X-Git-Url: https://git.donarmstrong.com/?p=debbugs.git;a=blobdiff_plain;f=cgi%2Fbugreport.cgi;h=87f688e368fbf167b784ccedba4e1cba2c8bb319;hp=790e1a2ce5dc1a23f9eb385f45ba6f3792e189b7;hb=1aa5061f8033c49525c7a2d424c43900cee19771;hpb=ece213fb252bd813a0643689242dca211638b7d5 diff --git a/cgi/bugreport.cgi b/cgi/bugreport.cgi index 790e1a2..87f688e 100755 --- a/cgi/bugreport.cgi +++ b/cgi/bugreport.cgi @@ -1,39 +1,83 @@ -#!/usr/bin/perl -wT +#!/usr/bin/perl use warnings; use strict; +# Sanitize environent for taint +BEGIN{ + delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; +} + + use POSIX qw(strftime); use MIME::Parser; use MIME::Decoder; use IO::Scalar; use IO::File; -use Debbugs::Config qw(:globals :text); +# if we're running out of git, we want to use the git base directory as the +# first INC directory. If you're not running out of git, don't do that. +use File::Basename qw(dirname); +use Cwd qw(abs_path); +our $debbugs_dir; +BEGIN { + $debbugs_dir = + abs_path(dirname(abs_path(__FILE__)) . '/../'); + # clear the taint; we'll assume that the absolute path to __FILE__ is the + # right path if there's a .git directory there + ($debbugs_dir) = $debbugs_dir =~ /([[:print:]]+)/; + if (defined $debbugs_dir and + -d $debbugs_dir . '/.git/') { + } else { + undef $debbugs_dir; + } + # if the first directory in @INC is not an absolute directory, assume that + # someone has overridden us via -I. + if ($INC[0] !~ /^\//) { + undef $debbugs_dir; + } + if (defined $debbugs_dir) { + unshift @INC, $debbugs_dir.'/lib/'; + } +} + +use Debbugs::Config qw(:globals :text :config); # for read_log_records -use Debbugs::Log qw(read_log_records); -use Debbugs::CGI qw(:url :html :util); +use Debbugs::Log qw(:read); +use Debbugs::Log::Spam; +use Debbugs::CGI qw(:url :html :util :cache :usertags); use Debbugs::CGI::Bugreport qw(:all); -use Debbugs::Common qw(buglog getmaintainers make_list bug_status); -use Debbugs::Packages qw(getpkgsrc); -use Debbugs::Status qw(splitpackages get_bug_status isstrongseverity); +use Debbugs::Common qw(buglog getmaintainers make_list bug_status package_maintainer); +use Debbugs::Packages qw(binary_to_source); +use Debbugs::DB; +use Debbugs::Status qw(splitpackages split_status_fields get_bug_status isstrongseverity); +use Debbugs::Bug; use Scalar::Util qw(looks_like_number); use Debbugs::Text qw(:templates); - -use List::Util qw(max); - +use URI::Escape qw(uri_escape_utf8); +use List::AllUtils qw(max); + +my $s; +my @schema_arg = (); +if (defined $config{database}) { + $s = Debbugs::DB->connect($config{database}) or + die "Unable to connect to DB"; + @schema_arg = ('schema',$s); +} use CGI::Simple; -my $q = new CGI::Simple; +my $q = CGI::Simple->new(); +# STDOUT should be using the utf8 io layer +binmode(STDOUT,':raw:encoding(UTF-8)'); my %param = cgi_parameters(query => $q, single => [qw(bug msg att boring terse), qw(reverse mbox mime trim), qw(mboxstat mboxmaint archive), - qw(repeatmerged) + qw(repeatmerged avatars), ], default => {# msg => '', boring => 'no', @@ -45,12 +89,13 @@ my %param = cgi_parameters(query => $q, mboxmaint => 'no', archive => 'no', repeatmerged => 'yes', + avatars => 'yes', }, ); # This is craptacular. -my $ref = $param{bug} or quitcgi("No bug number"); -$ref =~ /(\d+)/ or quitcgi("Invalid bug number"); +my $ref = $param{bug} or quitcgi("No bug number", '400 Bad Request'); +$ref =~ /(\d+)/ or quitcgi("Invalid bug number", '400 Bad Request'); $ref = $1; my $short = "#$ref"; my ($msg) = $param{msg} =~ /^(\d+)$/ if exists $param{msg}; @@ -60,6 +105,18 @@ my $terse = $param{'terse'} eq 'yes'; my $reverse = $param{'reverse'} eq 'yes'; my $mbox = $param{'mbox'} eq 'yes'; my $mime = $param{'mime'} eq 'yes'; +my $avatars = $param{avatars} eq 'yes'; + +my $trim_headers = ($param{trim} || ((defined $msg and $msg)?'no':'yes')) eq 'yes'; + +my $mbox_status_message = $param{mboxstat} eq 'yes'; +my $mbox_maint = $param{mboxmaint} eq 'yes'; +$mbox = 1 if $mbox_status_message or $mbox_maint; + +# Not used by this script directly, but fetch these so that pkgurl() and +# friends can propagate them correctly. +my $archive = $param{'archive'} eq 'yes'; +my $repeatmerged = $param{'repeatmerged'} eq 'yes'; my %bugusertags; my %ut; @@ -68,28 +125,79 @@ my %seen_users; my $buglog = buglog($ref); my $bug_status = bug_status($ref); if (not defined $buglog or not defined $bug_status) { - print $q->header(-status => "404 No such bug", - -type => "text/html", - -charset => 'utf-8', - ); - print fill_in_template(template=>'cgi/no_such_bug', - variables => {modify_time => strftime('%a, %e %b %Y %T UTC', gmtime), - bug_num => $ref, - }, - ); - exit 0; + no_such_bug($q,$ref); } -# the log should almost always be newer, but just in case -my $log_mtime = +(stat $buglog)[9] || time; -my $status_mtime = +(stat $bug_status)[9] || time; -my $mtime = strftime '%a, %d %b %Y %T GMT', gmtime(max($status_mtime,$log_mtime)); +sub no_such_bug { + my ($q,$ref) = @_; + print $q->header(-status => 404, + -content_type => "text/html", + -charset => 'utf-8', + -cache_control => 'public, max-age=600', + ); + print fill_in_template(template=>'cgi/no_such_bug', + variables => {modify_time => strftime('%a, %e %b %Y %T UTC', gmtime), + bug_num => $ref, + }, + ); + exit 0; +} + +## calculate etag for this bugreport.cgi call +my $etag; +## identify the files that we need to look at; if someone just wants the mbox, +## they don't need to see anything but the buglog; otherwise, track what is +## necessary for the usertags and things to calculate status. + +my @dependent_files = ($buglog); +my $need_status = 0; +if (not (($mbox and not $mbox_status_message) or + (defined $att and defined $msg))) { + $need_status = 1; + push @dependent_files, + $bug_status, + defined $config{version_index} ? $config{version_index}:(), + defined $config{binary_source_map} ? $config{binary_source_map}:(); +} +## Identify the users required +for my $user (map {split /[\s*,\s*]+/} make_list($param{users}||[])) { + next unless length($user); + push @dependent_files,Debbugs::User::usertag_file_from_email($user); +} +if (defined $param{usertag}) { + for my $usertag (make_list($param{usertag})) { + my ($user, $tag) = split /:/, $usertag, 2; + push @dependent_files,Debbugs::User::usertag_file_from_email($user); + } +} +$etag = + etag_does_not_match(cgi => $q, + additional_data => [grep {defined $_ ? $_ :()} + values %param + ], + files => [@dependent_files, + ], + ); +if (not $etag) { + print $q->header(-status => 304, + -cache_control => 'public, max-age=600', + -etag => $etag, + -charset => 'utf-8', + -content_type => 'text/html', + ); + print "304: Not modified\n"; + exit 0; +} + +## if they're just asking for the head, stop here. if ($q->request_method() eq 'HEAD' and not defined($att) and not $mbox) { - print $q->header(-type => "text/html", - -charset => 'utf-8', - (length $mtime)?(-last_modified => $mtime):(), - ); + print $q->header(-status => 200, + -cache_control => 'public, max-age=600', + -etag => $etag, + -charset => 'utf-8', + -content_type => 'text/html', + ); exit 0; } @@ -111,45 +219,25 @@ if (defined $param{usertag}) { } } +my $bug = Debbugs::Bug->new(bug => $ref, + @schema_arg, + ); -my $trim_headers = ($param{trim} || ((defined $msg and $msg)?'no':'yes')) eq 'yes'; - -my $mbox_status_message = $param{mboxstat} eq 'yes'; -my $mbox_maint = $param{mboxmaint} eq 'yes'; -$mbox = 1 if $mbox_status_message or $mbox_maint; - - -# Not used by this script directly, but fetch these so that pkgurl() and -# friends can propagate them correctly. -my $archive = $param{'archive'} eq 'yes'; -my $repeatmerged = $param{'repeatmerged'} eq 'yes'; - - - -my $buglogfh; -if ($buglog =~ m/\.gz$/) { - my $oldpath = $ENV{'PATH'}; - $ENV{'PATH'} = '/bin:/usr/bin'; - $buglogfh = IO::File->new("zcat $buglog |") or quitcgi("open log for $ref: $!"); - $ENV{'PATH'} = $oldpath; -} else { - $buglogfh = IO::File->new($buglog,'r') or quitcgi("open log for $ref: $!"); +my %status; +if ($need_status) { + %status = %{split_status_fields(get_bug_status(bug=>$ref, + bugusertags => \%bugusertags, + @schema_arg, + ))} } - -my %status = %{get_bug_status(bug=>$ref, - bugusertags => \%bugusertags, - )}; - my @records; eval{ - @records = read_log_records($buglogfh); + @records = $bug->log_records(); }; if ($@) { quitcgi("Bad bug log for $gBug $ref. Unable to read records: $@"); } -undef $buglogfh; - my $log=''; my $msg_num = 0; @@ -160,21 +248,25 @@ if (defined($msg) and ($msg-1) <= $#records) { } my @log; if ( $mbox ) { + binmode(STDOUT,":raw"); my $date = strftime "%a %b %d %T %Y", localtime; - if (@records > 1) { - print $q->header(-type => "text/plain", + my $multiple_messages = @records > 1; + if ($multiple_messages) { + print $q->header(-type => "application/mbox", + -cache_control => 'public, max-age=600', + -etag => $etag, content_disposition => qq(attachment; filename="bug_${ref}.mbox"), - (length $mtime)?(-last_modified => $mtime):(), ); } else { $msg_num++; print $q->header(-type => "message/rfc822", - content_disposition => qq(attachment; filename="bug_${ref}_message_${msg_num}.mbox"), - (length $mtime)?(-last_modified => $mtime):(), + -cache_control => 'public, max-age=86400', + -etag => $etag, + content_disposition => qq(attachment; filename="bug_${ref}_message_${msg_num}.eml"), ); } - if ($mbox_status_message and @records > 1) { + if ($mbox_status_message and $multiple_messages) { my $status_message=''; my @status_fields = (retitle => 'subject', package => 'package', @@ -211,31 +303,53 @@ END my $wanted_type = $mbox_maint?'recips':'incoming-recv'; # we want to include control messages anyway my $record_wanted_anyway = 0; - my ($msg_id) = $record->{text} =~ /^Message-Id:\s+<(.+)>/im; - next if exists $seen_message_ids{$msg_id}; - next if $msg_id =~/handler\..+\.ack(?:info|done)?\@/; - $record_wanted_anyway = 1 if $record->{text} =~ /^Received: \(at control\)/; + my ($msg_id) = record_regex($record,qr/^Message-Id:\s+<(.+)>/im); + next if defined $msg_id and exists $seen_message_ids{$msg_id}; + next if defined $msg_id and $msg_id =~/handler\..+\.ack(?:info|done)?\@/; + $record_wanted_anyway = 1 if record_regex($record,qr/^Received: \(at control\)/); next if not $boring and not $record->{type} eq $wanted_type and not $record_wanted_anyway and @records > 1; - $seen_message_ids{$msg_id} = 1; - my @lines = split( "\n", $record->{text}, -1 ); + $seen_message_ids{$msg_id} = 1 if defined $msg_id; + # skip spam messages if we're outputting more than one message + next if $multiple_messages and $bug->is_spam($msg_id); + my @lines; + if ($record->{inner_file}) { + push @lines, scalar $record->{fh}->getline; + push @lines, scalar $record->{fh}->getline; + chomp $lines[0]; + chomp $lines[1]; + } else { + @lines = split( "\n", $record->{text}, -1 ); + } if ( $lines[ 1 ] =~ m/^From / ) { - my $tmp = $lines[ 0 ]; - $lines[ 0 ] = $lines[ 1 ]; - $lines[ 1 ] = $tmp; + @lines = reverse @lines; } if ( !( $lines[ 0 ] =~ m/^From / ) ) { unshift @lines, "From unknown $date"; - } - map { s/^(>*From )/>$1/ } @lines[ 1 .. $#lines ]; - print join( "\n", @lines ) . "\n"; + } + print $lines[0]."\n"; + print map { s/^(>*From )/>$1/ if $multiple_messages; + $_."\n" } @lines[ 1 .. $#lines ]; + if ($record->{inner_file}) { + my $fh = $record->{fh}; + local $/; + while (<$fh>) { + s/^(>*From )/>$1/gm if $multiple_messages; + print $_; + } + } } exit 0; } else { if (defined $att and defined $msg and @records) { - $msg_num++; - print handle_email_message($records[0]->{text}, + binmode(STDOUT,":raw"); + $msg_num++; + ## allow this to be cached for a week + print "Status: 200 OK\n"; + print "Cache-Control: public, max-age=604800\n"; + print "Etag: $etag\n"; + print handle_email_message($records[0], ref => $ref, msg_num => $msg_num, att => $att, @@ -252,7 +366,15 @@ else { next; } $skip_next = 1 if $record->{type} eq 'html' and not $boring; - push @log, handle_record($record,$ref,$msg_num,\%seen_msg_ids); + push @log, handle_record($record,$ref,$msg_num, + \%seen_msg_ids, + trim_headers => $trim_headers, + avatars => $avatars, + terse => $terse, + # if we're only looking at one record, allow + # spam to be output + spam => (@records > 1)?