aboutsummaryrefslogtreecommitdiff
path: root/IkiWiki/Wrapper.pm
Commit message (Collapse)AuthorAge
* Need <sys/wait.h> for waitpid (NetBSD 8 warns).Amitai Schleier2018-08-21
|
* Pass some git environment variables to the test-receive hookSimon McVittie2017-10-01
| | | | | | | | | | | Since git 2.11, git has stored the proposed push in a "quarantine area" until it is accepted by the pre-receive hook, and passed extra environment variables to the pre-receive hook so that it can read objects from the quarantine area. This fixes untrusted push on modern git versions. Signed-off-by: Simon McVittie <smcv@debian.org>
* Enquote $background_command as surely intended.Amitai Schleier2017-01-02
|
* Wrapper: allocate new environment dynamicallySimon McVittie2016-05-11
| | | | | | | | | | | | | | Otherwise, if third-party plugins extend newenviron by more than 3 entries, we could overflow the array. It seems unlikely that any third-party plugin manipulates newenviron in practice, so this is mostly theoretical. Just in case, I have deliberately avoided using "i" as the variable name, so that any third-party plugin that was manipulating newenviron directly will now result in the wrapper failing to compile. I have not assumed that realloc(NULL, ...) works as an equivalent of malloc(...), in case there are still operating systems where that doesn't work.
* fix another unchecked mallocJoey Hess2015-01-25
| | | | | | <joeyh> any parrticular reason 12? <igli> well maximum a 32-bit can go is 10 chars <igli> so one for \0 and round up to 4
* Fix NULL ptr deref on ENOMOM in wrapper. (Thanks, igli)Joey Hess2015-01-25
| | | | Probably not exploitable, but who knows..
* More cautious escaping of environment values.Lafayette Chamber Singers Webmaster2014-09-14
| | | | | | | | | Tightened the escaping per this review comment: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=f35fc6a603b5473ce2c07bb0236e28e57f718315 (I didn't introduce a $tmp, as $val was local to that block already, and each hex encoding is in its own C string literal to avoid consuming subsequent chars that are valid hex digits.)
* Installing ikiwiki on a shared-hosting server, there may be no access toLafayette Chamber Singers Webmaster2014-09-14
| | | | | | | | | | | | | | | install prerequisite Perl modules in the systemwide locations. They may have to be installed under the home directory, such as by using local::lib (which is how the cPanel Perl-module installer works, on systems that use it). For that to work, the local::lib-defined value for PERL5LIB must be in the environment when Perl starts up. The former way %config{ENV} was handled was too late, depending on the Perl code to unpack it from the storable and put it into the environment. Easy solution is to build the wrapper to repopulate the environment based on %config{ENV} before ever exec'ing Perl (and then remove it from the storable as there is nothing more that the Perl code will need to do with it).
* add void prototypeJoey Hess2014-01-02
|
* Fix longstanding bug (chdir to nonexistent dirs).Amitai Schlair2013-01-27
| | | | | | | | | | | | | | | | | In test, set up the post-commit hook for more realism (and bugs!). To make wrappers work in test, set PERL5LIB, and allow the wrappee's path to be overridden. Meta-test that post-commit is really hooked up by verifying that content is getting generated in destdir. About the longstanding bug, which as far as I know was harmless: CVS can't operate outside a srcdir, so we're always setting $CWD. "local $CWD" restores the previous value when we go out of scope. Usually that's correct. But if we're removing the last file from a directory, the post-commit hook will exec in a working directory that's about to not exist (CVS will prune it). The fix: chdir() manually in cvs_runcvs(), so we can selectively not chdir() back.
* add cgi_overload_messageJoey Hess2012-10-11
|
* add cgi_overload_delay tunableJoey Hess2012-10-09
| | | | | | | | | | | Try to avoid a situation in which so many ikiwiki cgi wrapper programs are running, all waiting on some long-running thing like a site rebuild, that it prevents the web server from doing anything else. The current approach only avoids this problem for GET requests; if multiple cgi's run GETs on a site at the same time, one will display a "please wait" page for a configurable number of seconds, which then redirects to retry. To enable this protection, set cgi_overload_delay to the number of seconds to wait. This is not enabled by default.
* Split CFLAGS into words when building wrapper. Closes: #682237Joey Hess2012-07-20
|
* Use lockf rather than flock when taking the cgilock, for better portability.Joey Hess2011-08-24
| | | | | | This kind of change is scary, but this particular lock is very simply used and so it seems ok to make it even just for better portability to SunOS. (People still use that?)
* let thru HTTP_ACCEPTJoey Hess2011-06-15
| | | | | | | | Needed for attachment to return json when requested. I think some browsers send Accept: * , so I made sure to check that json was explicitly listed as to be accepted, as well as having a high priority.
* fix use of debug() without sprintf()Jon Dowland2011-04-20
| | | | | Previous commit substituted a printf call (two arguments) for debug (accepts only one). Interleave an sprintf call to resolve.
* use debug() for wrapper-generation print outsJon Dowland2011-04-20
| | | | | | Use the debug() subroutine for printing out when wrappers are generated. This has the effect of hiding the messages unless verbose mode is enabled.
* Export three cgi env vars needed for CGI->url to work.Joey Hess2011-01-05
|
* Propigate PATH into wrapper.Joey Hess2010-09-26
| | | | | | In the last version, the ikiwiki script stopped setting PATH. But that leads to gcc failing when run from websetup. See http://www.branchable.com/bugs/Crashes_when_rebuilding_wiki_after_setup_change/
* move wrapper building loop into Wrapper.pmJoey Hess2010-07-24
|
* git: Added git_wrapper_background_command option. Can be used to eg, make ↵Joey Hess2010-07-01
| | | | the git wrapper push to github in the background after ikiwiki runs.
