passwordauth: prevent authentication bypass via multiple name parameters
[ikiwiki] / IkiWiki / Plugin / pinger.pm
1 #!/usr/bin/perl
2 package IkiWiki::Plugin::pinger;
3
4 use warnings;
5 use strict;
6 use IkiWiki 3.00;
7
8 my %pages;
9 my $pinged=0;
10
11 sub import {
12         hook(type => "getsetup", id => "pinger", call => \&getsetup);
13         hook(type => "needsbuild", id => "pinger", call => \&needsbuild);
14         hook(type => "preprocess", id => "ping", call => \&preprocess);
15         hook(type => "delete", id => "pinger", call => \&ping);
16         hook(type => "rendered", id => "pinger", call => \&ping);
17 }
18
19 sub getsetup () {
20         return
21                 plugin => {
22                         safe => 1,
23                         rebuild => 0,
24                 },
25                 pinger_timeout => {
26                         type => "integer",
27                         example => 15,
28                         description => "how many seconds to try pinging before timing out",
29                         safe => 1,
30                         rebuild => 0,
31                 },
32 }
33
34 sub needsbuild (@) {
35         my $needsbuild=shift;
36         foreach my $page (keys %pagestate) {
37                 if (exists $pagestate{$page}{pinger}) {
38                         $pages{$page}=1;
39                         if (exists $pagesources{$page} &&
40                             grep { $_ eq $pagesources{$page} } @$needsbuild) {
41                                 # remove state, will be re-added if
42                                 # the ping directive is still present
43                                 # on rebuild.
44                                 delete $pagestate{$page}{pinger};
45                         }
46                 }
47         }
48         return $needsbuild;
49 }
50
51 sub preprocess (@) {
52         my %params=@_;
53         if (! exists $params{from} || ! exists $params{to}) {
54                 error gettext("requires 'from' and 'to' parameters");
55         }
56         if ($params{from} eq $config{url}) {
57                 $pagestate{$params{destpage}}{pinger}{$params{to}}=1;
58                 $pages{$params{destpage}}=1;
59                 return sprintf(gettext("Will ping %s"), $params{to});
60         }
61         else {
62                 return sprintf(gettext("Ignoring ping directive for wiki %s (this wiki is %s)"), $params{from}, $config{url});
63         }
64 }
65
66 sub ping {
67         if (! $pinged && %pages) {
68                 $pinged=1;
69                 
70                 eval q{use Net::INET6Glue::INET_is_INET6}; # may not be available
71                 
72                 my $ua;
73                 eval q{use LWPx::ParanoidAgent};
74                 if (!$@) {
75                         $ua=LWPx::ParanoidAgent->new(agent => $config{useragent});
76                 }
77                 else {
78                         eval q{use LWP};
79                         if ($@) {
80                                 debug(gettext("LWP not found, not pinging"));
81                                 return;
82                         }
83                         $ua=useragent();
84                 }
85                 $ua->timeout($config{pinger_timeout} || 15);
86                 
87                 # daemonise here so slow pings don't slow down wiki updates
88                 defined(my $pid = fork) or error("Can't fork: $!");
89                 return if $pid;
90                 chdir '/';
91                 open STDIN, '/dev/null';
92                 open STDOUT, '>/dev/null';
93                 POSIX::setsid() or error("Can't start a new session: $!");
94                 open STDERR, '>&STDOUT' or error("Can't dup stdout: $!");
95                 
96                 # Don't need to keep a lock on the wiki as a daemon.
97                 IkiWiki::unlockwiki();
98                 
99                 my %urls;
100                 foreach my $page (%pages) {
101                         if (exists $pagestate{$page}{pinger}) {
102                                 $urls{$_}=1 foreach keys %{$pagestate{$page}{pinger}};
103                         }
104                 }
105                 foreach my $url (keys %urls) {
106                         # Try to avoid pinging ourselves. If this check
107                         # fails, it's not the end of the world, since we
108                         # only ping when a page was changed, so a ping loop
109                         # will still be avoided.
110                         next if $url=~/^\Q$config{cgiurl}\E/;
111                         my $local_cgiurl = IkiWiki::cgiurl();
112                         next if $url=~/^\Q$local_cgiurl\E/;
113                         
114                         $ua->get($url);
115                 }
116                 
117                 exit 0;
118         }
119 }
120
121 1