# Copyright (C) all contributors # License: AGPL-3.0+ # # Used throughout the project for reading configuration # # Note: I hate camelCase; but git-config(1) uses it, but it's better # than alllowercasewithoutunderscores, so use lc('configKey') where # applicable for readability package PublicInbox::Config; use strict; use v5.10.1; use parent qw(Exporter); our @EXPORT_OK = qw(glob2re rel2abs_collapsed); use PublicInbox::Inbox; use PublicInbox::Git qw(git_exe); use PublicInbox::Spawn qw(popen_rd run_qx); our $LD_PRELOAD = $ENV{LD_PRELOAD}; # only valid at startup our $DEDUPE; # set to {} to dedupe or clear cache sub _array ($) { ref($_[0]) eq 'ARRAY' ? $_[0] : [ $_[0] ] } # returns key-value pairs of config directives in a hash # if keys may be multi-value, the value is an array ref containing all values sub new { my ($class, $file, $lei) = @_; $file //= default_file(); my ($self, $set_dedupe); if (-f $file && $DEDUPE) { $file = rel2abs_collapsed($file); $self = $DEDUPE->{$file} and return $self; $set_dedupe = 1; } $self = git_config_dump($class, $file, $lei); $self->{-f} = $file; # caches $self->{-by_addr} = {}; $self->{-by_list_id} = {}; $self->{-by_name} = {}; $self->{-by_newsgroup} = {}; $self->{-by_eidx_key} = {}; $self->{-no_obfuscate} = {}; $self->{-limiters} = {}; $self->{-coderepos} = {}; # nick => PublicInbox::Git object if (my $no = delete $self->{'publicinbox.noobfuscate'}) { $no = _array($no); my @domains; foreach my $n (@$no) { my @n = split(/\s+/, $n); foreach (@n) { if (/\S+@\S+/) { # full address $self->{-no_obfuscate}->{lc $_} = 1; } else { # allow "example.com" or "@example.com" s/\A@//; push @domains, quotemeta($_); } } } my $nod = join('|', @domains); $self->{-no_obfuscate_re} = qr/(?:$nod)\z/i; } if (my $css = delete $self->{'publicinbox.css'}) { $self->{css} = _array($css); } $DEDUPE->{$file} = $self if $set_dedupe; $self; } sub noop {} sub fill_all ($) { each_inbox($_[0], \&noop) } sub _lookup_fill ($$$) { my ($self, $cache, $key) = @_; $self->{$cache}->{$key} // do { fill_all($self); $self->{$cache}->{$key}; } } sub lookup { my ($self, $recipient) = @_; _lookup_fill($self, '-by_addr', lc($recipient)); } sub lookup_list_id { my ($self, $list_id) = @_; _lookup_fill($self, '-by_list_id', lc($list_id)); } sub lookup_name ($$) { my ($self, $name) = @_; $self->{-by_name}->{$name} // _fill_ibx($self, $name); } sub lookup_ei { my ($self, $name) = @_; $self->{-ei_by_name}->{$name} //= _fill_ei($self, $name); } sub lookup_eidx_key { my ($self, $eidx_key) = @_; _lookup_fill($self, '-by_eidx_key', $eidx_key); } # special case for [extindex "all"] sub ALL { lookup_ei($_[0], 'all') } sub each_inbox { my ($self, $cb, @arg) = @_; # may auto-vivify if config file is non-existent: foreach my $section (@{$self->{-section_order}}) { next if $section !~ m!\Apublicinbox\.([^/]+)\z!; my $ibx = lookup_name($self, $1) or next; $cb->($ibx, @arg); } } sub lookup_newsgroup { my ($self, $ng) = @_; _lookup_fill($self, '-by_newsgroup', lc($ng)); } sub limiter { my ($self, $name) = @_; $self->{-limiters}->{$name} //= do { require PublicInbox::Limiter; my $max = $self->{"publicinboxlimiter.