]> gitweb.ps.run Git - ps-cgit/blobdiff - cgit.c
projects / ps-cgit / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
auth: add basic authentication filter framework
[ps-cgit] / cgit.c
diff --git a/cgit.c b/cgit.c
index 861352a5e9e8da1558cde08b3cc076375d138ede..c52ef331b76995419aff93935784f1174150a8bc 100644 (file)
--- a/cgit.c
+++ b/cgit.c
@@ -1,7 +1,6 @@
 /* cgit.c: cgi for the git scm
  *
 /* cgit.c: cgi for the git scm
  *
- * Copyright (C) 2006 Lars Hjemli
- * Copyright (C) 2010-2013 Jason A. Donenfeld <Jason@zx2c4.com>
+ * Copyright (C) 2006-2014 cgit Development Team <cgit@lists.zx2c4.com>
  *
  * Licensed under GNU General Public License v2
  *   (see COPYING for full license text)
  *
  * Licensed under GNU General Public License v2
  *   (see COPYING for full license text)
@@ -28,36 +27,6 @@ static void add_mimetype(const char *name, const char *value)
        item->util = xstrdup(value);
 }
 
        item->util = xstrdup(value);
 }
 
-static struct cgit_filter *new_filter(const char *cmd, filter_type filtertype)
-{
-       struct cgit_filter *f;
-       int args_size = 0;
-       int extra_args;
-
-       if (!cmd || !cmd[0])
-               return NULL;
-
-       switch (filtertype) {
-               case SOURCE:
-               case ABOUT:
-                       extra_args = 1;
-                       break;
-
-               case COMMIT:
-               default:
-                       extra_args = 0;
-                       break;
-       }
-
-       f = xmalloc(sizeof(struct cgit_filter));
-       f->cmd = xstrdup(cmd);
-       args_size = (2 + extra_args) * sizeof(char *);
-       f->argv = xmalloc(args_size);
-       memset(f->argv, 0, args_size);
-       f->argv[0] = f->cmd;
-       return f;
-}
-
 static void process_cached_repolist(const char *path);
 
 static void repo_config(struct cgit_repo *repo, const char *name, const char *value)
 static void process_cached_repolist(const char *path);
 
 static void repo_config(struct cgit_repo *repo, const char *name, const char *value)
@@ -115,11 +84,13 @@ static void repo_config(struct cgit_repo *repo, const char *name, const char *va
                repo->logo_link = xstrdup(value);
        else if (ctx.cfg.enable_filter_overrides) {
                if (!strcmp(name, "about-filter"))
                repo->logo_link = xstrdup(value);
        else if (ctx.cfg.enable_filter_overrides) {
                if (!strcmp(name, "about-filter"))
-                       repo->about_filter = new_filter(value, ABOUT);
+                       repo->about_filter = cgit_new_filter(value, ABOUT);
                else if (!strcmp(name, "commit-filter"))
                else if (!strcmp(name, "commit-filter"))
-                       repo->commit_filter = new_filter(value, COMMIT);
+                       repo->commit_filter = cgit_new_filter(value, COMMIT);
                else if (!strcmp(name, "source-filter"))
                else if (!strcmp(name, "source-filter"))
-                       repo->source_filter = new_filter(value, SOURCE);
+                       repo->source_filter = cgit_new_filter(value, SOURCE);
+               else if (!strcmp(name, "email-filter"))
+                       repo->email_filter = cgit_new_filter(value, EMAIL);
        }
 }
 
