Menu
▾
▴
sandweb-commit — CVS activity
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(28) |
Nov
(58) |
Dec
(85) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(125) |
Feb
(222) |
Mar
(274) |
Apr
(51) |
May
(22) |
Jun
(50) |
Jul
(15) |
Aug
(33) |
Sep
(11) |
Oct
(29) |
Nov
(17) |
Dec
(1) |
| 2003 |
Jan
(100) |
Feb
(21) |
Mar
(7) |
Apr
(45) |
May
|
Jun
(43) |
Jul
(27) |
Aug
(24) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2004 |
Jan
(1) |
Feb
|
Mar
(13) |
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
(7) |
Sep
|
Oct
|
Nov
|
Dec
(4) |
| 2005 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
|
From: Rob H. <for...@us...> - 2003-04-01 06:42:22
|
Update of /cvsroot/sandweb/sandweb In directory sc8-pr-cvs1:/tmp/cvs-serv14002 Modified Files: install.cfg Log Message: reverting to default settings Index: install.cfg =================================================================== RCS file: /cvsroot/sandweb/sandweb/install.cfg,v retrieving revision 1.22 retrieving revision 1.23 diff -U2 -r1.22 -r1.23 --- install.cfg 1 Apr 2003 05:40:21 -0000 1.22 +++ install.cfg 1 Apr 2003 06:42:18 -0000 1.23 @@ -2,13 +2,13 @@ package config; -$cfgdir = './debian/tmp/etc/sandweb'; -$cgidir = './debian/tmp/usr/lib/cgi-bin'; -$imgdir = './debian/tmp/var/www/images'; -$tmpldir = './debian/tmp/usr/lib/sandweb/templates'; -$cachedir = './debian/tmp/usr/share/sandweb'; -$logdir = './debian/tmp/var/log'; -$httpuser = 'www-data'; +$bindir = '/usr/local/bin'; +$cfgdir = '/usr/local/etc/sandweb'; +$cgidir = '/var/www/cgi-bin'; +$imgdir = '/var/www/images'; +$tmpldir = '/usr/local/lib/sandweb/templates'; +$cachedir = '/usr/local/share/sandweb'; +$logdir = '/var/log'; +$httpuser = 'www'; $expectbin = '/usr/bin/expect'; -$bindir = './debian/tmp/usr/bin'; $ssh_bin = '/usr/bin/ssh'; $cvs_bin = '/usr/bin/cvs'; |
|
From: Rob H. <for...@us...> - 2003-04-01 05:53:31
|
Update of /cvsroot/sandweb/sandweb/debian In directory sc8-pr-cvs1:/tmp/cvs-serv31102/debian Modified Files: changelog Log Message: bumping vers. no. Index: changelog =================================================================== RCS file: /cvsroot/sandweb/sandweb/debian/changelog,v retrieving revision 1.1 retrieving revision 1.2 diff -U2 -r1.1 -r1.2 --- changelog 12 Jan 2003 11:15:01 -0000 1.1 +++ changelog 1 Apr 2003 05:53:27 -0000 1.2 @@ -1,2 +1,8 @@ +sandweb (1.0rc1-1) unstable; urgency=low + + * Release candidate. + + -- root <ro...@mo...> Mon, 31 Mar 2003 21:49:47 -0800 + sandweb (1.0b1-1) unstable; urgency=low |
|
From: Rob H. <for...@us...> - 2003-04-01 05:40:31
|
Update of /cvsroot/sandweb/sandweb In directory sc8-pr-cvs1:/tmp/cvs-serv26971 Modified Files: ChangeLog NEWS README install.cfg Log Message: bumping version number to 1.0RC1 Index: ChangeLog =================================================================== RCS file: /cvsroot/sandweb/sandweb/ChangeLog,v retrieving revision 1.5 retrieving revision 1.6 diff -U2 -r1.5 -r1.6 --- ChangeLog 24 Feb 2003 07:01:25 -0000 1.5 +++ ChangeLog 1 Apr 2003 05:40:21 -0000 1.6 @@ -1,2 +1,89 @@ +2003-03-31 19:06 formnull + + * INSTALL: cool, the only known issue that was our fault was + already fixed :) booyah! + +2003-03-31 18:53 formnull + + * INSTALL: added known issue + +2003-03-31 18:46 formnull + + * bin/sandweb.cgi, debian/sandweb.cfg, etc/sandweb.cfg, + lib/SandWeb/Repository.pm, lib/SandWeb/Shell.pm, + lib/SandWeb/Repository/cvs.pm: made timeout a global option, now + you can easily set a number of seconds in the sandweb.cfg and CLI + ops will time out at that time ( prevents runaway CVS/SSH processes + and such ). + + Default is 300 seconds ( 5 minutes ). + +2003-03-31 17:21 formnull + + * bin/sandweb-editor, bin/sandweb-expect, bin/sandweb-ssh, + lib/SandWeb/Repository/cvs.pm, tools/install_script.pl: finally! + conquered SSH host key checking and Expect. + + We need a wrapper around SSH for SandWeb to use, so we can pass the + "-o StrictHostKeyChecking no" option ( works in both OpenSSH and + SSH.com versions ). + + This eliminates the timeouts and complexity in sandweb-expect. + +2003-03-05 00:41 formnull + + * lib/SandWeb/Security.pm: hmm.. i think "/" is a safe character, + we need it for CVSROOT anyway. + +2003-03-05 00:31 formnull + + * bin/sandweb.cgi: erase alot of unsafe characters, should prevent + any security breaches. + +2003-03-05 00:19 formnull + + * lib/SandWeb/: Security.pm, Repository/cvs.pm: added some + much-needed security - now Security->shell() just erases unsafe + characters, and tag complains if you don't enter a tag name. + + It's possible for the user to enter an invalid tag name ( e.g. + begins with a number or - or _ ) but they shouldn't be able to make + arbitrary calls to the shell. + +2003-03-03 23:19 formnull + + * bin/sandweb-editor, lib/SandWeb/Repository/cvs.pm, + tools/install_script.pl: ah, another standalone binary that SandWeb + depends on :) + + This is a shell script that acts as CVSEDITOR. + + So, instead of dealing with the security nightmare of passing the + commit message on the command line (cvs commit -m "$message"), now + we can just (CVSEDITOR=/usr/bin/sandweb-editor && export CVSEDITOR + ) first, and write the commit message to $sandweb_dir/commitmsg + + This is very similar to the way we pass the VCS password to + sandweb-expect (that's where I got the inspiration from). + +2003-02-28 03:04 formnull + + * lib/SandWeb/Browse.pm: fix the bug that prevented browse_menu + from not showing anything when pointing at a module that just + contained a single directory, turns out we weren't escaping the . + character when trying to get rid of the "." and ".." dirs (we don't + need those, we have the location bar ). + + closing associated bug on sf.net ( bug#692770 ) + +2003-02-24 18:59 formnull + + * NEWS: oops, forgot to update news file :P oh well, not a huge + deal, we\'ll probably end up doing another beta at some point. + +2003-02-23 23:01 formnull + + * ChangeLog: updating changelog again.. :) + 2003-02-23 23:00 formnull Index: NEWS =================================================================== RCS file: /cvsroot/sandweb/sandweb/NEWS,v retrieving revision 1.5 retrieving revision 1.6 diff -U2 -r1.5 -r1.6 --- NEWS 25 Feb 2003 02:59:58 -0000 1.5 +++ NEWS 1 Apr 2003 05:40:21 -0000 1.6 @@ -1,2 +1,15 @@ +2003-03-31 + + SandWeb 1.0RC1 Released + + This is the first release candidate! If we don't find + any show-stopper bugs, then this will be 1.0! + + Big changes : + + * All known security bugs squashed + * Global timeout for CVS operations added to sandweb.cfg + * Fixed timeout problems in Expect script + 2003-02-24 Index: README =================================================================== RCS file: /cvsroot/sandweb/sandweb/README,v retrieving revision 1.10 retrieving revision 1.11 diff -U2 -r1.10 -r1.11 --- README 2 Feb 2003 23:59:23 -0000 1.10 +++ README 1 Apr 2003 05:40:21 -0000 1.11 @@ -1,4 +1,4 @@ ============================================================================ -SandWeb Summary - BETA Release +SandWeb Summary - 1.0RC1 Release ============================================================================ @@ -8,5 +8,5 @@ It is essentially a multi-user client to version control systems ( VCS ) such as CVS, SVN ( Subversion ), arch or RCS ( only CVS is supported for -the BETA release ). +the 1.0RC1 release ). SandWeb requires a user agent that supports and allows Javascript @@ -20,5 +20,5 @@ using SandWeb. -The BETA release only supports "FlatFile" authentication, in +The 1.0RC1 release only supports "FlatFile" authentication, in which SandWeb uses it's own password file and format. More authentication systems are planned for future releases. @@ -86,5 +86,5 @@ You are now at the repository menu. You can enter username, password, version control system, server name and version control root for as -many repositories as you want. For the BETA release, SandWeb supports +many repositories as you want. For the 1.0RC1 release, SandWeb supports "local", "pserver" and "SSH" CVS repositories. Index: install.cfg =================================================================== RCS file: /cvsroot/sandweb/sandweb/install.cfg,v retrieving revision 1.21 retrieving revision 1.22 diff -U2 -r1.21 -r1.22 --- install.cfg 6 Jan 2003 08:17:37 -0000 1.21 +++ install.cfg 1 Apr 2003 05:40:21 -0000 1.22 @@ -2,13 +2,13 @@ package config; -$bindir = '/usr/local/bin'; -$cfgdir = '/usr/local/etc/sandweb'; -$cgidir = '/var/www/cgi-bin'; -$imgdir = '/var/www/images'; -$tmpldir = '/usr/local/lib/sandweb/templates'; -$cachedir = '/usr/local/share/sandweb'; -$logdir = '/var/log'; -$httpuser = 'www'; +$cfgdir = './debian/tmp/etc/sandweb'; +$cgidir = './debian/tmp/usr/lib/cgi-bin'; +$imgdir = './debian/tmp/var/www/images'; +$tmpldir = './debian/tmp/usr/lib/sandweb/templates'; +$cachedir = './debian/tmp/usr/share/sandweb'; +$logdir = './debian/tmp/var/log'; +$httpuser = 'www-data'; $expectbin = '/usr/bin/expect'; +$bindir = './debian/tmp/usr/bin'; $ssh_bin = '/usr/bin/ssh'; $cvs_bin = '/usr/bin/cvs'; |
|
From: Rob H. <for...@us...> - 2003-04-01 05:40:31
|
Update of /cvsroot/sandweb/sandweb/lib
In directory sc8-pr-cvs1:/tmp/cvs-serv26971/lib
Modified Files:
SandWeb.pm
Log Message:
bumping version number to 1.0RC1
Index: SandWeb.pm
===================================================================
RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb.pm,v
retrieving revision 1.24
retrieving revision 1.25
diff -U2 -r1.24 -r1.25
--- SandWeb.pm 14 Jan 2003 09:53:44 -0000 1.24
+++ SandWeb.pm 1 Apr 2003 05:40:21 -0000 1.25
@@ -94,5 +94,5 @@
=cut
-$VERSION = 'BETA';
+$VERSION = '1.0RC1';
sub get_version {
return $VERSION;
|
|
From: Rob H. <for...@us...> - 2003-04-01 03:06:25
|
Update of /cvsroot/sandweb/sandweb
In directory sc8-pr-cvs1:/tmp/cvs-serv16208
Modified Files:
INSTALL
Log Message:
cool, the only known issue that was our fault was already fixed :)
booyah!
Index: INSTALL
===================================================================
RCS file: /cvsroot/sandweb/sandweb/INSTALL,v
retrieving revision 1.16
retrieving revision 1.17
diff -U2 -r1.16 -r1.17
--- INSTALL 1 Apr 2003 02:53:50 -0000 1.16
+++ INSTALL 1 Apr 2003 03:06:22 -0000 1.17
@@ -83,6 +83,2 @@
* The apache user must have write access to ~/.ssh or ~/.ssh2 ( depending
on the version of SSH you have installed ). This is to store hostkeys.
-
- * Due to the fact that we're doing shell calls, " is considered an unsafe
- character and is not allowed in fields such as CVS "commit". We'll figure
- out a better way of dealing with this in the future.
|
|
From: Rob H. <for...@us...> - 2003-04-01 02:53:53
|
Update of /cvsroot/sandweb/sandweb
In directory sc8-pr-cvs1:/tmp/cvs-serv13337
Modified Files:
INSTALL
Log Message:
added known issue
Index: INSTALL
===================================================================
RCS file: /cvsroot/sandweb/sandweb/INSTALL,v
retrieving revision 1.15
retrieving revision 1.16
diff -U2 -r1.15 -r1.16
--- INSTALL 24 Feb 2003 07:00:42 -0000 1.15
+++ INSTALL 1 Apr 2003 02:53:50 -0000 1.16
@@ -81,4 +81,7 @@
with ksh ( the Korn shell ).
+ * The apache user must have write access to ~/.ssh or ~/.ssh2 ( depending
+ on the version of SSH you have installed ). This is to store hostkeys.
