]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Setup.pm
Fix XSS in openid selector. Thanks, Raghav Bisht.
[git.ikiwiki.info.git] / IkiWiki / Setup.pm
index 45f263bc8988b990f447c3d7c84947bd4997043e..453d19670d2bfc6113c2d87b3d0af44242823754 100644 (file)
@@ -28,18 +28,19 @@ sub load ($;$) {
        }
        close IN;
 
        }
        close IN;
 
-       if ($content=~/(use\s+)?(IkiWiki::Setup::\w+)/) {
+       if ($content=~/((?:use|require)\s+)?IkiWiki::Setup::(\w+)/) {
                $config{setuptype}=$2;
                if ($1) {
                        error sprintf(gettext("cannot load %s in safe mode"), $file)
                                if $safemode;
                $config{setuptype}=$2;
                if ($1) {
                        error sprintf(gettext("cannot load %s in safe mode"), $file)
                                if $safemode;
+                       no warnings;
                        eval IkiWiki::possibly_foolish_untaint($content);
                        error("$file: ".$@) if $@;
                }
                else {
                        eval IkiWiki::possibly_foolish_untaint($content);
                        error("$file: ".$@) if $@;
                }
                else {
-                       eval qq{require $config{setuptype}};
+                       eval qq{require IkiWiki::Setup::$config{setuptype}};
                        error $@ if $@;
                        error $@ if $@;
-                       $config{setuptype}->loaddump(IkiWiki::possibly_foolish_untaint($content));
+                       "IkiWiki::Setup::$config{setuptype}"->loaddump(IkiWiki::possibly_foolish_untaint($content));
                }
        }
        else {
                }
        }
        else {
@@ -49,10 +50,8 @@ sub load ($;$) {
 
 sub dump ($) {
        my $file=IkiWiki::possibly_foolish_untaint(shift);
 
 sub dump ($) {
        my $file=IkiWiki::possibly_foolish_untaint(shift);
-       
-       eval qq{require $config{setuptype}};
-       error $@ if $@;
-       my @dump=$config{setuptype}->gendump(
+
+       my @header=(
                "Setup file for ikiwiki.",
                "",
                "Passing this to ikiwiki --setup will make ikiwiki generate",
                "Setup file for ikiwiki.",
                "",
                "Passing this to ikiwiki --setup will make ikiwiki generate",
@@ -61,9 +60,24 @@ sub dump ($) {
                "Remember to re-run ikiwiki --setup any time you edit this file.",
        );
 
                "Remember to re-run ikiwiki --setup any time you edit this file.",
        );
 
-       open (OUT, ">", $file) || die "$file: $!";
-       print OUT "$_\n" foreach @dump;
-       close OUT;
+       # Fork because dumping setup requires loading all plugins.
+       my $pid=fork();
+       if ($pid == 0) {
+               eval qq{require IkiWiki::Setup::$config{setuptype}};
+               error $@ if $@;
+               my @dump="IkiWiki::Setup::$config{setuptype}"->gendump(@header);
+       
+               open (OUT, ">", $file) || die "$file: $!";
+               print OUT "$_\n" foreach @dump;
+               close OUT;
+
+               exit 0;
+       }
+       else {
+               waitpid $pid, 0;
+               exit($? >> 8) if $? >> 8;
+               exit(1) if $?;
+       }
 }
 
 sub merge ($) {
 }
 
 sub merge ($) {
@@ -110,6 +124,27 @@ sub merge ($) {
        }
 }
 
        }
 }
 
+sub disabled_plugins (@) {
+       # Handles running disable hooks of plugins that were enabled
+       # previously, but got disabled when a new setup file was loaded.
+       if (exists $config{setupfile} && @_) {
+               # Fork a child to load the disabled plugins.
+               my $pid=fork();
+               if ($pid == 0) {
+                       foreach my $plugin (@_) {
+                               eval { IkiWiki::loadplugin($plugin, 1) };
+                               if (exists $IkiWiki::hooks{disable}{$plugin}{call}) {
+                                       eval { $IkiWiki::hooks{disable}{$plugin}{call}->() };
+                               }
+                       }
+                       exit(0);
+               }
+               else {
+                       waitpid $pid, 0;
+               }
+       }
+}
+
 sub getsetup () {
        # Gets all available setup data from all plugins. Returns an
        # ordered list of [plugin, setup] pairs.
 sub getsetup () {
        # Gets all available setup data from all plugins. Returns an
        # ordered list of [plugin, setup] pairs.
@@ -120,13 +155,15 @@ sub getsetup () {
         $config{syslog}=undef;
 
        # Load all plugins, so that all setup options are available.
         $config{syslog}=undef;
 
        # Load all plugins, so that all setup options are available.
+       my %original_loaded_plugins=%IkiWiki::loaded_plugins;
        my @plugins=IkiWiki::listplugins();
        foreach my $plugin (@plugins) {
        my @plugins=IkiWiki::listplugins();
        foreach my $plugin (@plugins) {
-               eval { IkiWiki::loadplugin($plugin) };
+               eval { IkiWiki::loadplugin($plugin, 1) };
                if (exists $IkiWiki::hooks{checkconfig}{$plugin}{call}) {
                        my @s=eval { $IkiWiki::hooks{checkconfig}{$plugin}{call}->() };
                }
        }
                if (exists $IkiWiki::hooks{checkconfig}{$plugin}{call}) {
                        my @s=eval { $IkiWiki::hooks{checkconfig}{$plugin}{call}->() };
                }
        }
+       %IkiWiki::loaded_plugins=%original_loaded_plugins;
        
        my %sections;
        foreach my $plugin (@plugins) {
        
        my %sections;
        foreach my $plugin (@plugins) {
@@ -135,6 +172,11 @@ sub getsetup () {
                        my @s=eval { $IkiWiki::hooks{getsetup}{$plugin}{call}->() };
                        next unless @s;
 
                        my @s=eval { $IkiWiki::hooks{getsetup}{$plugin}{call}->() };
                        next unless @s;
 
+                       if (scalar(@s) % 2 != 0) {
+                               print STDERR "warning: plugin $plugin has a broken getsetup; ignoring\n";
+                               next;
+                       }
+
                        # set default section value (note use of shared
                        # hashref between array and hash)
                        my %s=@s;
                        # set default section value (note use of shared
                        # hashref between array and hash)
                        my %s=@s;
@@ -166,8 +208,9 @@ sub getsetup () {
                } keys %sections;
 }
 
                } keys %sections;
 }
 
-sub commented_dump ($) {
+sub commented_dump ($$) {
        my $dumpline=shift;
        my $dumpline=shift;
+       my $indent=shift;
 
        my %setup=(%config);
        my @ret;
 
        my %setup=(%config);
        my @ret;
@@ -179,33 +222,38 @@ sub commented_dump ($) {
        die $@ if $@;
 
        my %section_plugins;
        die $@ if $@;
 
        my %section_plugins;
-       push @ret, commented_dumpvalues($dumpline, \%setup, IkiWiki::getsetup());
+       push @ret, commented_dumpvalues($dumpline, $indent, \%setup, IkiWiki::getsetup());
        foreach my $pair (IkiWiki::Setup::getsetup()) {
                my $plugin=$pair->[0];
                my $setup=$pair->[1];
                my %s=@{$setup};
                my $section=$s{plugin}->{section};
        foreach my $pair (IkiWiki::Setup::getsetup()) {
                my $plugin=$pair->[0];
                my $setup=$pair->[1];
                my %s=@{$setup};
                my $section=$s{plugin}->{section};
+               if (! defined $section) {
+                       print STDERR "warning: missing section in $plugin\n";
+                       $section="other";
+               }
                push @{$section_plugins{$section}}, $plugin;
                if (@{$section_plugins{$section}} == 1) {
                push @{$section_plugins{$section}}, $plugin;
                if (@{$section_plugins{$section}} == 1) {
-                       push @ret, "", "\t".("#" x 70), "\t# $section plugins",
+                       push @ret, "", $indent.("#" x 70), "$indent# $section plugins",
                                sub {
                                sub {
-                                       wrap("\t#   (", "\t#    ",
+                                       wrap("$indent#   (", "$indent#    ",
                                                join(", ", @{$section_plugins{$section}})).")"
                                },
                                                join(", ", @{$section_plugins{$section}})).")"
                                },
-                               "\t".("#" x 70);
+                               $indent.("#" x 70);
                }
 
                }
 
-               my @values=commented_dumpvalues($dumpline, \%setup, @{$setup});
+               my @values=commented_dumpvalues($dumpline, $indent, \%setup, @{$setup});
                if (@values) {
                if (@values) {
-                       push @ret, "", "\t# $plugin plugin", @values;
+                       push @ret, "", "$indent# $plugin plugin", @values;
                }
        }
 
        return map { ref $_ ? $_->() : $_ } @ret;
 }
 
                }
        }
 
        return map { ref $_ ? $_->() : $_ } @ret;
 }
 
-sub commented_dumpvalues ($$@) {
+sub commented_dumpvalues ($$$@) {
        my $dumpline=shift;
        my $dumpline=shift;
+       my $indent=shift;
        my $setup=shift;
        my @ret;
        while (@_) {
        my $setup=shift;
        my @ret;
        while (@_) {
@@ -214,7 +262,7 @@ sub commented_dumpvalues ($$@) {
 
                next if $key eq "plugin" || $info{type} eq "internal";
                
 
                next if $key eq "plugin" || $info{type} eq "internal";
                
-               push @ret, "\t# ".$info{description} if exists $info{description};
+               push @ret, "$indent# ".$info{description} if exists $info{description};
                
                if (exists $setup->{$key} && defined $setup->{$key}) {
                        push @ret, $dumpline->($key, $setup->{$key}, $info{type}, "");
                
                if (exists $setup->{$key} && defined $setup->{$key}) {
                        push @ret, $dumpline->($key, $setup->{$key}, $info{type}, "");