Merge from knu-cvsweb 1.104.1.55.
2001-01-02 21:23 knu
* cvsweb.cgi, cvsweb.conf: Get cvsweb.cgi to run under perl -T.
Change perl command line:
Change perl5 to perl and just declare `require 5.000'.
Remove -s option that was intended for debug use.
Add -T option to perform security checks.
Change search paths for cvsweb.conf:
Don't adopt the value of $ENV{CVSWEB_CONFIG} that was intended
for
debug use.
Search the same directory that cvsweb.cgi is in instead of the
current directory.
Invoking `last' in `do { ... } while (0);' is wrong. Change the
loop to `while (1) { ... last; }'.
Don't do chdir. Instead, use tar(1)'s -C option and cvs(1)
export's -d option.
Explicitly define $ENV{PATH}.
Turn $allow_compress off by default so user can debug cvsweb.cgi
easily. (Still enabled on freefall)
This commit is contained in:
Akinori MUSHA
parent
ce1a91e27c
commit
885d6122bd
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/www/; revision=8626
2 changed files with 34 additions and 38 deletions
|
|
@ -1,4 +1,4 @@
|
|||
#!/usr/bin/perl5 -ws
|
||||
#!/usr/bin/perl -wT
|
||||
#
|
||||
# cvsweb - a CGI interface to CVS trees.
|
||||
#
|
||||
|
|
@ -43,11 +43,13 @@
|
|||
# SUCH DAMAGE.
|
||||
#
|
||||
# $zId: cvsweb.cgi,v 1.104 2000/11/01 22:05:12 hnordstrom Exp $
|
||||
# $Id: cvsweb.cgi,v 1.63 2001-01-02 00:03:51 knu Exp $
|
||||
# $FreeBSD: www/en/cgi/cvsweb.cgi,v 1.62 2000/12/29 09:22:50 knu Exp $
|
||||
# $Id: cvsweb.cgi,v 1.64 2001-01-02 12:45:29 knu Exp $
|
||||
# $FreeBSD: www/en/cgi/cvsweb.cgi,v 1.63 2001/01/02 00:03:51 knu Exp $
|
||||
#
|
||||
###
|
||||
|
||||
require 5.000;
|
||||
|
||||
use strict;
|
||||
|
||||
use vars qw (
|
||||
|
|
@ -131,16 +133,18 @@ sub link_tags($);
|
|||
sub forbidden_module($);
|
||||
|
||||
##### Start of Configuration Area ########
|
||||
use Cwd;
|
||||
use File::Basename;
|
||||
|
||||
# == EDIT this ==
|
||||
# Locations to search for user configuration, in order:
|
||||
for (
|
||||
$ENV{CVSWEB_CONFIG},
|
||||
'/usr/local/etc/cvsweb.conf',
|
||||
getcwd() . '/cvsweb.conf'
|
||||
(dirname $0) . '/cvsweb.conf',
|
||||
'/usr/local/etc/cvsweb.conf'
|
||||
) {
|
||||
$config = $_ if defined($_) && -r $_;
|
||||
if (defined($_) && -r $_) {
|
||||
($config) = /(.*)/; # untaint
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
||||
# == Configuration defaults ==
|
||||
|
|
@ -216,7 +220,7 @@ $LOG_REVSEPARATOR = q/^-{28}$/;
|
|||
##### End of configuration variables #####
|
||||
|
||||
$cgi_style::hsty_base = 'http://www.FreeBSD.org';
|
||||
$_ = q$FreeBSD: www/en/cgi/cvsweb.cgi,v 1.62 2000/12/29 09:22:50 knu Exp $;
|
||||
$_ = q$FreeBSD: www/en/cgi/cvsweb.cgi,v 1.63 2001/01/02 00:03:51 knu Exp $;
|
||||
@_ = split;
|
||||
$cgi_style::hsty_date = "@_[3,4]";
|
||||
|
||||
|
|
@ -496,11 +500,11 @@ if ($module && &forbidden_module($module)) {
|
|||
if ($input{tarball}) {
|
||||
&fatal("403 Forbidden", "Downloading tarballs is prohibited.")
|
||||
unless $allow_tar;
|
||||
$where =~ s,/[^/]*$,,;
|
||||
$where =~ s,^/,,;
|
||||
my($basedir) = ($where =~ m,([^/]+)$,);
|
||||
my($module) = ($where =~ m,^/?(.*),); # untaint
|
||||
$module =~ s,/[^/]*$,,;
|
||||
my($basedir) = ($module =~ m,([^/]+)$,);
|
||||
|
||||
if ($basedir eq '' || $where eq '') {
|
||||
if ($basedir eq '' || $module eq '') {
|
||||
&fatal("500 Internal Error", "You cannot download the top level directory.");
|
||||
}
|
||||
|
||||
|
|
@ -511,34 +515,24 @@ if ($input{tarball}) {
|
|||
|
||||
my $fatal = '';
|
||||
|
||||
do {
|
||||
chdir $tmpdir
|
||||
or $fatal = "500 Internal Error", "Unable to cd to temporary directory: $!"
|
||||
&& last;
|
||||
|
||||
while (1) {
|
||||
my $tag = (exists $input{only_with_tag} && length $input{only_with_tag})
|
||||
? $input{only_with_tag} : "HEAD";
|
||||
|
||||
system "cvs", @cvs_options, "-Qd", $cvsroot, "export", "-r", $tag, $where
|
||||
and $fatal = "500 Internal Error","cvs co failure: $!: $where"
|
||||
&& last;
|
||||
|
||||
chdir "$where/.."
