Your message dated Sun, 04 Apr 2010 08:16:19 +0000
with message-id <[email protected]>
and subject line Bug#447267: fixed in ikiwiki 3.20100403
has caused the Debian Bug report #447267,
regarding Patch to add an include_files_regexp option to ikiwiki
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
447267: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447267
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ikiwiki
Version: 1.33.3
Severity: wishlist
Tags: patch
It was annoying me that I could include .htaccess files in the ikiwiki
svn repository, and so after looking around for a patch to do this
found one, and the relevant comments about the security implications
of this.
Hence, below is a patch that adds an include_files_regexp option,
to enable people to do this if they want too (and also include other
things that would be avoided by default).
Feel free to reject this if you feel it is a bad idea, or modify the
patch if you think the idea is okay, and the code nasty :-)
There are two patches; one is against the version in Debian Etch and one
against the SVN trunk that I checked out this morning. I have tested
the former breifly, but not the latter.
Aaron Wilson
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-686
Locale: LANG=en_GB, LC_CTYPE=en_GB (charmap=ISO-8859-1)
Versions of packages ikiwiki depends on:
ii gcc [c-compiler] 4:4.1.1-15 The GNU C compiler
ii gcc-4.0 [c-compiler] 4.0.3-7 The GNU C compiler
ii gcc-4.1 [c-compiler] 4.1.1-21 The GNU C compiler
ii libc6-dev [libc-dev] 2.3.6.ds1-13etch2 GNU C Library: Development Librari
ii libcgi-formbuilder-per 3.03.01-1 Easily generate and process statef
ii libcgi-session-perl 4.14-1 Persistent session data in CGI app
ii libhtml-parser-perl 3.55-1 A collection of modules that parse
ii libhtml-scrubber-perl 0.08-3 Perl extension for scrubbing/sanit
ii libhtml-template-perl 2.8-1 HTML::Template : A module for usin
ii libmail-sendmail-perl 0.79-4 Send email from a perl script
ii libtime-duration-perl 1.02-1 Time::Duration -- rounded or exact
ii libtimedate-perl 1.1600-5 Time and date functions for Perl
ii liburi-perl 1.35-2 Manipulates and accesses URI strin
ii libxml-simple-perl 2.14-5 Perl module for reading and writin
ii markdown 1.0.1-3 Text-to-HTML conversion tool
ii perl 5.8.8-7 Larry Wall's Practical Extraction
Versions of packages ikiwiki recommends:
ii git-core 1:1.4.4.4-2 content addressable filesystem
pn hyperestraier <none> (no description available)
ii subversion 1.4.2dfsg1-2 Advanced version control system
-- no debconf information
diff -Nur ikiwiki-1.33.3/IkiWiki/Render.pm
ikiwiki-1.33.3.aaron/IkiWiki/Render.pm
--- ikiwiki-1.33.3/IkiWiki/Render.pm 2007-02-10 20:27:07.000000000 +0000
+++ ikiwiki-1.33.3.aaron/IkiWiki/Render.pm 2007-10-19 14:50:04.000000000
+0100
@@ -218,7 +218,11 @@
no_chdir => 1,
wanted => sub {
$_=decode_utf8($_);
- if (/$config{wiki_file_prune_regexp}/) {
+ my $includefile =
+ ( defined $config{include_files_regexp}
+ && /$config{include_files_regexp}/ );
+ my $excludefile = (/$config{wiki_file_prune_regexp}/);
+ if ( ! $includefile && $excludefile ) {
$File::Find::prune=1;
}
elsif (! -d $_ && ! -l $_) {
diff -Nur ikiwiki-1.33.3/IkiWiki/Setup/Standard.pm
ikiwiki-1.33.3.aaron/IkiWiki/Setup/Standard.pm
--- ikiwiki-1.33.3/IkiWiki/Setup/Standard.pm 2007-02-10 20:27:06.000000000
+0000
+++ ikiwiki-1.33.3.aaron/IkiWiki/Setup/Standard.pm 2007-10-19
10:54:21.000000000 +0100
@@ -33,6 +33,9 @@
if (exists $setup{exclude}) {
$config{wiki_file_prune_regexp}=qr/$config{wiki_file_prune_regexp}|$setup{exclude}/;
}
+ if (exists $setup{include_files_regexp}) {
+ $config{include_files_regexp}=qr/$setup{include_files_regexp}/;
+ }
