X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=cgi%2Fbugreport.cgi;h=ef0341c25facad894c8c7ed0294c6467fcfbc66e;hb=05f158937d8e18b9bec70594f465fc078ed3bc59;hp=c50d58604722280f86924e3333ae30b8ed4193bf;hpb=c311254aa558f21f5a90d3c65456eb91e5ac3d89;p=debbugs.git diff --git a/cgi/bugreport.cgi b/cgi/bugreport.cgi index c50d586..ef0341c 100755 --- a/cgi/bugreport.cgi +++ b/cgi/bugreport.cgi @@ -1,37 +1,49 @@ -#!/usr/bin/perl -wT +#!/usr/bin/perl use warnings; use strict; +# Sanitize environent for taint +BEGIN{ + delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; +} + + use POSIX qw(strftime); use MIME::Parser; use MIME::Decoder; use IO::Scalar; use IO::File; -use Debbugs::Config qw(:globals :text); +use Debbugs::Config qw(:globals :text :config); # for read_log_records -use Debbugs::Log qw(read_log_records); -use Debbugs::CGI qw(:url :html :util); +use Debbugs::Log qw(:read); +use Debbugs::CGI qw(:url :html :util :cache); use Debbugs::CGI::Bugreport qw(:all); -use Debbugs::Common qw(buglog getmaintainers make_list); +use Debbugs::Common qw(buglog getmaintainers make_list bug_status); use Debbugs::Packages qw(getpkgsrc); -use Debbugs::Status qw(splitpackages get_bug_status isstrongseverity); +use Debbugs::Status qw(splitpackages split_status_fields get_bug_status isstrongseverity); + +use Debbugs::User; use Scalar::Util qw(looks_like_number); use Debbugs::Text qw(:templates); +use List::Util qw(max); + use CGI::Simple; my $q = new CGI::Simple; +# STDOUT should be using the utf8 io layer +binmode(STDOUT,':raw:encoding(UTF-8)'); my %param = cgi_parameters(query => $q, single => [qw(bug msg att boring terse), qw(reverse mbox mime trim), qw(mboxstat mboxmaint archive), - qw(repeatmerged) + qw(repeatmerged avatars), ], default => {# msg => '', boring => 'no', @@ -43,6 +55,7 @@ my %param = cgi_parameters(query => $q, mboxmaint => 'no', archive => 'no', repeatmerged => 'yes', + avatars => 'yes', }, ); # This is craptacular. @@ -58,11 +71,96 @@ my $terse = $param{'terse'} eq 'yes'; my $reverse = $param{'reverse'} eq 'yes'; my $mbox = $param{'mbox'} eq 'yes'; my $mime = $param{'mime'} eq 'yes'; +my $avatars = $param{avatars} eq 'yes'; + +my $trim_headers = ($param{trim} || ((defined $msg and $msg)?'no':'yes')) eq 'yes'; + +my $mbox_status_message = $param{mboxstat} eq 'yes'; +my $mbox_maint = $param{mboxmaint} eq 'yes'; +$mbox = 1 if $mbox_status_message or $mbox_maint; + +# Not used by this script directly, but fetch these so that pkgurl() and +# friends can propagate them correctly. +my $archive = $param{'archive'} eq 'yes'; +my $repeatmerged = $param{'repeatmerged'} eq 'yes'; my %bugusertags; my %ut; my %seen_users; +my $buglog = buglog($ref); +my $bug_status = bug_status($ref); +if (not defined $buglog or not defined $bug_status) { + no_such_bug($q,$ref); +} + +sub no_such_bug { + my ($q,$ref) = @_; + print $q->header(-status => 404, + -content_type => "text/html", + -charset => 'utf-8', + -cache_control => 'public, max-age=600', + ); + print fill_in_template(template=>'cgi/no_such_bug', + variables => {modify_time => strftime('%a, %e %b %Y %T UTC', gmtime), + bug_num => $ref, + }, + ); + exit 0; +} + +## calculate etag for this bugreport.cgi call +my $etag; +## identify the files that we need to look at; if someone just wants the mbox, +## they don't need to see anything but the buglog; otherwise, track what is +## necessary for the usertags and things to calculate status. + +my @dependent_files = ($buglog); +my $need_status = 0; +if (not (($mbox and not $mbox_status_message) or + (defined $att and defined $msg))) { + $need_status = 1; + push @dependent_files, + $bug_status, + defined $config{version_index} ? $config{version_index}:(), + defined $config{binary_source_map} ? $config{binary_source_map}:(); +} + +## Identify the users required +for my $user (map {split /[\s*,\s*]+/} make_list($param{users}||[])) { + next unless length($user); + push @dependent_files,Debbugs::User::usertag_flie_from_email($user); +} +if (defined $param{usertag}) { + for my $usertag (make_list($param{usertag})) { + my ($user, $tag) = split /:/, $usertag, 2; + push @dependent_files,Debbugs::User::usertag_flie_from_email($user); + } +} +$etag = + etag_does_not_match(cgi => $q, + additional_data => [grep {defined $_ ? $_ :()} + values %param + ], + files => [@dependent_files, + ], + ); +if (not $etag) { + print $q->header(-status => 304); + print "304: Not modified\n"; + exit 0; +} + +## if they're just asking for the head, stop here. +if ($q->request_method() eq 'HEAD' and not defined($att) and not $mbox) { + print $q->header(-status => 200, + -cache_control => 'public, max-age=600', + -etag => $etag, + -content_type => 'text/html', + ); + exit 0; +} + for my $user (map {split /[\s*,\s*]+/} make_list($param{users}||[])) { next unless length($user); add_user($user,\%ut,\%bugusertags,\%seen_users); @@ -82,47 +180,6 @@ if (defined $param{usertag}) { } -my $trim_headers = ($param{trim} || ((defined $msg and $msg)?'no':'yes')) eq 'yes'; - -my $mbox_status_message = $param{mboxstat} eq 'yes'; -my $mbox_maint = $param{mboxmaint} eq 'yes'; -$mbox = 1 if $mbox_status_message or $mbox_maint; - - -# Not used by this script directly, but fetch these so that pkgurl() and -# friends can propagate them correctly. -my $archive = $param{'archive'} eq 'yes'; -my $repeatmerged = $param{'repeatmerged'} eq 'yes'; - -my $buglog = buglog($ref); -if (not defined $buglog) { - print $q->header(-status => "404 No such bug", - -type => "text/html", - -charset => 'utf-8', - ); - print fill_in_template(template=>'cgi/no_such_bug', - variables => {modify_time => strftime('%a, %e %b %Y %T UTC', gmtime), - bug_num => $ref, - }, - ); - exit 0; -} - -my @stat = stat $buglog; -my $mtime = ''; -if (@stat) { - $mtime = strftime '%a, %d %b %Y %T GMT', gmtime($stat[9]); -} - -if ($q->request_method() eq 'HEAD' and not defined($att) and not $mbox) { - print $q->header(-type => "text/html", - -charset => 'utf-8', - (length $mtime)?