|
||||
or $fatal = "500 Internal Error","Cannot find expected directory in checkout"
|
||||
system "cvs", @cvs_options, "-Qd", $cvsroot, "export", "-r", $tag, "-d", "$tmpdir/$basedir", $module
|
||||
and $fatal = "500 Internal Error","cvs co failure: $!: $module"
|
||||
&& last;
|
||||
|
||||
$| = 1; # Essential to get the buffering right.
|
||||
|
||||
print "Content-type: application/x-gzip\r\n\r\n";
|
||||
|
||||
system "tar", "-zcf", "-", $basedir, @tar_options
|
||||
system "tar", @tar_options, "-zcf", "-", "-C", $tmpdir, $basedir
|
||||
and $fatal = "500 Internal Error","tar zc failure: $!: $basedir"
|
||||
&& last;
|
||||
|
||||
chdir $tmpdir
|
||||
or $fatal = "500 Internal Error","Unable to cd to temporary directory: $!"
|
||||
&& last;
|
||||
} while (0);
|
||||
last;
|
||||
}
|
||||
|
||||
system "rm", "-rf", $tmpdir if -d $tmpdir;
|
||||
|
||||
|
|
@ -1386,8 +1380,8 @@ sub doAnnotate($$) {
|
|||
# the public domain.
|
||||
# we could abandon the use of rlog, rcsdiff and co using
|
||||
# the cvsserver in a similiar way one day (..after rewrite)
|
||||
$pid = open2($reader, $writer, "cvs @cvs_options -l server") || fatal ("500 Internal Error",
|
||||
"Fatal Error - unable to open cvs for annotation");
|
||||
$pid = open2($reader, $writer, "cvs", @cvs_options, "server")
|
||||
|| fatal ("500 Internal Error", "Fatal Error - unable to open cvs for annotation");
|
||||
|
||||
# OK, first send the request to the server. A simplified example is:
|
||||
# Root /home/kingdon/zwork/cvsroot
|
||||
|
|
@ -2735,7 +2729,7 @@ sub navigateHeader($$$$$) {
|
|||
print qq`<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">`;
|
||||
print "<HTML>\n<HEAD>\n";
|
||||
print qq`<META name="robots" content="nofollow">\n`;
|
||||
print '<!-- CVSweb $zRevision: 1.104 $ $Revision: 1.63 $ -->';
|
||||
print '<!-- CVSweb $zRevision: 1.104 $ $Revision: 1.64 $ -->';
|
||||
print "\n<TITLE>$path$filename - $title - $rev</TITLE></HEAD>\n";
|
||||
print "$body_tag_for_src\n";
|
||||
print "<table width=\"100%\" border=0 cellspacing=0 cellpadding=1 bgcolor=\"$navigationHeaderColor\">";
|
||||
|
|
@ -3129,7 +3123,7 @@ sub http_header(;$) {
|
|||
|
||||
sub html_header($) {
|
||||
my ($title) = @_;
|
||||
my $version = '$zRevision: 1.104 $ $Revision: 1.63 $'; #'
|
||||
my $version = '$zRevision: 1.104 $ $Revision: 1.64 $'; #'
|
||||
http_header(defined($charset) ? "text/html; charset=$charset" : "text/html");
|
||||
|
||||
(my $header = &cgi_style::html_header) =~ s/^.*\n\n//; # remove HTTP response header
|
||||
|
|
|
|||
|
|
@ -7,8 +7,8 @@
|
|||
# 2000 A. MUSHA <knu@FreeBSD.org>
|
||||
# based on work by Bill Fenner <fenner@FreeBSD.org>
|
||||
# $zId: cvsweb.conf,v 1.27 2000/07/27 10:16:39 kcoar Exp $
|
||||
# $Id: cvsweb.conf,v 1.11 2001-01-02 00:03:51 knu Exp $
|
||||
# $FreeBSD: www/en/cgi/cvsweb.conf,v 1.10 2000/12/28 18:42:21 knu Exp $
|
||||
# $Id: cvsweb.conf,v 1.12 2001-01-02 12:45:29 knu Exp $
|
||||
# $FreeBSD: www/en/cgi/cvsweb.conf,v 1.11 2001/01/02 00:03:51 knu Exp $
|
||||
#
|
||||
###
|
||||
|
||||
|
|
@ -401,9 +401,11 @@ $open_extern_window = 1;
|
|||
# this allows editing of all your options more intuitive
|
||||
$edit_option_form = (not $dirtable);
|
||||
|
||||
# remember to set the path to your
|
||||
# rcsutils: rlog, rcsdiff (gzip if you use compression)
|
||||
#$ENV{'PATH'} = '/usr/local/bin';
|
||||
# Set the path for the following commands:
|
||||
# cvs, rlog, rcsdiff
|
||||
# gzip (if you enable $allow_compress)
|
||||
# tar,rm (if you enable $allow_tar)
|
||||
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/bin';
|
||||
|
||||
# If you have files which automatically refers to other files
|
||||
# (such as HTML) then this allows you to browse the checked
|
||||
|
|
|
|||
Loading…
Reference in a new issue