$name.max"} || 1; my $limiter = PublicInbox::Limiter->new($max); $limiter->setup_rlimit($name, $self); $limiter; }; } sub config_dir { $ENV{PI_DIR} // "$ENV{HOME}/.public-inbox" } sub default_file { $ENV{PI_CONFIG} // (config_dir() . '/config'); } sub config_fh_parse ($$$) { my ($fh, $rs, $fs) = @_; my (%rv, %seen, @section_order, $line, $k, $v, $section, $cur, $i); local $/ = $rs; while (defined($line = <$fh>)) { # perf critical with giant configs $i = index($line, $fs); # $i may be -1 if $fs not found and it's a key-only entry # (meaning boolean true). Either way the -1 will drop the # $rs either from $k or $v. $k = substr($line, 0, $i); $v = $i >= 0 ? substr($line, $i + 1, -1) : 1; $section = substr($k, 0, rindex($k, '.')); $seen{$section} //= push(@section_order, $section); if (defined($cur = $rv{$k})) { if (ref($cur) eq "ARRAY") { push @$cur, $v; } else { $rv{$k} = [ $cur, $v ]; } } else { $rv{$k} = $v; } } $rv{-section_order} = \@section_order; \%rv; } sub tmp_cmd_opt ($$) { my ($env, $opt) = @_; # quiet global and system gitconfig if supported by installed git, # but normally harmless if too noisy (NOGLOBAL no longer exists) $env->{GIT_CONFIG_NOSYSTEM} = 1; $env->{GIT_CONFIG_GLOBAL} = '/dev/null'; # git v2.32+ $opt->{-C} = '/'; # avoid $worktree/.git/config on MOST systems :P } sub git_config_dump { my ($class, $file, $lei) = @_; my @opt_c = map { ('-c', $_) } @{$lei->{opt}->{c} // []}; $file = undef if !-e $file; # XXX should we set {-f} if !-e $file? return bless {}, $class if (!@opt_c && !defined($file)); my %env; my $opt = { 2 => $lei->{2} // 2 }; if (@opt_c) { unshift(@opt_c, '-c', "include.path=$file") if defined($file); tmp_cmd_opt(\%env, $opt); } my @cmd = (git_exe, @opt_c, qw(config -z -l --includes)); push(@cmd, '-f', $file) if !@opt_c && defined($file); my $fh = popen_rd(\@cmd, \%env, $opt); my $rv = config_fh_parse($fh, "\0", "\n"); $fh->close or die "@cmd failed: \$?=$?\n"; $rv->{-opt_c} = \@opt_c if @opt_c; # for ->urlmatch $rv->{-f} = $file; bless $rv, $class; } sub valid_foo_name ($;$) { my ($name, $pfx) = @_; # Similar rules found in git.git/remote.c::valid_remote_nick # and git.git/refs.c::check_refname_component # We don't reject /\.lock\z/, however, since we don't lock refs if ($name eq '' || $name =~ /\@\{/ || $name =~ /\.\./ || $name =~ m![/:\?\[\]\^~\s\f[:cntrl:]\*]! || $name =~ /\A\./ || $name =~ /\.\z/) { warn "invalid $pfx name: `$name'\n" if $pfx; return 0; } # Note: we allow URL-unfriendly characters; users may configure # non-HTTP-accessible inboxes 1; } # XXX needs testing for cgit compatibility # cf. cgit/scan-tree.c::add_repo sub cgit_repo_merge ($$$) { my ($self, $base, $repo) = @_; my $path = $repo->{dir}; if (defined(my $se = $self->{-cgit_strict_export})) { return unless -e "$path/$se"; } return if -e "$path/noweb"; # this comes from the cgit config, and AFAIK cgit only allows # repos to have one URL, but that's just the PATH_INFO component, # not the Host: portion # $repo = { url => 'foo.git', dir => '/path/to/foo.git' } my $rel = $repo->{url}; unless (defined $rel) { my $off = index($path, $base, 0); if ($off != 0) { $rel = $path; } else { $rel = substr($path, length($base) + 1); } $rel =~ s!