10 use base
qw(Exporter);
11 our @EXPORT = qw(scrypt jailed_file sendmail_pipe mailer_pipe
12 lock_file unlock_file valid_tag rand_adjust
13 filedb_atomic_append filedb_atomic_edit filedb_grep
14 filedb_atomic_grep valid_email valid_email_multi
15 valid_repo_url valid_web_url url_base url_path url_server
16 projects_html_list parse_rfc2822_date parse_any_date);
22 crypt($pwd||'', join ('', ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64]));
28 $Girocco::Config
::chroot."/$filename";
37 use Fcntl
qw(O_WRONLY O_CREAT O_EXCL);
39 my $handle = new IO
::Handle
;
41 unless (sysopen($handle, $path, O_WRONLY
|O_CREAT
|O_EXCL
)) {
43 while (not sysopen($handle, $path, O_WRONLY
|O_CREAT
|O_EXCL
)) {
44 ($! == EEXIST
) or die "$path open failed: $!";
45 ($cnt++ < 16) or die "$path open failed: cannot open lockfile";
49 # XXX: filedb-specific
50 chmod 0664, $path or die "$path g+w failed: $!";
56 return defined($_[0]) && $_[0] eq jailed_file
('/etc/passwd');
59 sub _run_update_pwd_db
{
60 my ($path, $updatearg) = @_;
61 my @cmd = ($Girocco::Config
::basedir
.'/bin/update-pwd-db', "$path");
62 push(@cmd, $updatearg) if $updatearg;
63 system(@cmd) == 0 or die "update-pwd-db failed: $?";
67 my ($path, $noreplace, $updatearg) = @_;
70 _run_update_pwd_db
("$path.lock", $updatearg)
71 if $Girocco::Config
::update_pwd_db
&& _is_passwd_file
($path);
72 rename "$path.lock", $path or die "$path unlock failed: $!";
74 unlink "$path.lock" or die "$path unlock failed: $!";
78 sub filedb_atomic_append
{
79 my ($file, $line, $updatearg) = @_;
82 open my $src, '<', $file or die "$file open for reading failed: $!";
83 my $dst = lock_file
($file);
86 my $aid = (split /:/)[2];
87 $id = $aid + 1 if ($aid >= $id);
89 print $dst $_ or die "$file(l) write failed: $!";
93 print $dst "$line\n" or die "$file(l) write failed: $!";
95 close $dst or die "$file(l) close failed: $!";
98 unlock_file
($file, 0, $updatearg);
103 sub filedb_atomic_edit
{
104 my ($file, $fn, $updatearg) = @_;
106 open my $src, '<', $file or die "$file open for reading failed: $!";
107 my $dst = lock_file
($file);
110 print $dst $fn->($_) or die "$file(l) write failed: $!";
113 close $dst or die "$file(l) close failed: $!";
116 unlock_file
($file, 0, $updatearg);
119 sub filedb_atomic_grep
{
120 my ($file, $fn) = @_;
123 open my $src, '<', $file or die "$file open for reading failed: $!";
124 my $dst = lock_file
($file);
127 my $result = $fn->($_);
128 push(@results, $result) if $result;
131 close $dst or die "$file(l) close failed: $!";
134 unlock_file
($file, 1);
139 my ($file, $fn) = @_;
142 open my $src, '<', $file or die "$file open for reading failed: $!";
145 my $result = $fn->($_);
146 push(@results, $result) if $result;
156 /^[a-zA-Z0-9+._-]+@[a-zA-Z0-9.-]+$/;
158 sub valid_email_multi
{
160 # More relaxed, we just want to avoid too dangerous characters.
161 /^[a-zA-Z0-9+._, @-]+$/;
165 /^https?:\/\
/[a-zA-Z0-9.:-]+(\/[_\
%a-zA
-Z0
-9.\
/~:?&=;-]*)?(#[a-zA-Z0-9._-]+)?$/;
168 my $url = shift || '';
169 # Currently neither username nor password is allowed in the URL and IPv6
170 # literal addresses are not accepted either.
