summaryrefslogtreecommitdiff
path: root/ui-summary.c
AgeCommit message (Collapse)Author
2013-05-25ui-summary: Disallow directory traversalJason A. Donenfeld
Using the url= query string, it was possible request arbitrary files from the filesystem if the readme for a given page was set to a filesystem file. The following request would return my /etc/passwd file: http://git.zx2c4.com/?url=/somerepo/about/../../../../etc/passwd http://data.zx2c4.com/cgit-directory-traversal.png This fix uses realpath(3) to canonicalize all paths, and then compares the base components. This fix introduces a subtle timing attack, whereby a client can check whether or not strstr is called using timing measurements in order to determine if a given file exists on the filesystem. This fix also does not account for filesystem race conditions (TOCTOU) in resolving symlinks. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25readme: Accept multiple candidates and test them.Jason A. Donenfeld
The readme variable may now contain multiple space deliminated entries, which per usual are either a filepath or a git ref filepath. If multiple are specified, cgit will now select the first one in the list that exists. This is to make it easier to specify multiple default readme types in the main cgitrc file and have them automatically get applied to each repo based on what exists. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25ui-summary: Pass filename to about-filterJason A. Donenfeld
This gives the about-filter API the same semantics as source-filter, where the filter receives the filename so it can decide what to do next with it. While we're at it, plug a memory leak. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-05-25ui-summary: Use default branch for readme if : prefixJason A. Donenfeld
If the readme value begins with ":", and has no specified branch before it, use the repository's default branch. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2013-04-08use struct strbuf instead of static buffersJohn Keeping
Use "struct strbuf" from Git to remove the limit on file path length. Notes on scan-tree: This is slightly involved since I decided to pass the strbuf into add_repo() and modify if whenever a new file name is required, which should avoid any extra allocations within that function. The pattern there is to append the filename, use it and then reset the buffer to its original length (retaining a trailing '/'). Notes on ui-snapshot: Since write_archive modifies the argv array passed to it we copy the argv_array values into a new array of char* and then free the original argv_array structure and the new array without worrying about what the values now look like. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-04-08Always #include corresponding .h in .c filesJohn Keeping
While doing this, remove declarations from header files where the corresponding definition is declared "static" in order to avoid build errors. Also re-order existing headers in ui-*.c so that the file-specific header always comes immediately after "cgit.h", helping with future consistency. Signed-off-by: John Keeping <john@keeping.me.uk>
2013-03-20ui-summary.c: Move urls variable into print_urls()Lukas Fleischer
There's no need for this variable to be global. Printing the header in print_urls() instead of print_url() allows for moving this variable into print_urls() without having to pass any status to print_url(). Note that this only works as long as we don't call print_urls() more than once. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2013-03-20Fix colspan valuesLukas Fleischer
This fixes a couple of minor oversights in previous commits and adjusts all cells using colspan to use the correct width. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de>
2012-10-17ui-log: Add "commit-sort" option for controlling commit orderingTobias Bieniek
This makes it possible to use strict commit date ordering or strict topological ordering by passing the corresponding flags to "git log". Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2011-06-13cgit.c: add 'clone-url' setting with support for macro expansionLars Hjemli
The current 'clone-prefix' setting has some known issues: * All repos get the same 'clone-prefix' value since the setting is not adopted during repo registration (in cgitrc, or during scan-path traversal), but only when the setting is used. * The generated clone-urls for a repo is a combination of 'clone-prefix', a slash and the repo url. This doesn't work well with e.g. ssh-style urls like 'git@example.org:repo.git', since the inserted slash will make the repo relative to the filesystem root. * If 'remove-suffix' is enabled, the generated clone-urls will not work for cloning (except for http-urls to cgit itself) since they miss the '.git' suffix. The new 'clone-url' setting is designed to avoid the mentioned issues: * Each repo adopts the default 'clone-url' when the repo is defined. This allows different groups of repos to adopt different values. * The clone-urls for a repo is generated by expanding environment variables in a string template without inserting arbitrary characters, hence any kind of clone-url can be generated. * Macro expansion also eases the 'remove-suffix' pain since it's now possible to define e.g. 'clone-url=git://foo.org/$CGIT_REPO_URL.git' for a set of repos. A furter improvement would be to define e.g. $CGIT_REPO_SUFFIX to '.git' for all repos which had their url prettified, or to store the original $CGIT_REPO_URL in e.g. $CGIT_REPO_REAL_URL before suffix removal. Reviewed-by: Ferry Huberts <mailings@hupie.com> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-06-13cgit.c: always setup cgit repo environment variablesLars Hjemli