$bug:undef, + ); } } @@ -262,126 +384,43 @@ $log = join("\n",@log); # All of the below should be turned into a template -my %maintainer = %{getmaintainers()}; -my %pkgsrc = %{getpkgsrc()}; - my $indexentry; my $showseverity; -my $tpack; -my $tmain; - -my $dtime = strftime "%a, %e %b %Y %T UTC", gmtime; - unless (%status) { - print $q->header(-type => "text/html", - -charset => 'utf-8', - (length $mtime)?(-last_modified => $mtime):(), - ); - print fill_in_template(template=>'cgi/no_such_bug', - variables => {modify_time => $dtime, - bug_num => $ref, - }, - ); - exit 0; -} - -#$|=1; - -my %package; -my @packages = splitpackages($status{package}); - -foreach my $pkg (@packages) { - if ($pkg =~ /^src\:/) { - my ($srcpkg) = $pkg =~ /^src:(.*)/; - $package{$pkg} = {maintainer => exists($maintainer{$srcpkg}) ? $maintainer{$srcpkg} : '(unknown)', - source => $srcpkg, - package => $pkg, - is_source => 1, - }; - } - else { - $package{$pkg} = {maintainer => exists($maintainer{$pkg}) ? $maintainer{$pkg} : '(unknown)', - exists($pkgsrc{$pkg}) ? (source => $pkgsrc{$pkg}) : (), - package => $pkg, - }; - } + no_such_bug($q,$ref); } -# fixup various bits of the status -$status{tags_array} = [sort(split(/\s+/, $status{tags}))]; -$status{date_text} = strftime('%a, %e %b %Y %T UTC', gmtime($status{date})); -$status{mergedwith_array} = [split(/ /,$status{mergedwith})]; - - -my $version_graph = ''; -if (@{$status{found_versions}} or @{$status{fixed_versions}}) { - $version_graph = q(version graph}; -} +my @packages = make_list($status{package}); - -my @blockedby= split(/ /, $status{blockedby}); -$status{blockedby_array} = []; -if (@blockedby && $status{"pending"} ne 'fixed' && ! length($status{done})) { - for my $b (@blockedby) { - my %s = %{get_bug_status($b)}; - next if $s{"pending"} eq 'fixed' || length $s{done}; - push @{$status{blockedby_array}},{bug_num => $b, subject => $s{subject}, status => \%s}; - } -} - -my @blocks= split(/ /, $status{blocks}); -$status{blocks_array} = []; -if (@blocks && $status{"pending"} ne 'fixed' && ! length($status{done})) { - for my $b (@blocks) { - my %s = %{get_bug_status($b)}; - next if $s{"pending"} eq 'fixed' || length $s{done}; - push @{$status{blocks_array}}, {bug_num => $b, subject => $s{subject}, status => \%s}; - } -} - -if ($buglog !~ m#^\Q$gSpoolDir/db#) { - $status{archived} = 1; -} - -my $descriptivehead = $indexentry; - print $q->header(-type => "text/html", -charset => 'utf-8', - (length $mtime)?(-last_modified => $mtime):(), + -cache_control => 'public, max-age=300', + -etag => $etag, ); print fill_in_template(template => 'cgi/bugreport', - variables => {status => \%status, - package => \%package, + variables => {bug => $bug, log => $log, - bug_num => $ref, - version_graph => $version_graph, msg => $msg, isstrongseverity => \&Debbugs::Status::isstrongseverity, html_escape => \&Debbugs::CGI::html_escape, + uri_escape => \&URI::Escape::uri_escape_utf8, looks_like_number => \&Scalar::Util::looks_like_number, + make_list => \&Debbugs::Common::make_list, }, hole_var => {'&package_links' => \&Debbugs::CGI::package_links, '&bug_links' => \&Debbugs::CGI::bug_links, '&version_url' => \&Debbugs::CGI::version_url, - '&bug_url' => \&Debbugs::CGI::bug_url, '&strftime' => \&POSIX::strftime, '&maybelink' => \&Debbugs::CGI::maybelink, }, ); + +__END__ + +# Local Variables: +# indent-tabs-mode: nil +# cperl-indent-level: 4 +# End: