--- /usr/pkg/libexec/cgi-bin/cvsweb.cgi.orig Tue Feb 5 10:20:06 2002 +++ /home/makoto/cvsweb.cgi Tue Feb 19 08:55:50 2002 @@ -1,4 +1,4 @@ -#!/usr/pkg/bin/perl -s +#!/usr/bin/perl -s # # cvsweb - a CGI interface to CVS trees. # @@ -40,7 +40,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $Id: cvsweb.cgi,v 1.112 2001/07/24 13:03:16 hzeller Exp $ +# $Id: cvsweb.cgi,v 1.16 2001/12/29 04:48:27 joey Rel $ # ### require 5.000; @@ -73,6 +73,7 @@ $tabstop $state $annTable $sel $curbranch @HideModules @DissallowRead $module $use_descriptions %descriptions @mytz $dwhere $moddate $use_moddate $has_zlib $gzip_open + $allow_tar ); ##### prototype declarations ######## @@ -123,7 +124,7 @@ ##### Start of Configuration Area ######## # == EDIT this == # User configuration is stored in -$config = $ENV{'CVSWEB_CONFIG'} || '/usr/pkg/etc/httpd/cvsweb.conf'; +$config = $ENV{'CVSWEB_CONFIG'} || '/etc/cvsweb.conf'; # == Configuration defaults == # Defaults for configuration variables that shouldn't need @@ -164,6 +165,7 @@ $verbose = $v; $checkoutMagic = "~checkout~"; $where = defined($ENV{'PATH_INFO'}) ? $ENV{'PATH_INFO'} : ""; +$where =~ tr|/|/|s; $doCheckout = ($where =~ /^\/$checkoutMagic/); $where =~ s|^/($checkoutMagic)?||; $where =~ s|/+$||; @@ -383,6 +385,34 @@ if ($module && &forbidden_module($module)) { &fatal("403 Forbidden", "Access to $where forbidden."); } + +# Handle tarball downloads before any headers are output. +if ($input{tarball}) { + &fatal("403 Forbidden", "Downloading tarballs is prohibited.") + unless $allow_tar; + $where=~s:[^/]*$::; + my ($basedir)=$where=~m!(?:.*/)?([^/]+)!; + my $tmpdir="/tmp/.cvsweb.$$.".int(time); + mkdir($tmpdir, 0700) || + &fatal("500 Internal Error", "Unable to make temporary directory: $!"); + chdir $tmpdir || + &fatal("500 Internal Error", "Unable to cd to temporary directory: $!"); + my @params=("-Q", "-d", $cvsroot, "co"); + if (exists $input{only_with_tag} && length $input{only_with_tag}) { + push @params, ("-r", $input{only_with_tag}); + } + system "cvs", @params, $where + || &fatal("500 Internal Error","cvs co failure: $!"); + chdir $where."/.." + || &fatal("500 Internal Error","Cannot find expected directory in checkout"); + $|=1; # Essential to get the buffering right. + print "Content-type: application/x-tar\r\n\r\n"; + system "tar", "cz", $basedir, "--exclude", "CVS"; + chdir $tmpdir || &fatal("500 Internal Error","Unable to cd to temporary directory: $!"); + system "rm", "-rf", $tmpdir; + exit; +} + ############################## # View a directory ############################### @@ -403,7 +433,7 @@ html_header("$where"); print $short_instruction; } - + my $descriptions; if (($use_descriptions) && open (DESC, "<$cvsroot/CVSROOT/descriptions")) { while () { @@ -412,7 +442,7 @@ $descriptions{$dir} = $description; } } - + print "

\n"; # give direct access to dirs if ($where eq '/') { @@ -718,6 +748,16 @@ print "\n"; print "\n"; } + + if ($allow_tar) { + my ($basefile)=$where=~m!(?:.*/)?([^/]+)!; + print &link("Download tarball", + # Mangle the filename so browsers show a reasonable + # filename to download. + "$basefile.tar.gz$query". + ($query ? "&" : "?")."tarball=1") + } + my $formwhere = $scriptwhere; $formwhere =~ s|Attic/?$|| if ($input{'hideattic'}); @@ -936,6 +976,7 @@ sub link($$) { my($name, $where) = @_; + $where =~ s| |%20|; return "$name\n"; } @@ -2109,7 +2150,7 @@ printLog($revdisplayorder[$i]); } - print "

"; + print "
"; print "\n"; print "This form allows you to request diff's between any two\n"; print "revisions of a file. You may select a symbolic revision\n"; @@ -2397,7 +2438,7 @@ $swhere = urlencode($filename) if ($swhere eq ""); print "<\!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">"; print "\n\n"; - print ''; + print ''; print "\n$path$filename - $title - $rev\n"; print "\n"; print ""; @@ -2754,7 +2795,7 @@ sub html_header($) { my ($title) = @_; - my $version = '$Revision: 1.112 $'; + my $version = '$Revision: 1.16 $'; http_header(); print <