Commit Graph

2131 Commits (dc635c70d4e06619a844eb824807dba961d6c95e)

Author SHA1 Message Date
Joey Hess a165790ba7 typo 2011-12-05 15:19:25 -04:00
Joey Hess aa226bbb6b Consume all stdin when rcs_receive short-circuits, to avoid git SIPIPE race.
We had a weird problem where, after moving to a new, faster server,
"git push" would sometimes fail like this:

Unpacking objects: 100% (3/3), done.
fatal: The remote end hung up unexpectedly
fatal: The remote end hung up unexpectedly

What turned out to be going on was that git-receive-pack was dying due
to an uncaught SIGPIPE. The SIGPIPE occurred when it tried to write to
the pre-receive hook's stdin. The pre-receive hook, in this case, was
able to do all the checks it needed to do without the input, and so did
exit(0) without consuming it.

Apparently that causes a race. Most of the time, git forks the hook,
writes output to the hook, and then the hook runs, ignores it, and exits.
But sometimes, on our new faster server, git forked the hook, and it
ran, and exited, before git got around to writing to it, resulting in
the SIGPIPE.

write(7, "c9f98c67d70a1cfeba382ec27d87644a"..., 100) = -1 EPIPE (Broken
pipe)
--- SIGPIPE (Broken pipe) @ 0 (0) ---

I think git should ignore SIGPIPE when writing to hooks. Otherwise,
hooks may have to go out of their way to consume all input, and as I've
seen, the races when they fail to do this can lurk undiscovered.

I have written to the git mailing list about this.

As a workaround, consume all stdin before exiting.
2011-12-05 15:17:01 -04:00
Joey Hess 3b40790041 releasing version 3.20111107 2011-11-30 16:52:30 -04:00
Joey Hess d13e86a6cb add missing license text 2011-11-30 16:43:34 -04:00
Joey Hess 4cb343f348 graphviz: Support wikilinks embedded in the graph.
(Sponsored by The TOVA Company.)
2011-11-30 15:47:13 -04:00
Joey Hess 44863ea234 graphviz: Support urls embedded in the graph, by having graphviz generate an imagemap.
Also, I let preview mode write real files, rather than using data: uri.
Which is ok these days, since ikiwiki tracks files created during
previewing, and cleans them up later.
2011-11-30 15:47:12 -04:00
Joey Hess 3046dc4d30 The umask setting can now be set to private, group, or public, avoiding the need to enter octal correctly which is particularly difficult in yaml setup files. (smcv) 2011-11-27 18:35:05 -04:00
Joey Hess 41f6363a63 editpage: Fix FormattingHelp link on Discussion pages.
In 875d550f12 I for some reason
made $page be changed when creating a discussion page, which
broke the link on the edit page. Changing page seems unnecessary,
so reverted that part of the change.
2011-11-27 13:19:19 -04:00
Joey Hess 45edb2c99a reorder depends; git first 2011-11-19 12:40:52 -04:00
Joey Hess 106d55bf47 img: Bugfix to width/height tags for scaled down image when only one dimension was provided. Thanks, Per Carlson. 2011-11-17 18:53:23 -04:00
Joey Hess 5fd076e630 releasing version 3.20111106 2011-11-06 16:35:53 -04:00
Joey Hess 875d550f12 Fix handling of discussion page creation links to make discussion pages in the right place and with the right case.
Broken by page case preservation feature added in 3.20110707.
2011-11-06 16:14:04 -04:00
Joey Hess 67b2beb1b0 Make the setup automator create YAML formatted files. 2011-11-06 16:01:50 -04:00
Joey Hess 3e69f6481f changelog 2011-10-23 11:57:47 -07:00
Joey Hess 496874ab27 svn: Support subversion 1.7, which does not have .svn in each subdirectory.
Involved dropping some checks for .svn which didn't add anything, since if
svn is enabled and you point it at a non-svn checkout, you get both pieces.

The tricky part is add and rename, in both cases the new file can be in
some subdirectory that is not added to svn.

For add, turns out svn has a --parents that will deal with this by adding
the intermediate directories to svn as well.

