diff --git a/en/cgi/dosendpr.cgi b/en/cgi/dosendpr.cgi index 46133583e4..4b2247d9ec 100755 --- a/en/cgi/dosendpr.cgi +++ b/en/cgi/dosendpr.cgi @@ -1,189 +1,190 @@ #!/usr/bin/perl # # Send-pr perl script to send a pr. # # Copyright (c) 1996 Free Range Media # # Copying and distribution permitted under the conditions of the # GNU General Public License Version 2. # (http://www.gnu.ai.mit.edu/copyleft/gpl.html) # -# $FreeBSD: www/en/cgi/dosendpr.cgi,v 1.22 2005/07/14 11:26:17 ceri Exp $ +# $FreeBSD: www/en/cgi/dosendpr.cgi,v 1.23 2005/11/06 22:07:23 ceri Exp $ require "html.pl"; use Socket; use DB_File; use Fcntl qw(:DEFAULT :flock); require "./Gnats.pm"; import Gnats; my $blackhole = "dnsbl.njabl.org"; my $openproxyip = "127.0.0.9"; my $blackhole_err = 0; my $openproxy; my $expiretime = 2700; $dbpath = "/tmp/sendpr-code.db"; # Environment variables to stuff in the PR header. my @ENV_captures = qw/ REMOTE_HOST REMOTE_ADDR REMOTE_PORT HTTP_REFERER HTTP_CLIENT_IP HTTP_FORWARDED HTTP_VIA HTTP_X_FORWARDED_FOR /; # env2hdr (@ENV_captures) # Returns X-header style headers for inclusion in the header of a PR sub env2hdr (@) { my $headers = ""; for my $var (shift @_) { next unless $ENV{$var}; $headers .= "X-$var: $ENV{$var}\n"; } return $headers; } # isopenproxy ($ip, $blackhole_zone, $positive_ip) # Returns undef on error, 0 if DNS lookup fails, $positive_ip if verified # proxy. A DNS lookup failing can either means that there was a network # problem, or that the IP is not listed in the blackhole zone. sub isopenproxy ($$$) { # If $? is already set, then a successful gethostbyname() leaves it set local $?; my ($ip, $zone, $proxyip) = @_; my ($reversed_ip, $packed); if (!defined $proxyip) { return undef }; $reversed_ip = join('.', reverse split(/\./, $ip)); $packed = gethostbyname("${reversed_ip}.${blackhole}"); return undef if $?; if ($packed && (inet_ntoa($packed) eq $proxyip)) { return $proxyip; } else { return 0; } } sub prerror { &html_title ("Problem Report Error"); &html_body(); print "
There is an error in the configuration of the problem\n",
"report form generator. Please back up one page and report\n",
"the problem to the owner of that page.
",
"Report $_[0].
You need to specify at least your ",
"electronic mail address, your name and a synopsis ",
"of the problem.
Please return to the form and add the ",
"missing information. Thank you.
You need to enter the correct ", "code from the image displayed. Please return to the form and enter the ", "code exactly as shown. Thank you.
