Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch http-auth Excluding Merge-Ins
This is equivalent to a diff from fd223e5ec7 to 75406df207
|
2014-03-13
| ||
| 12:23 | Add support for HTTP Basic Authentication to clone and sync. check-in: 5d536c51b6 user: drh tags: trunk | |
|
2014-03-11
| ||
| 21:05 | Wrapped the timeline-rendering JS in an anonymous function so that it no longer pollutes the global namespace. Added "type" tag to the script (required by HTML4, optional in HTML5). check-in: e6d3e878a9 user: stephan tags: trunk | |
| 05:05 | Merge in latest load average enhancement (very nice), and other cleanup. Closed-Leaf check-in: 75406df207 user: andybradford tags: http-auth | |
|
2014-03-10
| ||
| 21:42 | Update the custom MinGW makefile. check-in: fd223e5ec7 user: mistachkin tags: trunk | |
| 20:49 | Update SQLITE_SOURCE_ID to EXACT 3.8.4 version; char() bugfix was still missing check-in: b1aad7a071 user: jan.nijtmans tags: trunk | |
|
2014-03-06
| ||
| 14:54 | Bring up-to-date with latest features/fixes from trunk. check-in: d6259b7582 user: andybradford tags: http-auth | |
Changes to src/clone.c.
| ︙ | ︙ | |||
107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 |
**
** Options:
** --admin-user|-A USERNAME Make USERNAME the administrator
** --once Don't save url.
** --private Also clone private branches
** --ssl-identity=filename Use the SSL identity if requested by the server
** --ssh-command|-c 'command' Use this SSH command
**
** See also: init
*/
void clone_cmd(void){
char *zPassword;
const char *zDefaultUser; /* Optional name of the default user */
int nErr = 0;
int bPrivate = 0; /* Also clone private branches */
int urlFlags = URL_PROMPT_PW | URL_REMEMBER;
if( find_option("private",0,0)!=0 ) bPrivate = SYNC_PRIVATE;
if( find_option("once",0,0)!=0) urlFlags &= ~URL_REMEMBER;
zDefaultUser = find_option("admin-user","A",1);
clone_ssh_find_options();
url_proxy_options();
if( g.argc < 4 ){
usage("?OPTIONS? FILE-OR-URL NEW-REPOSITORY");
}
db_open_config(0);
| > > > | 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 |
**
** Options:
** --admin-user|-A USERNAME Make USERNAME the administrator
** --once Don't save url.
** --private Also clone private branches
** --ssl-identity=filename Use the SSL identity if requested by the server
** --ssh-command|-c 'command' Use this SSH command
** --httpauth|-B 'user:pass' Add HTTP Basic Authorization to requests
**
** See also: init
*/
void clone_cmd(void){
char *zPassword;
const char *zDefaultUser; /* Optional name of the default user */
const char *zHttpAuth; /* HTTP Authorization user:pass information */
int nErr = 0;
int bPrivate = 0; /* Also clone private branches */
int urlFlags = URL_PROMPT_PW | URL_REMEMBER;
if( find_option("private",0,0)!=0 ) bPrivate = SYNC_PRIVATE;
if( find_option("once",0,0)!=0) urlFlags &= ~URL_REMEMBER;
zHttpAuth = find_option("httpauth","B",1);
zDefaultUser = find_option("admin-user","A",1);
clone_ssh_find_options();
url_proxy_options();
if( g.argc < 4 ){
usage("?OPTIONS? FILE-OR-URL NEW-REPOSITORY");
}
db_open_config(0);
|
| ︙ | ︙ | |||
157 158 159 160 161 162 163 164 165 166 167 168 169 170 |
db_begin_transaction();
db_record_repository_filename(g.argv[3]);