For rename though, --parents fails if the directories exist but are not
yet in svn -- which is exactly the case, since ikiwiki makes them
by calling prep_writefile. So instead, svn add the parent directory,
recursively.

tldr; svn made a reasonable change in dropping the .svn directories from
everywhere, but the semantics of other svn commands, particularly their
pickiness about whether parent directories are in svn or not, means
that without the easy crutch of checking for those .svn directories,
code has to tiptoe around svn to avoid pissing it off.
2011-10-12 19:07:38 -04:00
Joey Hess 6321a75e0c track escaping change in upstream template
This is not belived to be XSS exploitable due to other checks in ikiwiki.

Thanks Olly Betts for review.
2011-09-27 11:05:34 -04:00
Joey Hess 97caf03fa0 releasing version 3.20110905 2011-09-05 15:17:15 -04:00
Joey Hess 5cb0ecc000 Fix web revert of a file deletion.
When reverting, an add is a remove, and a remove is an add.
2011-09-05 14:51:49 -04:00
Joey Hess acb0eb78c4 Promote RPC::XML to a Recommends, since it's used by auto-blog.setup. Closes: #637603 2011-09-05 13:25:05 -04:00
Joey Hess 35b69392c8 Avoid warning message when generating setup file if highlight is not installed. Closes: #637606
There's a nice message if the plugin is loaded and used and highlight is
not available, and a nice fallback. So no need for this other warning,
which can happen any time all plugins are loaded to generate a setup file.
2011-09-05 13:21:56 -04:00
Joey Hess f774f20913 Fix comments testsuite to not rely on Date::Parse's ability to parse the date Columbus discovered America. Closes: #640350
This is such a pity. smcv had these great dates, but squeeze's Date::Parse
cannot parse them.

Oh well, at least it makes for a great bug closure title.
2011-09-05 13:17:36 -04:00
Joey Hess 7d2b68cd16 inline: When indexing internal pages for searching, use the url of the inlining page. 2011-09-01 11:38:10 -04:00
Joey Hess 4af7b2c14d search: Fix encoding bug in calculation of maximum term size. 2011-08-30 11:37:38 -04:00
Joey Hess c8f7dcbc31 Use lockf rather than flock when taking the cgilock, for better portability.
This kind of change is scary, but this particular lock is very simply
used and so it seems ok to make it even just for better portability to
SunOS. (People still use that?)
2011-08-24 17:35:53 -04:00
Joey Hess 73eb892ba2 jquery source cleanup
* Add unminified jquery js and css files to source.
* Update to jquery 1.6.2, and jquery-ui 1.8.14.

The full files are included in the source but not the binary.

I'm not minifying the files as part of build because I don't want ikiwiki
to build depend on a javascript minifier. (Let alone need one at runtime).
Nor do I want to deal with any breakage caused by the minifier. These
files were taken from the debian packages.

The jquery-tmpl full file was taken from revision
66bb852217c49ae8c9a8f2522150354ae80463de of its git repository, which
matches the minified file I already had. I did not want to deal with possible
breakage in newer versions; this thing claims to need an ancient version of
jquery (1.4.2), and is perhaps only working by luck with the newer versions
as it is.
2011-08-24 16:25:03 -04:00
Joey Hess 1873095484 Put in a workaround for #622591, by ensuring Search::Xapian gets loaded before Image::Magick. 2011-08-07 11:01:41 -04:00
Joey Hess e07adcad7a typo 2011-08-05 17:14:41 -04:00
Joey Hess d2cf716876 Avoid using named capture groups in heredoc code for oldperl compatability.
Also reordered heredoc part of regexp for consistency.
2011-07-30 20:12:33 +02:00
Joey Hess ed360d045a Fix escaping of html entities in tag names.
Example case was a tag with & in its name, which resulted in a malformed
rss feed.
2011-07-29 12:54:30 +02:00
Joey Hess 65a7bc4e06 Fix escaping of html entities in permalinks. 2011-07-29 12:37:43 +02:00
Joey Hess f2529edcab Fix typo in Danish translation of shortcuts page that caused expoentional regexp blowup.
Complex regular subexpression recursion limit (32766) exceeded at
/home/joey/src/ikiwiki/IkiWiki.pm line 1532.

This doesn't fix the blowup potential itself, it just fixes the typo. :)

A sample page that causes the blowup is attached below for future
reference. The first directive is not terminated. Contributing are the
additional quotes around the following directives, which mean that they can
each be processed as a parameter to the first directive, or as an
individual directive. In resolving this ambiguity, the regexp blows up.
Happily, perl contains the explosion , so I don't think there is an exploit
here.

"[[!shortcut name=wiktionary url=\"https://secure.wikimedia.org/wiktionary/en/"
"[[!shortcut name=debss url=\"http://snapshot.debian.net/package/%s\"]]"
"[[!shortcut name=debwiki url=\"http://wiki.debian.org/%s\"]]"
"[[!shortcut name=fdobug url=\"https://bugs.freedesktop.org/show_bug.cgi?id=%s\" desc=\"freedesktop.org bug #%s\"]]"
"[[!shortcut name=fdolist url=\"http://lists.freedesktop.org/mailman/listinfo/%s\" desc=\"%s@lists.freedesktop.org\"]]"
"[[!shortcut name=cpanrt url=\"https://rt.cpan.org/Ticket/Display.html?id=%s\" desc=\"CPAN RT#%s\"]]"
"[[!shortcut name=novellbug url=\"https://bugzilla.novell.com/show_bug.cgi?id=%s\" desc=\"bug %s\"]]"
"[[!shortcut name=fdolist url=\"http://lists.freedesktop.org/mailman/listinfo/%s\" desc=\"%s@lists.freedesktop.org\"]]"
"[[!shortcut name=gnomebug url=\"http://bugzilla.gnome.org/show_bug.cgi?id=%s\" desc=\"GNOME bug #%s\"]]"
"[[!shortcut name=linuxbug url=\"http://bugzilla.kernel.org/show_bug.cgi?id=%s\" desc=\"Linux bug #%s\"]]"
"[[!shortcut name=gmane url=\"http://dir.gmane.org/gmane.%s\" desc=\"gmane.%s\"]]"
"[[!shortcut name=gmanemsg url=\"http://mid.gmane.org/%s\"]]"
"[[!shortcut name=cpan url=\"http://search.cpan.org/search?mode=dist&query=%s\"]]"
"[[!shortcut name=ctan url=\"http://tug.ctan.org/cgi-bin/ctanPackageInformation.py?id=%s\"]]"
"[[!shortcut name=hoogle url=\"http://haskell.org/hoogle/?q=%s\"]]"
"[[!shortcut name=iki url=\"http://ikiwiki.info/%S/\"]]"
"[[!shortcut name=ljuser url=\"http://%s.livejournal.com/\"]]"
"[[!shortcut name=rfc url=\"http://www.ietf.org/rfc/rfc%s.txt\" desc=\"RFC %s\"]]"
"[[!shortcut name=c2 url=\"http://c2.com/cgi/wiki?%s\"]]"
"[[!shortcut name=meatballwiki url=\"http://www.usemod.com/cgi-bin/mb.pl?%s\"]]"
"[[!shortcut name=emacswiki url=\"http://www.emacswiki.org/cgi-bin/wiki/%s\"]]"
"[[!shortcut name=haskellwiki url=\"http://haskell.org/haskellwiki/%s\"]]"
"[[!shortcut name=dict url=\"http://www.dict.org/bin/Dict?Form=Dict1&Strategy=*&Database=*&Query=%s\"]]"
"[[!shortcut name=imdb url=\"http://imdb.com/find?q=%s\"]]"
"[[!shortcut name=gpg url=\"http://pgpkeys.mit.edu:11371/pks/lookup?op=vindex&exact=on&search=0x%s\"]]"
"[[!shortcut name=perldoc url=\"http://perldoc.perl.org/search.html?q=%s\"]]"
"[[!shortcut name=whois url=\"http://reports.internic.net/cgi/whois?whois_nic=%s&type=domain\"]]"
"[[!shortcut name=cve url=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=%s\"]]"
"[[!shortcut name=cia url=\"http://cia.vc/stats/project/%s\"]]"
"[[!shortcut name=ciauser url=\"http://cia.vc/stats/user/%s\"]]"
"[[!shortcut name=flickr url=\"http://www.flickr.com/photos/%s\"]]"
"[[!shortcut name=man url=\"http://linux.die.net/man/%s\"]]"
"[[!shortcut name=ohloh url=\"http://www.ohloh.net/projects/%s\"]]"
"[[!shortcut name=cpanrt url=\"https://rt.cpan.org/Ticket/Display.html?id=%s\" desc=\"CPAN RT#%s\"]]"
"[[!shortcut name=novellbug url=\"https://bugzilla.novell.com/show_bug.cgi?id=%s\" desc=\"bug %s\"]]"
2011-07-26 17:29:36 +02:00
Joey Hess ca435801d9 po: Add `LANG_CODE` and `LANG_NAME` template variables. (intrigeri) 2011-07-19 14:12:45 -04:00
Joey Hess e04cb1ffd3 mercurial: Implement rcs_diff. (Daniel Andersson) 2011-07-19 11:44:26 -04:00
Joey Hess 339b95e719 rcs_rename and rcs_remove also were in the big mercurial patch 2011-07-19 11:41:11 -04:00
Joey Hess b4db945b34 mercurial: Make both rcs_getctime and rcs_getmtime fast. (Daniel Andersson) 2011-07-19 11:39:32 -04:00
Joey Hess 86e1dc492f apply the big mercurial patch
* mercurial: openid nicknames are now used when committing. (Daniel Andersson)
* mercurial: implement rcs_commit_staged so comments, attachments, etc
  can be used. (Daniel Andersson)
* mercurial: fix viewing of a diff containing non-utf8 changes.
  (Daniel Andersson)
2011-07-19 11:26:14 -04:00
Joey Hess 98d2356ad0 releasing version 3.20110715 2011-07-15 18:57:24 -04:00
Joey Hess 4cd2efef8c fix two recently introduced bugs in rename
* rename: Fix logic error that broke renaming pages when the attachment
  plugin was disabled.
* rename: Fix logic error that bypassed the usual pagespec checks.
2011-07-15 18:46:16 -04:00
Joey Hess 70ce708b02 releasing version 3.20110712 2011-07-12 12:40:30 -04:00
Joey Hess 20577d8ecb Display attachment manipulation links always, since attachments can be uploaded via javascript.
Could arrange for them to be in a span that is hidden when there are no
attachments and make the javascript upload unhide it; this is a quick fix.
2011-07-11 21:38:48 -04:00
Joey Hess d23786cb6c attachment: Bugfix to create directory when moving attachment out of holding area. 2011-07-11 21:35:46 -04:00
Joey Hess 4ce2490e01 releasing version 3.20110711 2011-07-11 18:41:30 -04:00
Joey Hess 258b75c4f7 attachment: Bugfix to move upload attachments out of holding area when saving. 2011-07-11 18:34:17 -04:00
Joey Hess 45a058a2c7 Add build dep on python-support. Closes: #633536 2011-07-11 13:07:28 -04:00
Joey Hess a40b58c514 releasing version 3.20110707 2011-07-07 20:48:48 -04:00
Joey Hess 9f7d9ab356 Bugfix for trying to attach files to a subpage of the index page. 2011-07-07 20:32:14 -04:00
Joey Hess a965e02430 Bugfix for wikilink containing an email address not showing up in brokenlinks list. 2011-06-29 18:35:29 -04:00
Joey Hess a18a62aa30 inline: Handle obfuscated urls, such as the mailto urls generated by markdown when forcing urls absolute.
That took me 5 minutes. If anyone thinks obfuscated email urls stops, or
even slows down spammers, think again.
2011-06-29 18:12:58 -04:00
Joey Hess add72de71a merged smcv/comments-metadata 2011-06-29 17:57:53 -04:00
Joey Hess 9d7c1d5f7d Fix ikiwiki-update-wikilist -r to actually work. 2011-06-29 17:38:26 -04:00
Joey Hess 25b01f9404 Preserve mixed case in page creation links, and when creating a page whose title is mixed case, allow selecting between the mixed case and all lower-case names. 2011-06-29 16:38:32 -04:00
Joey Hess ae1857b43c img: Generate png format thumbnails for svg images.
Imagemagick does not generate svg images very well, but it can convert
them to png quite well.

