diff --git a/en/cgi/dosendpr.cgi b/en/cgi/dosendpr.cgi index b4c09de3ba..53157b7745 100755 --- a/en/cgi/dosendpr.cgi +++ b/en/cgi/dosendpr.cgi @@ -1,188 +1,219 @@ #!/usr/bin/perl # # Send-pr perl script to send a pr. # # Copyright (c) 1996 Free Range Media # # Copying and distribution permitted under the conditions of the # GNU General Public License Version 2. # (http://www.gnu.ai.mit.edu/copyleft/gpl.html) # -# $FreeBSD: www/en/cgi/dosendpr.cgi,v 1.25 2005/12/04 22:25:20 simon Exp $ +# $FreeBSD$ use Socket; use CGI qw/:standard/; use DB_File; use Fcntl qw(:DEFAULT :flock); require "./Gnats.pm"; import Gnats; my $blackhole = "dnsbl.njabl.org"; my $openproxyip = "127.0.0.9"; my $blackhole_err = 0; my $openproxy; my $expiretime = 2700; $dbpath = "/usr/local/www/var/confirm-code/sendpr-code.db"; +# Maximum size of patch that we'll accept from send-pr.html. +$maxpatch = 102400; + +my $patchbuf; +my $patchhandle; + # Environment variables to stuff in the PR header. my @ENV_captures = qw/ REMOTE_HOST REMOTE_ADDR REMOTE_PORT HTTP_REFERER HTTP_CLIENT_IP HTTP_FORWARDED HTTP_VIA HTTP_X_FORWARDED_FOR /; # env2hdr (@ENV_captures) # Returns X-header style headers for inclusion in the header of a PR sub env2hdr (@) { my $headers = ""; for my $var (shift @_) { next unless $ENV{$var}; $headers .= "X-$var: $ENV{$var}\n"; } return $headers; } # isopenproxy ($ip, $blackhole_zone, $positive_ip) # Returns undef on error, 0 if DNS lookup fails, $positive_ip if verified # proxy. A DNS lookup failing can either means that there was a network # problem, or that the IP is not listed in the blackhole zone. sub isopenproxy ($$$) { # If $? is already set, then a successful gethostbyname() leaves it set local $?; my ($ip, $zone, $proxyip) = @_; my ($reversed_ip, $packed); if (!defined $proxyip) { return undef }; $reversed_ip = join('.', reverse split(/\./, $ip)); $packed = gethostbyname("${reversed_ip}.${blackhole}"); return undef if $?; if ($packed && (inet_ntoa($packed) eq $proxyip)) { return $proxyip; } else { return 0; } } sub prerror { print start_html("Problem Report Error"); print "

There is an error in the configuration of the problem\n", "report form generator. Please back up one page and report\n", "the problem to the owner of that page.
", "Report $_[0].

"; print end_html(); exit (1); } +sub piloterror { + print start_html("Problem Report Error"); + print "

There is an error with your problem\n", + "report submission.\n", + "The problem was: $_[0].

"; + print end_html(); + exit (1); +} + print header(); &prerror("request method problem") if $ENV{'REQUEST_METHOD'} eq 'GET'; if (!$submission_program) { &prerror("submit program problem"); } +if ($patchhandle = upload('patch')) { + use bytes; + unless (uploadInfo($patchhandle)->{'Content-Type'} =~ m!text/.*!) { + &piloterror("Patch file has wrong content type"); + } + read($patchhandle,$patchbuf,$maxpatch + 1); + if (length($patchbuf) > $maxpatch) { + &piloterror("Patch file too big (over ${maxpatch} bytes)"); + } +} + # Verify the code... $db_obj = tie(%db_hash, 'DB_File', $dbpath, O_CREAT|O_RDWR, 0644) or die "dbcreate $dbpath $!"; $fd = $db_obj->fd; open(DB_FH, "+<&=$fd") or die "fdopen $!"; unless (flock (DB_FH, LOCK_EX | LOCK_NB)) { unless (flock (DB_FH, LOCK_EX)) { die "flock: $!" } } $codeentered = param('code-confirm'); $codeentered =~ s/.*/\U$&/; # Turn input uppercase $currenttime = time(); if (defined($codeentered) && $codeentered && $db_hash{$codeentered} && (($currenttime - $expiretime) <= $db_hash{$codeentered})) { if (!param('email') || !param('originator') || !param('synopsis')) { print start_html("Problem Report Error"); print "

Bad Data

You need to specify at least your ", "electronic mail address, your name and a synopsis ", "of the problem.
Please return to the form and add the ", "missing information. Thank you.

"; print end_html(); exit(1); } } else { print start_html("Problem Report Error"); print "

Incorrect confirmation code

You need to enter the correct ", "code from the image displayed. Please return to the form and enter the ", "code exactly as shown. Thank you.

