From 6bbc898d2f1022665f4254f63f3df735e398340c Mon Sep 17 00:00:00 2001
From: Erich Eckner <git@eckner.net>
Date: Sat, 29 Sep 2018 10:49:18 +0200
Subject: httpdocs/index.php: allow for hg to be requested for wish-list

---
 httpdocs/index.php | 31 +++++++++++++++++++------------
 1 file changed, 19 insertions(+), 12 deletions(-)

(limited to 'httpdocs/index.php')

diff --git a/httpdocs/index.php b/httpdocs/index.php
index e6874fe..b519fe3 100644
--- a/httpdocs/index.php
+++ b/httpdocs/index.php
@@ -10,7 +10,8 @@ if (isset($_GET['r'])) {
   if (!isset($_GET['t']))
     die('Repository type not given');
 
-  if ($_GET['t']!='git')
+  if (($_GET['t']!='git') &&
+    ($_GET['t']!='hg'))
     die('Repository type not implemented');
 
   if (!is_dir($work_dir . 'repositories/' . $_GET['t'] . '/' . $_GET['r'])) {
@@ -30,7 +31,7 @@ if (isset($_GET['r'])) {
         'echo "' . $_GET['tag'] . '" | ' .
           'base64 -d' .
       ')';
-  } elseif (isset($_GET['commit'])) {
+  } elseif (($_GET['t']=='git') && isset($_GET['commit'])) {
     if (!preg_match('/^[A-Fa-f0-9]{40}$/', $_GET['commit']))
       die('The given commit does not have exactly 40 hex digits');
     $commit_identifier = $_GET['commit'];
@@ -65,11 +66,14 @@ if (isset($_GET['r'])) {
         '--recv-keys ' . implode(' ',explode(',',$_GET['valid_keys']))
       );
 
-      if (trim(shell_exec(
-        'GNUPGHOME="' . $work_dir . 'gnupg" git -C "' . $work_dir . 'repositories/' . $_GET['t'] . '/' . $_GET['r'] . '" verify-tag --raw "' . $commit_identifier . '" 2>&1 | ' .
-        'grep -c "\[GNUPG:\] VALIDSIG ' . $key_regex . ' "'
-      )) == '0')
-        die('Commit ' . $commit_identifier . ' is not signed by ' . $_GET['valid_keys']);
+      if ($_GET['t']=='git') {
+        if (trim(shell_exec(
+          'GNUPGHOME="' . $work_dir . 'gnupg" git -C "' . $work_dir . 'repositories/' . $_GET['t'] . '/' . $_GET['r'] . '" verify-tag --raw "' . $commit_identifier . '" 2>&1 | ' .
+          'grep -c "\[GNUPG:\] VALIDSIG ' . $key_regex . ' "'
+        )) == '0')
+          die('Commit ' . $commit_identifier . ' is not signed by ' . $_GET['valid_keys']);
+      } else
+        die('Checking signatures is not implemented for ' . $_GET['t'] . ' repositories');
     }
     if (isset($_GET['p'])) {
       if (base64_decode($_GET['p'],true)===false)
@@ -81,11 +85,14 @@ if (isset($_GET['r'])) {
     } else {
       $prefix = '';
     }
-    $handle = popen(
-      'git -C "../work/repositories/' . $_GET['t'] . '/' . $_GET['r'] . '" archive' . $prefix . ' "' . $commit_identifier . '" | ' .
-      'gzip -nc',
-      'r'
-    );
+    if ($_GET['t']=='git')
+      $handle = popen(
+        'git -C "../work/repositories/' . $_GET['t'] . '/' . $_GET['r'] . '" archive' . $prefix . ' "' . $commit_identifier . '" | ' .
+        'gzip -nc',
+        'r'
+      );
+    else
+      $handle = false;
     if ($handle === false)
       die('Unable to create archive');
     header('Content-type: application/x-gzip');
-- 
cgit v1.2.3-54-g00ecf