From bc4721da0441a30822225c51b250be4cc5f8af24 Mon Sep 17 00:00:00 2001
From: Lafayette Chamber Singers Webmaster
 <webmaster@lafayettechambersingers.org>
Date: Sun, 14 Sep 2014 12:12:09 -0400
Subject: [PATCH 1/2] Installing ikiwiki on a shared-hosting server, there may
 be no access to install prerequisite Perl modules in the systemwide
 locations. They may have to be installed under the home directory, such as by
 using local::lib (which is how the cPanel Perl-module installer works, on
 systems that use it).

For that to work, the local::lib-defined value for PERL5LIB must be in
the environment when Perl starts up. The former way %config{ENV} was handled
was too late, depending on the Perl code to unpack it from the storable and
put it into the environment.

Easy solution is to build the wrapper to repopulate the environment based on
%config{ENV} before ever exec'ing Perl (and then remove it from the storable
as there is nothing more that the Perl code will need to do with it).
---
 IkiWiki/Wrapper.pm | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/IkiWiki/Wrapper.pm b/IkiWiki/Wrapper.pm
index b46bc6aa9..ffbaf9908 100644
--- a/IkiWiki/Wrapper.pm
+++ b/IkiWiki/Wrapper.pm
@@ -52,6 +52,7 @@ sub gen_wrapper () {
 		       HTTP_COOKIE REMOTE_USER HTTPS REDIRECT_STATUS
 		       HTTP_HOST SERVER_PORT HTTPS HTTP_ACCEPT
 		       REDIRECT_URL} if $config{cgi};
+	my $envsize=$#envsave;
 	my $envsave="";
 	foreach my $var (@envsave) {
 		$envsave.=<<"EOF";
@@ -59,6 +60,17 @@ sub gen_wrapper () {
 		addenv("$var", s);
 EOF
 	}
+	if (ref $config{ENV} eq 'HASH') {
+		foreach my $key (keys %{$config{ENV}}) {
+			my $val=$config{ENV}{$key};
+			$val =~ s/([\\"])/\\$1/g;
+			$envsize += 1;
+			$envsave.=<<"EOF";
+	addenv("$key", "$val");
+EOF
+		}
+		delete $config{ENV};
+	}
 	
 	my @wrapper_hooks;
 	run_hooks(genwrapper => sub { push @wrapper_hooks, shift->() });
@@ -171,7 +183,7 @@ EOF
 #include <sys/file.h>
 
 extern char **environ;
-char *newenviron[$#envsave+7];
+char *newenviron[$envsize+7];
 int i=0;
 
 void addenv(char *var, char *val) {

From 29e80b4eedadc2afd3f9f36d215076c82982971b Mon Sep 17 00:00:00 2001
From: Lafayette Chamber Singers Webmaster
 <webmaster@lafayettechambersingers.org>
Date: Sun, 14 Sep 2014 20:07:43 -0400
Subject: [PATCH 2/2] More cautious escaping of environment values.

Tightened the escaping per this review comment:
http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=f35fc6a603b5473ce2c07bb0236e28e57f718315

(I didn't introduce a $tmp, as $val was local to that block already, and each
hex encoding is in its own C string literal to avoid consuming subsequent
chars that are valid hex digits.)
---
 IkiWiki/Wrapper.pm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/IkiWiki/Wrapper.pm b/IkiWiki/Wrapper.pm
index ffbaf9908..4c99cdaa0 100644
--- a/IkiWiki/Wrapper.pm
+++ b/IkiWiki/Wrapper.pm
@@ -63,7 +63,8 @@ EOF
 	if (ref $config{ENV} eq 'HASH') {
 		foreach my $key (keys %{$config{ENV}}) {
 			my $val=$config{ENV}{$key};
-			$val =~ s/([\\"])/\\$1/g;
+			utf8::encode($val) if utf8::is_utf8($val);
+			$val =~ s/([^A-Za-z0-9])/sprintf '""\\x%02x""', ord($1)/ge;
 			$envsize += 1;
 			$envsave.=<<"EOF";
 	addenv("$key", "$val");