if (! $config{render} && (! $config{refresh} || $config{wrappers})) {
debug("generating wrappers..");
diff -Nur ikiwiki-1.33.3/ikiwiki.pl ikiwiki-1.33.3.aaron/ikiwiki.pl
--- ikiwiki-1.33.3/ikiwiki.pl 2007-02-10 20:27:13.000000000 +0000
+++ ikiwiki-1.33.3.aaron/ikiwiki.pl 2007-10-19 14:48:53.000000000 +0100
@@ -48,6 +48,7 @@
"timeformat=s" => \$config{timeformat},
"sslcookie!" => \$config{sslcookie},
"httpauth!" => \$config{httpauth},
+ "include_files_regexp=s@" =>
\$config{include_files_regexp},
"exclude=s@" => sub {
$config{wiki_file_prune_regexp}=qr/$config{wiki_file_prune_regexp}|$_[1]/;
},
diff -Nur ikiwiki-1.33.3/IkiWiki.pm ikiwiki-1.33.3.aaron/IkiWiki.pm
--- ikiwiki-1.33.3/IkiWiki.pm 2007-02-10 20:27:13.000000000 +0000
+++ ikiwiki-1.33.3.aaron/IkiWiki.pm 2007-10-19 14:49:29.000000000 +0100
@@ -27,6 +27,7 @@
our $version='unknown'; # VERSION_AUTOREPLACE done by Makefile, DNE
sub defaultconfig () { #{{{
+ include_files_regexp => undef,
wiki_file_prune_regexp =>
qr{((^|/).svn/|\.\.|^\.|\/\.|\.x?html?$|\.rss$|\.atom$|.arch-ids/|{arch}/)},
wiki_link_regexp => qr/\[\[(?:([^\]\|]+)\|)?([^\s\]]+)\]\]/,
wiki_file_regexp => qr/(^[-[:alnum:]_.:\/+]+$)/,
Index: IkiWiki/Setup/Standard.pm
===================================================================
--- IkiWiki/Setup/Standard.pm (revision 4599)
+++ IkiWiki/Setup/Standard.pm (working copy)
@@ -24,6 +24,9 @@
push @{$setup{plugin}}, @{$setup{add_plugins}};
delete $setup{add_plugins};
}
+ if (exists $setup{wiki_file_prune_regexp}) {
+ $config{include_files_regexp}=qr/$setup{include_files_regexp}/;
+ }
if (exists $setup{exclude}) {
push @{$config{wiki_file_prune_regexps}}, $setup{exclude};
}
Index: ikiwiki.in
===================================================================
--- ikiwiki.in (revision 4599)
+++ ikiwiki.in (working copy)
@@ -50,6 +50,7 @@
"userdir=s" => \$config{userdir},
"htmlext=s" => \$config{htmlext},
"libdir=s" => \$config{libdir},
+ "include_files_regexp=s@" =>
\$config{include_files_regexp},
"exclude=s@" => sub {
push @{$config{wiki_file_prune_regexps}}, $_[1];
},
Index: IkiWiki.pm
===================================================================
--- IkiWiki.pm (revision 4599)
+++ IkiWiki.pm (working copy)
@@ -31,6 +31,7 @@
sub defaultconfig () { #{{{
return
+ include_files_regexp => undef,
wiki_file_prune_regexps => [qr/\.\./, qr/^\./, qr/\/\./,
qr/\.x?html?$/, qr/\.ikiwiki-new$/,
qr/(^|\/).svn\//, qr/.arch-ids\//, qr/{arch}\//,
@@ -1039,7 +1040,11 @@
$file =~ s#^\Q$base\E/*##;
my $regexp='('.join('|', @{$config{wiki_file_prune_regexps}}).')';
- return $file =~ m/$regexp/;
+ my $includefile = 0;
+ $includefile = 1 if (defined $config{include_files_regexp}
+ && $file =~ m/&& /$config{include_files_regexp}/ );
+
+ return (!$includefile && $file =~ m/$regexp/);
} #}}}
sub gettext { #{{{
--- End Message ---
--- Begin Message ---
Source: ikiwiki
Source-Version: 3.20100403
We believe that the bug you reported is fixed in the latest version of
ikiwiki, which is due to be installed in the Debian FTP archive:
ikiwiki_3.20100403.dsc
to main/i/ikiwiki/ikiwiki_3.20100403.dsc
ikiwiki_3.20100403.tar.gz
to main/i/ikiwiki/ikiwiki_3.20100403.tar.gz
ikiwiki_3.20100403_all.deb
to main/i/ikiwiki/ikiwiki_3.20100403_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Joey Hess <[email protected]> (supplier of updated ikiwiki package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 03 Apr 2010 14:17:28 -0400
Source: ikiwiki
Binary: ikiwiki
Architecture: source all
Version: 3.20100403
Distribution: unstable
Urgency: low
Maintainer: Joey Hess <[email protected]>
Changed-By: Joey Hess <[email protected]>
Description:
ikiwiki - a wiki compiler
Closes: 447267
Changes:
ikiwiki (3.20100403) unstable; urgency=low
.