"; &html_end(); exit(1); } # This code has now been used, so remove it. delete $db_hash{"$codeentered"}; # Sweep for and remove expired codes. foreach $randomcode (keys %db_hash) { if ( ($currenttime - $expiretime) >= $db_hash{$randomcode}) { delete $db_hash{"$randomcode"}; } } $db_obj->sync(); # to flush flock(DB_FH, LOCK_UN); undef $db_obj; # removing the last reference to the DB # closes it. Closing DB_FH is implicit. untie %db_hash; $openproxy = isopenproxy($ENV{'REMOTE_ADDR'}, $blackhole, $openproxyip); if (defined $openproxy) { if ($openproxy) { &prerror("$ENV{'REMOTE_ADDR'} is an open proxy server"); } } else { $blackhole_err++; } # Build the PR. $pr = "To: $submission_address\n" . "From: $cgi_data{'originator'} <$cgi_data{'email'}>\n" . "Subject: $cgi_data{'synopsis'}\n" . env2hdr(@ENV_captures); if ($blackhole_err) { $pr .= "X-REMOTE_ADDR-Is-Open-Proxy: Maybe\n"; } $pr .= "X-Send-Pr-Version: www-2.3\n\n" . ">Submitter-Id:\t$cgi_data{'submitterid'}\n" . ">Originator:\t$cgi_data{'originator'}\n" . ">Organization:\t$cgi_data{'organization'}\n" . ">Confidential:\t$cgi_data{'confidential'}\n" . ">Synopsis:\t$cgi_data{'synopsis'}\n" . ">Severity:\t$cgi_data{'severity'}\n" . ">Priority:\t$cgi_data{'priority'}\n" . ">Category:\t$cgi_data{'category'}\n" . ">Class:\t\t$cgi_data{'class'}\n" . ">Release:\t$cgi_data{'release'}\n" . ">Environment:\t$cgi_data{'environment'}\n" . ">Description:\n$cgi_data{'description'}\n" . ">How-To-Repeat:\n$cgi_data{'howtorepeat'}\n" . ">Fix:\n$cgi_data{'fix'}\n"; # remove any carrage returns that appear in the report. $pr =~ s/\r//g; if (open (SUBMIT, "|$submission_program")){ print SUBMIT $pr; close (SUBMIT); print "Thank you for the problem report. You should receive confirmation", " of your report by electronic mail within a day.
"; } else { print "An error occured processing your problem report.
"; } &html_end(); diff --git a/en/cgi/query-pr.cgi b/en/cgi/query-pr.cgi index d00d950824..320653af5e 100755 --- a/en/cgi/query-pr.cgi +++ b/en/cgi/query-pr.cgi @@ -1,319 +1,320 @@ #!/usr/bin/perl -T -# $FreeBSD: www/en/cgi/query-pr.cgi,v 1.49 2005/11/07 10:43:19 ceri Exp $ +# $FreeBSD: www/en/cgi/query-pr.cgi,v 1.50 2005/11/09 21:38:31 fenner Exp $ $ENV{'PATH'} = "/bin:/usr/bin:/usr/sbin:/sbin:/usr/local/bin"; use DB_File; use Fcntl qw(:DEFAULT :flock); require "./cgi-lib.pl"; require "./cgi-style.pl"; require "getopts.pl"; require "./Gnats.pm"; import Gnats; my $expiretime = 2700; $dbpath = "/tmp/querypr-code.db"; &Getopts('cp:'); if ($opt_c) { $codeentered = $opt_c; } if ($opt_p) { $input{'pr'} = $opt_p; } else { if (! &ReadParse(*input)) { print &html_header("PR Query Interface"); print "Please enter the PR number you wish to query:
\n"; ($scriptname = $ENV{'SCRIPT_NAME'}) =~ s|^/?|/|; $scriptname =~ s|/$||; ($summary = $scriptname) =~ s/query-pr/query-pr-summary/; print "\n"; print "See also the PR summary
\n"; print &html_footer; exit 0; } } # allow query-pr.cgi?Invalid problem report number: $pr
\n"; print &summary_link; print &html_footer; exit 0; } unless (open(Q, "$query_pr -F $pr 2>&1 |")) { print &html_header("Server error"); print "Unable to open PR database.
\n"; print &summary_link; print &html_footer; die "Unable to query PR's"; } if ($input{'f'} eq 'raw') { print "Content-Type: text/plain\r\n\r\n"; print; close(Q); exit 0; } $inhdr = 1; $multiline = 0; $from = ""; $replyto = ""; while() { chop; $html_fixup = 1; if (/^query-pr(:?\.(:?real|web))?: /) { print &html_header("FreeBSD problem report"); if ($_ !~ /^query-pr(:?\.(:?real|web))?: no PRs matched$/) { print "query-pr said:\n"; print "
$_\n"; print\n"; } else { print "; print "No PR found matching $pr
\n"; } print &summary_link; print &html_footer; exit; } elsif (/^lockf: /) { print &html_header("FreeBSD problem report"); print "The PR database is currently busy; please try ", "your query again.