        }
 }
 
@@ -216,9 +187,13 @@ static void config_cb(const char *name, const char *value)
        else if (!strcmp(name, "case-sensitive-sort"))
                ctx.cfg.case_sensitive_sort = atoi(value);
        else if (!strcmp(name, "about-filter"))
        else if (!strcmp(name, "case-sensitive-sort"))
                ctx.cfg.case_sensitive_sort = atoi(value);
        else if (!strcmp(name, "about-filter"))
-               ctx.cfg.about_filter = new_filter(value, ABOUT);
+               ctx.cfg.about_filter = cgit_new_filter(value, ABOUT);
        else if (!strcmp(name, "commit-filter"))
        else if (!strcmp(name, "commit-filter"))
-               ctx.cfg.commit_filter = new_filter(value, COMMIT);
+               ctx.cfg.commit_filter = cgit_new_filter(value, COMMIT);
+       else if (!strcmp(name, "email-filter"))
+               ctx.cfg.email_filter = cgit_new_filter(value, EMAIL);
+       else if (!strcmp(name, "auth-filter"))
+               ctx.cfg.auth_filter = cgit_new_filter(value, AUTH);
        else if (!strcmp(name, "embedded"))
                ctx.cfg.embedded = atoi(value);
        else if (!strcmp(name, "max-atom-items"))
        else if (!strcmp(name, "embedded"))
                ctx.cfg.embedded = atoi(value);
        else if (!strcmp(name, "max-atom-items"))
@@ -252,7 +227,7 @@ static void config_cb(const char *name, const char *value)
        else if (!strcmp(name, "section-sort"))
                ctx.cfg.section_sort = atoi(value);
        else if (!strcmp(name, "source-filter"))
        else if (!strcmp(name, "section-sort"))
                ctx.cfg.section_sort = atoi(value);
        else if (!strcmp(name, "source-filter"))
-               ctx.cfg.source_filter = new_filter(value, SOURCE);
+               ctx.cfg.source_filter = cgit_new_filter(value, SOURCE);
        else if (!strcmp(name, "summary-log"))
                ctx.cfg.summary_log = atoi(value);
        else if (!strcmp(name, "summary-branches"))
        else if (!strcmp(name, "summary-log"))
                ctx.cfg.summary_log = atoi(value);
        else if (!strcmp(name, "summary-branches"))
@@ -405,6 +380,10 @@ static void prepare_context(struct cgit_context *ctx)
        ctx->env.script_name = getenv("SCRIPT_NAME");
        ctx->env.server_name = getenv("SERVER_NAME");
        ctx->env.server_port = getenv("SERVER_PORT");
        ctx->env.script_name = getenv("SCRIPT_NAME");
        ctx->env.server_name = getenv("SERVER_NAME");
        ctx->env.server_port = getenv("SERVER_PORT");
+       ctx->env.http_cookie = getenv("HTTP_COOKIE");
+       ctx->env.http_referer = getenv("HTTP_REFERER");
+       ctx->env.content_length = getenv("CONTENT_LENGTH") ? strtoul(getenv("CONTENT_LENGTH"), NULL, 10) : 0;
+       ctx->env.authenticated = 0;
        ctx->page.mimetype = "text/html";
        ctx->page.charset = PAGE_ENCODING;
        ctx->page.filename = NULL;
        ctx->page.mimetype = "text/html";
        ctx->page.charset = PAGE_ENCODING;
        ctx->page.filename = NULL;
@@ -620,11 +599,92 @@ static int prepare_repo_cmd(struct cgit_context *ctx)
        return 0;
 }
 
        return 0;
 }
 
+static inline void open_auth_filter(struct cgit_context *ctx, const char *function)
+{
+       cgit_open_filter(ctx->cfg.auth_filter, function,
+               ctx->env.http_cookie ? ctx->env.http_cookie : "",
+               ctx->env.request_method ? ctx->env.request_method : "",
+               ctx->env.query_string ? ctx->env.query_string : "",
+               ctx->env.http_referer ? ctx->env.http_referer : "",
+               ctx->env.path_info ? ctx->env.path_info : "",
+               ctx->env.http_host ? ctx->env.http_host : "",
+               ctx->env.https ? ctx->env.https : "",
+               ctx->qry.repo ? ctx->qry.repo : "",
+               ctx->qry.page ? ctx->qry.page : "",
+               ctx->qry.url ? ctx->qry.url : "");
+}
+
+#define MAX_AUTHENTICATION_POST_BYTES 4096
+static inline void authenticate_post(struct cgit_context *ctx)
+{
+       if (ctx->env.http_referer && strlen(ctx->env.http_referer) > 0) {
+               html("Status: 302 Redirect\n");
+               html("Cache-Control: no-cache, no-store\n");
+               htmlf("Location: %s\n", ctx->env.http_referer);
+       } else {
+               html("Status: 501 Missing Referer\n");
+               html("Cache-Control: no-cache, no-store\n\n");
+               exit(0);
+       }
+
+       open_auth_filter(ctx, "authenticate-post");
+       char buffer[MAX_AUTHENTICATION_POST_BYTES];
+       int len;
+       len = ctx->env.content_length;
+       if (len > MAX_AUTHENTICATION_POST_BYTES)
+               len = MAX_AUTHENTICATION_POST_BYTES;
+       if (read(STDIN_FILENO, buffer, len) < 0)
+               die_errno("Could not read POST from stdin");
+       if (write(STDOUT_FILENO, buffer, len) < 0)
+               die_errno("Could not write POST to stdout");
+       /* The filter may now spit out a Set-Cookie: ... */
+       cgit_close_filter(ctx->cfg.auth_filter);
+
+       html("\n");
+       exit(0);
+}
+
+static inline void authenticate_cookie(struct cgit_context *ctx)
+{
+       /* If we don't have an auth_filter, consider all cookies valid, and thus return early. */
+       if (!ctx->cfg.auth_filter) {
+               ctx->env.authenticated = 1;
+               return;
+       }
+
+       /* If we're having something POST'd to /login, we're authenticating POST,
+        * instead of the cookie, so call authenticate_post and bail out early.
+        * This pattern here should match /?p=login with POST. */
+       if (ctx->env.request_method && ctx->qry.page && !ctx->repo && \
+           !strcmp(ctx->env.request_method, "POST") && !strcmp(ctx->qry.page, "login")) {
+               authenticate_post(ctx);
+               return;
+       }
+
+       /* If we've made it this far, we're authenticating the cookie for real, so do that. */
+       open_auth_filter(ctx, "authenticate-cookie");
+       ctx->env.authenticated = cgit_close_filter(ctx->cfg.auth_filter);
+}
+
 static void process_request(void *cbdata)
 {
        struct cgit_context *ctx = cbdata;
        struct cgit_cmd *cmd;
 
