| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | ui-shared: fix broken sizeof in title setting and rewrite•••The old algorithm was totally incorrect. While we're at it, use «
instead of \, since it makes more sense.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2019-01-02 | 1 | -26/+8 |
| * | git: update to v2.20.0•••Update to git version v2.20.0. Required changes follow upstream commits:
* 00436bf1b1c2a8fe6cf5d2c2457d419d683042f4
(archive: initialize archivers earlier)
* 611e42a5980a3a9f8bb3b1b49c1abde63c7a191e
(xdiff: provide a separate emit callback for hunks)
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-12-09 | 4 | -2/+3 |
| * | ui-blame: set repo for sb•••Otherwise recent git complains and crashes with: "BUG: blame.c:1787:
repo is NULL".
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-11-25 | 1 | -0/+1 |
| * | auth-filter: pass url with query string attached•••Otherwise redirections come out wrong.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-11-25 | 3 | -3/+37 |
| * | git: use xz compressed archive for download•••Upstream will stop providing gz compressed source tarballs [0], so stop
using them.
[0] https://lists.zx2c4.com/pipermail/cgit/2018-November/004254.html
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-11-21 | 1 | -2/+2 |
| * | git: update to v2.19.1•••Update to git version v2.19.1. Required changes follow upstream commits:
* commit: add repository argument to get_cached_commit_buffer
(3ce85f7e5a41116145179f0fae2ce6d86558d099)
* commit: add repository argument to lookup_commit_reference
(2122f6754c93be8f02bfb5704ed96c88fc9837a8)
* object: add repository argument to parse_object
(109cd76dd3467bd05f8d2145b857006649741d5c)
* tag: add repository argument to deref_tag
(a74093da5ed601a09fa158e5ba6f6f14c1142a3e)
* tag: add repository argument to lookup_tag
(ce71efb713f97f476a2d2ab541a0c73f684a5db3)
* tree: add repository argument to lookup_tree
(f86bcc7b2ce6cad68ba1a48a528e380c6126705e)
* archive.c: avoid access to the_index
(b612ee202a48f129f81f8f6a5af6cf71d1a9caef)
* for_each_*_object: move declarations to object-store.h
(0889aae1cd18c1804ba01c1a4229e516dfb9fe9b)
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-10-12 | 15 | -22/+23 |
| * | ui-ssdiff: ban strcat()•••Git upstream bans strcat() with commit:
banned.h: mark strcat() as banned
1b11b64b815db62f93a04242e4aed5687a448748
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-09-11 | 1 | -2/+4 |
| * | ui-ssdiff: ban strncpy()•••Git upstream bans strncpy() with commit:
banned.h: mark strncpy() as banned
e488b7aba743d23b830d239dcc33d9ca0745a9ad
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-09-11 | 1 | -2/+1 |
| * | ui-shared: ban strcat()•••Git upstream bans strcat() with commit:
banned.h: mark strcat() as banned
1b11b64b815db62f93a04242e4aed5687a448748
To avoid compiler warnings from gcc 8.1.x we get the hard way.
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-09-11 | 1 | -4/+8 |
| * | ui-patch: ban sprintf()•••Git upstream bans sprintf() with commit:
banned.h: mark sprintf() as banned
cc8fdaee1eeaf05d8dd55ff11f111b815f673c58
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-09-11 | 1 | -2/+5 |
| * | ui-log: ban strncpy()•••Git upstream bans strncpy() with commit:
banned.h: mark strncpy() as banned
e488b7aba743d23b830d239dcc33d9ca0745a9ad
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-09-11 | 1 | -1/+1 |
| * | ui-log: ban strcpy()•••Git upstream bans strcpy() with commit:
automatically ban strcpy()
c8af66ab8ad7cd78557f0f9f5ef6a52fd46ee6dd
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-09-11 | 1 | -1/+1 |
| * | parsing: ban sprintf()•••Git upstream bans sprintf() with commit:
banned.h: mark sprintf() as banned
cc8fdaee1eeaf05d8dd55ff11f111b815f673c58
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-09-11 | 1 | -1/+1 |
| * | parsing: ban strncpy()•••Git upstream bans strncpy() with commit:
banned.h: mark strncpy() as banned
e488b7aba743d23b830d239dcc33d9ca0745a9ad
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-09-11 | 1 | -2/+1 |
| * | filters: generate anchor links from markdown•••This makes the markdown filter generate anchor links for headings.
Signed-off-by: Christian Hesse <mail@eworm.de>
Tested-by: jean-christophe manciot <actionmystique@gmail.com>
| Christian Hesse | 2018-08-28 | 1 | -2/+15 |
| * | Bump version.•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-08-03 | 1 | -1/+1 |
| * | clone: fix directory traversal•••This was introduced in the initial version of this code, way back when
in 2008.
$ curl http://127.0.0.1/cgit/repo/objects/?path=../../../../../../../../../etc/passwd
root:x:0:0:root:/root:/bin/sh
...
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reported-by: Jann Horn <jannh@google.com>
| Jason A. Donenfeld | 2018-08-03 | 1 | -4/+19 |
| * | config: record repo.snapshot-prefix in the per-repo config•••Even if we find snapshot-prefix in the repo configuration, we are not
writing it out into the rc- file, so setting the value does not have any
effect.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
| Konstantin Ryabitsev | 2018-08-03 | 1 | -0/+2 |
| * | auth-filters: add simple file-based authentication scheme•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-08-03 | 1 | -0/+352 |
| * | auth-filters: use crypt() in simple-authentication•••There's no use in giving a silly example to folks who will just copy it,
so instead try to do something slightly better.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-15 | 1 | -13/+6 |
| * | auth-filters: generate secret securely•••This is much better than having the user generate it themselves.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-15 | 2 | -18/+85 |
| * | auth-filters: do not crash on nil username•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-14 | 1 | -1/+1 |
| * | auth-filter: do not write more than we've read•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-14 | 1 | -2/+2 |
| * | auth-filters: do not use HMAC-SHA1•••Though SHA1 is broken, HMAC-SHA1 is still fine. But let's not push our
luck; SHA256 is more sensible anyway.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-14 | 2 | -4/+4 |
| * | Bump version.•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-13 | 1 | -1/+1 |
| * | Update COPYING•••The address of the Free Software Foundation has changed since the
license was added in 7640d90 ("Add license file and copyright notices",
2006-12-10). Update the license file from gnu.org¹.
The only non-whitespace changes are the updated FSF address and two
references to the L in LGPL changed from Library to Lesser.
¹ https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
Signed-off-by: Todd Zullinger <tmz@pobox.com>
| Todd Zullinger | 2018-07-10 | 1 | -20/+19 |
| * | css: use correct size in annotated decoration•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-08 | 1 | -0/+1 |
| * | cgitrc.5: add local tar signature example•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-05 | 1 | -3/+14 |
| * | Fix gcc 8.1.1 compiler warnings••• CC ../shared.o
../shared.c: In function ‘expand_macro’:
../shared.c:487:3: warning: ‘strncpy’ specified bound depends on the length of the source argument [-Wstringop-overflow=]
strncpy(name, value, len);
^~~~~~~~~~~~~~~~~~~~~~~~~
../shared.c:484:9: note: length computed here
len = strlen(value);
^~~~~~~~~~~~~
../ui-shared.c: In function ‘cgit_repobasename’:
../ui-shared.c:136:2: warning: ‘strncpy’ specified bound 1024 equals destination size [-Wstringop-truncation]
strncpy(rvbuf, reponame, sizeof(rvbuf));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CC ../ui-ssdiff.o
../ui-ssdiff.c: In function ‘replace_tabs’:
../ui-ssdiff.c:142:4: warning: ‘strncat’ output truncated copying between 1 and 8 bytes from a string of length 8 [-Wstringop-truncation]
strncat(result, spaces, 8 - (strlen(result) % 8));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-04 | 3 | -15/+23 |
| * | cgitrc.5: document new signature notes•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-03 | 1 | -1/+17 |
| * | snapshot: support tar signature for compressed tar•••This adds support for kernel.org style signatures where the uncompressed
tar archive is signed and compressed later. The signature is valid for
all tar* snapshots.
We have a filter which snapshots may be generated and downloaded. This has
to allow tar signatures now even if tar itself is not allowed. To simplify
things we allow all signatures.
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-07-03 | 2 | -2/+10 |
| * | extra-head-content: introduce another option for meta tags•••This is to support things like go-import meta tags, which are on a
per-repo basis.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2018-07-03 | 5 | -0/+12 |
| * | Use string list strdup_strings for mimetypes•••There's no need to do this manually with the string list API will do it
for us.
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2018-06-27 | 1 | -2/+2 |
| * | manpage: fix sorting order•••You maybe didn't know you had OCD until you saw an
alpha sorted list that has stuff out of order in it.
Signed-off-by: Andy Green <andy@warmcat.com>
Reviewed-by: John Keeping <john@keeping.me.uk>
| Andy Green | 2018-06-27 | 1 | -88/+88 |
| * | cache: close race window when unlocking slots•••We use POSIX advisory record locks to control access to cache slots, but
these have an unhelpful behaviour in that they are released when any
file descriptor referencing the file is closed by this process.
Mostly this is okay, since we know we won't be opening the lock file
anywhere else, but there is one place that it does matter: when we
restore stdout we dup2() over a file descriptor referring to the file,
thus closing that descriptor.