For browsers that don't yet support displaying svg, this also provides a
workaround; just scale the svg down to get a png. But the workaround is
partial, since scaling the image larger, or leaving it the same size will
cause the original svg to be displayed. Since browsers are actively
improving svg support, this is good enough for me.
2011-06-29 14:40:30 -04:00
Joey Hess c90bc78d44 Support svg as a inlinable image type
svg images can be included on a page by simply linking to them, or by using
the img directive. Note that sanitizing svg files is still not addressed.
2011-06-29 14:17:47 -04:00
Joey Hess 46064d6d63 html5 is not experimental anymore. But not the default either, quite yet. 2011-06-23 09:41:21 -04:00
Joey Hess 886890b82d move headinganchors out of contrib 2011-06-21 15:22:35 -04:00
Joey Hess d82fa99426 add JSON dep 2011-06-16 14:34:44 -04:00
Joey Hess d96edbbe68 Add libtext-multimarkdown-perl to Suggests. Closes: #630705 2011-06-16 13:13:08 -04:00
Joey Hess 6ebb4e262e show ikiwiki error when attachment is rejected 2011-06-16 13:01:23 -04:00
Joey Hess d4a0732752 let thru HTTP_ACCEPT
Needed for attachment to return json when requested.

I think some browsers send Accept: * , so I made sure to check that json
was explicitly listed as to be accepted, as well as having a high
priority.
2011-06-15 20:02:14 -04:00
Joey Hess c9781b20bf added jquery templates 2011-06-15 19:33:22 -04:00
Joey Hess f3fd7696cf added jquery-ui for attachment interface 2011-06-15 19:30:34 -04:00
Joey Hess a695b5b2f8 updated jquery and made it its own underlay 2011-06-15 19:15:06 -04:00
Joey Hess 3a939f05c5 update copyright 2011-06-15 18:56:36 -04:00
Joey Hess 8e15f664c4 aggregate: Improve checking for too long aggregated filenames.
Two problems fixed:

1. Files are written with a .ikiwiki-new suffix, which has to be taken into
   account.
2. Need to count length of bytes, not of unicode characters.
2011-06-10 18:47:57 -04:00
Joey Hess cf707d1654 userlist: New plugin, lets admins see a list of users and their info. 2011-06-09 10:10:27 -04:00
Joey Hess 4fdeda0e34 ikiwiki-mass-rebuild: Fix tty hijacking vulnerability by using su. (Once su's related bug #628843 is fixed.) Thanks, Ludwig Nussel. (CVE-2011-1408) 2011-06-08 17:42:07 -04:00
Joey Hess d7c4001748 search: Update search page when page.tmpl or searchquery.tmpl are locally modified. 2011-06-03 20:31:20 -04:00
Joey Hess 0423cac6de let's assume some web server will think OFF is a good idea.. 2011-06-03 14:41:13 -04:00
Joey Hess 254080bc85 Support the Hiawatha web server which sets HTTPS=off rather than not setting it. (There does not seem to be a standard here.) 2011-06-03 14:36:31 -04:00
Joey Hess 3b8fc54717 merged po4a robustness workaround 2011-06-03 12:39:09 -04:00
Joey Hess 50bc05e7fb changelog 2011-06-03 12:32:42 -04:00
Joey Hess 30c3ceeaa2 Changed license of madduck's python plugins from GPL-2 to BSD-2-clause.
Apparently the rst library is changing to a GPL-2 incompatable license.

