Todd Zullinger [Tue, 29 Dec 2020 19:18:01 +0000 (14:18 -0500)]
tests: t0107: support older and/or non-GNU tar
The untar tests for various compression algorithms use shortcut options
from GNU tar to handle decompression. These options may not be provided
by non-GNU tar nor even by slightly older GNU tar versions which ship on
many systems.
An example of the latter case is the --zstd option. This was added in
GNU tar-1.32 (2019-02-23)¹. This version of tar is not provided by
CentOS/RHEL, in particular. In Debian, --zstd has been backported to
the tar-1.30 release.
Avoid the requirement on any specific implementations or versions of tar
by piping decompressed output to tar. This is compatible with older GNU
tar releases as well as tar implementations from other vendors. (It may
also be a slight benefit that this more closely matches what the
snapshot creation code does.)
¹ Technically, the --zstd option was first released in tar-1.31
(2019-01-02), but this release was very short-lived and is no longer
listed on the GNU Tar release page.
Signed-off-by: Todd Zullinger <tmz@pobox.com> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Christian Hesse [Tue, 20 Oct 2020 21:32:45 +0000 (23:32 +0200)]
global: replace references to 'sha1' with 'oid'
For some time now sha1 is considered broken and upstream is working to
replace it with sha256. Replace all references to 'sha1' with 'oid',
just as upstream does.
A previous commit changed ->tree to ->maybe_tree throughout, which may
have worked at the time, but wasn't safe, because maybe_tree is loaded
lazily. This manifested itself in crashes when using the "follow" log
feature. The proper fix is to use the correct contextual accessors
everytime we want access to maybe_tree. Thankfully, the commit.cocci
script takes care of creating mostly-correct patches that we could then
fix up, resulting in this commit here.
Fixes: 255b78f ("git: update to v2.18.0") Reviewed-by: Christian Hesse <mail@eworm.de> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Christian Hesse [Wed, 26 Feb 2020 08:12:21 +0000 (09:12 +0100)]
ui-snapshot: add support for zstd compression
This patch adds support for zstd [0] compressed snapshots (*.tar.zst).
We enable multiple working threads (-T0), but keep default compression
level. The latter can be influenced by environment variable.
Christian Hesse [Wed, 23 Oct 2019 21:21:54 +0000 (23:21 +0200)]
git: update to v2.24.0
Update to git version v2.24.0.
Never use get_cached_commit_buffer() directly, use repo_get_commit_buffer()
instead. The latter calls the former anyway. This fixes segmentation fault
when commit-graph is enabled and get_cached_commit_buffer() does not return
the expected result.
Christian Hesse [Mon, 13 May 2019 19:41:37 +0000 (21:41 +0200)]
git: update to v2.22.0
Update to git version v2.22.0.
Upstream commit bce9db6d ("trace2: use system/global config for default
trace2 settings") caused a regression. We have to unset HOME and
XDG_CONFIG_HOME before early loading of config from trace2 code kicks in.
Christian Hesse [Tue, 4 Jun 2019 11:49:36 +0000 (13:49 +0200)]
tests: successfully validate rc versions
For testing versions the version string differs for git tag (v2.22.0-rc3)
and tarball file name (2.22.0.rc3). Let's fix validation for testing
versions.
Chris Mayo [Thu, 21 Feb 2019 19:56:05 +0000 (19:56 +0000)]
ui-ssdiff: resolve HTML5 validation errors
- Remove ids from anchor elements. They were unusable because they were
duplicated between files and versions of files.
- Always close span, with html().
- Fix missing / on closing tr element in cgit_ssdiff_header_end().
The address of the Free Software Foundation has changed since the
license was added in 7640d90 ("Add license file and copyright notices",
2006-12-10). Update the license file from gnu.org¹.
The only non-whitespace changes are the updated FSF address and two
references to the L in LGPL changed from Library to Lesser.
CC ../shared.o
../shared.c: In function ‘expand_macro’:
../shared.c:487:3: warning: ‘strncpy’ specified bound depends on the length of the source argument [-Wstringop-overflow=]
strncpy(name, value, len);
^~~~~~~~~~~~~~~~~~~~~~~~~
../shared.c:484:9: note: length computed here
len = strlen(value);
^~~~~~~~~~~~~
../ui-shared.c: In function ‘cgit_repobasename’:
../ui-shared.c:136:2: warning: ‘strncpy’ specified bound 1024 equals destination size [-Wstringop-truncation]
strncpy(rvbuf, reponame, sizeof(rvbuf));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CC ../ui-ssdiff.o
../ui-ssdiff.c: In function ‘replace_tabs’:
../ui-ssdiff.c:142:4: warning: ‘strncat’ output truncated copying between 1 and 8 bytes from a string of length 8 [-Wstringop-truncation]
strncat(result, spaces, 8 - (strlen(result) % 8));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Christian Hesse [Thu, 7 Jun 2018 19:31:28 +0000 (21:31 +0200)]
snapshot: support tar signature for compressed tar
This adds support for kernel.org style signatures where the uncompressed
tar archive is signed and compressed later. The signature is valid for
all tar* snapshots.