* note that tcc workaround is for bug fixed in tcc nowJoey Hess2010-05-04
|
* use __TINYC__ define to avoid tinyc compat fixes breaking FreeBSDJoey Hess2010-03-28
| | | | | | | | To review, tcc does not really use environ, so you have to use clearenv there. But POSIX, in their wisdom, didn't standardise clearenv yet, so on FreeBSD, one still needs to manipulate environ on their own. (If you use tcc on FreeBSD, this may leave you unsatisfied.)
* Allow wrappers to be built using tcc.Joey Hess2010-03-18
|
* C warning cleanupJoey Hess2010-03-18
|
* avoid -O default for CFLAGS, and documentJoey Hess2009-10-21
|
* Pick up user specified CFLAGS when compiling the wrapper.Giulio Eulisse2009-10-21
| | | | (cherry picked from commit 13e9383b48857daa206387f3486eb00e3b171a68)
* Merge commit 'schmonz/master' into cvsJoey Hess2009-09-10
|\
| * Catch up to the new genwrapper hook.Amitai Schlair2009-09-10
| |
| * Merge branch 'master' of git://github.com/joeyh/ikiwikiAmitai Schlair2009-09-10
| |\
* | \ Merge branch 'master' into cvsJoey Hess2009-09-10
|\ \ \ | |/ / |/| |
| * | clean up use of IkiWiki::ReceiveJoey Hess2009-09-10
| |/ | | | | | | | | | | | | | | | | | | Loading and use of IkiWiki::Receive can all be pushed into the git plugin, rather than scattered around. I had at first wanted to make a receive plugin and move it there, but a plugin was not a good fit; you don't want users to have to manually load it, and making the git plugin load the receive plugin at the right times would need more, and ugly code.
| * Add genwrapper hook, that can be used to add code into the C wrapper.Joey Hess2009-09-10
| |
* | Abstract out CVS's involvement in the wrapper:Amitai Schlair2009-09-09
| | | | | | | | | | | | | | | | | | * In Wrapper.pm, add a new hook "wrapperargcheck" to examine argc/argv and return success or failure. In the failure case, the wrapper terminates. * In cvs.pm, implement the new hook to return failure if a directory is being cvs added.
* | Only examine argv if the VCS is cvs.Amitai Schlair2009-08-30
| |
* | The string to match might not be "New directory" exactly, so match thatAmitai Schlair2009-08-30
| | | | | | | | substring instead.
* | Instead of passing the args through the wrapper so the CVS pluginAmitai Schlair2009-08-23
| | | | | | | | | | | | | | can evaluate them, check them in the wrapper right off the bat. This doesn't prevent the deadlock in web commits that need to cvs add directories, but I'm committing so Joey can take a look if he wants.
* | Pass along wrapper args to ikiwiki, then handle the "cvs add dir"Amitai Schlair2009-08-22
|/ | | | | case with a getopt hook directly in my plugin. If the wrapper change is safe, we won't need a wrapper wrapper.
* Create any missing directory necessary to put the wrapper file into. Closes: ↵Joey Hess2009-02-09
| | | | #514384
* doubled semicolonJoey Hess2009-02-04
|
* IkiWiki::Wrapper: allow REDIRECT_STATUS and REDIRECT_URL through from ↵Simon McVittie2009-01-31
| | | | | | environment This is useful to act as an Apache 404 ErrorDocument.
* Coding style change: Remove explcit vim folding markers.Joey Hess2008-12-17
|
* make unlockwiki drop the cgilockJoey Hess2008-11-11
| | | | | | | | This is necessary so that things that fork to the background, like pinger, and inline ping, don't block other cgis from running. Note that websetup also calls unlockwiki, before refreshing / rebuilding the wiki. It makes perfect sense for that not to block other cgis.
* O_CREATE needs modeJoey Hess2008-11-11
|
* avoid multiple ikiwiki cgi processes piling up, eating all memory, and thrashingJoey Hess2008-11-11
| | | | | | | | | | | Fixed by making the cgi wrapper wait on a cgilock. If you had to set apache's MaxClients low to avoid ikiwiki thrashing your server, you can now turn it up to a high value. The downside to this is that a cgi call that doesn't need to call lockwiki will be serialised by this so only one can run at a time. (For example, do=search.) There are few such calls, and all of them call loadindex, so each still eats gobs of memory, so serialising them still seems ok.
* do no-op post_commit test in wrapperJoey Hess2008-10-26
| | | | | | | | | | | | | | | | | | | This speeds up web commits by 1/4th of a second or so, since perl does not have to start up for the post commit hook. perl's locking is completly FuBar, since it's impossible to tell what perl flock() really does, and thus difficult to write code in other languages that interoperates with perl's locking. (Let alone interoperating with existing fcntl locking from perl...) In this particular case, I think I was able to find a way to avoid the insanity, mostly. The C code does a true flock(2), and if perl is using an incompatable lock method that does not use the same locking primative at the kernel level, then the C code's test will fail, and it will go ahead and run the perl code. Then the perl code's test will test the right thing. On Debian, at least lately, perl's flock() does a true flock(2), so the optimisation does work.
* move untrusted committer test into the wrapperJoey Hess2008-10-26
| | | | | This saves around 1/4th second per trusted commit since ikiwiki doesn't need to start up.
* remember how to write C codeJoey Hess2008-10-24
| | | | been a while!
* export CALLER_UIDJoey Hess2008-10-24
|
* Pass HTTPS variable through the wrapper so that CGI->https can be used by ↵Joey Hess2008-10-13
| | | | plugins. Closes: #502047
generated by cgit v1.2.3 (git 2.25.4) at 2024-04-27 12:33:20 +0000