+
* Due to the fact that we're doing shell calls, " is considered an unsafe
character and is not allowed in fields such as CVS "commit". We'll figure
|
|
From: Rob H. <for...@us...> - 2003-04-01 02:46:39
|
Update of /cvsroot/sandweb/sandweb/lib/SandWeb
In directory sc8-pr-cvs1:/tmp/cvs-serv10310/lib/SandWeb
Modified Files:
Repository.pm Shell.pm
Log Message:
made timeout a global option, now you can easily set a number of
seconds in the sandweb.cfg and CLI ops will time out at that time
( prevents runaway CVS/SSH processes and such ).
Default is 300 seconds ( 5 minutes ).
Index: Repository.pm
===================================================================
RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Repository.pm,v
retrieving revision 1.51
retrieving revision 1.52
diff -U2 -r1.51 -r1.52
--- Repository.pm 3 Feb 2003 20:56:03 -0000 1.51
+++ Repository.pm 1 Apr 2003 02:46:26 -0000 1.52
@@ -184,4 +184,9 @@
my $system_password = $args{'system_password'} || '';
+ # $system_timeout specified the max. amount of time to spend
+ # on a CLI operation
+
+ my $system_timeout = $args{'system_timeout'} || '';
+
# $ssh_bin specifies the path to the SSH binary
@@ -211,4 +216,5 @@
'system_username' => $system_username,
'system_password' => $system_password,
+ 'system_timeout' => $system_timeout,
'ssh_bin' => $ssh_bin,
'cvs_bin' => $cvs_bin,
@@ -2401,4 +2407,5 @@
my $system_username = $self->get_system_username() || '';
my $system_password = $self->get_system_password() || '';
+ my $system_timeout = $self->get_system_timeout() || '';
my $vcs_username = $self->get_vcs_username() || '';
my $vcs_password = $self->get_vcs_password() || '';
@@ -2426,4 +2433,5 @@
system_username => $system_username,
system_password => $system_password,
+ system_timeout => $system_timeout,
vcs_username => $vcs_username,
vcs_password => $vcs_password,
@@ -2923,4 +2931,40 @@
return 0;
}
+}
+
+=head1
+
+METHOD
+
+ get_system_timeout
+
+SYNOPSIS
+
+ my $return_code = $CVS->get_system_timeout();
+
+DESCRIPTION
+
+ Returns the current timeout setting for CLI operations ( in seconds ).
+
+PARAMETERS
+
+ None
+
+RETURN CODE
+
+ A string containing the current timeout in seconds is returned.
+
+ 0 = This means that the method got an error proccessing your request.
+ Perhaps an invalid parameter?
+
+ -1 = This return value means that there was not sufficient permision to
+ read the files specified, or they did not exist.
+
+
+=cut
+
+sub get_system_timeout {
+ my $self = shift;
+ return $self->{'system_timeout'};
}
Index: Shell.pm
===================================================================
RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Shell.pm,v
retrieving revision 1.31
retrieving revision 1.32
diff -U2 -r1.31 -r1.32
--- Shell.pm 1 Feb 2003 03:42:43 -0000 1.31
+++ Shell.pm 1 Apr 2003 02:46:27 -0000 1.32
@@ -51,11 +51,4 @@
use SandWeb::File;
-#
-# FIXME - timeout should be a global config option
-#
-# default timeout for shell commands is 300 minutes ( aka 5 minutes )
-#
-my $timeout = '300';
-
=head1
@@ -72,4 +65,5 @@
'system_username' => "$system_username",
'system_password' => "$system_password",
+ 'system_timeout' => "$system_timeout",
'bindir' => "$bindir",
'system' => "$system",
@@ -102,4 +96,11 @@
Default: none.
+ system_timeout (type: string) (optional)
+
+ the global timeout value for CLI operations
+
+ Default: none.
+
+
vcs_username (type: string) (optional)
@@ -160,4 +161,7 @@
my $system_password = $args{'system_password'} || '';
+ # system_password is the user's password on the local box ( optional )
+ my $system_timeout = $args{'system_timeout'} || '';
+
# users_dir is the user's SandWeb home directory ( required )
my $users_dir = $args{'users_dir'} || '';
@@ -186,4 +190,5 @@
'system_username' => "$system_username",
'system_password' => "$system_password",
+ 'system_timeout' => "$system_timeout",
'users_dir' => "$users_dir",
'vcs_username' => "$vcs_username",
@@ -251,4 +256,5 @@
my $system_username = $self->{'system_username'};
my $system_password = $self->{'system_password'};
+ my $system_timeout = $self->{'system_timeout'};
my $vcs_username = $self->{'vcs_username'};
my $vcs_password = $self->{'vcs_password'};
@@ -272,12 +278,12 @@
eval {
local $SIG{ALRM} = sub { die "alarm\n" };
- alarm $timeout;
- my $raw_output = `$sandweb_expect system_vcs $system_username \'$system_password\' \'$vcs_password\' "$command" 2>&1` or $raw_output = "Timeout of $timeout seconds reached.\n";
+ alarm $system_timeout;
+ my $raw_output = `$sandweb_expect system_vcs $system_username \'$system_password\' \'$vcs_password\' "$command" 2>&1` or $raw_output = "Timeout of $system_timeout seconds reached.\n";
alarm 0;
};
- if ( "$@" eq "alarm" ) {
+ if ( "$@" ) {
my $output = "";
- my $error_message = "Timeout reached of $timeout seconds reached, operation aborted.\n";
+ my $error_message = "Timeout reached of $system_timeout seconds reached, operation aborted.\n";
my %return = (
@@ -301,13 +307,13 @@
eval {
local $SIG{ALRM} = sub { die "alarm\n" };
- alarm $timeout;
- my $raw_output = `$sandweb_expect system $system_username $system_password $command` or $raw_output = "Timeout of $timeout seconds reached.\n";
+ alarm $system_timeout;
+ my $raw_output = `$sandweb_expect system $system_username $system_password $command` or $raw_output = "Timeout of $system_timeout seconds reached.\n";
alarm 0;
};
- if ( "$@" eq "alarm" ) {
+ if ( "$@" ) {
my $output = "";
- my $error_message = "Timeout reached of $timeout seconds reached, operation aborted.\n";
+ my $error_message = "Timeout reached of $system_timeout seconds reached, operation aborted.\n";
my %return = (
@@ -349,5 +355,5 @@
eval {
local $SIG{ALRM} = sub { die "alarm\n" };
- alarm $timeout;
+ alarm $system_timeout;
my $error_output;
$raw_output = `$sandweb_expect vcs $users_dir/passwd "$command" 2>&1`;
@@ -357,8 +363,8 @@
};
- if ( "$@" eq "alarm" ) {
+ if ( "$@" ) {
my $output = "";
- my $error_message = "Timeout reached of $timeout seconds reached, operation aborted.\n";
+ my $error_message = "Timeout reached of $system_timeout seconds reached, operation aborted.\n";
my %return = (
@@ -393,13 +399,13 @@
eval {
local $SIG{ALRM} = sub { die "alarm\n" };
- alarm $timeout;
- $output = `$command 2>&1` or $raw_output = "Timeout of $timeout seconds reached.\n";
+ alarm $system_timeout;
+ $output = `$command 2>&1` or $raw_output = "Timeout of $system_timeout seconds reached.\n";
};
- if ( "$@" eq "alarm" ) {
+ if ( "$@" ) {
my $output = "";
- my $error_message = "Timeout reached of $timeout seconds reached, operation aborted.\n";
+ my $error_message = "Timeout reached of $system_timeout seconds reached, operation aborted.\n";
my %return = (
@@ -473,4 +479,6 @@
my %args = @_;
+ my $system_timeout = $self{'system_timeout'};
+
my $log = $self->{'log'} || '';
@@ -480,10 +488,10 @@
eval {
local $SIG{ALRM} = sub { die "alarm\n" };
- alarm $timeout;
+ alarm $system_timeout;
open (FILEHANDLE, "|`$command`") or return 0;
alarm 0;
};
- if ( "$@" eq "alarm" ) {
+ if ( "$@" ) {
return 0;
}
|
|
From: Rob H. <for...@us...> - 2003-04-01 02:46:39
|
Update of /cvsroot/sandweb/sandweb/lib/SandWeb/Repository
In directory sc8-pr-cvs1:/tmp/cvs-serv10310/lib/SandWeb/Repository
Modified Files:
cvs.pm
Log Message:
made timeout a global option, now you can easily set a number of
seconds in the sandweb.cfg and CLI ops will time out at that time
( prevents runaway CVS/SSH processes and such ).
