9 @@ $logsort = $input{'logsort'}; ## Default CVS-Tree if (!defined($CVSROOT{$cvstreedefault})) { - &fatal("500 Internal Error", - "\$cvstreedefault points to a repository ($cvstreedefault) " - . "not defined in %CVSROOT " - . "(edit your configuration file $config)"); + fatal("500 Internal Error", + '$cvstreedefault points to a repository (%s) not defined in %%CVSROOT (edit your configuration file %s)', + $cvstreedefault, $config); } # alternate CVS-Tree, configured in cvsweb.conf @@ -482,14 +477,10 @@ my $config_cvstree = "$config-$cvstree"; # Do some special configuration for cvstrees if (-f $config_cvstree) { - do "$config_cvstree" or &fatal( - "500 Internal Error", - sprintf( - 'Error in loading configuration file: %s

%s
', - $config_cvstree, - &htmlify($@) - ) - ); + do "$config_cvstree" or + fatal("500 Internal Error", + 'Error in loading configuration file: %s

%s
', + $config_cvstree, $@); } undef $config_cvstree; @@ -526,9 +517,8 @@ if ($rewrite) { undef $rewrite; if (!-d $cvsroot) { - &fatal("500 Internal Error", - '$CVSROOT not found!

The server on which the CVS tree lives is probably down. Please try again in a few minutes.' - ); + fatal("500 Internal Error", + '$CVSROOT not found!

The server on which the CVS tree lives is probably down. Please try again in a few minutes.'); } # @@ -537,14 +527,17 @@ if (!-d $cvsroot) { $where =~ m:([^/]*):; $module = $1; if ($module && &forbidden_module($module)) { - &fatal("403 Forbidden", "Access to $where forbidden."); + fatal("403 Forbidden", + 'Access to %s forbidden.', + $where); } # # Handle tarball downloads before any headers are output. # if ($input{tarball}) { - &fatal("403 Forbidden", "Downloading tarballs is prohibited.") + fatal("403 Forbidden", + 'Downloading tarballs is prohibited.') unless $allow_tar; my ($module) = ($where =~ m,^/?(.*),); # untaint $module =~ s,/([^/]*)$,,; @@ -552,15 +545,16 @@ if ($input{tarball}) { my ($basedir) = ($module =~ m,([^/]+)$,); if ($basedir eq '' || $module eq '') { - &fatal("500 Internal Error", - "You cannot download the top level directory."); + fatal("500 Internal Error", + 'You cannot download the top level directory.'); } my $tmpexportdir = "$tmpdir/.cvsweb.$$." . int(time); mkdir($tmpexportdir, 0700) - or &fatal("500 Internal Error", - "Unable to make temporary directory: $!"); + or fatal("500 Internal Error", + 'Unable to make temporary directory: %s', + $!); my @fatal; @@ -575,7 +569,9 @@ if ($input{tarball}) { if (system $CMD{cvs}, @cvs_options, '-Qd', $cvsroot, 'export', '-r', $tag, '-d', "$tmpexportdir/$basedir", $module) { - @fatal = ("500 Internal Error", "cvs co failure: $!: $module"); + @fatal = ("500 Internal Error", + 'cvs co failure: %s: %s', + $!, $module); } else { $| = 1; # Essential to get the buffering right. @@ -585,18 +581,22 @@ if ($input{tarball}) { system "$CMD{tar} @tar_options -cf - -C $tmpexportdir $basedir | $CMD{gzip} @gzip_options -c" and @fatal = - ("500 Internal Error", - "tar zc failure: $!: $basedir"); + ("500 Internal Error", + 'tar zc failure: %s: %s', + $!, $basedir); } elsif ($ext eq '.zip' && $CMD{zip}) { print "Content-Type: application/zip\r\n\r\n"; system "cd $tmpexportdir && $CMD{zip} @zip_options -r - $basedir" and @fatal = - ("500 Internal Error", "zip failure: $!: $basedir"); + ("500 Internal Error", + 'zip failure: %s: %s', + $!, $basedir); } else { @fatal = - ("500 Internal Error", "unsupported file type"); + ("500 Internal Error", + 'unsupported file type'); } } @@ -612,7 +612,9 @@ if ($input{tarball}) { ############################### if (-d $fullname) { my $dh = do { local (*DH); }; - opendir($dh, $fullname) or &fatal("404 Not Found", "$where: $!"); + opendir($dh, $fullname) or fatal("404 Not Found", + '%s: %s', + $where, $!); my @dir = readdir($dh); closedir($dh); my @subLevelFiles = findLastModifiedSubdirs(@dir) @@ -1169,7 +1171,9 @@ elsif (-f $fullname . ',v') { } } } - &fatal("404 Not Found", "$where: no such file or directory"); + fatal("404 Not Found", + '%s: no such file or directory', + $where); } gzipclose(); @@ -1403,15 +1407,17 @@ sub revcmp($$) { return 0; } -sub fatal($$) { - my ($errcode, $errmsg) = @_; +sub fatal($$@) { + my ($errcode, $format, @args) = @_; if ($is_mod_perl) { Apache->request->status((split (/ /, $errcode))[0]); } else { print "Status: $errcode\r\n"; } html_header("Error"); - print "

Error: ", htmlquote($errmsg), "

\n"; + print "

Error: ", + sprintf($format, map(htmlquote($_), @args)), + "