 static void process_request(void *cbdata)
 {
        struct cgit_context *ctx = cbdata;
        struct cgit_cmd *cmd;
 
+       /* If we're not yet authenticated, no matter what page we're on,
+        * display the authentication body from the auth_filter. This should
+        * never be cached. */
+       if (!ctx->env.authenticated) {
+               ctx->page.title = "Authentication Required";
+               cgit_print_http_headers(ctx);
+               cgit_print_docstart(ctx);
+               cgit_print_pageheader(ctx);
+               open_auth_filter(ctx, "body");
+               cgit_close_filter(ctx->cfg.auth_filter);
+               cgit_print_docend();
+               return;
+       }
+
        cmd = cgit_get_cmd(ctx);
        if (!cmd) {
                ctx->page.title = "cgit error";
        cmd = cgit_get_cmd(ctx);
        if (!cmd) {
                ctx->page.title = "cgit error";
@@ -737,11 +797,13 @@ static void print_repo(FILE *f, struct cgit_repo *repo)
        fprintf(f, "repo.enable-log-linecount=%d\n",
                repo->enable_log_linecount);
        if (repo->about_filter && repo->about_filter != ctx.cfg.about_filter)
        fprintf(f, "repo.enable-log-linecount=%d\n",
                repo->enable_log_linecount);
        if (repo->about_filter && repo->about_filter != ctx.cfg.about_filter)
-               fprintf(f, "repo.about-filter=%s\n", repo->about_filter->cmd);
+               cgit_fprintf_filter(repo->about_filter, f, "repo.about-filter=");
        if (repo->commit_filter && repo->commit_filter != ctx.cfg.commit_filter)
        if (repo->commit_filter && repo->commit_filter != ctx.cfg.commit_filter)
-               fprintf(f, "repo.commit-filter=%s\n", repo->commit_filter->cmd);
+               cgit_fprintf_filter(repo->commit_filter, f, "repo.commit-filter=");
        if (repo->source_filter && repo->source_filter != ctx.cfg.source_filter)
        if (repo->source_filter && repo->source_filter != ctx.cfg.source_filter)
-               fprintf(f, "repo.source-filter=%s\n", repo->source_filter->cmd);
+               cgit_fprintf_filter(repo->source_filter, f, "repo.source-filter=");
+       if (repo->email_filter && repo->email_filter != ctx.cfg.email_filter)
+               cgit_fprintf_filter(repo->email_filter, f, "repo.email-filter=");
        if (repo->snapshots != ctx.cfg.snapshots) {
                char *tmp = build_snapshot_setting(repo->snapshots);
                fprintf(f, "repo.snapshots=%s\n", tmp ? tmp : "");
        if (repo->snapshots != ctx.cfg.snapshots) {
                char *tmp = build_snapshot_setting(repo->snapshots);
                fprintf(f, "repo.snapshots=%s\n", tmp ? tmp : "");
@@ -864,45 +926,38 @@ static void cgit_parse_args(int argc, const char **argv)
        int scan = 0;
 
        for (i = 1; i < argc; i++) {
        int scan = 0;
 
