From: Joey Hess <joey@kodama.kitenet.net>
Date: Sun, 26 Oct 2008 18:03:18 +0000 (-0400)
Subject: move untrusted committer test into the wrapper
X-Git-Tag: 2.68~63
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=7ddea03684df47c861c264216b83e7653d6784fd;p=ikiwiki.git

move untrusted committer test into the wrapper

This saves around 1/4th second per trusted commit since ikiwiki
doesn't need to start up.
---

diff --git a/IkiWiki/Receive.pm b/IkiWiki/Receive.pm
index 451a3fe8e..72668d26a 100644
--- a/IkiWiki/Receive.pm
+++ b/IkiWiki/Receive.pm
@@ -7,7 +7,6 @@ use strict;
 use IkiWiki;
 
 sub getuser () { #{{{
-	# CALLER_UID is set by the suid wrapper, to the original uid
 	my $user=(getpwuid(exists $ENV{CALLER_UID} ? $ENV{CALLER_UID} : $<))[0];
 	if (! defined $user) {
 		error("cannot determine username for $<");
@@ -21,6 +20,31 @@ sub trusted () { #{{{
 		! grep { $_ eq $user } @{$config{untrusted_committers}};
 } #}}}
 
+sub gen_wrapper () { #{{{
+	# Test for commits from untrusted committers in the wrapper, to
+	# avoid loading ikiwiki at all for trusted commits.
+
+	my $ret=<<"EOF";
+	{
+		int u=getuid();
+EOF
+	$ret.="\t\tif ( ".
+		join("&&", map {
+			my $uid=getpwnam($_);
+			if (! defined $uid) {
+				error(sprintf(gettext("cannot determine id of untrusted committer %s"), $_));
+			}
+			"u != $uid";
+		} @{$config{untrusted_committers}}).
+		") exit(0);\n";
+	$ret.=<<"EOF";
+		asprintf(&s, "CALLER_UID=%i", u);
+		newenviron[i++]=s;
+	}
+EOF
+	return $ret;
+} #}}}
+
 sub test () { #{{{
 	exit 0 if trusted();
 	
diff --git a/IkiWiki/Wrapper.pm b/IkiWiki/Wrapper.pm
index 0a2b8d4f8..fd8a0e5b0 100644
--- a/IkiWiki/Wrapper.pm
+++ b/IkiWiki/Wrapper.pm
@@ -36,7 +36,13 @@ sub gen_wrapper () { #{{{
 		addenv("$var", s);
 EOF
 	}
-	
+
+	my $test_receive="";
+	if ($config{test_receive}) {
+		require IkiWiki::Receive;
+		$test_receive=IkiWiki::Receive::gen_wrapper();
+	}
+
 	$Data::Dumper::Indent=0; # no newlines
 	my $configstring=Data::Dumper->Dump([\%config], ['*config']);
 	$configstring=~s/\\/\\\\/g;
@@ -67,13 +73,12 @@ addenv(char *var, char *val) {
 }
 
 int main (int argc, char **argv) {
-	/* Sanitize environment. */
 	char *s;
+
+$test_receive
 $envsave
 	newenviron[i++]="HOME=$ENV{HOME}";
 	newenviron[i++]="WRAPPED_OPTIONS=$configstring";
-	asprintf(&s, "CALLER_UID=%i", getuid());
-	newenviron[i++]=s;
 	newenviron[i]=NULL;
 	environ=newenviron;
 
diff --git a/ikiwiki.in b/ikiwiki.in
index d601d2739..f2407b8d0 100755
--- a/ikiwiki.in
+++ b/ikiwiki.in
@@ -123,11 +123,6 @@ sub getconfig () { #{{{
 			# optimisation for no-op post_commit 
 			exit 0;
 		}
-		elsif ($config{test_receive}) {
-			# quick success if the user is trusted
-			require IkiWiki::Receive;
-			exit 0 if IkiWiki::Receive::trusted();
-		}
 
 		loadplugins();
 		checkconfig();