/\.git\z!! or $rel =~ s!/+\z!!; $self->{-cgit_remove_suffix} and $rel =~ s!/?\.git\z!!; } $self->{"coderepo.$rel.dir"} //= $path; } sub is_git_dir ($) { my ($git_dir) = @_; -d "$git_dir/objects" && -f "$git_dir/HEAD"; } # XXX needs testing for cgit compatibility sub scan_path_coderepo { my ($self, $base, $path) = @_; opendir(my $dh, $path) or do { warn "error opening directory: $path\n"; return }; my $git_dir = $path; if (is_git_dir($git_dir) || is_git_dir($git_dir .= '/.git')) { my $repo = { dir => $git_dir }; cgit_repo_merge($self, $base, $repo); return; } while (defined(my $dn = readdir $dh)) { next if $dn eq '.' || $dn eq '..'; if (index($dn, '.') == 0 && !$self->{-cgit_scan_hidden_path}) { next; } my $dir = "$path/$dn"; scan_path_coderepo($self, $base, $dir) if -d $dir; } } sub scan_tree_coderepo ($$) { my ($self, $path) = @_; scan_path_coderepo($self, $path, $path); } sub scan_projects_coderepo ($$) { my ($self, $path) = @_; my $l = $self->{-cgit_project_list} // die 'BUG: no cgit_project_list'; open my $fh, '<', $l or do { warn "failed to open cgit project-list=$l: $!\n"; return; }; while (<$fh>) { chomp; scan_path_coderepo($self, $path, "$path/$_"); } } sub apply_cgit_scan_path { my ($self, @paths) = @_; @paths or @paths = @{$self->{-cgit_scan_path}}; if (defined($self->{-cgit_project_list})) { for my $p (@paths) { scan_projects_coderepo($self, $p) } } else { for my $p (@paths) { scan_tree_coderepo($self, $p) } } } sub parse_cgitrc { my ($self, $cgitrc, $nesting) = @_; $cgitrc //= $self->{'publicinbox.cgitrc'} // $ENV{CGIT_CONFIG} // return; if ($nesting == 0) { # defaults: my %s = map { $_ => 1 } qw(/cgit.css /cgit.png /favicon.ico /robots.txt); $self->{-cgit_static} = \%s; } # same limit as cgit/configfile.c::parse_configfile return if $nesting > 8; open my $fh, '<', $cgitrc or do { warn "failed to open cgitrc=$cgitrc: $!\n"; return; }; # FIXME: this doesn't support macro expansion via $VARS, yet my $repo; while (<$fh>) { chomp; if (m!\Arepo\.url=(.+?)/*\z!) { my $nick = $1; cgit_repo_merge($self, $repo->{dir}, $repo) if $repo; $repo = { url => $nick }; } elsif (m!\Arepo\.path=(.+)\z!) { if (defined $repo) { $repo->{dir} = $1; } else { warn "$_ without repo.url\n"; } } elsif (m!\Ainclude=(.+)\z!) { parse_cgitrc($self, $1, $nesting + 1); } elsif (m!\A(scan-hidden-path|remove-suffix)=([0-9]+)\z!) { my ($k, $v) = ($1, $2); $k =~ tr/-/_/; $self->{"-cgit_$k"} = $v; } elsif (m!\A(project-list|strict-export)=(.+)\z!) { my ($k, $v) = ($1, $2); $k =~ tr/-/_/; $self->{"-cgit_$k"} = $v; delete $self->{-cgit_scan_path} if $k eq 'project_list'; } elsif (m!\Ascan-path=(.+)\z!) { # this depends on being after project-list in the # config file, just like cgit.c push @{$self->{-cgit_scan_path}}, $1; apply_cgit_scan_path($self, $1); } elsif (m!