        for (i = 1; i < argc; i++) {
-               if (!strncmp(argv[i], "--cache=", 8)) {
+               if (!prefixcmp(argv[i], "--cache=")) {
                        ctx.cfg.cache_root = xstrdup(argv[i] + 8);
                        ctx.cfg.cache_root = xstrdup(argv[i] + 8);
-               }
-               if (!strcmp(argv[i], "--nocache")) {
+               } else if (!strcmp(argv[i], "--nocache")) {
                        ctx.cfg.nocache = 1;
                        ctx.cfg.nocache = 1;
-               }
-               if (!strcmp(argv[i], "--nohttp")) {
+               } else if (!strcmp(argv[i], "--nohttp")) {
                        ctx.env.no_http = "1";
                        ctx.env.no_http = "1";
-               }
-               if (!strncmp(argv[i], "--query=", 8)) {
+               } else if (!prefixcmp(argv[i], "--query=")) {
                        ctx.qry.raw = xstrdup(argv[i] + 8);
                        ctx.qry.raw = xstrdup(argv[i] + 8);
-               }
-               if (!strncmp(argv[i], "--repo=", 7)) {
+               } else if (!prefixcmp(argv[i], "--repo=")) {
                        ctx.qry.repo = xstrdup(argv[i] + 7);
                        ctx.qry.repo = xstrdup(argv[i] + 7);
-               }
-               if (!strncmp(argv[i], "--page=", 7)) {
+               } else if (!prefixcmp(argv[i], "--page=")) {
                        ctx.qry.page = xstrdup(argv[i] + 7);
                        ctx.qry.page = xstrdup(argv[i] + 7);
-               }
-               if (!strncmp(argv[i], "--head=", 7)) {
+               } else if (!prefixcmp(argv[i], "--head=")) {
                        ctx.qry.head = xstrdup(argv[i] + 7);
                        ctx.qry.has_symref = 1;
                        ctx.qry.head = xstrdup(argv[i] + 7);
                        ctx.qry.has_symref = 1;
-               }
-               if (!strncmp(argv[i], "--sha1=", 7)) {
+               } else if (!prefixcmp(argv[i], "--sha1=")) {
                        ctx.qry.sha1 = xstrdup(argv[i] + 7);
                        ctx.qry.has_sha1 = 1;
                        ctx.qry.sha1 = xstrdup(argv[i] + 7);
                        ctx.qry.has_sha1 = 1;
-               }
-               if (!strncmp(argv[i], "--ofs=", 6)) {
+               } else if (!prefixcmp(argv[i], "--ofs=")) {
                        ctx.qry.ofs = atoi(argv[i] + 6);
                        ctx.qry.ofs = atoi(argv[i] + 6);
-               }
-               if (!strncmp(argv[i], "--scan-tree=", 12) ||
-                   !strncmp(argv[i], "--scan-path=", 12)) {
-                       /* HACK: the global snapshot bitmask defines the
-                        * set of allowed snapshot formats, but the config
-                        * file hasn't been parsed yet so the mask is
-                        * currently 0. By setting all bits high before
-                        * scanning we make sure that any in-repo cgitrc
-                        * snapshot setting is respected by scan_tree().
-                        * BTW: we assume that there'll never be more than
-                        * 255 different snapshot formats supported by cgit...
+               } else if (!prefixcmp(argv[i], "--scan-tree=") ||
+                          !prefixcmp(argv[i], "--scan-path=")) {
+                       /*
+                        * HACK: The global snapshot bit mask defines the set
+                        * of allowed snapshot formats, but the config file
+                        * hasn't been parsed yet so the mask is currently 0.
+                        * By setting all bits high before scanning we make
+                        * sure that any in-repo cgitrc snapshot setting is
+                        * respected by scan_tree().
+                        *
+                        * NOTE: We assume that there aren't more than 8
+                        * different snapshot formats supported by cgit...
                         */
                        ctx.cfg.snapshots = 0xFF;
                        scan++;
                         */
                        ctx.cfg.snapshots = 0xFF;
                        scan++;
@@ -942,6 +997,9 @@ int main(int argc, const char **argv)
        const char *path;
        int err, ttl;
 
        const char *path;
        int err, ttl;
 
+       cgit_init_filters();
+       atexit(cgit_cleanup_filters);
+
        prepare_context(&ctx);
        cgit_repolist.length = 0;
        cgit_repolist.count = 0;
        prepare_context(&ctx);
        cgit_repolist.length = 0;
        cgit_repolist.count = 0;
@@ -978,12 +1036,17 @@ int main(int argc, const char **argv)
                cgit_parse_url(ctx.qry.url);
        }
 
                cgit_parse_url(ctx.qry.url);
        }
 
+       /* Before we go any further, we set ctx.env.authenticated by checking to see
+        * if the supplied cookie is valid. All cookies are valid if there is no
+        * auth_filter. If there is an auth_filter, the filter decides. */
+       authenticate_cookie(&ctx);
+
        ttl = calc_ttl();
        if (ttl < 0)
                ctx.page.expires += 10 * 365 * 24 * 60 * 60; /* 10 years */
        else
                ctx.page.expires += ttl * 60;
        ttl = calc_ttl();
        if (ttl < 0)
                ctx.page.expires += 10 * 365 * 24 * 60 * 60; /* 10 years */
        else
                ctx.page.expires += ttl * 60;
-       if (ctx.env.request_method && !strcmp(ctx.env.request_method, "HEAD"))
+       if (!ctx.env.authenticated || (ctx.env.request_method && !strcmp(ctx.env.request_method, "HEAD")))
                ctx.cfg.nocache = 1;
        if (ctx.cfg.nocache)
                ctx.cfg.cache_size = 0;
                ctx.cfg.nocache = 1;
        if (ctx.cfg.nocache)
                ctx.cfg.cache_size = 0;
Unnamed repository; edit this file 'description' to name the repository.