\n"; html_footer(); exit(1); } @@ -1561,14 +1567,14 @@ sub doAnnotate($$) { # make sure the revisions are wellformed, for security # reasons .. if ($rev =~ /[^\w.]/) { - &fatal("404 Not Found", - "Malformed query \"$ENV{QUERY_STRING}\""); + fatal("404 Not Found", + 'Malformed query "%s"', + $ENV{QUERY_STRING}); } if (&forbidden_file($fullname)) { - &fatal("403 Forbidden", - "Access forbidden. This file is mentioned in \@ForbiddenFiles" - ); + fatal("403 Forbidden", + 'Access forbidden. This file is mentioned in @ForbiddenFiles'); return; } @@ -1587,7 +1593,7 @@ sub doAnnotate($$) { # the cvsserver in a similiar way one day (..after rewrite) $pid = open2($reader, $writer, $CMD{cvs}, @cvs_options, "server") or fatal("500 Internal Error", - "Fatal Error - unable to open cvs for annotation"); + 'Fatal Error - unable to open cvs for annotation'); # OK, first send the request to the server. A simplified example is: # Root /home/kingdon/zwork/cvsroot @@ -1722,7 +1728,8 @@ sub doAnnotate($$) { # CVS command line client. But for simplicity, we don't. } elsif ($words[0] eq "error") { fatal("500 Internal Error", - "Error occured during annotate: $_"); + 'Error occured during annotate: %s', + $_); } } @@ -1750,14 +1757,14 @@ sub doCheckout($$) { # make sure the revisions a wellformed, for security # reasons .. if (defined($rev) && $rev =~ /[^\w.]/) { - &fatal("404 Not Found", - "Malformed query \"$ENV{QUERY_STRING}\""); + fatal("404 Not Found", + 'Malformed query "%s"', + $ENV{QUERY_STRING}); } if (&forbidden_file($fullname)) { - &fatal("403 Forbidden", - "Access forbidden. This file is mentioned in \@ForbiddenFiles" - ); + fatal("403 Forbidden", + 'Access forbidden. This file is mentioned in @ForbiddenFiles'); return; } @@ -1805,7 +1812,9 @@ sub doCheckout($$) { } if (eof($fh)) { - &fatal("404 Not Found", "$where is not (any longer) pertinent"); + fatal("404 Not Found", + '%s is not (any longer) pertinent', + $where); } #=================================================================== @@ -1829,8 +1838,9 @@ sub doCheckout($$) { } if ($filename ne $where) { - &fatal("500 Internal Error", - "Unexpected output from cvs co: $cvsheader"); + fatal("500 Internal Error", + 'Unexpected output from cvs co: %s', + $cvsheader); } $| = 1; @@ -1924,9 +1934,8 @@ sub doDiff($$$$$$) { my ($rev1, $rev2, $sym1, $sym2, $f1, $f2); if (&forbidden_file($fullname)) { - &fatal("403 Forbidden", - "Access forbidden. This file is mentioned in \@ForbiddenFiles" - ); + fatal("403 Forbidden", + 'Access forbidden. This file is mentioned in @ForbiddenFiles'); return; } @@ -1951,8 +1960,9 @@ sub doDiff($$$$$$) { # make sure the revisions a wellformed, for security # reasons .. if ($rev1 =~ /[^\w.]/ || $rev2 =~ /[^\w.]/) { - &fatal("404 Not Found", - "Malformed query \"$ENV{QUERY_STRING}\""); + fatal("404 Not Found", + 'Malformed query "%s"', + $ENV{QUERY_STRING}); } # @@ -1967,7 +1977,9 @@ sub doDiff($$$$$$) { my $difftype = $DIFFTYPES{$f}; if (!$difftype) { - fatal("400 Bad arguments", "Diff format $f not understood"); + fatal("400 Bad arguments", + 'Diff format %s not understood', + $f); } my @difftype = @{$difftype->{'opts'}}; @@ -2261,10 +2273,9 @@ sub getDirLogs($$@) { } if ($. == 0) { - fatal("500 Internal Error", "Failed to spawn GNU rlog on '" - . join (", ", @files) - . "'

Did you set the \$command_path in your configuration file correctly ? (Currently '$command_path'" - ); + fatal("500 Internal Error", + 'Failed to spawn GNU rlog on "%s".

Did you set the $command_path in your configuration file correctly ? (Currently "%s"', + join (", ", @files), $command_path); } close($fh); } @@ -2352,8 +2363,6 @@ sub readLog($;$) { # these lines since we don't know what revision they go with # any more. next logentry; - - # &fatal("500 Internal Error","Error parsing RCS output: $_"); } $_ = <$fh>; print "D:", $_ if ($verbose); @@ -2373,8 +2382,9 @@ sub readLog($;$) { $state{$rev} = $8; $difflines{$rev} = $10; } else { - &fatal("500 Internal Error", - "Error parsing RCS output: $_"); + fatal("500 Internal Error", + 'Error parsing RCS output: %s', + $_); } line: @@ -2481,7 +2491,8 @@ sub readLog($;$) { if (!defined($onlyonbranch) || $onlybranchpoint eq "") { fatal("404 Tag not found", - "Tag $input{'only_with_tag'} not defined"); + 'Tag %s not defined', + $input{'only_with_tag'}); } }