(-last_modified => $mtime):(), - ); - exit 0; -} - - my $buglogfh; if ($buglog =~ m/\.gz$/) { my $oldpath = $ENV{'PATH'}; @@ -134,13 +191,16 @@ if ($buglog =~ m/\.gz$/) { } -my %status = %{get_bug_status(bug=>$ref, - bugusertags => \%bugusertags, - )}; +my %status; +if ($need_status) { + %status = %{split_status_fields(get_bug_status(bug=>$ref, + bugusertags => \%bugusertags, + ))} +} my @records; eval{ - @records = read_log_records($buglogfh); + @records = read_log_records(logfh => $buglogfh,inner_file => 1); }; if ($@) { quitcgi("Bad bug log for $gBug $ref. Unable to read records: $@"); @@ -157,18 +217,21 @@ if (defined($msg) and ($msg-1) <= $#records) { } my @log; if ( $mbox ) { + binmode(STDOUT,":raw"); my $date = strftime "%a %b %d %T %Y", localtime; if (@records > 1) { print $q->header(-type => "text/plain", + -cache_control => 'public, max-age=600', + -etag => $etag, content_disposition => qq(attachment; filename="bug_${ref}.mbox"), - (length $mtime)?(-last_modified => $mtime):(), ); } else { $msg_num++; print $q->header(-type => "message/rfc822", + -cache_control => 'public, max-age=86400', + -etag => $etag, content_disposition => qq(attachment; filename="bug_${ref}_message_${msg_num}.mbox"), - (length $mtime)?(-last_modified => $mtime):(), ); } if ($mbox_status_message and @records > 1) { @@ -208,35 +271,51 @@ END my $wanted_type = $mbox_maint?'recips':'incoming-recv'; # we want to include control messages anyway my $record_wanted_anyway = 0; - my ($msg_id) = $record->{text} =~ /^Message-Id:\s+<(.+)>/im; - next if exists $seen_message_ids{$msg_id}; - next if $msg_id =~/handler\..+\.ack(?:info|done)?\@/; - $record_wanted_anyway = 1 if $record->{text} =~ /^Received: \(at control\)/; + my ($msg_id) = record_regex($record,qr/^Message-Id:\s+<(.+)>/im); + next if defined $msg_id and exists $seen_message_ids{$msg_id}; + next if defined $msg_id and $msg_id =~/handler\..+\.ack(?:info|done)?\@/; + $record_wanted_anyway = 1 if record_regex($record,qr/^Received: \(at control\)/); next if not $boring and not $record->{type} eq $wanted_type and not $record_wanted_anyway and @records > 1; - $seen_message_ids{$msg_id} = 1; - my @lines = split( "\n", $record->{text}, -1 ); + $seen_message_ids{$msg_id} = 1 if defined $msg_id; + my @lines; + if ($record->{inner_file}) { + push @lines, $record->{fh}->getline; + push @lines, $record->{fh}->getline; + chomp $lines[0]; + chomp $lines[1]; + } else { + @lines = split( "\n", $record->{text}, -1 ); + } if ( $lines[ 1 ] =~ m/^From / ) { - my $tmp = $lines[ 0 ]; - $lines[ 0 ] = $lines[ 1 ]; - $lines[ 1 ] = $tmp; + @lines = reverse @lines; } if ( !( $lines[ 0 ] =~ m/^From / ) ) { unshift @lines, "From unknown $date"; - } - map { s/^(>*From )/>$1/ } @lines[ 1 .. $#lines ]; - print join( "\n", @lines ) . "\n"; + } + print $lines[0]."\n"; + print map { s/^(>*From )/>$1/; $_."\n" } @lines[ 1 .. $#lines ]; + if ($record->{inner_file}) { + my $fh = $record->{fh}; + print $_ while (<$fh>); + } } exit 0; } else { if (defined $att and defined $msg and @records) { - $msg_num++; - print handle_email_message($records[0]->{text}, + binmode(STDOUT,":raw"); + $msg_num++; + ## allow this to be cached for a week + print "Status: 200 OK\n"; + print "Cache-Control: public, max-age=604800\n"; + print "Etag: $etag\n"; + print handle_email_message($records[0], ref => $ref, msg_num => $msg_num, att => $att, msg => $msg, + trim_headers => $trim_headers, ); exit 0; } @@ -248,7 +327,11 @@ else { next; } $skip_next = 1 if $record->{type} eq 'html' and not $boring; - push @log, handle_record($record,$ref,$msg_num,\%seen_msg_ids); + push @log, handle_record($record,$ref,$msg_num, + \%seen_msg_ids, + trim_headers => $trim_headers, + avatars => $avatars, + ); } } @@ -270,34 +353,41 @@ my $tmain; my $dtime = strftime "%a, %e %b %Y %T UTC", gmtime; unless (%status) { - print $q->header(-type => "text/html", - -charset => 'utf-8', - (length $mtime)?(-last_modified => $mtime):(), - ); - print fill_in_template(template=>'cgi/no_such_bug', - variables => {modify_time => $dtime, - bug_num => $ref, - }, - ); - exit 0; + no_such_bug($q,$ref); } #$|=1; -my %package; -my @packages = splitpackages($status{package}); -foreach my $pkg (@packages) { - $package{$pkg} = {maintainer => exists($maintainer{$pkg}) ? $maintainer{$pkg} : '(unknown)', - exists($pkgsrc{$pkg}) ? (source => $pkgsrc{$pkg}) : (), - package => $pkg, - }; +my @packages = make_list($status{package}); + + +my %packages_affects; +for my $p_a (qw(package affects)) { + foreach my $pkg (make_list($status{$p_a})) { + if ($pkg =~ /^src\:/) { + my ($srcpkg) = $pkg =~ /^src:(.*)/; + $packages_affects{$p_a}{$pkg} = + {maintainer => exists($maintainer{$srcpkg}) ? $maintainer{$srcpkg} : '(unknown)', + source => $srcpkg, + package => $pkg, + is_source => 1, + }; + } + else { + $packages_affects{$p_a}{$pkg} = + {maintainer => exists($maintainer{$pkg}) ? $maintainer{$pkg} : '(unknown)', + exists($pkgsrc{$pkg}) ? (source => $pkgsrc{$pkg}) : (), + package => $pkg, + }; + } + } } # fixup various bits of the status -$status{tags_array} = [sort(split(/\s+/, $status{tags}))]; +$status{tags_array} = [sort(make_list($status{tags}))]; $status{date_text} = strftime('%a, %e %b %Y %T UTC', gmtime($status{date})); -$status{mergedwith_array} = [split(/ /,$status{mergedwith})]; +$status{mergedwith_array} = [make_list($status{mergedwith})]; my $version_graph = ''; @@ -321,7 +411,7 @@ if (@{$status{found_versions}} or @{$status{fixed_versions}}) { -my @blockedby= split(/ /, $status{blockedby}); +my @blockedby= make_list($status{blockedby}); $status{blockedby_array} = []; if (@blockedby && $status{"pending"} ne 'fixed' && ! length($status{done})) { for my $b (@blockedby) { @@ -331,7 +421,7 @@ if (@blockedby && $status{"pending"} ne 'fixed' && ! length($status{done})) { } } -my @blocks= split(/ /, $status{blocks}); +my @blocks= make_list($status{blocks}); $status{blocks_array} = []; if (@blocks && $status{"pending"} ne 'fixed' && ! length($status{done})) { for my $b (@blocks) { @@ -349,12 +439,14 @@ my $descriptivehead = $indexentry; print $q->header(-type => "text/html", -charset => 'utf-8', - (length $mtime)?(-last_modified => $mtime):(), + -cache_control => 'public, max-age=300', + -etag => $etag, ); print fill_in_template(template => 'cgi/bugreport', variables => {status => \%status, - package => \%package, + package => $packages_affects{'package'}, + affects => $packages_affects{'affects'}, log => $log, bug_num => $ref, version_graph => $version_graph, @@ -362,6 +454,7 @@ print fill_in_template(template => 'cgi/bugreport', isstrongseverity => \&Debbugs::Status::isstrongseverity, html_escape => \&Debbugs::CGI::html_escape, looks_like_number => \&Scalar::Util::looks_like_number, + make_list => \&Debbugs::Common::make_list, }, hole_var => {'&package_links' => \&Debbugs::CGI::package_links, '&bug_links' => \&Debbugs::CGI::bug_links,