"; print &summary_link; print &html_footer; exit; } # In e-mail header if ($inhdr && /^From:\s*(.*)$/i) { $from = $1; $from =~ s/.*<(.*)>.*/$1/; $from =~ s/\s*\(.*\)\s*//; } if ($inhdr && /^Reply-to:\s*(.*)$/i) { $replyto = $1; $replyto =~ s/.*<(.*)>.*/$1/; $replyto =~ s/\s*\(.*\)\s*//; } # End of e-mail header if ($inhdr && /^$/) { $from = $replyto if ($replyto); $email = $from; $email .= '@FreeBSD.org' unless ($email =~ /@/); $inhdr = 0; } if (/^>Responsible:/) { $_ = &getline($_); s/\(.*\)//; # remove personal name s/\s+//g; $_ = $_ . '@FreeBSD.org' if !/@/; $_ = ">Responsible:$_"; $html_fixup = 0; } s/^>Last-Modified:\s*$/>Last-Modified: never/; if (/^>Number:/) { $number = &getline($_); } elsif (/^>Category:/) { $cat = &getline($_); } elsif (/^>Synopsis:/) { $syn = &getline($_); $syn =~ s/[\t]+/ /g; $origsyn = $syn; $syn = &fixline($syn); print &html_header("Problem Report $cat/$number : $syn"); if (! $codeok ) { print "\n"; } print "$syn
\n\n"; } else { next if $inhdr; if (/^>(\S+):\s*(.*)/) { print $trailer . "\n" unless ($blank); $trailer = "
"; $origsyn =~ s/[^a-zA-Z+.@-]/"%" . sprintf("%02X", unpack("C", $&))/eg; $email =~ s/[^a-zA-Z+.@-]/"%" . sprintf("%02X", unpack("C", $&))/eg; print qq`Submit Followup | Raw PR | Find Another PR\n`; if (! $codeok ) { print ""; print "- $1
- \n"; if ($html_fixup) { $trailer .= &fixline($2); } else { $trailer .= $2; } if ($1 eq "Originator" && $from ne "" && $codeok) { # add email address $trailer .= " <" . &fixline($from) . ">"; } $trailer .= '
'; $blank = !($2); $multiline = 0; } else { unless ($multiline) { next if /^\s*$/; print $trailer . "\n- "; } } } close(Q); print "$trailer\n" unless ($blank); print "
\n"; } $multiline = 1; $blank = 0; print $html_fixup ? &fixline($_) : $_ , "\n"; $trailer = "To see this PR with email addresses "; print " displayed, enter the code from the image and submit:
\n"; print "\n"; } print &html_footer; # Sleep 0.35 seconds to avoid DoS attacks from broken robots select undef, undef, undef, 0.35; exit 0; sub getline { local($_) = @_; ($tag,$remainder) = split(/\s+/, $_, 2); return $remainder; } sub summary_link { return qq`\n`; } sub cvsweb { local($file) = shift; $file =~ s/[,.;]$//; return 'http://cvsweb.FreeBSD.org/' . $file; } sub srcref { local($_) = shift; local($rev) = '(rev\.?|revision):?\s+[0-9]\.[0-9.]+(\s+of)?'; local($src) = '((src|www|doc|ports)/[^\s]+)'; if (m%$rev\s*$src%oi || m%$src\s*$rev%) { s#$src#sprintf("%s", 34, &cvsweb($1), 34, $1)#ge; } return $_; } sub fixline { local(@splitline) = split(/((?:https?|ftp):\/\/[^\s"\(\)<>,;]+)/, shift); local($isurl) = 0; foreach (@splitline) { if ($isurl) { local($href) = local($html) = $_; $href =~ s/&/%26/g; $html =~ s/&/&/g; $_ = "$html"; } else { s/&/&/g; s/</g; s/>/>/g; s%(\WPR[:s# \t]+)([a-z3486]+\/)?([0-9]+)%$1$2$3%ig; } $isurl = ! $isurl; } return &srcref(join('', @splitline)); }