db_initial_setup(0, 0, zDefaultUser, 0);
user_select();
db_set("content-schema", CONTENT_SCHEMA, 0);
db_set("aux-schema", AUX_SCHEMA, 0);
db_set("rebuilt", get_version(), 0);
url_remember();
if( g.zSSLIdentity!=0 ){
/* If the --ssl-identity option was specified, store it as a setting */
Blob fn;
blob_zero(&fn);
file_canonical_name(g.zSSLIdentity, &fn, 0);
db_set("ssl-identity", blob_str(&fn), 0);
| > | 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 |
db_begin_transaction();
db_record_repository_filename(g.argv[3]);
db_initial_setup(0, 0, zDefaultUser, 0);
user_select();
db_set("content-schema", CONTENT_SCHEMA, 0);
db_set("aux-schema", AUX_SCHEMA, 0);
db_set("rebuilt", get_version(), 0);
remember_or_get_http_auth(zHttpAuth, urlFlags & URL_REMEMBER, g.argv[2]);
url_remember();
if( g.zSSLIdentity!=0 ){
/* If the --ssl-identity option was specified, store it as a setting */
Blob fn;
blob_zero(&fn);
file_canonical_name(g.zSSLIdentity, &fn, 0);
db_set("ssl-identity", blob_str(&fn), 0);
|
| ︙ | ︙ | |||
193 194 195 196 197 198 199 200 201 202 203 204 205 206 |
fossil_print("Rebuilding repository meta-data...\n");
rebuild_db(0, 1, 0);
fossil_print("project-id: %s\n", db_get("project-code", 0));
zPassword = db_text(0, "SELECT pw FROM user WHERE login=%Q", g.zLogin);
fossil_print("admin-user: %s (password is \"%s\")\n", g.zLogin, zPassword);
db_end_transaction(0);
}
/*
** Look for SSH clone command line options and setup in globals.
*/
void clone_ssh_find_options(void){
const char *zSshCmd; /* SSH command string */
| > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 |
fossil_print("Rebuilding repository meta-data...\n");
rebuild_db(0, 1, 0);
fossil_print("project-id: %s\n", db_get("project-code", 0));
zPassword = db_text(0, "SELECT pw FROM user WHERE login=%Q", g.zLogin);
fossil_print("admin-user: %s (password is \"%s\")\n", g.zLogin, zPassword);
db_end_transaction(0);
}
/*
** If user chooses to use HTTP Authentication over unencrypted HTTP,
** remember decision. Otherwise, if the URL is being changed and no preference
** has been indicated, err on the safe side and revert the decision.
** Set the global preference if the URL is not being changed.
*/
void remember_or_get_http_auth(const char *zHttpAuth, int fRemember, const char *zUrl){
char *zKey = mprintf("http-auth:%s", g.urlCanonical);
if( zHttpAuth && zHttpAuth[0] ){
g.zHttpAuth = mprintf("%s", zHttpAuth);
}
if( fRemember ){
if( g.zHttpAuth && g.zHttpAuth[0] ){
set_httpauth(g.zHttpAuth);
}else if( zUrl && zUrl[0] ){
db_unset(zKey, 0);
}else{
g.zHttpAuth = get_httpauth();
}
}else if( g.zHttpAuth==0 && zUrl==0 ){
g.zHttpAuth = get_httpauth();
}
free(zKey);
}
/*
** Get the HTTP Authorization preference from db.
*/
char *get_httpauth(void){
char *zKey = mprintf("http-auth:%s", g.urlCanonical);
return unobscure(db_get(zKey, 0));
free(zKey);
}
/*
** Set the HTTP Authorization preference in db.
*/
void set_httpauth(const char *zHttpAuth){
char *zKey = mprintf("http-auth:%s", g.urlCanonical);
db_set(zKey, obscure(zHttpAuth), 0);
free(zKey);
}
/*
** Look for SSH clone command line options and setup in globals.
*/
void clone_ssh_find_options(void){
const char *zSshCmd; /* SSH command string */
|
| ︙ | ︙ |
Changes to src/http.c.