When cgit learned to setup environment variables for certain repo settings before invoking a filter process, the setup occurred inside cgit_open_filter(). This patch moves the setup out of cgit_open_filter() and into prepare_repo_cmd() to prepare for additional uses of these variables. Reviewed-by: Ferry Huberts <mailings@hupie.com> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2011-03-26cgit_open_filter: also take the repo as a parameterFerry Huberts
To prepare for handing repo configuration to the filter script that is executed. Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-11-16ui-log: Line-wrap long commit subjects when showmsg is enabledJohan Herland
When showmsg is disabled ui-log truncates long commit subjects. This is good. However, the same is not desirable when showmsg is enabled, since you then end up with a truncated commit subject followed by the rest of the commit message below. Instead, when showmsg is enabled (and we're using all this space to display the entire commit message, anyway), line-wrap the commit subject instead of truncating it. Signed-off-by: Johan Herland <johan@herland.net> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-08-22Add support for "readme" optionLars Hjemli
The value of this option is used as the default value for repo.readme. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2010-08-20Support refspecs in about-filter.Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2009-08-09Add 'about-filter' and 'repo.about-filter' optionsLars Hjemli
These options can be used to execute a filter command on each about-page, both top-level and for each repository (repo.about-filter can be used to override the current about-filter). Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2009-08-09ui-summary: enable arbitrary paths below repo.readmeLars Hjemli
This change makes it possible to include any number of pages below the 'about' tab for a repository. The path is assumed to be located in the same directory as the 'repo.readme' file. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-10-05ui-summary: use html_url_path()Lars Hjemli
This makes the clone urls be properly escaped. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-07-27ui-summary: show clone urlsLars Hjemli
If either repo.clone-url or clone-prefix is specified in cgitrc, all space-separated values in the config option is printed as a possible clone url on the repo summary page. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-04-28Prepare for 'about repo' pageLars Hjemli
Each repo can include an external file which used to be included on the top of the summary page, but it will now soon get a page of it own. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-04-14Make branches, tags and log play better together in the summary viewLars Hjemli
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-03-24Add separate header-files for each page/viewLars Hjemli
Yet another step towards removing cgit.h. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-03-18Introduce html.hLars Hjemli
All html-functions can be quite easily separated from the rest of cgit, so lets do it; the only issue was html_filemode which uses some git-defined macros so the function is moved into ui-shared.c::cgit_print_filemode(). Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-02-16Move cgit_repo into cgit_contextLars Hjemli
This removes the global variable which is used to keep track of the currently selected repository, and adds a new variable in the cgit_context structure. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-02-16Add all config variables into struct cgit_contextLars Hjemli
This removes another big set of global variables, and introduces the cgit_prepare_context() function which populates a context-variable with compile-time default values. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2008-02-16Introduce struct cgit_contextLars Hjemli
This struct will hold all the cgit runtime information currently found in a multitude of global variables. The first cleanup removes all querystring-related variables. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-11-11Fix html error detected by test-suiteLars Hjemli
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-11-03Add search parameters to cgit_log_linkLars Hjemli
This makes the [prev] and [next] links work correctly on search results. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-30Change the cgit layoutLars Hjemli