Default is 300 seconds ( 5 minutes ).
Index: cvs.pm
===================================================================
RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Repository/cvs.pm,v
retrieving revision 1.45
retrieving revision 1.46
diff -U2 -r1.45 -r1.46
--- cvs.pm 1 Apr 2003 01:21:40 -0000 1.45
+++ cvs.pm 1 Apr 2003 02:46:27 -0000 1.46
@@ -161,4 +161,7 @@
my $system_password = $args{'system_password'} || '';
+ # system_timeout is the time limit for running on the CLI
+ my $system_timeout = $args{'system_timeout'} || '';
+
# log is a reference to an object based on the SandWeb::Log class
my $log = $args{'log_obj'} || '';
@@ -177,4 +180,5 @@
'system_username' => $system_username,
'system_password' => $system_password,
+ 'system_timeout' => $system_timeout,
'log' => $log,
}, $class;
@@ -2557,4 +2561,5 @@
my $system_username = $self->get_system_username() || '';
my $system_password = $self->get_system_password() || '';
+ my $system_timeout = $self->get_system_timeout() || '';
my $log = $self->get_log() || '';
@@ -2582,5 +2587,7 @@
'users_dir' => "$users_dir",
'vcs_password' => "$vcs_password",
+ 'system_timeout' => "$system_timeout",
'system_username' => "$system_username",
+ 'system_password' => "$system_password",
'bindir' => "$bindir",
'system' => "$system",
@@ -2887,4 +2894,70 @@
}
}
+=head1
+
+METHOD
+
+ get_system_timeout
+
+SYNOPSIS
+
+ my $return_code = $CVS->get_system_timeout();
+
+DESCRIPTION
+
+ Returns the current timeout setting for CLI operations ( in seconds ).
+
+PARAMETERS
+
+ None
+
+RETURN CODE
+
+ A string containing the current timeout in seconds is returned.
+
+ 0 = This means that the method got an error proccessing your request.
+ Perhaps an invalid parameter?
+
+ -1 = This return value means that there was not sufficient permision to
+ read the files specified, or they did not exist.
+
+
+=cut
+
+sub get_system_timeout {
+ my $self = shift;
+ return $self->{'system_timeout'};
+}
+
+=head1
+
+METHOD
+
+ get_log
+
+SYNOPSIS
+
+ my $logobj = $CVS->get_log();
+
+DESCRIPTION
+
+ Returns a reference to an instantiated log object.
+
+PARAMETERS
+
+ None
+
+RETURN CODE
+
+ A reference to an instantiated log object is returned.
+
+ 0 = This means that the method got an error proccessing your request.
+ Perhaps an invalid parameter?
+
+ -1 = This return value means that there was not sufficient permision to
+ read the files specified, or they did not exist.
+
+
+=cut
sub get_log {
|
|
From: Rob H. <for...@us...> - 2003-04-01 02:46:37
|
Update of /cvsroot/sandweb/sandweb/etc In directory sc8-pr-cvs1:/tmp/cvs-serv10310/etc Modified Files: sandweb.cfg Log Message: made timeout a global option, now you can easily set a number of seconds in the sandweb.cfg and CLI ops will time out at that time ( prevents runaway CVS/SSH processes and such ). Default is 300 seconds ( 5 minutes ). Index: sandweb.cfg =================================================================== RCS file: /cvsroot/sandweb/sandweb/etc/sandweb.cfg,v retrieving revision 1.28 retrieving revision 1.29 diff -U2 -r1.28 -r1.29 --- sandweb.cfg 10 Feb 2003 07:15:36 -0000 1.28 +++ sandweb.cfg 1 Apr 2003 02:46:26 -0000 1.29 @@ -34,8 +34,12 @@ /> - <!-- System paths for SSH, CVS and SandWeb scripts --> + <!-- + System paths for SSH, CVS and SandWeb scripts, + and time limit when running on the CLI + --> <system ssh_bin="/usr/bin/ssh" cvs_bin="/usr/bin/cvs" bindir="/usr/local/bin" + timeout="300" /> |
|
From: Rob H. <for...@us...> - 2003-04-01 02:46:37
|
Update of /cvsroot/sandweb/sandweb/debian In directory sc8-pr-cvs1:/tmp/cvs-serv10310/debian Modified Files: sandweb.cfg Log Message: made timeout a global option, now you can easily set a number of seconds in the sandweb.cfg and CLI ops will time out at that time ( prevents runaway CVS/SSH processes and such ). Default is 300 seconds ( 5 minutes ). Index: sandweb.cfg =================================================================== RCS file: /cvsroot/sandweb/sandweb/debian/sandweb.cfg,v retrieving revision 1.1 retrieving revision 1.2 diff -U2 -r1.1 -r1.2 --- sandweb.cfg 12 Jan 2003 11:15:01 -0000 1.1 +++ sandweb.cfg 1 Apr 2003 02:46:26 -0000 1.2 @@ -34,8 +34,13 @@ /> - <!-- System paths for SSH, CVS and SandWeb scripts --> + <!-- + System paths for SSH, CVS and SandWeb scripts, + and time limit when running on the CLI + --> + <system ssh_bin="/usr/bin/ssh" cvs_bin="/usr/bin/cvs" bindir="/usr/bin" + timeout="300" /> |
|
From: Rob H. <for...@us...> - 2003-04-01 02:46:37
|
Update of /cvsroot/sandweb/sandweb/bin
In directory sc8-pr-cvs1:/tmp/cvs-serv10310/bin
Modified Files:
sandweb.cgi
Log Message:
made timeout a global option, now you can easily set a number of
seconds in the sandweb.cfg and CLI ops will time out at that time
( prevents runaway CVS/SSH processes and such ).