| ︙ | ︙ | |||
17 18 19 20 21 22 23 24 25 26 27 28 29 30 | ** ** This file contains code that implements the client-side HTTP protocol */ #include "config.h" #include "http.h" #include <assert.h> /* ** Construct the "login" card with the client credentials. ** ** login LOGIN NONCE SIGNATURE ** ** The LOGIN is the user id of the client. NONCE is the sha1 checksum ** of all payload that follows the login card. SIGNATURE is the sha1 | > > > > > > > > > > > > > > > > | 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 | ** ** This file contains code that implements the client-side HTTP protocol */ #include "config.h" #include "http.h" #include <assert.h> #ifdef _WIN32 #include <io.h> #ifndef isatty #define isatty(d) _isatty(d) #endif #ifndef fileno #define fileno(s) _fileno(s) #endif #endif /* Maximum number of HTTP Authorization attempts */ #define MAX_HTTP_AUTH 2 /* Keep track of HTTP Basic Authorization failures */ static int fSeenHttpAuth = 0; /* ** Construct the "login" card with the client credentials. ** ** login LOGIN NONCE SIGNATURE ** ** The LOGIN is the user id of the client. NONCE is the sha1 checksum ** of all payload that follows the login card. SIGNATURE is the sha1 |
| ︙ | ︙ | |||
60 61 62 63 64 65 66 |
zPw = 0;
}else{
/* Password failure while doing a sync from the command-line interface */
url_prompt_for_password();
zPw = g.urlPasswd;
}
| < < < < < < | 76 77 78 79 80 81 82 83 84 85 86 87 88 89 |
zPw = 0;
}else{
/* Password failure while doing a sync from the command-line interface */
url_prompt_for_password();
zPw = g.urlPasswd;
}
/* The login card wants the SHA1 hash of the password, so convert the
** password to its SHA1 hash it it isn't already a SHA1 hash.
*/
/* fossil_print("\nzPw=[%s]\n", zPw); // TESTING ONLY */
if( zPw && zPw[0] ) zPw = sha1_shared_secret(zPw, zLogin, 0);
blob_append(&pw, zPw, -1);
|
| ︙ | ︙ | |||
100 101 102 103 104 105 106 |
}else{
zSep = "/";
}
blob_appendf(pHdr, "POST %s%sxfer/xfer HTTP/1.0\r\n", g.urlPath, zSep);
if( g.urlProxyAuth ){
blob_appendf(pHdr, "Proxy-Authorization: %s\r\n", g.urlProxyAuth);
}
| | | < > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 |
}else{
zSep = "/";
}
blob_appendf(pHdr, "POST %s%sxfer/xfer HTTP/1.0\r\n", g.urlPath, zSep);
if( g.urlProxyAuth ){
blob_appendf(pHdr, "Proxy-Authorization: %s\r\n", g.urlProxyAuth);
}
if( g.zHttpAuth && g.zHttpAuth[0] ){
const char *zCredentials = g.zHttpAuth;
char *zEncoded = encode64(zCredentials, -1);
blob_appendf(pHdr, "Authorization: Basic %s\r\n", zEncoded);
fossil_free(zEncoded);
}
blob_appendf(pHdr, "Host: %s\r\n", g.urlHostname);
blob_appendf(pHdr, "User-Agent: %s\r\n", get_user_agent());
if( g.urlIsSsh ) blob_appendf(pHdr, "X-Fossil-Transport: SSH\r\n");
if( g.fHttpTrace ){
blob_appendf(pHdr, "Content-Type: application/x-fossil-debug\r\n");
}else{
blob_appendf(pHdr, "Content-Type: application/x-fossil\r\n");
}
blob_appendf(pHdr, "Content-Length: %d\r\n\r\n", blob_size(pPayload));
}
/*
** Use Fossil credentials for HTTP Basic Authorization prompt
*/
static int use_fossil_creds_for_httpauth_prompt(void){
Blob x;
char c;
prompt_user("Use Fossil username and password (y/N)? ", &x);
c = blob_str(&x)[0];
blob_reset(&x);
return ( c=='y' || c=='Y' );
}
/*
** Prompt to save HTTP Basic Authorization information
*/
static int save_httpauth_prompt(void){
Blob x;
char c;
if( (g.urlFlags & URL_REMEMBER)==0 ) return;
prompt_user("Remember Basic Authorization credentials (Y/n)? ", &x);
c = blob_str(&x)[0];
blob_reset(&x);
return ( c!='n' && c!='N' );