\A(?:css|favicon|logo|repo\.logo)=(/.+)\z!) { # absolute paths for static files via PublicInbox::Cgit $self->{-cgit_static}->{$1} = 1; } elsif (s!\Asnapshots=\s*!!) { $self->{'coderepo.snapshots'} = $_; } } cgit_repo_merge($self, $repo->{dir}, $repo) if $repo; } sub valid_dir ($$) { my $dir = get_1($_[0], $_[1]) // return; index($dir, "\n") < 0 ? $dir : do { warn "E: `$_[1]=$dir' must not contain `\\n'\n"; undef; } } # parse a code repo, only git is supported at the moment sub fill_coderepo { my ($self, $nick) = @_; my $pfx = "coderepo.$nick"; my $git = PublicInbox::Git->new(valid_dir($self, "$pfx.dir") // return); if (defined(my $cgits = $self->{"$pfx.cgiturl"})) { $git->{cgit_url} = $cgits = _array($cgits); $self->{"$pfx.cgiturl"} = $cgits; } my %dedupe = ($nick => undef); ($git->{nick}) = keys %dedupe; $git; } sub get_all { my ($self, $key) = @_; my $v = $self->{$key} // return; _array($v); } sub git_bool { my ($val) = $_[-1]; # $_[0] may be $self, or $val if ($val =~ /\A(?:false|no|off|[\-\+]?(?:0x)?0+)\z/i) { 0; } elsif ($val =~ /\A(?:true|yes|on|[\-\+]?(?:0x)?[0-9]+)\z/i) { 1; } else { undef; } } # abs_path resolves symlinks, so we want to avoid it if rel2abs # is sufficient and doesn't leave "/.." or "/../" sub rel2abs_collapsed { require File::Spec; my $p = File::Spec->rel2abs(@_); return $p if substr($p, -3, 3) ne '/..' && index($p, '/../') < 0; require Cwd; Cwd::abs_path($p); } sub get_1 { my ($self, $key) = @_; my $v = $self->{$key}; return $v if !ref($v); warn "W: $key has multiple values, only using `$v->[-1]'\n"; $v->[-1]; } sub repo_objs { my ($self, $ibxish) = @_; $ibxish->{-repo_objs} // do { my $ibx_coderepos = $ibxish->{coderepo} // return; parse_cgitrc($self, undef, 0); my $coderepos = $self->{-coderepos}; my @repo_objs; for my $nick (@$ibx_coderepos) { my @parts = split(m!/!, $nick); for (@parts) { @parts = () unless valid_foo_name($_); } unless (@parts) { warn "invalid coderepo name: `$nick'\n"; next; } my $repo = $coderepos->{$nick} //= fill_coderepo($self, $nick); $repo ? push(@repo_objs, $repo) : warn("coderepo.$nick.dir unset\n"); } if (scalar @repo_objs) { for (@repo_objs) { push @{$_->{ibx_names}}, $ibxish->{name}; } $ibxish->{-repo_objs} = \@repo_objs; } else { delete $ibxish->{coderepo}; } } } sub _fill_ibx { my ($self, $name) = @_; my $pfx = "publicinbox.$name"; my $ibx = {}; for my $k (qw(watch)) { my $v = $self->{"$pfx.$k"}; $ibx->{$k} = $v if defined $v; } for my $k (qw(filter newsgroup replyto httpbackendmax feedmax indexlevel indexsequentialshard boost)) { my $v = get_1($self, "$pfx.$k") // next; $ibx->{$k} = $v; } # "mainrepo" is backwards compatibility: my $dir = $ibx->{inboxdir} = valid_dir($self, "$pfx.inboxdir") // valid_dir($self, "$pfx.mainrepo") // return; for my $k (qw(obfuscate)) { my $v = $self->{"$pfx.$k"} // next; if (defined(my $bval = git_bool($v))) { $ibx->{$k} = $bval; } else { warn "Ignoring $pfx.