Since we restore stdout before unlocking the slot, this creates a window
during which the slot content can be overwritten. The fix is reasonably
straightforward: simply restore stdout after unlocking the slot, but the
diff is a bit bigger because this requires us to move the temporary
stdout FD into struct cache_slot.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 1 | -23/+14 |
| * | git: update to v2.18.0•••Update to git version v2.18.0. Required changes follow upstream commits:
* Convert find_unique_abbrev* to struct object_id
(aab9583f7b5ea5463eb3f653a0b4ecac7539dc94)
* sha1_file: convert read_sha1_file to struct object_id
(b4f5aca40e6f77cbabcbf4ff003c3cf30a1830c8)
* sha1_file: convert sha1_object_info* to object_id
(abef9020e3df87c441c9a3a95f592fce5fa49bb9)
* object-store: move packed_git and packed_git_mru to object store
(a80d72db2a73174b3f22142eb2014b33696fd795)
* treewide: rename tree to maybe_tree
(891435d55da80ca3654b19834481205be6bdfe33)
The changed data types required some of our own functions to be converted
to struct object_id:
ls_item
print_dir
print_dir_entry
print_object
single_tree_cb
walk_tree
write_tree_link
And finally we use new upstream functions that were added for
struct object_id:
hashcpy -> oidcpy
sha1_to_hex -> oid_to_hex
Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
| Christian Hesse | 2018-06-27 | 13 | -70/+71 |
| * | global: remove functionality we deprecated for cgit v1.0•••The man page states these were deprecated for v1.0. We are past v1.1,
so remove the functionality.
Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
| Christian Hesse | 2018-06-27 | 5 | -43/+3 |
| * | snapshot: strip bit from struct cgit_snapshot_format•••We had a static bit value in struct cgit_snapshot_format. We do not rely
on it and things can be calculated on the fly. So strip it.
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2018-06-27 | 5 | -10/+17 |
| * | snapshot: support special value 'all' to enable all formats•••Signed-off-by: Christian Hesse <mail@eworm.de>
Reviewed-by: John Keeping <john@keeping.me.uk>
| Christian Hesse | 2018-06-27 | 2 | -0/+4 |
| * | snapshot: support archive signatures•••Read signatures from the notes refs refs/notes/signatures/$FORMAT where
FORMAT is one of our archive formats ("tar", "tar.gz", ...). The note
is expected to simply contain the signature content to be returned when
the snapshot "${filename}.asc" is requested, so the signature for
cgit-1.1.tar.xz can be stored against the v1.1 tag with:
git notes --ref=refs/notes/signatures/tar.xz add -C "$(
gpg --output - --armor --detach-sign cgit-1.1.tar.xz |
git hash-object -w --stdin
)" v1.1
and then downloaded by simply appending ".asc" to the archive URL.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 3 | -1/+84 |
| * | ui-refs: use shared function to print tag downloads•••cgit_compose_snapshot_prefix() is identical to print_tag_downloads(), so
remove the latter and use the function from ui-shared.c instead.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 1 | -26/+1 |
| * | ui-shared: pass separator in to cgit_print_snapshot_links()•••cgit_print_snapshot_links() is almost identical to
print_tag_downloads(), so let's extract the difference to a parameter in
preparation for removing print_tag_downloads() in the next commit.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 4 | -5/+6 |
| * | ui-shared: use the same snapshot logic as ui-refs•••Make snapshot links in the commit UI use the same prefix algorithm as
those in the summary UI, so that refs starting with the snapshot prefix
are used as-is rather than composed with the prefix repeated.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 1 | -1/+7 |
| * | ui-shared: rename parameter to cgit_print_snapshot_links()•••This is expected to be a ref not a hex object ID, so name it more
appropriately.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 2 | -3/+3 |
| * | ui-shared: remove unused parameter•••The "head" parameter to cgit_print_snapshot_links() is never used, so
remove it.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 4 | -5/+4 |
| * | ui-refs: remove unnecessary sanity check•••There is no way for refinfo::refname to be null, and Git will prevent
zero-length refs so this check is unnecessary.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 1 | -3/+0 |
| * | ui-snapshot: filter permitted snapshot requests•••Currently the snapshots configuration option only filters which links
are displayed, not which snapshots may be generated and downloaded.
Apply the filter also to requests to ensure that the system policy is
enforced.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 1 | -1/+1 |
| * | Add "snapshot-prefix" repo configuration•••Allow using a user-specified value for the prefix in snapshot files
instead of the repository basename. For example, files downloaded from
the linux-stable.git repository should be named linux-$VERSION and not
linux-stable-$VERSION, which can be achieved by setting:
repo.snapshot-prefix=linux
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 7 | -4/+23 |
| * | ui-snapshot: pass repo into get_ref_from_filename()•••Prepare to allow a custom snapshot prefix.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 1 | -3/+4 |
| * | ui-shared: pass repo object to print_snapshot_links()•••Both call sites of cgit_print_snapshot_links() use the same values for
the snapshot mask and repository name, which are derived from the
cgit_repo structure so let's pass in the structure and access the fields
directly.
Signed-off-by: John Keeping <john@keeping.me.uk>
Reviewed-by: Christian Hesse <mail@eworm.de>
| John Keeping | 2018-06-27 | 4 | -10/+8 |