}
/*
** Get the HTTP Basic Authorization credentials from the user
** when 401 is received.
*/
char *prompt_for_httpauth_creds(void){
Blob x;
char *zUser;
char *zPw;
char *zPrompt;
char *zHttpAuth = 0;
if( !isatty(fileno(stdin)) ) return 0;
zPrompt = mprintf("\n%s authorization required by\n%s\n",
g.urlIsHttps==1 ? "Encrypted HTTPS" : "Unencrypted HTTP", g.urlCanonical);
fossil_print(zPrompt);
free(zPrompt);
if ( g.urlUser && g.urlPasswd && use_fossil_creds_for_httpauth_prompt() ){
zHttpAuth = mprintf("%s:%s", g.urlUser, g.urlPasswd);
}else{
prompt_user("Basic Authorization user: ", &x);
zUser = mprintf("%b", &x);
zPrompt = mprintf("HTTP password for %b: ", &x);
blob_reset(&x);
prompt_for_password(zPrompt, &x, 1);
zPw = mprintf("%b", &x);
zHttpAuth = mprintf("%s:%s", zUser, zPw);
free(zUser);
free(zPw);
free(zPrompt);
blob_reset(&x);
}
if( save_httpauth_prompt() ){
set_httpauth(zHttpAuth);
}
return zHttpAuth;
}
/*
** Sign the content in pSend, compress it, and send it to the server
** via HTTP or HTTPS. Get a reply, uncompress the reply, and store the reply
** in pRecv. pRecv is assumed to be uninitialized when
** this routine is called - this routine will initialize it.
**
|
| ︙ | ︙ | |||
203 204 205 206 207 208 209 210 211 212 213 214 215 216 |
*/
closeConnection = 1;
iLength = -1;
while( (zLine = transport_receive_line(GLOBAL_URL()))!=0 && zLine[0]!=0 ){
/* printf("[%s]\n", zLine); fflush(stdout); */
if( fossil_strnicmp(zLine, "http/1.", 7)==0 ){
if( sscanf(zLine, "HTTP/1.%d %d", &iHttpVersion, &rc)!=2 ) goto write_err;
if( rc!=200 && rc!=302 ){
int ii;
for(ii=7; zLine[ii] && zLine[ii]!=' '; ii++){}
while( zLine[ii]==' ' ) ii++;
fossil_warning("server says: %s", &zLine[ii]);
goto write_err;
}
| > > > > > > > > > > | 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 |
*/
closeConnection = 1;
iLength = -1;
while( (zLine = transport_receive_line(GLOBAL_URL()))!=0 && zLine[0]!=0 ){
/* printf("[%s]\n", zLine); fflush(stdout); */
if( fossil_strnicmp(zLine, "http/1.", 7)==0 ){
if( sscanf(zLine, "HTTP/1.%d %d", &iHttpVersion, &rc)!=2 ) goto write_err;
if( rc==401 ){
if( fSeenHttpAuth++ < MAX_HTTP_AUTH ){
if( g.zHttpAuth ){
if( g.zHttpAuth ) free(g.zHttpAuth);
}
g.zHttpAuth = prompt_for_httpauth_creds();
transport_close(GLOBAL_URL());
return http_exchange(pSend, pReply, useLogin, maxRedirect);
}
}
if( rc!=200 && rc!=302 ){
int ii;
for(ii=7; zLine[ii] && zLine[ii]!=' '; ii++){}
while( zLine[ii]==' ' ) ii++;
fossil_warning("server says: %s", &zLine[ii]);
goto write_err;
}
|
| ︙ | ︙ | |||
252 253 254 255 256 257 258 259 260 261 262 263 264 265 |
j = strlen(zLine) - 1;
while( j>4 && fossil_strcmp(&zLine[j-4],"/xfer")==0 ){
j -= 4;
zLine[j] = 0;
}
fossil_print("redirect to %s\n", &zLine[i]);
url_parse(&zLine[i], 0);
transport_close(GLOBAL_URL());
return http_exchange(pSend, pReply, useLogin, maxRedirect);
}else if( fossil_strnicmp(zLine, "content-type: ", 14)==0 ){
if( fossil_strnicmp(&zLine[14], "application/x-fossil-debug", -1)==0 ){
isCompressed = 0;
}else if( fossil_strnicmp(&zLine[14],
"application/x-fossil-uncompressed", -1)==0 ){
| > > > | 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 |
j = strlen(zLine) - 1;
while( j>4 && fossil_strcmp(&zLine[j-4],"/xfer")==0 ){
j -= 4;
zLine[j] = 0;
}
fossil_print("redirect to %s\n", &zLine[i]);
url_parse(&zLine[i], 0);
fSeenHttpAuth = 0;
if( g.zHttpAuth ) free(g.zHttpAuth);
g.zHttpAuth = get_httpauth();
transport_close(GLOBAL_URL());
return http_exchange(pSend, pReply, useLogin, maxRedirect);