$k=$v in config, not boolean\n"; } } # TODO: more arrays, we should support multi-value for # more things to encourage decentralization for my $k (qw(address altid nntpmirror imapmirror coderepo hide listid url infourl watchheader nntpserver imapserver pop3server)) { my $v = $self->{"$pfx.$k"} // next; $ibx->{$k} = _array($v); } return unless valid_foo_name($name, 'publicinbox'); my %dedupe = ($name => undef); ($ibx->{name}) = keys %dedupe; # used as a key everywhere $ibx->{-pi_cfg} = $self; $ibx = PublicInbox::Inbox->new($ibx); foreach (@{$ibx->{address}}) { my $lc_addr = lc($_); $self->{-by_addr}->{$lc_addr} = $ibx; $self->{-no_obfuscate}->{$lc_addr} = 1; } if (my $listids = $ibx->{listid}) { # RFC2919 section 6 stipulates "case insensitive equality" foreach my $list_id (@$listids) { $self->{-by_list_id}->{lc($list_id)} = $ibx; } } if (defined(my $ngname = $ibx->{newsgroup})) { if (ref($ngname)) { delete $ibx->{newsgroup}; warn 'multiple newsgroups not supported: '. join(', ', @$ngname). "\n"; # Newsgroup name needs to be compatible with RFC 3977 # wildmat-exact and RFC 3501 (IMAP) ATOM-CHAR. # Leave out a few chars likely to cause problems or conflicts: # '|', '<', '>', ';', '#', '$', '&', } elsif ($ngname =~ m![^A-Za-z0-9/_\.\-\~\@\+\=:]! || $ngname eq '') { delete $ibx->{newsgroup}; warn "newsgroup name invalid: `$ngname'\n"; } else { my $lc = $ibx->{newsgroup} = lc $ngname; warn <nntp_usable # checks, keep this lean for startup speed my $cur = $self->{-by_newsgroup}->{$lc} //= $ibx; warn <{name}' and `$ibx->{name}' EOM } } unless (defined $ibx->{newsgroup}) { # for ->eidx_key my $abs = rel2abs_collapsed($dir); if ($abs ne $dir) { warn "W: `$dir' canonicalized to `$abs'\n"; $ibx->{inboxdir} = $abs; } } $self->{-by_name}->{$name} = $ibx; if ($ibx->{obfuscate}) { $ibx->{-no_obfuscate} = $self->{-no_obfuscate}; $ibx->{-no_obfuscate_re} = $self->{-no_obfuscate_re}; fill_all($self); # noop to populate -no_obfuscate } if (my $es = ALL($self)) { require PublicInbox::Isearch; $ibx->{isrch} = PublicInbox::Isearch->new($ibx, $es); } my $cur = $self->{-by_eidx_key}->{my $ekey = $ibx->eidx_key} //= $ibx; $cur == $ibx or warn "W: `$ekey' used by both `$cur->{name}' and `$ibx->{name}'\n"; $ibx; } sub _fill_ei ($$) { my ($self, $name) = @_; eval { require PublicInbox::ExtSearch } or return; my $pfx = "extindex.$name"; my $d = valid_dir($self, "$pfx.topdir") // return; -d $d or return; my $es = PublicInbox::ExtSearch->new($d); for my $k (qw(indexlevel indexsequentialshard)) { my $v = get_1($self, "$pfx.$k") // next; $es->{$k} = $v; } for my $k (qw(coderepo hide url infourl)) { my $v = $self->{"$pfx.$k"} // next; $es->{$k} = _array($v); } return unless valid_foo_name($name, 'extindex'); $es->{name} = $name; $es; } sub _fill_csrch ($$) { my ($self, $name) = @_; # "" is a valid name for cindex return if $name ne '' && !valid_foo_name($name, 'cindex'); eval { require PublicInbox::CodeSearch } or return; my $pfx = "cindex.$name"; my $d = valid_dir($self, "$pfx.topdir") // return; -d $d or return; my $csrch = PublicInbox::CodeSearch->new($d, $self); for my $k (qw(localprefix)) { my $v = $self->{"$pfx.