"; print end_html(); exit(1); } # This code has now been used, so remove it. delete $db_hash{"$codeentered"}; # Sweep for and remove expired codes. foreach $randomcode (keys %db_hash) { if ( ($currenttime - $expiretime) >= $db_hash{$randomcode}) { delete $db_hash{"$randomcode"}; } } $db_obj->sync(); # to flush flock(DB_FH, LOCK_UN); undef $db_obj; # removing the last reference to the DB # closes it. Closing DB_FH is implicit. untie %db_hash; $openproxy = isopenproxy($ENV{'REMOTE_ADDR'}, $blackhole, $openproxyip); if (defined $openproxy) { if ($openproxy) { &prerror("$ENV{'REMOTE_ADDR'} is an open proxy server"); } } else { $blackhole_err++; } # Build the PR. $pr = "To: $submission_address\n" . "From: " . param('originator') . "<" . param('email') . ">\n" . "Subject: " . param('synopsis') . "\n" . env2hdr(@ENV_captures); if ($blackhole_err) { $pr .= "X-REMOTE_ADDR-Is-Open-Proxy: Maybe\n"; } $pr .= "X-Send-Pr-Version: www-2.3\n\n" . ">Submitter-Id:\t" . param('submitterid') . "\n" . ">Originator:\t" . param('originator') . "\n" . ">Organization:\t" . param('organization') . "\n" . ">Confidential:\t" . param('confidential') . "\n" . ">Synopsis:\t" . param('synopsis') . "\n" . ">Severity:\t" . param('severity') . "\n" . ">Priority:\t" . param('priority') . "\n" . ">Category:\t" . param('category') . "\n" . ">Class:\t\t" . param('class') . "\n" . ">Release:\t" . param('release') . "\n" . ">Environment:\t" . param('environment') . "\n" . ">Description:\n" . param('description') . "\n" . ">How-To-Repeat:\n" . param('howtorepeat') . "\n" . - ">Fix:\n" . param('fix') . "\n"; + ">Fix:\n" . param('fix'); + +if (length($patchbuf) > 0) { + $pr .= "\n\nPatch attached with submission follows:\n\n" + . $patchbuf . "\n"; +} # remove any carriage returns that appear in the report. $pr =~ s/\r//g; if (open (SUBMIT, "|$submission_program")){ print SUBMIT $pr; close (SUBMIT); print start_html("Thank you for the problem report"); print "

Thank You

", "

Thank you for the problem report. You should receive confirmation", " of your report by electronic mail within a day.

"; } else { print start_html("Error raising problem report"); print "

Error

An error occured processing your problem report.

"; } print end_html(); diff --git a/en/send-pr.sgml b/en/send-pr.sgml index 26e12f941e..44e42d2f28 100644 --- a/en/send-pr.sgml +++ b/en/send-pr.sgml @@ -1,161 +1,172 @@ + ]> &header; Bugs

Thank you for taking the time to let us know about a problem with FreeBSD.

This form allows you to submit Problem Reports about issues that you believe are actual bugs in either the source, the documentation, or the website itself. If you are having problems with initially installing FreeBSD, or have other questions of the form "why doesn't foo work" or "does FreeBSD work with bar", please ask these questions in the appropriate support forums; see the support page for more information.

Before filling out the form, please take the time to read the Writing FreeBSD Problem Reports guidelines. This may save you time and frustration getting help with your problem. Please check before submitting if your problem has not already been reported or has been noted in the FAQ.

Please fill out the form as completely as possible. Make sure you fill in the "Environment" field as requested with the output from the machine on which the problem occurred.

Note: copy/paste will destroy TABs and spacing, and this web form should not be used to submit code as plain text.

Please note that, unless you explicitly state otherwise, any changes you submit to the FreeBSD Project are assumed to be under the same license as FreeBSD. Also, the email address that you use will be available to the public through the web interface, so you should already have an effective spam filter in place.

+

If you are submitting a patch file, note that we only accept + text/* content types, and you must therefore ensure that your + browser sends the correct type. If your browser does not like + to do this, a good way to convince it to do so is to ensure that + the file name ends with the string '.txt'.

+

Finally, be forewarned that this page requires that you are able to view images as a measure against abuse of the system. We regret having to have imposed this measure, but it is completey unavoidable. If you are unable to view images for any reason, please accept our apologies for the inconvenience and email your problem report to the bugbusters team for submission into the bug tracking system.

Note: before hitting 'submit', please save your work. If your browser caches images, or if you take longer than 45 minutes to fill in the form, you may have a stale image shown on your page, and your submission will be rejected. Depending on your browser, you might lose work in this case. Help save yourself from this common frustration.

-
+ :


:


:





:

:

:



:


:


:


:


:


+ : +
+

&footer;