Default is 300 seconds ( 5 minutes ).
Index: sandweb.cgi
===================================================================
RCS file: /cvsroot/sandweb/sandweb/bin/sandweb.cgi,v
retrieving revision 1.346
retrieving revision 1.347
diff -U2 -r1.346 -r1.347
--- sandweb.cgi 5 Mar 2003 08:31:02 -0000 1.346
+++ sandweb.cgi 1 Apr 2003 02:46:25 -0000 1.347
@@ -848,4 +848,5 @@
my $repo_connection = $user->get_repo_connection(repo => $repo_name);
my $repo_root = $user->get_repo_root(repo => $repo_name);
+ my $system_timeout = $config->{'system'}->{'timeout'};
my $ssh_bin = $config->{'system'}->{'ssh_bin'};
my $cvs_bin = $config->{'system'}->{'cvs_bin'};
@@ -862,4 +863,5 @@
'system_username' => $system_username,
'system_password' => $system_password,
+ 'system_timeout' => $system_timeout,
'server' => $repo_server,
'repo_type' => $repo_type,
@@ -2586,4 +2588,5 @@
my $repo_connection = $user->get_repo_connection(repo => $repo_name);
my $repo_root = $user->get_repo_root(repo => $repo_name);
+ my $system_timeout = $config->{'system'}->{'timeout'} || '';
my $ssh_bin = $config->{'system'}->{'ssh_bin'};
my $cvs_bin = $config->{'system'}->{'cvs_bin'};
@@ -2625,4 +2628,5 @@
'system_username' => $system_username,
'system_password' => $system_password,
+ 'system_timeout' => $system_timeout,
server => $repo_server,
repo_type => $repo_type,
|
|
From: Rob H. <for...@us...> - 2003-04-01 01:21:43
|
Update of /cvsroot/sandweb/sandweb/tools In directory sc8-pr-cvs1:/tmp/cvs-serv11557/tools Modified Files: install_script.pl Log Message: finally! conquered SSH host key checking and Expect. We need a wrapper around SSH for SandWeb to use, so we can pass the "-o StrictHostKeyChecking no" option ( works in both OpenSSH and SSH.com versions ). This eliminates the timeouts and complexity in sandweb-expect. Index: install_script.pl =================================================================== RCS file: /cvsroot/sandweb/sandweb/tools/install_script.pl,v retrieving revision 1.21 retrieving revision 1.22 diff -U2 -r1.21 -r1.22 --- install_script.pl 4 Mar 2003 07:19:45 -0000 1.21 +++ install_script.pl 1 Apr 2003 01:21:40 -0000 1.22 @@ -43,4 +43,5 @@ $bindir = instbin($bindir, 'sandweb-expect'); $bindir = instbin($bindir, 'sandweb-editor'); +$bindir = instbin($bindir, 'sandweb-ssh'); # errors |
|
From: Rob H. <for...@us...> - 2003-04-01 01:21:43
|
Update of /cvsroot/sandweb/sandweb/lib/SandWeb/Repository In directory sc8-pr-cvs1:/tmp/cvs-serv11557/lib/SandWeb/Repository Modified Files: cvs.pm Log Message: finally! conquered SSH host key checking and Expect. We need a wrapper around SSH for SandWeb to use, so we can pass the "-o StrictHostKeyChecking no" option ( works in both OpenSSH and SSH.com versions ). This eliminates the timeouts and complexity in sandweb-expect. Index: cvs.pm =================================================================== RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Repository/cvs.pm,v retrieving revision 1.44 retrieving revision 1.45 diff -U2 -r1.44 -r1.45 --- cvs.pm 5 Mar 2003 08:19:56 -0000 1.44 +++ cvs.pm 1 Apr 2003 01:21:40 -0000 1.45 @@ -2590,5 +2590,5 @@ my %return = $shell->execute( - 'command' => "cd $sandbox && MESSAGE_FILE=\"$users_dir/commitmsg\" && export MESSAGE_FILE && CVSEDITOR=$bindir/sandweb-editor && export CVSEDITOR && CVS_RSH=$ssh_bin && export CVS_RSH && $cvs_bin -q -d $root $param \'$file\'", + 'command' => "cd $sandbox && MESSAGE_FILE=\"$users_dir/commitmsg\" && export MESSAGE_FILE && CVSEDITOR=$bindir/sandweb-editor && export CVSEDITOR && SSH_BIN=$ssh_bin && export SSH_BIN && CVS_RSH=$bindir/sandweb-ssh && export CVS_RSH && $cvs_bin -q -d $root $param \'$file\'", ); |
|
From: Rob H. <for...@us...> - 2003-04-01 01:21:43
|
Update of /cvsroot/sandweb/sandweb/bin In directory sc8-pr-cvs1:/tmp/cvs-serv11557/bin Modified Files: sandweb-editor sandweb-expect Added Files: sandweb-ssh Log Message: finally! conquered SSH host key checking and Expect. We need a wrapper around SSH for SandWeb to use, so we can pass the "-o StrictHostKeyChecking no" option ( works in both OpenSSH and SSH.com versions ). This eliminates the timeouts and complexity in sandweb-expect. --- NEW FILE --- #!/bin/sh # # This is a wrapper script around SSH, so we can pass # arguments to it safely. # # Copyright 2003 Rob Helmer <ro...@ro...> # Made for the SandWeb project - http://sandweb.sf.net # NOTE: we need $SSH_BIN to already be defined!! SSH_ARGS=$* SYNTAX="Syntax: $0 <ssh_binary>" NOTE="Note: SSH_BIN must already be defined! " SYNTAX="Syntax: $0 <ssh args>" if test -z $SSH_BIN; then # tell the user how to use this script echo $NOTE echo $SYNTAX # exit abnormally exit 10 fi # Here's the main action of this script $SSH_BIN -o'StrictHostKeyChecking no' $SSH_ARGS # Exit normally exit 0 Index: sandweb-editor =================================================================== RCS file: /cvsroot/sandweb/sandweb/bin/sandweb-editor,v retrieving revision 1.1 retrieving revision 1.2 diff -U2 -r1.1 -r1.2 --- sandweb-editor 4 Mar 2003 07:19:45 -0000 1.1 +++ sandweb-editor 1 Apr 2003 01:21:40 -0000 1.2 @@ -7,5 +7,5 @@ # Made for the SandWeb project - http://sandweb.sf.net -# We need EDITED_FILE to be defined already! +# We need MESSAGE_FILE to be defined already! EDITED_FILE=$1 Index: sandweb-expect =================================================================== RCS file: /cvsroot/sandweb/sandweb/bin/sandweb-expect,v retrieving revision 1.11 retrieving revision 1.12 diff -U2 -r1.11 -r1.12 --- sandweb-expect 23 Jan 2003 08:16:49 -0000 1.11 +++ sandweb-expect 1 Apr 2003 01:21:40 -0000 1.12 @@ -18,5 +18,4 @@ spawn /bin/sh -c $vcs_command - set timeout 10 expect { @@ -25,17 +24,4 @@ eof { exit 0 } - } - - expect { - "Are you sure" { send "yes\r" } - "password:" { send "$vcs_password\r" } - "denied" { exit 2 } - eof { exit 0 } - } - - expect { - "password:" { send "$vcs_password\r" } - "denied" { exit 2 } - eof { exit 0 } } |
|
From: Rob H. <for...@us...> - 2003-03-05 08:41:32
|
Update of /cvsroot/sandweb/sandweb/lib/SandWeb
In directory sc8-pr-cvs1:/tmp/cvs-serv14109/lib/SandWeb
Modified Files:
Security.pm
Log Message:
hmm.. i think "/" is a safe character, we need it for CVSROOT anyway.