}else if( fossil_strnicmp(zLine, "content-type: ", 14)==0 ){
if( fossil_strnicmp(&zLine[14], "application/x-fossil-debug", -1)==0 ){
isCompressed = 0;
}else if( fossil_strnicmp(&zLine[14],
"application/x-fossil-uncompressed", -1)==0 ){
|
| ︙ | ︙ |
Changes to src/main.c.
| ︙ | ︙ | |||
138 139 140 141 142 143 144 145 146 147 148 149 150 151 | char *zLocalRoot; /* The directory holding the local database */ int minPrefix; /* Number of digits needed for a distinct UUID */ int fSqlTrace; /* True if --sqltrace flag is present */ int fSqlStats; /* True if --sqltrace or --sqlstats are present */ int fSqlPrint; /* True if -sqlprint flag is present */ int fQuiet; /* True if -quiet flag is present */ int fHttpTrace; /* Trace outbound HTTP requests */ int fSystemTrace; /* Trace calls to fossil_system(), --systemtrace */ int fSshTrace; /* Trace the SSH setup traffic */ int fSshClient; /* HTTP client flags for SSH client */ char *zSshCmd; /* SSH command string */ int fNoSync; /* Do not do an autosync ever. --nosync */ char *zPath; /* Name of webpage being served */ char *zExtra; /* Extra path information past the webpage name */ | > | 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 | char *zLocalRoot; /* The directory holding the local database */ int minPrefix; /* Number of digits needed for a distinct UUID */ int fSqlTrace; /* True if --sqltrace flag is present */ int fSqlStats; /* True if --sqltrace or --sqlstats are present */ int fSqlPrint; /* True if -sqlprint flag is present */ int fQuiet; /* True if -quiet flag is present */ int fHttpTrace; /* Trace outbound HTTP requests */ char *zHttpAuth; /* HTTP Authorization user:pass information */ int fSystemTrace; /* Trace calls to fossil_system(), --systemtrace */ int fSshTrace; /* Trace the SSH setup traffic */ int fSshClient; /* HTTP client flags for SSH client */ char *zSshCmd; /* SSH command string */ int fNoSync; /* Do not do an autosync ever. --nosync */ char *zPath; /* Name of webpage being served */ char *zExtra; /* Extra path information past the webpage name */ |
| ︙ | ︙ | |||
649 650 651 652 653 654 655 656 657 658 659 660 661 662 |
g.fSystemTrace = find_option("systemtrace", 0, 0)!=0;
g.fSshTrace = find_option("sshtrace", 0, 0)!=0;
g.fSshClient = 0;
g.zSshCmd = 0;
if( g.fSqlTrace ) g.fSqlStats = 1;
g.fSqlPrint = find_option("sqlprint", 0, 0)!=0;
g.fHttpTrace = find_option("httptrace", 0, 0)!=0;
g.zLogin = find_option("user", "U", 1);
g.zSSLIdentity = find_option("ssl-identity", 0, 1);
g.zErrlog = find_option("errorlog", 0, 1);
if( find_option("utc",0,0) ) g.fTimeFormat = 1;
if( find_option("localtime",0,0) ) g.fTimeFormat = 2;
if( zChdir && file_chdir(zChdir, 0) ){
fossil_fatal("unable to change directories to %s", zChdir);
| > | 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 |
g.fSystemTrace = find_option("systemtrace", 0, 0)!=0;
g.fSshTrace = find_option("sshtrace", 0, 0)!=0;
g.fSshClient = 0;
g.zSshCmd = 0;
if( g.fSqlTrace ) g.fSqlStats = 1;
g.fSqlPrint = find_option("sqlprint", 0, 0)!=0;
g.fHttpTrace = find_option("httptrace", 0, 0)!=0;
g.zHttpAuth = 0;
g.zLogin = find_option("user", "U", 1);
g.zSSLIdentity = find_option("ssl-identity", 0, 1);
g.zErrlog = find_option("errorlog", 0, 1);
if( find_option("utc",0,0) ) g.fTimeFormat = 1;
if( find_option("localtime",0,0) ) g.fTimeFormat = 2;
if( zChdir && file_chdir(zChdir, 0) ){
fossil_fatal("unable to change directories to %s", zChdir);
|
| ︙ | ︙ |
Changes to src/sync.c.