* websetup: Add websetup_unsafe to allow marking other settings
as unsafe.
* Improve openid url munging; do not display anchors and cgi parameters,
as used by yahoo and google urls.
* Add complete German basewiki and directives translation done by
Sebastian Kuhnert.
* Add a include setting, which can be used to make ikiwiki process
wiki source files, such as .htaccess, that would normally be skipped
for security or other reasons. Closes: #447267
(Thanks to Aaron Wilson for the original patch.)
* Add support for setup files written in YAML.
* Add --set-yaml switch for setting more complex config file options.
* filecheck: Fix bugs that prevented the pagespecs from matching when
not called by attachment plugin.
* Fix incorrect influence info returned by a failing link() pagespec,
that could lead to bad dependency handling in certian situations.
* Add preprocessed 'use lib' line to ikiwiki-transition and ikiwiki-calendar
if necessary for unusual install.
* auto-blog.setup: Set tagbase by default, since most bloggers will want it.
* Allow wrappers to be built using tcc. (Workaround #452876)
* openid: Use Openid Simple Registration or OpenID Attribute Exchange
to get the user's email address and username. (Neither is yet
used, but they are available in the session object now.)
* page.tmpl: Add Cache-Control must-revalidate to ensure that users
(especially of Firefox) see fresh page content.
* htmlscrubber: Allow colons in urls after '?'
* template: Search for templates in the templatedir, if they are not
found as pages in the wiki.
Checksums-Sha1:
8331601e12924122334b9df1eda9caf22cc8c8cf 1778 ikiwiki_3.20100403.dsc
e3e9102b43f73afd186b1780762c83da45244893 1672835 ikiwiki_3.20100403.tar.gz
6b050106a90c09891d6d8aa8661422ac312432a2 1200370 ikiwiki_3.20100403_all.deb
Checksums-Sha256:
dd80011a6e43dc2848eb851a3a7121edeba7b22fc3609510f0667ed01ff16b64 1778
ikiwiki_3.20100403.dsc
bbfcf71d09aaea3992cf1c6fde7dc966bb43aecbad3694cef08b81c17ec7a532 1672835
ikiwiki_3.20100403.tar.gz
d91bb8868fb0aeadb5c248c30c1887100fd944d1f868dfc35a6a631c202d45f0 1200370
ikiwiki_3.20100403_all.deb
Files:
bf69c91f378b07ddd62dade8984626cc 1778 web optional ikiwiki_3.20100403.dsc
cedd9c277e60b348ab6009f38a5ad5d8 1672835 web optional ikiwiki_3.20100403.tar.gz
2866783c431dad9e8f1de8313d7e5b49 1200370 web optional
ikiwiki_3.20100403_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIVAwUBS7eTt8kQ2SIlEuPHAQjS/Q//TU0XqoRJHcnw7T/nOoHdzEuO3Uaf2Vs1
xc266rvZL+GmulbGKiURIl1k2QxzbCSLpSsw+pblPUOHKnlP0P5fATUV/gG851RQ
l5QUmmLoZB1gzt0AjQuu6dI0vh6sMYj2ozJ7NtA17Mh6yEthzBJdnSOLrijhHbmE
v5EHwC+OSUz8ddAFbeKc+Jd6IBA5tR8EjZaHjlWUgzoRlA4YsXfzAcGiH+kp46Fd
MFxvMrg6SM1rySKfx/R6d1m8tLH6Ry+g9OXZnw1iyMg1x8j0n7Nb5C4hb7VGFXNE
hwitcOMFtRJPM9MxRJfiq+V+RiBnwOFZc68VP47Z7+Uhof/B9oLElcq03/7350GU
oxZGX2KD9zwWmoTvIarH7igf7foRG5pHwonFUuQ9mv9X+aS3ei+WRONNA8D5q81Q
kBpQ5+tbz+ypHwGpV8UrMVjZndm1vKG3X9nNk4ZC9gl3sJonkMzJdwH2+RNbF73G
9OoWV2snrI6RA+n3+tjo6RoEWJimbOeBPsqVgiA5nm4CfsFo8LDalI1Wa8oz9hDE
g4fB8JN9ECe3DZd23fCZE/5qBDC5faksyENNrl31MP9Y5gkO/5fVDrgBP4s2deKD
slTYbI03EhqDennGCgyjbh1MIbXYJ8WNvo9CdcV3B3RNVeixFWeivraLv0GU8pnQ
qeMaxXrbY7A=
=CbBB
-----END PGP SIGNATURE-----
--- End Message ---