Index: Security.pm
===================================================================
RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Security.pm,v
retrieving revision 1.6
retrieving revision 1.7
diff -U2 -r1.6 -r1.7
--- Security.pm 5 Mar 2003 08:19:56 -0000 1.6
+++ Security.pm 5 Mar 2003 08:41:29 -0000 1.7
@@ -182,5 +182,5 @@
# Security check - erase unsafe characters
- $characters =~ s/([\`\~\!\@\#\$\%\^\&\*\(\)\=\+\[\{\]\}\;\:\'\"\\<\>\/\?\\\|])//g;
+ $characters =~ s/([\`\~\!\@\#\$\%\^\&\*\(\)\=\+\[\{\]\}\;\:\'\"\\<\>\?\\\|])//g;
return $characters;
|
|
From: Rob H. <for...@us...> - 2003-03-05 08:31:12
|
Update of /cvsroot/sandweb/sandweb/bin
In directory sc8-pr-cvs1:/tmp/cvs-serv10731/bin
Modified Files:
sandweb.cgi
Log Message:
erase alot of unsafe characters, should prevent any security breaches.
Index: sandweb.cgi
===================================================================
RCS file: /cvsroot/sandweb/sandweb/bin/sandweb.cgi,v
retrieving revision 1.345
retrieving revision 1.346
diff -U2 -r1.345 -r1.346
--- sandweb.cgi 3 Feb 2003 20:56:00 -0000 1.345
+++ sandweb.cgi 5 Mar 2003 08:31:02 -0000 1.346
@@ -40,5 +40,5 @@
uses SandWeb, SandWeb::Repository, SandWeb::Browse, SandWeb::File,
- SandWeb::Config, Data::Dumpber, CGI::Carp, CGI
+ SandWeb::Config, Data::Dumpber, CGI::Carp, CGI, SandWeb::Security
=cut
@@ -51,4 +51,5 @@
use SandWeb::File;
use SandWeb::Config;
+use SandWeb::Security;
# Debugging
@@ -188,16 +189,47 @@
# has valid auth cookie
my $repository_selected = $cgi->param('repository_selected') || '';
- my $repo_name = $cgi->param('repo_name') || '';
- my $repo_server = $cgi->param('repo_server') || '';
- my $repo_username = $cgi->param('repo_username') || '';
- my $repo_password = $cgi->param('repo_password') || '';
- my $remember_repo_password = $cgi->param('remember_repo_password') || '';
- my $repo_type = $cgi->param('repo_type') || '';
- my $repo_connection = $cgi->param('repo_connection') || '';
- my $repo_root = $cgi->param('repo_root') || '';
+
+ # Create an object to secure user input for shell use
+ my $secure = SandWeb::Security->new();
+
+ my $unsafe_repo_name = $cgi->param('repo_name') || '';
+ my $repo_name = $secure->shell(
+ characters => "$unsafe_repo_name",
+ );
+ my $unsafe_repo_server = $cgi->param('repo_server') || '';
+ my $repo_server = $secure->shell(
+ characters => "$unsafe_repo_server",
+ );
+ my $unsafe_repo_username = $cgi->param('repo_username') || '';
+ my $repo_username = $secure->shell(
+ characters => "$unsafe_repo_username",
+ );
+ my $unsafe_repo_password = $cgi->param('repo_password') || '';
+ my $repo_password = $secure->shell(
+ characters => "$unsafe_repo_password",
+ );
+ my $unsafe_remember_repo_password = $cgi->param('remember_repo_password') || '';
+ my $remember_repo_password = $secure->shell(
+ characters => "$unsafe_remember_repo_password",
+ );
+ my $unsafe_repo_type = $cgi->param('repo_type') || '';
+ my $repo_type = $secure->shell(
+ characters => "$unsafe_repo_type",
+ );
+ my $unsafe_repo_connection = $cgi->param('repo_connection') || '';
+ my $repo_connection = $secure->shell(
+ characters => "$unsafe_repo_connection",
+ );
+ my $unsafe_repo_root = $cgi->param('repo_root') || '';
+ my $repo_root = $secure->shell(
+ characters => "$unsafe_repo_root",
+ );
my $new_repository = $cgi->param('new_repository') || '';
my $submit = $cgi->param('Submit') || '';
my $vcs_command = $cgi->param('vcs_command') || '';
- my $module_name = $cgi->param('module_name') || '';
+ my $unsafe_module_name = $cgi->param('module_name') || '';
+ my $module_name = $secure->shell(
+ characters => "$unsafe_module_name",
+ );
my $module_description = $cgi->param('module_description') || '';
my $location = $cgi->param('location') || '';
|
|
From: Rob H. <for...@us...> - 2003-03-05 08:19:59
|
Update of /cvsroot/sandweb/sandweb/lib/SandWeb/Repository
In directory sc8-pr-cvs1:/tmp/cvs-serv6501/lib/SandWeb/Repository
Modified Files:
cvs.pm
Log Message:
added some much-needed security -
now Security->shell() just erases unsafe characters, and tag complains
if you don't enter a tag name.
It's possible for the user to enter an invalid tag name ( e.g. begins
with a number or - or _ ) but they shouldn't be able to make arbitrary
calls to the shell.
Index: cvs.pm
===================================================================
RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Repository/cvs.pm,v
retrieving revision 1.43
retrieving revision 1.44
diff -U2 -r1.43 -r1.44
--- cvs.pm 4 Mar 2003 07:19:45 -0000 1.43
+++ cvs.pm 5 Mar 2003 08:19:56 -0000 1.44
@@ -2113,5 +2113,16 @@
if ($force) { push @param, " -f" };
if ($check) { push @param, " -c" };
- if ($name) { push @param, " \\\"$name\\\"" };
+ if ($name) {
+ push @param, " $name"
+ } else {
+ # we must have a tag name, return an error if we don't
+
+ my %return = (
+ output => "",
+ error => "No tag name was specified.",
+ );
+
+ return %return;
+ }
$log->debug("Performing tag operation");
|
|
From: Rob H. <for...@us...> - 2003-03-05 08:19:59
|
Update of /cvsroot/sandweb/sandweb/lib/SandWeb
In directory sc8-pr-cvs1:/tmp/cvs-serv6501/lib/SandWeb
Modified Files:
Security.pm
Log Message:
added some much-needed security -
now Security->shell() just erases unsafe characters, and tag complains
if you don't enter a tag name.
It's possible for the user to enter an invalid tag name ( e.g. begins
with a number or - or _ ) but they shouldn't be able to make arbitrary
calls to the shell.
Index: Security.pm
===================================================================
RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Security.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -U2 -r1.5 -r1.6
--- Security.pm 11 Feb 2003 06:37:23 -0000 1.5
+++ Security.pm 5 Mar 2003 08:19:56 -0000 1.6
@@ -181,9 +181,6 @@
my $characters = $args{'characters'};
- # Security check - erase forbidden characters
- $characters =~ s/\"//g;
-
- # Security check - escape unsafe characters
- $characters =~ s/([\<\>\\\&;\`\'\|\"*\?\~\^\(\)\[\]\{\}\$])/\\$1/g;
+ # Security check - erase unsafe characters
+ $characters =~ s/([\`\~\!\@\#\$\%\^\&\*\(\)\=\+\[\{\]\}\;\:\'\"\\<\>\/\?\\\|])//g;
return $characters;
|
|
From: Rob H. <for...@us...> - 2003-03-04 07:19:49
|
Update of /cvsroot/sandweb/sandweb/bin In directory sc8-pr-cvs1:/tmp/cvs-serv8043/bin Added Files: sandweb-editor Log Message: ah, another standalone binary that SandWeb depends on :) This is a shell script that acts as CVSEDITOR. So, instead of dealing with the security nightmare of passing the commit message on the command line (cvs commit -m "$message"), now we can just (CVSEDITOR=/usr/bin/sandweb-editor && export CVSEDITOR ) first, and write the commit message to $sandweb_dir/commitmsg This is very similar to the way we pass the VCS password to sandweb-expect (that's where I got the inspiration from). --- NEW FILE --- #!/bin/sh # # This file pretends to be an editor so we can safely pass any characters # we want as part of a CVS checkin command. # # Copyright 2003 Rob Helmer <ro...@ro...> # Made for the SandWeb project - http://sandweb.sf.net # We need EDITED_FILE to be defined already! EDITED_FILE=$1 NOTE="Note: MESSAGE_FILE must already be defined! " SYNTAX="Syntax: $0 <file with commit message>" if test -z $MESSAGE_FILE; then # tell the user how to use this script echo $NOTE echo $SYNTAX # exit abnormally exit 10 fi if test -z $EDITED_FILE; then # tell the user how to use this script echo $NOTE echo $SYNTAX # exit abnormally exit 2 fi # CVS doesn't like it if we don't take a second to return, not # sure why. sleep 1 # Here's the main action of this script - cat the file containing the # message into the file CVS will look for the commit message. cat $MESSAGE_FILE > $EDITED_FILE # Exit normally, CVS looks for this (like a Unix program should) exit 0 |
|
From: Rob H. <for...@us...> - 2003-03-04 07:19:48
|
Update of /cvsroot/sandweb/sandweb/tools In directory sc8-pr-cvs1:/tmp/cvs-serv8043/tools Modified Files: install_script.pl Log Message: ah, another standalone binary that SandWeb depends on :) This is a shell script that acts as CVSEDITOR. So, instead of dealing with the security nightmare of passing the commit message on the command line (cvs commit -m "$message"), now we can just (CVSEDITOR=/usr/bin/sandweb-editor && export CVSEDITOR ) first, and write the commit message to $sandweb_dir/commitmsg This is very similar to the way we pass the VCS password to sandweb-expect (that's where I got the inspiration from). Index: install_script.pl =================================================================== RCS file: /cvsroot/sandweb/sandweb/tools/install_script.pl,v retrieving revision 1.20 retrieving revision 1.21 diff -U2 -r1.20 -r1.21 --- install_script.pl 6 Jan 2003 09:02:27 -0000 1.20 +++ install_script.pl 4 Mar 2003 07:19:45 -0000 1.21 @@ -42,4 +42,5 @@ $bindir = instbin($bindir, 'sandweb-admin'); $bindir = instbin($bindir, 'sandweb-expect'); +$bindir = instbin($bindir, 'sandweb-editor'); # errors |
|
From: Rob H. <for...@us...> - 2003-03-04 07:19:48
|
Update of /cvsroot/sandweb/sandweb/lib/SandWeb/Repository
In directory sc8-pr-cvs1:/tmp/cvs-serv8043/lib/SandWeb/Repository
Modified Files:
cvs.pm
Log Message:
ah, another standalone binary that SandWeb depends on :)
This is a shell script that acts as CVSEDITOR.
So, instead of dealing with the security nightmare of passing the
commit message on the command line (cvs commit -m "$message"), now
we can just (CVSEDITOR=/usr/bin/sandweb-editor && export CVSEDITOR ) first,
and write the commit message to $sandweb_dir/commitmsg
This is very similar to the way we pass the VCS password to sandweb-expect
(that's where I got the inspiration from).
Index: cvs.pm
===================================================================
RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Repository/cvs.pm,v
retrieving revision 1.42
retrieving revision 1.43
diff -U2 -r1.42 -r1.43
--- cvs.pm 11 Feb 2003 06:37:24 -0000 1.42
+++ cvs.pm 4 Mar 2003 07:19:45 -0000 1.43
@@ -41,5 +41,5 @@
=head1
-uses SandWeb::Diff, SandWeb::Shell, SandWeb::Security
+uses SandWeb::Diff, SandWeb::Shell, SandWeb::Security, SandWeb::File
=cut
@@ -48,4 +48,5 @@
use SandWeb::Shell;
use SandWeb::Security;
+use SandWeb::File;
=head1
@@ -669,7 +670,8 @@
my $log = $self->get_log();
+ my $users_dir = $self->get_users_dir();
my %params = @{ $args{'params'}[0] };
my $recurse = $params{'recurse'};
- my $unsafe_message = $params{'message'};
+ my $message = $params{'message'};
my $rev = $params{'rev'};
my $date = $params{'date'};
@@ -685,24 +687,27 @@
my %return;
- if (!$unsafe_message) {
+ if (!$message) {
$output = "There must be a commit message.\n";
} else {
-
- # Security check
- my $secure = SandWeb::Security->new();
+ my $file_obj = SandWeb::File->new(
+ 'log_obj' => $log,
+ 'filename' => "commitmsg",
+ 'location' => "$users_dir",
+ );
- my $message = $secure->shell(
- characters => "$unsafe_message"
+ $file_obj->file_write(
+ contents => "$message",
);
- push @param, " -m \\\"$message\\\"";
if ($log) {
$log->debug("Performing commit operation");
+ $log->debug("Writing commit msg to $users_dir/commitmsg (temporarily)");
$log->debug("Params: @param");
- $log->debug("File: $file");
+ $log->debug("File: " . $file_obj->get_filename() );
}
%return = $self->shell(
'param' => join('', @param),
'file' => "$file",
+ 'file_obj' => $file_obj,
);
};
@@ -2548,4 +2553,5 @@
my $file = $args{'file'};
my $param = $args{'param'};
+ my $file_obj = $args{'file_obj'};
if ( $connection eq 'SSH' ) {
@@ -2573,6 +2579,11 @@
my %return = $shell->execute(
- 'command' => "cd $sandbox && CVS_RSH=$ssh_bin && export CVS_RSH && $cvs_bin -q -d $root $param \'$file\'",
+ 'command' => "cd $sandbox && MESSAGE_FILE=\"$users_dir/commitmsg\" && export MESSAGE_FILE && CVSEDITOR=$bindir/sandweb-editor && export CVSEDITOR && CVS_RSH=$ssh_bin && export CVS_RSH && $cvs_bin -q -d $root $param \'$file\'",
);
+
+ if ($file_obj) {
+ $log->debug("Deleting temporary file");
+ $file_obj->delete();
+ }
return %return;
|
|
From: Rob H. <for...@us...> - 2003-02-28 11:04:15
|
Update of /cvsroot/sandweb/sandweb/lib/SandWeb In directory sc8-pr-cvs1:/tmp/cvs-serv8351/lib/SandWeb Modified Files: Browse.pm Log Message: fix the bug that prevented browse_menu from not showing anything when pointing at a module that just contained a single directory, turns out we weren't escaping the . character when trying to get rid of the "." and ".." dirs (we don't need those, we have the location bar ). closing associated bug on sf.net ( bug#692770 ) Index: Browse.pm =================================================================== RCS file: /cvsroot/sandweb/sandweb/lib/SandWeb/Browse.pm,v retrieving revision 1.81 retrieving revision 1.82 diff -U2 -r1.81 -r1.82 --- Browse.pm 6 Jan 2003 09:41:10 -0000 1.81 +++ Browse.pm 28 Feb 2003 11:04:06 -0000 1.82 @@ -265,10 +265,12 @@ my @entries = readdir(SANDBOX); chomp @entries; + $log->debug("Entries : @entries"); foreach my $entry (@entries) { - next if ($entry =~ /^.$/); - next if ($entry =~ /^.\.$/); + next if ($entry =~ /^\.$/); + next if ($entry =~ /^\.\.$/); push @return, $entry; } closedir SANDBOX; + $log->debug("Return: @return"); if ( $sort ) { @@ -303,4 +305,5 @@ $row_data{FILESIZE} = $file->get_size(); $row_data{FILEAGE} = $file->get_age(); + if ( $file->get_file_type() eq "Directory" ) { if ($repo_type eq "CVS") { |
|
From: Rob H. <for...@us...> - 2003-02-25 03:00:03
|
Update of /cvsroot/sandweb/sandweb In directory sc8-pr-cvs1:/tmp/cvs-serv25010 Modified Files: NEWS Log Message: oops, forgot to update news file :P oh well, not a huge deal, we\'ll probably end up doing another beta at some point. Index: NEWS =================================================================== RCS file: /cvsroot/sandweb/sandweb/NEWS,v retrieving revision 1.4 retrieving revision 1.5 diff -U2 -r1.4 -r1.5 --- NEWS 15 Aug 2002 08:19:36 -0000 1.4 +++ NEWS 25 Feb 2003 02:59:58 -0000 1.5 @@ -1,2 +1,16 @@ +2003-02-24 + + SandWeb BETA-1 Released + + Big changes : + + * SSH/CVS support + * Full API docs for SandWeb library + * Support for almost all CVS commands + * All known bugs squashed + + Debian package added : + deb http://sandweb.sourceforge.net/debian/ ./ + 2002-03-28 @@ -7,3 +21,2 @@ Tag name: release-ALPHA - |
|
From: Rob H. <for...@us...> - 2003-02-24 07:01:28
|
Update of /cvsroot/sandweb/sandweb In directory sc8-pr-cvs1:/tmp/cvs-serv3625 Modified Files: ChangeLog Log Message: updating changelog again.. :) Index: ChangeLog =================================================================== RCS file: /cvsroot/sandweb/sandweb/ChangeLog,v retrieving revision 1.4 retrieving revision 1.5 diff -U2 -r1.4 -r1.5 --- ChangeLog 24 Feb 2003 06:59:32 -0000 1.4 +++ ChangeLog 24 Feb 2003 07:01:25 -0000 1.5 @@ -1,2 +1,10 @@ +2003-02-23 23:00 formnull + + * INSTALL: updating known issues + +2003-02-23 22:59 formnull + + * ChangeLog: updating for beta release + 2003-02-23 22:58 formnull |
|
From: Rob H. <for...@us...> - 2003-02-24 07:00:45
|
Update of /cvsroot/sandweb/sandweb
In directory sc8-pr-cvs1:/tmp/cvs-serv3427
Modified Files:
INSTALL
Log Message:
updating known issues
Index: INSTALL
===================================================================
RCS file: /cvsroot/sandweb/sandweb/INSTALL,v
retrieving revision 1.14
retrieving revision 1.15
diff -U2 -r1.14 -r1.15
--- INSTALL 24 Feb 2003 06:58:41 -0000 1.14
+++ INSTALL 24 Feb 2003 07:00:42 -0000 1.15
@@ -80,2 +80,6 @@
work too, but this has not been tested. SandWeb is known to NOT work
with ksh ( the Korn shell ).
+
+ * Due to the fact that we're doing shell calls, " is considered an unsafe
+ character and is not allowed in fields such as CVS "commit". We'll figure
+ out a better way of dealing with this in the future.
|
3 messages has been excluded from this view by a project administrator.