171 $Girocco::Config
::mirror_svn
&&
172 $url =~ /^svn(\+https?)?:\/\
/[a-zA-Z0-9.:-]+(\/[_\
%a-zA
-Z0
-9.\
/~-]*)?$/os
174 $Girocco::Config
::mirror_darcs
&&
175 $url =~ /^darcs:\/\
/[a-zA-Z0-9.:-]+(\/[_\
%a-zA
-Z0
-9.\
/~-]*)?$/os
177 $Girocco::Config
::mirror_bzr
&&
178 $url =~ /^bzr:\/\
/[a-zA-Z0-9.:-]+(\/[_\
%a-zA
-Z0
-9.\
/~-]*)?$/os
180 return $url =~ /^(https?|git):\/\
/[a-zA-Z0-9.:-]+(\/[_\
%a-zA
-Z0
-9.\
/~-]*)?$/;
185 about
=>1, after
=>1, all
=>1, also
=>1, an
=>1, and=>1, another
=>1, any
=>1,
186 are
=>1, as
=>1, at
=>1, be
=>1, because
=>1, been
=>1, before
=>1, being
=>1,
187 between
=>1, both
=>1, but
=>1, by
=>1, came
=>1, can
=>1, come
=>1, could
=>1,
188 did
=>1, do=>1, each=>1, for=>1, from
=>1, get
=>1, got
=>1, had
=>1, has
=>1,
189 have
=>1, he
=>1, her
=>1, here
=>1, him
=>1, himself
=>1, his
=>1, how
=>1,
190 if=>1, in=>1, into
=>1, is
=>1, it
=>1, like
=>1, make
=>1, many
=>1, me
=>1,
191 might
=>1, more
=>1, most
=>1, much
=>1, must
=>1, my=>1, never
=>1, now
=>1,
192 of
=>1, on
=>1, only
=>1, or=>1, other
=>1, our=>1, out
=>1, over
=>1,
193 said
=>1, same
=>1, see
=>1, should
=>1, since
=>1, some
=>1, still
=>1,
194 such
=>1, take
=>1, than
=>1, that
=>1, the
=>1, their
=>1, them
=>1, then
=>1,
195 there
=>1, these
=>1, they
=>1, this
=>1, those
=>1, through
=>1, to
=>1,
196 too
=>1, under
=>1, up
=>1, very
=>1, was
=>1, way
=>1, we
=>1, well
=>1,
197 were
=>1, what
=>1, where
=>1, which
=>1, while=>1, who
=>1, with
=>1,
198 would
=>1, you
=>1, your
=>1
201 # A valid tag must only have [a-zA-Z0-9:.+#_-] characters, must start with a
202 # letter, must not be a noise word and except for 'C' must be more than one
203 # character long and no more than 32 characters long.
205 local $_ = $_[0] || '';
206 return 1 if $_ eq 'C'; # Currently only allowed single letter tag
207 return 0 unless /^[a-zA-Z][a-zA-Z0-9:.+#_-]+$/;
208 return 0 if $_badtags{lc($_)};
209 return length($_) <= 32 ?
1 : 0;
212 # If the passed in argument looks like a URL, return only the stuff up through
213 # the host:port part otherwise return the entire argument.
215 my $url = shift || '';
217 $url = $1.$2.$3.$4 if $url =~ m
,^( [A
-Za
-z
][A
-Za
-z0
-9+.-]*: ) # scheme
218 ( // ) # // separator
219 ((?
:[^\@
]+\@
)?
) # optional userinfo
220 ( [^/?
#]+ ) # host and port
221 (?
:[/?#].*)?$,x; # path and optional query string and/or anchor
225 # If the passed in argument looks like a URL, return only the stuff following
226 # the host:port part otherwise return the entire argument.
228 my $url = shift || '';
229 my $no_empty = shift || 0;
231 $url = $1 if $url =~ m
,^(?
: [A
-Za
-z
][A
-Za
-z0
-9+.-]*: ) # scheme
232 (?
: // ) # // separator
233 (?
: [^\@
]+\@
)?
# optional userinfo
234 (?
: [^/?
#]+ ) # host and port
235 ((?
:[/?#].*)?)$,x; # path and optional query string and/or anchor
236 $url = '/' if $no_empty && $url eq '';
240 # If both SERVER_NAME and SERVER_PORT are set pass the argument through url_path
241 # and then prefix it with the appropriate scheme (HTTPS=?on), host and port and
242 # return it. If a something that doesn't look like it could be the start of a
243 # URL path comes back from url_path or SERVER_NAME is a link-local IPv6 address
244 # then just return the argument unchanged.