We have a filter which snapshots may be generated and downloaded. This has
to allow tar signatures now even if tar itself is not allowed. To simplify
things we allow all signatures.
John Keeping [Wed, 20 Jun 2018 05:29:14 +0000 (07:29 +0200)]
cache: close race window when unlocking slots
We use POSIX advisory record locks to control access to cache slots, but
these have an unhelpful behaviour in that they are released when any
file descriptor referencing the file is closed by this process.
Mostly this is okay, since we know we won't be opening the lock file
anywhere else, but there is one place that it does matter: when we
restore stdout we dup2() over a file descriptor referring to the file,
thus closing that descriptor.
Since we restore stdout before unlocking the slot, this creates a window
during which the slot content can be overwritten. The fix is reasonably
straightforward: simply restore stdout after unlocking the slot, but the
diff is a bit bigger because this requires us to move the temporary
stdout FD into struct cache_slot.
Signed-off-by: John Keeping <john@keeping.me.uk> Reviewed-by: Christian Hesse <mail@eworm.de>
John Keeping [Sat, 31 Mar 2018 15:15:48 +0000 (16:15 +0100)]
snapshot: support archive signatures
Read signatures from the notes refs refs/notes/signatures/$FORMAT where
FORMAT is one of our archive formats ("tar", "tar.gz", ...). The note
is expected to simply contain the signature content to be returned when
the snapshot "${filename}.asc" is requested, so the signature for
cgit-1.1.tar.xz can be stored against the v1.1 tag with:
John Keeping [Sat, 31 Mar 2018 14:08:59 +0000 (15:08 +0100)]
ui-shared: pass separator in to cgit_print_snapshot_links()
cgit_print_snapshot_links() is almost identical to
print_tag_downloads(), so let's extract the difference to a parameter in
preparation for removing print_tag_downloads() in the next commit.
Signed-off-by: John Keeping <john@keeping.me.uk> Reviewed-by: Christian Hesse <mail@eworm.de>
John Keeping [Sat, 31 Mar 2018 14:06:01 +0000 (15:06 +0100)]
ui-shared: use the same snapshot logic as ui-refs
Make snapshot links in the commit UI use the same prefix algorithm as
those in the summary UI, so that refs starting with the snapshot prefix
are used as-is rather than composed with the prefix repeated.
Signed-off-by: John Keeping <john@keeping.me.uk> Reviewed-by: Christian Hesse <mail@eworm.de>
John Keeping [Sat, 31 Mar 2018 14:19:52 +0000 (15:19 +0100)]
ui-snapshot: filter permitted snapshot requests
Currently the snapshots configuration option only filters which links
are displayed, not which snapshots may be generated and downloaded.
Apply the filter also to requests to ensure that the system policy is
enforced.
Signed-off-by: John Keeping <john@keeping.me.uk> Reviewed-by: Christian Hesse <mail@eworm.de>
John Keeping [Sat, 31 Mar 2018 13:20:01 +0000 (14:20 +0100)]
Add "snapshot-prefix" repo configuration
Allow using a user-specified value for the prefix in snapshot files
instead of the repository basename. For example, files downloaded from
the linux-stable.git repository should be named linux-$VERSION and not
linux-stable-$VERSION, which can be achieved by setting:
repo.snapshot-prefix=linux
Signed-off-by: John Keeping <john@keeping.me.uk> Reviewed-by: Christian Hesse <mail@eworm.de>
John Keeping [Sat, 31 Mar 2018 13:05:02 +0000 (14:05 +0100)]
ui-shared: pass repo object to print_snapshot_links()
Both call sites of cgit_print_snapshot_links() use the same values for
the snapshot mask and repository name, which are derived from the
cgit_repo structure so let's pass in the structure and access the fields
directly.
Signed-off-by: John Keeping <john@keeping.me.uk> Reviewed-by: Christian Hesse <mail@eworm.de>
Christian Hesse [Tue, 5 Jun 2018 10:46:13 +0000 (12:46 +0200)]
ui-log: highlight annotated tags in different color
Annotated tags have some extra information... Descriptive text or signature.
Highlighting annotated tags in a different color show what tag may be worth
clicking for extra information.
Signed-off-by: Christian Hesse <mail@eworm.de> Reviewed-by: John Keeping <john@keeping.me.uk>
Christian Hesse [Mon, 4 Jun 2018 20:27:46 +0000 (22:27 +0200)]
print git version string in footer
This helps tracking what git version cgit uses. The security implications are
low as anybody can look up the version of our submodule anyway. The paranoid
can use a custom footer. :-p
On the other hand this brings potential security issues to the
administrators eyes...