This modifies and hopefully improves the layout of all cgit pages: * Remove the header from all pages and replace it with a sidebar; most pages have sufficient width but many needs more height. * Add a dropdown-box to switch between branches, using a one-liner javascript to reload the current page in context of the selected branch. * Include refs found below refs/archives in the sidebar, appearing as a set of menuitems below a 'download' heading. * Include the brand new cgit logo Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-28Make print_branch() handle refs not pointing at commitsLars Hjemli
The master branch of stable/linux-2.6.20 currently references a tag object, which makes print_branch() die with a segfault. This teaches print_branch() to handle such cases more gracefully. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-28Teach log search about --grep, --author and --committerLars Hjemli
This makes the log searching more explicit, using a dropdown box to specify the commit field to match against. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-27Cleanup code introduced by the filter-refs topicLars Hjemli
The functions used to print branches and tags were only half-done and somewhat confused. Fix it. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-27Add links to the new refs page from summary pageLars Hjemli
If either branches or tags are filtered on the summary page, add a link to refs/heads and/or refs/tags right below the last branch/tag. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-27Make cgit_print_branches()/cgit_print_tags() externalLars Hjemli
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-27Add support for config param summary-branchesLars Hjemli
This parameter can be used to specify max number of branches to show on the summary page (if not all branches will be displayed, the "most idle" branches are the ones to be pruned). The default value for this parameter is 0, which disables the pruning. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-27Move logic for age comparision from cmp_tag_age into cmp_age()Lars Hjemli
Simple refactoring to enable later filtering of branches based on age. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-27Add support for config param summary-tagsLars Hjemli
This parameter can be used to specify max number of tags to show on the summary page. If not specified, all tags are printed. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-27Sort tags by ageLars Hjemli
This adds a function to compare timestamps and then uses it as callback for qsort() before printing out tags. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-27Use reflist to print tag infoLars Hjemli
This updates ui-summary.c to use a reflist instead of for_each_tag_ref(), as a step towards more flexible tag handling (filtering/sorting). Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-10-27Use reflist to print branch infoLars Hjemli
This updates ui-summary.c to use a reflist instead of for_each_branch_ref(), as a step towards more flexible branch handling (filtering/sorting). Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-07-22Add ui-tag.cLars Hjemli
This file implements the tag-command, i.e. printing of annotated tags. Signed-off-by: Lars Hjemli <hjemli@gmail.com> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-06-29Add ofs argument to cgit_log_link and use it in ui-log.cLars Hjemli
This fixes a bug in the prev/next links on the log page: when on the default branch the links to prev/next page would contain h=(null). Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-06-17Add cgit_commit_link() + support for id=sha1 to commit viewLars Hjemli
This adds a function to generate links to the commit page and extends said page to use id from querystring as primary revision specified (fallback to h). Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-06-17Add git_log_link() and fix bug in generic repolink functionLars Hjemli
The generic repolink function compared head with cgit_query_head, which almost always would be the same pointer. The test now compares with repo.defbranch, which is the wanted behavour. Bug discovered while adding cgit_log_link(), so this commit also contain that change. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-05-31Implemented configurable HEAD shortlog on summary page.Ondrej Jirman
This mirrors similiar functionality in gitweb. After clicking on project on projectlist you will immediatelly see quick summary of last N commits on HEAD. [lh: changed from HEAD to cgit_query_head] Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-05-31Use &amp; instead of & in URLs.Ondrej Jirman
Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-05-24Close a <tr> properlyLars Hjemli
No reason to generate illegal html. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-05-23Add repo.readme parameterLars Hjemli
This parameter can be used to specify a repo-specific includefile, which will then be printed on the summary page for the repo. If the parametervalue is a not an absolute path, it is taken to be relative to repo.path. Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-05-22Use cgit_print_age() on summary and log pagesLars Hjemli
Update the pages to show relative dates instead of yyyy-mm-dd hh:mm:ss Signed-off-by: Lars Hjemli <hjemli@gmail.com>
2007-05-22Add cgit_print_age() functionLars Hjemli
This function can be used to print relative dates, just as in gitweb. Next step will be to actually use the new function. Signed-off-by: Lars Hjemli <hjemli@gmail.com>