| ︙ | ︙ | |||
52 53 54 55 56 57 58 59 60 61 62 63 64 65 |
url_parse(0, URL_REMEMBER);
if( g.urlProtocol==0 ) return 0;
if( g.urlUser!=0 && g.urlPasswd==0 ){
g.urlPasswd = unobscure(db_get("last-sync-pw", 0));
g.urlFlags |= URL_PROMPT_PW;
url_prompt_for_password();
}
url_remember();
#if 0 /* Disabled for now */
if( (flags & AUTOSYNC_PULL)!=0 && db_get_boolean("auto-shun",1) ){
/* When doing an automatic pull, also automatically pull shuns from
** the server if pull_shuns is enabled.
**
** TODO: What happens if the shun list gets really big?
| > | 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 |
url_parse(0, URL_REMEMBER);
if( g.urlProtocol==0 ) return 0;
if( g.urlUser!=0 && g.urlPasswd==0 ){
g.urlPasswd = unobscure(db_get("last-sync-pw", 0));
g.urlFlags |= URL_PROMPT_PW;
url_prompt_for_password();
}
g.zHttpAuth = get_httpauth();
url_remember();
#if 0 /* Disabled for now */
if( (flags & AUTOSYNC_PULL)!=0 && db_get_boolean("auto-shun",1) ){
/* When doing an automatic pull, also automatically pull shuns from
** the server if pull_shuns is enabled.
**
** TODO: What happens if the shun list gets really big?
|
| ︙ | ︙ | |||
81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 |
** This routine processes the command-line argument for push, pull,
** and sync. If a command-line argument is given, that is the URL
** of a server to sync against. If no argument is given, use the
** most recently synced URL. Remember the current URL for next time.
*/
static void process_sync_args(unsigned *pConfigFlags, unsigned *pSyncFlags){
const char *zUrl = 0;
unsigned configSync = 0;
unsigned urlFlags = URL_REMEMBER | URL_PROMPT_PW;
int urlOptional = 0;
if( find_option("autourl",0,0)!=0 ){
urlOptional = 1;
urlFlags = 0;
}
if( find_option("once",0,0)!=0 ) urlFlags &= ~URL_REMEMBER;
if( find_option("private",0,0)!=0 ){
*pSyncFlags |= SYNC_PRIVATE;
}
if( find_option("verbose","v",0)!=0 ){
*pSyncFlags |= SYNC_VERBOSE;