246 my $url = shift || '';
247 my $path = url_path
($url);
248 return $url unless $path eq '' || $path =~ m
|^[/?
#]|;
249 return $url unless $ENV{'SERVER_NAME'} && $ENV{'SERVER_PORT'} &&
250 $ENV{'SERVER_PORT'} =~ /^[1-9][0-9]{0,4}$/;
251 return $url if $ENV{'SERVER_NAME'} =~ /^[[]?fe80:/i;
252 my $server = $ENV{'SERVER_NAME'};
253 # Deal with Apache bug where IPv6 literal server names do not include
254 # the required surrounding '[' and ']' characters
255 $server = '[' . $server . ']' if $server =~ /:/ && $server !~ /^[[]/;
256 my $ishttps = $ENV{'HTTPS'} && $ENV{'HTTPS'} =~ /^on$/i;
257 my $portnum = 0 + $ENV{'SERVER_PORT'};
259 if (($ishttps && $portnum != 443) || (!$ishttps && $portnum != 80)) {
260 $port = ':' . $portnum;
262 return 'http' . ($ishttps ?
's' : '') . '://' . $server . $port . $path;
267 $str =~ s/\&/\&/gs;
268 $str =~ s/\</\</gs;
269 $str =~ s/\>/\>/gs;
270 $str =~ s/\"/\"/gs; #"
274 # create relative time string from passed in age in seconds
279 if ($age > 60*60*24*365*2) {
280 $age_str = (int $age/60/60/24/365);
281 $age_str .= " years ago";
282 } elsif ($age > 60*60*24*(365/12)*2) {
283 $age_str = int $age/60/60/24/(365/12);
284 $age_str .= " months ago";
285 } elsif ($age > 60*60*24*7*2) {
286 $age_str = int $age/60/60/24/7;
287 $age_str .= " weeks ago";
288 } elsif ($age > 60*60*24*2) {
289 $age_str = int $age/60/60/24;
290 $age_str .= " days ago";
291 } elsif ($age > 60*60*2) {
292 $age_str = int $age/60/60;
293 $age_str .= " hours ago";
294 } elsif ($age > 60*2) {
295 $age_str = int $age/60;
296 $age_str .= " mins ago";
299 $age_str .= " secs ago";
300 } elsif ($age >= 0) {
301 $age_str = "right now";
303 $age_str = "future time";
308 # create relative time string from passed in idle in seconds
310 my $idle_str = _rel_age
(shift);
311 $idle_str =~ s/ ago//;
312 $idle_str = "not at all" if $idle_str eq "right now";
317 use POSIX
qw(strftime);
318 my ($fmt, $secs, $zonesecs) = @_;
319 my ($S,$M,$H,$d,$m,$y) = gmtime($secs + $zonesecs);
320 $zonesecs = int($zonesecs / 60);
322 my $ans = strftime
($fmt, $S, $M, $H, $d, $m, $y, -1, -1, -1);
326 $zonesecs = -$zonesecs;
330 $z .= sprintf("%02d%02d", int($zonesecs/60), $zonesecs % 60);
335 # Take a list of project names and produce a nicely formated table that
336 # includes owner links and descriptions. If the list is empty returns ''.
