Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch repo-fingerprint Excluding Merge-Ins
This is equivalent to a diff from 1e3cfc1e9e to 6036bc621e
2019-01-16
| ||
00:11 | Detect when the repository associated with a check-out has been swapped out for a clone with different RID values, and give the user a warning. Still to do: automatically recover. check-in: 1b114d241f user: drh tags: trunk | |
2019-01-11
| ||
05:34 | Fix the expected result for the TH1 'info commands' test. check-in: 103997d96e user: mistachkin tags: trunk | |
05:32 | Add the 'cgiHeaderLine' command to TH1. check-in: 58e2f487e5 user: mistachkin tags: th1CgiHeader | |
03:31 | Verify the repository fingerprint whenever a repository is opened from a checkout database. For now, abort with an error if the fingerprint is incorrect. To do: have Fossil automatically adjust RIDs in the checkout database if the fingerprint is incorrect. Closed-Leaf check-in: 6036bc621e user: drh tags: repo-fingerprint | |
2019-01-10
| ||
21:07 | Store "fingerprint" and "checkout-hash" in the VVAR table whenever the working checkout changes. check-in: e07139a05a user: drh tags: repo-fingerprint | |
19:54 | Add the db_fingerprint() interface for computing a repository fingerprint. check-in: f5043617c0 user: drh tags: repo-fingerprint | |
18:25 | Fix the remote_repo_info() function to avoid resource leaks and to suppress unhelpful error and warning messages. check-in: 1e3cfc1e9e user: drh tags: trunk | |
17:29 | Added a hyperlink from the "upgrade to Fossil 2.1 or later" recommendation at the top of the hash policy document to the "Installing" section of the Quick Start document. check-in: f392fac705 user: wyoung tags: trunk | |
Changes to src/checkin.c.
︙ | ︙ | |||
2537 2538 2539 2540 2541 2542 2543 | "DELETE FROM vfile WHERE (vid!=%d OR deleted) AND is_selected(id);" "DELETE FROM vmerge;" "UPDATE vfile SET vid=%d;" "UPDATE vfile SET rid=mrid, chnged=0, deleted=0, origname=NULL" " WHERE is_selected(id);" , vid, nvid ); | | | 2537 2538 2539 2540 2541 2542 2543 2544 2545 2546 2547 2548 2549 2550 2551 | "DELETE FROM vfile WHERE (vid!=%d OR deleted) AND is_selected(id);" "DELETE FROM vmerge;" "UPDATE vfile SET vid=%d;" "UPDATE vfile SET rid=mrid, chnged=0, deleted=0, origname=NULL" " WHERE is_selected(id);" , vid, nvid ); db_set_checkout(nvid); /* Update the isexe and islink columns of the vfile table */ db_prepare(&q, "UPDATE vfile SET isexe=:exec, islink=:link" " WHERE vid=:vid AND pathname=:path AND (isexe!=:exec OR islink!=:link)" ); db_bind_int(&q, ":vid", nvid); |
︙ | ︙ |
Changes to src/checkout.c.
︙ | ︙ | |||
302 303 304 305 306 307 308 | db_multi_exec("DELETE FROM vfile WHERE vid!=%d", vid); if( !keepFlag ){ vfile_to_disk(vid, 0, !g.fQuiet, promptFlag); } checkout_set_all_exe(vid); manifest_to_disk(vid); ensure_empty_dirs_created(); | | | 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 | db_multi_exec("DELETE FROM vfile WHERE vid!=%d", vid); if( !keepFlag ){ vfile_to_disk(vid, 0, !g.fQuiet, promptFlag); } checkout_set_all_exe(vid); manifest_to_disk(vid); ensure_empty_dirs_created(); db_set_checkout(vid); undo_reset(); db_multi_exec("DELETE FROM vmerge"); if( !keepFlag && db_get_boolean("repo-cksum",1) ){ vfile_aggregate_checksum_manifest(vid, &cksum1, &cksum1b); vfile_aggregate_checksum_disk(vid, &cksum2); if( blob_compare(&cksum1, &cksum2) ){ fossil_print("WARNING: manifest checksum does not agree with disk\n"); |
︙ | ︙ |
Changes to src/db.c.
︙ | ︙ | |||
1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 | db_set_int("hash-policy", g.eHashPolicy, 0); } /* Make a change to the CHECK constraint on the BLOB table for ** version 2.0 and later. */ rebuild_schema_update_2_0(); /* Do the Fossil-2.0 schema updates */ } /* ** Return true if there have been any changes to the repository ** database since it was opened. ** ** Changes to "config" and "localdb" and "temp" do not count. | > > > > > > > > > > > > > > > > > > > | 1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 | db_set_int("hash-policy", g.eHashPolicy, 0); } /* Make a change to the CHECK constraint on the BLOB table for ** version 2.0 and later. */ rebuild_schema_update_2_0(); /* Do the Fossil-2.0 schema updates */ /* If the checkout database was opened first, then check to make ** sure that the repository database that was just opened has not ** be replaced by a clone of the same project, with different RID ** values. */ if( g.localOpen && !db_fingerprint_ok() ){ fossil_print( "Oops. It looks like the repository database file located at\n" " \"%s\"\n", zDbName ); fossil_print( "has been swapped with a clone that may have different\n" "integer keys for the various artifacts. As of 2019-01-11,\n" "we are working on enhancing Fossil to be able to deal with\n" "that automatically, but we are not there yet. Sorry.\n\n" ); fossil_fatal("bad fingerprint"); } } /* ** Return true if there have been any changes to the repository ** database since it was opened. ** ** Changes to "config" and "localdb" and "temp" do not count. |
︙ | ︙ | |||
2870 2871 2872 2873 2874 2875 2876 | ** point, this will probably be the setting value from the ** repository or global configuration databases. */ g.allowSymlinks = db_get_boolean("allow-symlinks", db_allow_symlinks_by_default()); } db_lset("repository", g.argv[2]); db_record_repository_filename(g.argv[2]); | | | 2889 2890 2891 2892 2893 2894 2895 2896 2897 2898 2899 2900 2901 2902 2903 | ** point, this will probably be the setting value from the ** repository or global configuration databases. */ g.allowSymlinks = db_get_boolean("allow-symlinks", db_allow_symlinks_by_default()); } db_lset("repository", g.argv[2]); db_record_repository_filename(g.argv[2]); db_set_checkout(0); azNewArgv[0] = g.argv[0]; g.argv = azNewArgv; if( !emptyFlag ){ g.argc = 3; if( g.zOpenRevision ){ azNewArgv[g.argc-1] = g.zOpenRevision; }else{ |
︙ | ︙ | |||
3702 3703 3704 3705 3706 3707 3708 | */ void test_database_name_cmd(void){ db_find_and_open_repository(OPEN_ANY_SCHEMA, 0); fossil_print("Repository database: %s\n", g.zRepositoryName); fossil_print("Local database: %s\n", g.zLocalDbName); fossil_print("Config database: %s\n", g.zConfigDbName); } | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 3721 3722 3723 3724 3725 3726 3727 3728 3729 3730 3731 3732 3733 3734 3735 3736 3737 3738 3739 3740 3741 3742 3743 3744 3745 3746 3747 3748 3749 3750 3751 3752 3753 3754 3755 3756 3757 3758 3759 3760 3761 3762 3763 3764 3765 3766 3767 3768 3769 3770 3771 3772 3773 3774 3775 3776 3777 3778 3779 3780 3781 3782 3783 3784 3785 3786 3787 3788 3789 3790 3791 3792 3793 3794 3795 3796 3797 3798 3799 3800 3801 3802 3803 3804 3805 3806 3807 3808 3809 3810 3811 3812 3813 3814 3815 3816 3817 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828 3829 3830 3831 3832 3833 3834 3835 3836 3837 3838 3839 3840 3841 3842 | */ void test_database_name_cmd(void){ db_find_and_open_repository(OPEN_ANY_SCHEMA, 0); fossil_print("Repository database: %s\n", g.zRepositoryName); fossil_print("Local database: %s\n", g.zLocalDbName); fossil_print("Config database: %s\n", g.zConfigDbName); } /* ** Compute a "fingerprint" on the repository. A fingerprint is used ** to verify that that the repository has not been replaced by a clone ** of the same repository. More precisely, a fingerprint are used to ** verify that the mapping between SHA3 hashes and RID values is unchanged. ** ** The checkout database ("localdb") stores RID values. When associating ** a checkout database against a repository database, it is useful to verify ** the fingerprint so that we know tha the RID values in the checkout ** database still correspond to the correct entries in the BLOB table of ** the repository. ** ** The fingerprint is based on the RCVFROM table. When constructing a ** new fingerprint, use the most recent RCVFROM entry. (Set rcvid==0 to ** accomplish this.) When verifying an old fingerprint, use the same ** RCVFROM entry that generated the fingerprint in the first place. ** ** The fingerprint consists of the rcvid, a "/", and the MD5 checksum of ** the remaining fields of the RCVFROM table entry. MD5 is used for this ** because it is 4x faster than SHA3 and 5x faster than SHA1, and there ** are no security concerns - this is just a checksum, not a security ** token. */ char *db_fingerprint(int rcvid){ char *z = 0; Blob sql = BLOB_INITIALIZER; Stmt q; blob_append_sql(&sql, "SELECT rcvid, quote(uid), quote(mtime), quote(nonce), quote(ipaddr)" " FROM rcvfrom" ); if( rcvid<=0 ){ blob_append_sql(&sql, " ORDER BY rcvid DESC LIMIT 1"); }else{ blob_append_sql(&sql, " WHERE rcvid=%d", rcvid); } db_prepare_blob(&q, &sql); blob_reset(&sql); if( db_step(&q)==SQLITE_ROW ){ int i; md5sum_init(); for(i=1; i<=4; i++){ md5sum_step_text(db_column_text(&q,i),-1); } z = mprintf("%d/%s",db_column_int(&q,0),md5sum_finish(0)); } db_finalize(&q); return z; } /* ** COMMAND: test-fingerprint ** ** Usage: %fossil test-fingerprint ?RCVID? ?--check? ** ** Display the repository fingerprint. Or if the --check option ** is provided and this command is run from a checkout, invoke the ** db_fingerprint_ok() method and print its result. */ void test_fingerprint(void){ int rcvid = 0; if( find_option("check",0,0)!=0 ){ db_must_be_within_tree(); fossil_print("db_fingerprint_ok() => %d\n", db_fingerprint_ok()); return; } db_find_and_open_repository(OPEN_ANY_SCHEMA,0); if( g.argc==3 ){ rcvid = atoi(g.argv[2]); }else if( g.argc!=2 ){ fossil_fatal("wrong number of arguments"); } fossil_print("%z\n", db_fingerprint(rcvid)); } /* ** Set the value of the "checkout" entry in the VVAR table. ** ** Also set "fingerprint" and "checkout-hash". */ void db_set_checkout(int rid){ char *z; db_lset_int("checkout", rid); z = db_text(0,"SELECT uuid FROM blob WHERE rid=%d",rid); db_lset("checkout-hash", z); fossil_free(z); z = db_fingerprint(0); db_lset("fingerprint", z); fossil_free(z); } /* ** Verify that the fingerprint recorded in the "fingerprint" entry ** of the VVAR table matches the fingerprint on the currently ** connected repository. Return true if the fingerprint is ok, and ** return false if the fingerprint does not match. */ int db_fingerprint_ok(void){ char *zCkout; /* The fingerprint recorded in the checkout database */ char *zRepo; /* The fingerprint of the repository */ int rc; /* Result */ zCkout = db_text(0,"SELECT value FROM localdb.vvar WHERE name='fingerprint'"); if( zCkout==0 ){ /* This is an older checkout that does not record a fingerprint. ** We have to assume everything is ok */ return 2; } zRepo = db_fingerprint(atoi(zCkout)); rc = fossil_strcmp(zCkout,zRepo)==0; fossil_free(zCkout); fossil_free(zRepo); return rc; } |
Changes to src/undo.c.
︙ | ︙ | |||
162 163 164 165 166 167 168 | "INSERT OR IGNORE INTO stashfile SELECT * FROM undo_stashfile;" ); } } ncid = db_lget_int("undo_checkout", 0); ucid = db_lget_int("checkout", 0); db_lset_int("undo_checkout", ucid); | | | 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 | "INSERT OR IGNORE INTO stashfile SELECT * FROM undo_stashfile;" ); } } ncid = db_lget_int("undo_checkout", 0); ucid = db_lget_int("checkout", 0); db_lset_int("undo_checkout", ucid); db_set_checkout(ncid); } /* ** Reset the undo memory. */ void undo_reset(void){ static const char zSql[] = |
︙ | ︙ |
Changes to src/update.c.
︙ | ︙ | |||
571 572 573 574 575 576 577 | }else{ ensure_empty_dirs_created(); if( g.argc<=3 ){ /* All files updated. Shift the current checkout to the target. */ db_multi_exec("DELETE FROM vfile WHERE vid!=%d", tid); checkout_set_all_exe(tid); manifest_to_disk(tid); | | | 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 | }else{ ensure_empty_dirs_created(); if( g.argc<=3 ){ /* All files updated. Shift the current checkout to the target. */ db_multi_exec("DELETE FROM vfile WHERE vid!=%d", tid); checkout_set_all_exe(tid); manifest_to_disk(tid); db_set_checkout(tid); }else{ /* A subset of files have been checked out. Keep the current ** checkout unchanged. */ db_multi_exec("DELETE FROM vfile WHERE vid!=%d", vid); } if( !internalUpdate ) undo_finish(); if( setmtimeFlag ) vfile_check_signature(tid, CKSIG_SETMTIME); |
︙ | ︙ |