}
| > > | 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 |
** This routine processes the command-line argument for push, pull,
** and sync. If a command-line argument is given, that is the URL
** of a server to sync against. If no argument is given, use the
** most recently synced URL. Remember the current URL for next time.
*/
static void process_sync_args(unsigned *pConfigFlags, unsigned *pSyncFlags){
const char *zUrl = 0;
const char *zHttpAuth = 0;
unsigned configSync = 0;
unsigned urlFlags = URL_REMEMBER | URL_PROMPT_PW;
int urlOptional = 0;
if( find_option("autourl",0,0)!=0 ){
urlOptional = 1;
urlFlags = 0;
}
zHttpAuth = find_option("httpauth","B",1);
if( find_option("once",0,0)!=0 ) urlFlags &= ~URL_REMEMBER;
if( find_option("private",0,0)!=0 ){
*pSyncFlags |= SYNC_PRIVATE;
}
if( find_option("verbose","v",0)!=0 ){
*pSyncFlags |= SYNC_VERBOSE;
}
|
| ︙ | ︙ | |||
114 115 116 117 118 119 120 121 122 123 124 125 126 127 |
}else if( g.argc==3 ){
zUrl = g.argv[2];
}
if( urlFlags & URL_REMEMBER ){
clone_ssh_db_set_options();
}
url_parse(zUrl, urlFlags);
url_remember();
if( g.urlProtocol==0 ){
if( urlOptional ) fossil_exit(0);
usage("URL");
}
user_select();
if( g.argc==2 ){
| > | 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 |
}else if( g.argc==3 ){
zUrl = g.argv[2];
}
if( urlFlags & URL_REMEMBER ){
clone_ssh_db_set_options();
}
url_parse(zUrl, urlFlags);
remember_or_get_http_auth(zHttpAuth, urlFlags & URL_REMEMBER, zUrl);
url_remember();
if( g.urlProtocol==0 ){
if( urlOptional ) fossil_exit(0);
usage("URL");
}
user_select();
if( g.argc==2 ){
|
| ︙ | ︙ | |||
261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 |
db_find_and_open_repository(0, 0);
if( g.argc!=2 && g.argc!=3 ){
usage("remote-url ?URL|off?");
}
if( g.argc==3 ){
db_unset("last-sync-url", 0);
db_unset("last-sync-pw", 0);
if( is_false(g.argv[2]) ) return;
url_parse(g.argv[2], URL_REMEMBER|URL_PROMPT_PW|URL_ASK_REMEMBER_PW);
}
url_remember();
zUrl = db_get("last-sync-url", 0);
if( zUrl==0 ){
fossil_print("off\n");
return;
}else{
url_parse(zUrl, 0);
fossil_print("%s\n", g.urlCanonical);
}
}
| > | 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 |
db_find_and_open_repository(0, 0);
if( g.argc!=2 && g.argc!=3 ){
usage("remote-url ?URL|off?");
}
if( g.argc==3 ){
db_unset("last-sync-url", 0);
db_unset("last-sync-pw", 0);
db_unset("http-auth", 0);
if( is_false(g.argv[2]) ) return;
url_parse(g.argv[2], URL_REMEMBER|URL_PROMPT_PW|URL_ASK_REMEMBER_PW);
}
url_remember();
zUrl = db_get("last-sync-url", 0);
if( zUrl==0 ){
fossil_print("off\n");
return;
}else{
url_parse(zUrl, 0);
fossil_print("%s\n", g.urlCanonical);
}
}
|
Changes to src/xfer.c.
| ︙ | ︙ | |||
576 577 578 579 580 581 582 |
int rc = -1;
char *zLogin = blob_terminate(pLogin);
defossilize(zLogin);
if( fossil_strcmp(zLogin, "nobody")==0 || fossil_strcmp(zLogin,"anonymous")==0 ){
return 0; /* Anybody is allowed to sync as "nobody" or "anonymous" */
}
| | > | 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 |
int rc = -1;
char *zLogin = blob_terminate(pLogin);
defossilize(zLogin);
if( fossil_strcmp(zLogin, "nobody")==0 || fossil_strcmp(zLogin,"anonymous")==0 ){
return 0; /* Anybody is allowed to sync as "nobody" or "anonymous" */
}
if( fossil_strcmp(P("REMOTE_USER"), zLogin)==0
&& db_get_boolean("remote_user_ok",0) ){
return 0; /* Accept Basic Authorization */
}
db_prepare(&q,
"SELECT pw, cap, uid FROM user"
" WHERE login=%Q"
" AND login NOT IN ('anonymous','nobody','developer','reader')"
" AND length(pw)>0",
|
| ︙ | ︙ |