337 # The first argument may be a hash ref that contains options. The following
338 # options are available:
339 # target -- sets the target value of the owner link
340 # emptyok -- if true returns an empty table rather than ''
341 # typecol -- if true include type column with hover info
342 # changed -- if true include a changed and idle column
343 sub projects_html_list
{
345 if (defined($_[0]) && ref($_[0]) eq 'HASH') {
348 return '' unless @_ || (defined($options->{emptyok
}) && $options->{emptyok
});
349 require Girocco
::Project
;
352 $target = " target=\""._escapeHTML
($options->{target
})."\""
353 if defined($options->{target
});
354 my $withtype = defined($options->{typecol
}) && $options->{typecol
};
355 my $withchanged = defined($options->{changed
}) && $options->{changed
};
357 $typehead = '<th>Type</th>' if $withtype;
359 $chghead = substr(<<EOT, 0, -1) if $withchanged;
360 <th><span class="hover">Changed<span><span class="head">Changed</span
361 />The last time a ref change was received by this site.</span></span></th
362 ><th><span class="hover">Idle<span><span class="head">Idle</span
363 />The most recent committer time in <i>refs/heads</i>.</span></span></th
367 <table class='projectlist'><tr><th>Project</th>$typehead$chghead<th class="desc">Description</th></tr>
369 my $trclass = ' class="odd"';
370 foreach (sort({lc($a) cmp lc($b)} @_)) {
371 if (Girocco
::Project
::does_exist
($_, 1)) {
372 my $proj = Girocco
::Project
->load($_);
373 my $projname = $proj->{name
}.".git";
374 my $projdesc = $proj->{desc
}||'';
375 utf8
::decode
($projdesc) if utf8
::valid
($projdesc);
378 if ($proj->{mirror
}) {
379 $typecol = substr(<<EOT, 0, -1);
380 <td class="type"><span class="hover">mirror<span class="nowrap">@{[_escapeHTML($proj->{url})]}</span></span></td>
383 my $users = @
{$proj->{users
}};
385 $users .= 's' unless @
{$proj->{users
}} == 1;
386 my $userlist = join(', ', sort({lc($a) cmp lc($b)} @
{$proj->{users
}}));
387 my $spncls = length($userlist) > 25 ?
'' : ' class="nowrap"';
388 $typecol = $userlist ?
substr(<<EOT, 0, -1) : substr(<<EOT, 0, -1);
389 <td
class="type"><span
class="hover">$users<span
$spncls>$userlist</span></span
></td
>
391 <td
class="type">$users</td
>
398 my $changetime = $proj->{lastchange
};
400 $rel = "<span class=\"hover\">" .
401 _rel_age
(time - parse_rfc2822_date
($changetime)) .
402 "<span class=\"nowrap\">$changetime</span></span>";
406 $changecol = substr(<<EOT, 0, -1);
407 <td class="change">$rel</td>
409 my $idletime = $proj->{lastactivity
};
411 $idlesecs = parse_any_date
($idletime, \
$tz) if $idletime;
413 my $idle2822 = _strftime
("%a, %d %b %Y %T %z", $idlesecs, $tz);
414 $rel = "<span class=\"hover\">" .
415 _rel_idle
(time - $idlesecs) .
416 "<span class=\"nowrap\">$idle2822</span></span>";
420 $changecol .= substr(<<EOT, 0, -1);
421 <td class="idle">$rel</td>
425 <tr$trclass><td><a href="@{[url_path($Girocco::Config::gitweburl)]}/$projname"$target
426 >@{[_escapeHTML($projname)]}</td>$typecol$changecol<td>@{[_escapeHTML($projdesc)]}</td></tr>
428 $trclass = $trclass ?
'' : ' class="odd"';
435 return ($count || (defined($options->{emptyok
}) && $options->{emptyok
})) ?
$html : '';
441 jan
=> 0, feb
=> 1, mar
=> 2, apr
=> 3, may
=> 4, jun
=> 5,
442 jul
=> 6, aug
=> 7, sep
=> 8, oct => 9, nov
=> 10, dec
=> 11
446 # Should be in "date '+%a, %d %b %Y %T %z'" format as saved to lastgc, lastrefresh and lastchange
447 # The leading "%a, " is optional, returns undef if unrecognized date. This is also known as
448 # RFC 2822 date format and git's '%cD', '%aD' and --date=rfc2822 format.
449 # If the second argument is a SCALAR ref, its value will be set to the TZ offset in seconds
450 sub parse_rfc2822_date
{
451 my $dstr = shift || '';
452 my $tzoff = shift || '';
453 $dstr = $1 if $dstr =~/^[^\s]+,\s*(.*)$/;
454 return undef unless $dstr =~
455 /^\s*(\d{1,2})\s+([A-Za-z]{3})\s+(\d{4})\s+(\d{1,2}):(\d{2}):(\d{2})\s+([+-]\d{4})\s*$/;
456 my ($d,$b,$Y,$H,$M,$S,$z) = ($1,$2,$3,$4,$5,$6,$7);
457 my $m = $_month_names{lc($b)};
458 return undef unless defined($m);
459 my $seconds = timegm
(0+$S, 0+$M, 0+$H, 0+$d, 0+$m, $Y-1900);
460 my $offset = 60 * (60 * (0+substr($z,1,2)) + (0+substr($z,3,2)));
461 $offset = -$offset if substr($z,0,1) eq '-';
462 $$tzoff = $offset if ref($tzoff) eq 'SCALAR';
463 return $seconds - $offset;
466 # Will parse any supported date format. Actually there are three formats
467 # currently supported:
468 # 1. RFC 2822 (uses parse_rfc2822_date)
469 # 2. RFC 3339 / ISO 8601 (T may be ' ', 'Z' is optional, ':' optional in TZ)
470 # 3. unix seconds since epoch with optional +/- trailing TZ (may not have a ':')
471 # Returns undef if unsupported date.
