cgi/snapshot.cgi

   1 #!/bin/sh
   2
   3 # snapshot.cgi -- throttle snapshot requests
   4 # Copyright (C) 2015,2017 Kyle J. McKay.  All rights reserved.
   5 # License GPLv2+: GNU GPL version 2 or later.
   6 # www.gnu.org/licenses/gpl-2.0.html
   7 # This is free software: you are free to change and redistribute it.
   8 # There is NO WARRANTY, to the extent permitted by law.
   9
  10 set -e
  11
  12 . @basedir@/shlib.sh
  13
  14 # Set to non-empty to throttle if the initial throttle service connect fails
  15 throttle_on_connect_fail=
  16
  17 # Supplemental message to be included in the throttle result
  18 throttle_msg=\
  19 'Ravenous roving robots are probably greedily chowing down on our services
  20 right now.
  21
  22 We are valiantly trying to fight them off to improve service availability.'
  23
  24 hdrout()
  25 {
  26         _kw="$1"
  27         shift
  28         printf '%s: %s\r\n' "$_kw" "$*"
  29 }
  30
  31 errorhdrsct()
  32 {
  33         _ct="$1"; shift
  34         printf '%s\r\n' "Status: $1 $2"
  35         printf '%s\r\n' "Expires: Fri, 01 Jan 1980 00:00:00 GMT"
  36         printf '%s\r\n' "Pragma: no-cache"
  37         printf '%s\r\n' "Cache-Control: no-cache,max-age=0,must-revalidate"
  38         [ -z "$3" ] || printf '%s\r\n' "$3"
  39         printf '%s\r\n' "Content-Type: $_ct"
  40         printf '\r\n'
  41 }
  42
  43 errorhdrs()
  44 {
  45         errorhdrsct 'text/plain; charset=utf-8; format=fixed' "$@"
  46 }
  47
  48 msglines()
  49 {
  50         [ $# -le 0 ] || printf '%s\n' "$@"
  51 }
  52
  53 methodnotallowed()
  54 {
  55         errorhdrs 405 "Method Not Allowed" "Allow: GET"
  56         [ $# -gt 0 ] || set -- "Method Not Allowed"
  57         msglines "$@"
  58         exit 0
  59 }
  60
  61 forbidden()
  62 {
  63         errorhdrs 403 Forbidden
  64         [ $# -gt 0 ] || set -- "Forbidden"
  65         msglines "$@"
  66         exit 0
  67 }
  68
  69 notfound()
  70 {
  71         errorhdrs 404 "Not Found"
  72         [ $# -gt 0 ] || set -- "Not Found"
  73         msglines "$@"
  74         exit 0
  75 }
  76
  77 # Snapshots are too expensive to allow HEAD
  78 [ "$REQUEST_METHOD" = "GET" ] || methodnotallowed
  79
  80 # The project must be valid
  81 suffix="${PATH_INFO#*.git/}"
  82 project="${PATH_INFO%/"$suffix"}"
  83 project="${project#/}"
  84 [ -n "$project" ] || forbidden
  85 case "$suffix" in snapshot|snapshot/*) :;; *) forbidden; esac
  86 suffix="${suffix#snapshot}"
  87 suffix="${suffix#/}"
  88
  89 # Perform some basic sanity checking
  90 if [ -z "$suffix" ]; then
  91         # Must have an "h=" argument
  92         case "&$QUERY_STRING&" in *[\&\;]"h="[!\&\;]*) :;; *) forbidden; esac
  93 fi
  94 case "$suffix" in [!A-Za-z0-9_]*) forbidden; esac
  95 case "/$project/" in *"/../"*|*"/./"*|*"/_"*|*"//"*) forbidden; esac
  96 is_git_dir "$cfg_reporoot/$project" || notfound
  97
  98 # Give the 'bots indigestion
  99 sleep 5
 100
 101 # Attempt to trigger a SIGPIPE if the connection has already been closed
 102 hdrout "X-Project" "${project%.git}"
 103 sleep 1
 104 hdrout "X-Snapshot" "${suffix:-$QUERY_STRING}"
 105 sleep 1
 106
 107 # Off to the races
 108 projname="${project%.git}"
 109 "$cfg_basedir/bin/throttle" ${throttle_on_connect_fail:+-t} -c snapshot \
 110         -d "$projname" -m "$throttle_msg" "$cfg_cgiroot/gitweb.cgi"
 111 exit 0