[darcs-users] patches to darcs.cgi
Ben Crowell
darcscrowell04 at lightandmatter.com
Tue Dec 21 21:03:42 UTC 2004
Here are some patches to darcs.cgi that improve its error handling,
and fix a problem with the use of the -T pragma with $ENV{'PATH'}.
I'd intended to submit the patches via darcs, but I've given up
on trying to use darcs.
============================================================
38a39
> use File::Spec::Functions;
44c45
< ## "/etc/cgi.conf". The syntax accepts equals signs or simply
---
> ## "cgi.conf". The syntax accepts equals signs or simply
45a47,58
> our $conf_file = ''; # global variable for use by read_conf()
> foreach my $possible_conf_file(
> '/etc/darcs/cgi.conf', # typical Linux location
> '/usr/local/etc/darcs/darcs/cgi.conf', # FreeBSD location
> ) {
> if (-r $possible_conf_file) {
> $conf_file = $possible_conf_file;
> last;
> }
> }
> die_with_error("unable to locate cgi.conf in any of the likely places")
> if !$conf_file;
47c60,70
< $ENV{'PATH'} = read_conf('PATH', $ENV{'PATH'});
---
> # The following used to be $ENV{'PATH'} = read_conf('PATH',$ENV{'PATH'}),
> # but that was insecure, and caused an error due to taint checking.
> my $new_path = read_conf('PATH','/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin');
> if ($new_path =~ m@^([:/\w]+)$@) {
> # The result of the pattern match, $1, is untainted. Really the reason we trust it is that we
> # assume cgi.conf is trustworthy.
> $ENV{'PATH'} = $1;
> }
> else {
> die_with_error("path $new_path contains illegal characters");
> }
50a74
> die_if_program_not_available($darcs_program);
51a76
> die_if_program_not_available($xslt_program);
54a80,81
> die_with_error("directory $repository_root does not exist") if !-d $repository_root;
> die_with_error("directory $repository_root is not readable") if !-r $repository_root;
57a85,86
> die_with_error("directory $template_root does not exist") if !-d $template_root;
> die_with_error("directory $template_root is not readable") if !-r $template_root;
64d92
<
65a94,97
> foreach my $xslt_file($xslt_annotate,$xslt_browse,$xslt_patches,$xslt_repos,$xslt_rss,$xslt_errors) {
> die_if_file_not_available($xslt_file);
> }
>
68c100
< # path, not a local file system path. The default will caues darcs.cgi
---
> # path, not a local file system path. The default will cause darcs.cgi
70a103
> # Don't check for existence, not a local filesystem path.
74a108
> die_if_file_not_available($css_styles);
77a112
> die_if_file_not_available($xml_errors);
93c128
< if (open(CGI_CONF, "/etc/darcs/cgi.conf")) {
---
> if (open(CGI_CONF, "<$conf_file")) {
102a138,140
> else {
> die_with_error("Error opening file $conf_file for input, $!");
> }
112c150,151
< open $pipe, "| $xslt_program $args $xslt -";
---
> open $pipe, "| $xslt_program $args $xslt -"
> or die_with_error("error opening pipe to $xslt_program");
172c211,212
< open(DARCS, "$darcs_program '$cmd' $args $target|");
---
> open(DARCS, "$darcs_program '$cmd' $args $target|")
> or die "error running $darcs_program";
240a281,316
> }
>
> # Write an error message to the web server's log file.
> sub log_error {
> my $message = shift;
> print STDERR "$message\n";
> }
>
> sub die_with_error {
> my $message = shift;
> log_error($message);
> exit;
> }
>
> sub die_if_file_not_available {
> my $file = shift;
> die_with_error("file $file does not exist, check the file $conf_file") if !-e $file;
> die_with_error("file $file is not readable, check the file $conf_file") if !-r $file;
> }
>
> sub die_if_program_not_available {
> my $program = shift;
> # In the following line, the first clause is meant for the case where the full path to
> # the program has been given explicitly in cgi.conf, while the second clause is for
> # the case where it has to be found in $ENV{PATH}.
> my $available = -x $program ||
> grep -x File::Spec::Functions::catfile( $_, $program ), File::Spec::Functions::path;
> die_with_error(<<ERR) if !$available;
> program $program not found in
> $ENV{PATH} ;
> If it's not installed, please install it. If it is installed, please
> give an explicit path to it in cgi.conf, e.g.,
> xsltproc=/path/to/xsltproc
> or
> darcs=/path/to/darcs
> ERR
More information about the darcs-users
mailing list