"madduck: joeyh: so yes, do as you think is right."
2011-05-19 14:37:16 -04:00
Joey Hess b4dd83642a merged quoting changes 2011-05-13 11:24:16 -04:00
Joey Hess 97a8d30dc1 Support YAML::XS by not passing decoded unicode to Load. Closes: #625713 2011-05-12 17:50:25 -04:00
Joey Hess b2754fa272 openid: also use Net::INET6Glue if available 2011-05-09 18:15:35 -04:00
Joey Hess 825f81340a aggregate, pinger: Use Net::INET6Glue if available to support making ipv6 connections.
Making outgoing ipv6 connections for openid auth is still broken; the glue
module does not seem to solve that, so I did not make openid use it.
2011-05-09 14:00:48 -04:00
Joey Hess fc79f2252e Add conflict with libyaml-libyaml-perl, since that library does not support utf8. Closes: #625713 (see https://rt.cpan.org/Public/Bug/Display.html?id=54683) 2011-05-06 14:38:27 -04:00
Joey Hess adabab4cc6 changelog 2011-05-06 14:32:55 -04:00
Joey Hess 4a27adfa72 Danish translation update. Closes: #625721 2011-05-05 13:02:31 -04:00
Joey Hess e02b903054 releasing version 3.20110430 2011-04-30 17:27:18 -04:00
Joey Hess be0833b856 close bug already fixed a month ago in git 2011-04-30 16:40:52 -04:00
Joey Hess bad5072c02 tag: Avoid autocreating multiple tag pages that vary only in capitalization. The first capitalization seen of a tag will be used for the tag page.
Arguably, the real bug is in the interface to add_autofile, but since
that does take a filename, not a page name, it cannot really do case
handling on its own. The only other users of add_autofile in ikiwiki proper
is autoindex, and it always uses one case. Other third party plugins might
also need to add similar workarounds though.
2011-04-30 16:30:07 -04:00
Joey Hess e258575c12 Promote Crypt::SSLeay to Recommends; needed for https openid auth. 2011-04-30 12:06:32 -04:00
Joey Hess 270fd45c5d meta: Add FOAF support. Closes: #623156 (Jonas Smedegaard) 2011-04-21 19:52:39 -04:00
Joey Hess 795da42b29 changelog 2011-04-21 14:18:56 -04:00
Joey Hess df81a2d208 bug closure 2011-04-17 17:57:23 -04:00
Joey Hess d22489299a meta: Fix bug in loading of HTML::Entities that can break inline archive=yes (mostly masked by other plugins that load the module). 2011-04-12 12:30:24 -04:00
Joey Hess 5bdc7f4645 document fix I'm about to merge 2011-03-30 14:11:38 -04:00
Joey Hess 21f3eb5bc0 fix 2011-03-30 11:32:47 -04:00
Joey Hess 5013e6b0bd update for libravatar support
* comments: Add avatar picture of comment author, using Libravatar::URL
  when available. The avatar is looked up based on  (Thanks, Francois Marier)
* Recommend libgravatar-url-perl, which contains Libravatar::URL.
2011-03-30 10:55:36 -04:00
Joey Hess 0204dabccf CVE assigned 2011-03-28 19:10:08 -04:00
Joey Hess e548b0c245 changelog 2011-03-28 13:09:03 -04:00
Joey Hess 81abc4adfe yaml is needed as a build dep now 2011-03-28 12:49:24 -04:00
Joey Hess 232c8a6dfc releasing version 3.20110328 2011-03-28 12:30:57 -04:00
Joey Hess be02a80b7a meta: Security fix; don't allow alternative stylesheets to be added on pages where the htmlscrubber is enabled. 2011-03-28 12:21:12 -04:00
Joey Hess a0e31f38d5 comment: Better fix to avoid showing comments of subpages, while not breaking manual inlining of comments. 2011-03-28 11:53:55 -04:00
Joey Hess 9df8971e57 Yaml formatted setup files are now produced by default
This has been a while coming. It turns out that non-excutable setup files
have a number of benefits. Also, I find YAML setup files easier to edit
myself, and I suspect many users will prefer not needing to deal with
perl syntax.
2011-03-24 21:30:18 -04:00
Joey Hess 78c750f2d2 Add timezone setting in setup file. This alows time zone to be configured via the web. 2011-03-24 13:36:16 -04:00
Joey Hess 5c2ba98bcc releasing version 3.20110321 2011-03-21 15:01:19 -04:00
Joey Hess 26eb86d903 Avoid escaping / characters in filenames when building the cgiurl, as this confuses eg, cvsweb. 2011-03-21 14:21:55 -04:00