$k"} // next; $csrch->{$k} = _array($v); } $csrch->{name} = $name; $csrch; } sub lookup_cindex ($$) { my ($self, $name) = @_; $self->{-csrch_by_name}->{$name} //= _fill_csrch($self, $name); } sub each_cindex { my ($self, $cb, @arg) = @_; my @csrch = map { lookup_cindex($self, substr($_, length('cindex.'))) // () } grep(m!\Acindex\.[^\./]*\z!, @{$self->{-section_order}}); if (ref($cb) eq 'CODE') { $cb->($_, @arg) for @csrch; } else { # string function $_->$cb(@arg) for @csrch; } } sub config_cmd { my ($self, $env, $opt) = @_; my $f = $self->{-f} // default_file(); my @opt_c = @{$self->{-opt_c} // []}; my @cmd = (git_exe, @opt_c, 'config'); @opt_c ? tmp_cmd_opt($env, $opt) : push(@cmd, '-f', $f); \@cmd; } sub urlmatch { my $self = shift; my @bool = $_[0] eq '--bool' ? (shift) : (); my ($key, $url, $try_git) = @_; state $urlmatch_broken; # requires git 1.8.5 return if $urlmatch_broken; my (%env, %opt); my $cmd = $self->config_cmd(\%env, \%opt); push @$cmd, @bool, qw(--includes -z --get-urlmatch), $key, $url; my $val = run_qx($cmd, \%env, \%opt); if ($?) { undef $val; if (@bool && ($? >> 8) == 128) { # not boolean } elsif (($? >> 8) != 1) { $urlmatch_broken = 1; } elsif ($try_git) { # n.b. this takes cwd into account $val = run_qx([qw(git config), @bool, qw(-z --get-urlmatch), $key, $url]); undef $val if $?; } } $? = 0; # don't influence lei exit status if (defined($val)) { local $/ = "\0"; chomp $val; $val = git_bool($val) if @bool; } $val; } sub json { state $json; $json //= do { for my $mod (qw(Cpanel::JSON::XS JSON::MaybeXS JSON JSON::PP)) { eval "require $mod" or next; # ->ascii encodes non-ASCII to "\uXXXX" $json = $mod->new->ascii(1) and last; } $json; }; } sub squote_maybe ($) { my ($val) = @_; if ($val =~ m{([^\w@\./,\%\+\-])}) { $val =~ s/(['!])/'\\$1'/g; # '!' for csh return "'$val'"; } $val; } my %re_map = ( '*' => '[^/]*?', '?' => '[^/]', '/**' => '/.*', '**/' => '.*/', '/**/' => '(?:/.*?/|/)', '[' => '[', ']' => ']', ',' => ',' ); sub glob2re ($) { my ($re) = @_; my $p = ''; my $in_bracket = 0; my $qm = 0; my $schema_host_port = ''; # don't glob URL-looking things that look like IPv6 if ($re =~ s!\A([a-z0-9\+]+://\[[a-f0-9\:]+\](?::[0-9]+)?/)!!i) { $schema_host_port = quotemeta $1; # "http://[::1]:1234" } my $changes = ($re =~ s!(/\*\*/|\A\*\*/|/\*\*\z|.)! $re_map{$p eq '\\' ? '' : do { if ($1 eq '[') { ++$in_bracket } elsif ($1 eq ']') { --$in_bracket } elsif ($1 eq ',') { ++$qm } # no change $p = $1; }} // do { $p = $1; ($p eq '-' && $in_bracket) ? $p : (++$qm, "\Q$p") }!sge); # bashism (also supported by curl): {a,b,c} => (a|b|c) $changes += ($re =~ s/([^\\]*)\\\{([^,]*,[^\\]*)\\\}/ (my $in_braces = $2) =~ tr!,!|!; $1."($in_braces)"; /sge); ($changes - $qm) ? $schema_host_port.$re : undef; } sub get_coderepo { my ($self, $nick) = @_; $self->{-coderepos}->{$nick} // do { defined($self->{-cgit_scan_path}) ? do { apply_cgit_scan_path($self); my $cr = fill_coderepo($self, $nick); $cr ? ($self->{-coderepos}->{$nick} = $cr) : undef; } : undef; }; } 1;