472 # If the second argument is a SCALAR ref, its value will be set to the TZ offset in seconds
474 my $dstr = shift || '';
475 my $tzoff = shift || '';
476 if ($dstr =~ /^\s*([-+]?\d+)(?:\s+([-+]\d{4}))?\s*$/) {
482 $off = 60 * (60 * (0+substr($z,1,2)) + (0+substr($z,3,2)));
483 $off = -$off if substr($z,0,1) eq '-';
485 $$tzoff = $off if ref($tzoff) eq 'SCALAR';
488 if ($dstr =~ /^\s*(\d{4})-(\d{2})-(\d{2})[Tt ](\d{2}):(\d{2}):(\d{2})(?:[ ]([Zz]|(?:[-+]\d{2}:?\d{2})))?\s*$/) {
489 my ($Y,$m,$d,$H,$M,$S,$z) = ($1,$2,$3,$4,$5,$6,$7||'');
490 my $seconds = timegm
(0+$S, 0+$M, 0+$H, 0+$d, $m-1, $Y-1900);
494 $off = 60 * (60 * (0+substr($z,1,2)) + (0+substr($z,3,2)));
495 $off = -$off if substr($z,0,1) eq '-';
497 $$tzoff = $off if ref($tzoff) eq 'SCALAR';
498 return $seconds - $off;
500 return parse_rfc2822_date
($dstr, $tzoff);
503 # Input is a number such as a minute interval
504 # Return value is a random number between the input and 1.25*input
505 # This can be used to randomize the update and gc operations a bit to avoid
506 # having them all end up all clustered together
508 my $input = shift || 0;
509 return $input unless $input;
510 return $input + int(rand(0.25 * $input));
513 # Open a pipe to a new sendmail process. The '-i' option is always passed to
514 # the new process followed by any addtional arguments passed in. Note that
515 # the sendmail process is only expected to understand the '-i', '-t' and '-f'
516 # options. Using any other options via this function is not guaranteed to work.
517 # A list of recipients may follow the options. Combining a list of recipients
518 # with the '-t' option is not recommended.
520 return undef unless @_;
521 die "\$Girocco::Config::sendmail_bin is unset or not executable!\n"
522 unless $Girocco::Config
::sendmail_bin
&& -x
$Girocco::Config
::sendmail_bin
;
523 my $result = open(my $pipe, '|-', $Girocco::Config
::sendmail_bin
, '-i', @_);
524 return $result ?
$pipe : undef;
527 # Open a pipe that works similarly to a mailer such as /usr/bin/mail in that
528 # if the first argument is '-s', a subject line will be automatically added
529 # (using the second argument as the subject). Any remaining arguments are
530 # expected to be recipient addresses that will be added to an explicit To:
531 # line as well as passed on to sendmail_pipe. In addition an
532 # "Auto-Submitted: auto-generated" header is always added as well as a suitable
536 if (@_ >= 2 && $_[0] eq '-s') {
540 my $tolist = join(", ", @_);
541 unshift(@_, '-f', $Girocco::Config
::sender
) if $Girocco::Config
::sender
;
542 my $pipe = sendmail_pipe
(@_);
544 print $pipe "From: \"$Girocco::Config::name\" ",
545 "($Girocco::Config::title) ",
546 "<$Girocco::Config::admin>\n";
547 print $pipe "To: $tolist\n";
548 print $pipe "Subject: $subject\n" if defined($subject);
549 print $pipe "Auto-Submitted: auto-generated\n";