Fossil

Check-in [60d1581ff0]
Login

Check-in [60d1581ff0]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:This branch superceded by [d7008b34579d2f41|check-in d7008b34579d2f41] and therefore closed. Was: move the checking for --https to before verify_options is called
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | tls-server-fix
Files: files | file ages | folders
SHA3-256: 60d1581ff00fc2688dcedcbdce70caabb576b10560f6a08ae61d08b00e10c16d
User & Date: rdb 2022-01-17 13:47:11.634
Original Comment: tls: move the checking for --https to before verify_options is called
Context
2022-01-17
13:47
This branch superceded by [d7008b34579d2f41|check-in d7008b34579d2f41] and therefore closed. Was: move the checking for --https to before verify_options is called ... (Closed-Leaf check-in: 60d1581ff0 user: rdb tags: tls-server-fix)
2022-01-16
11:29
merge latest trunk ... (check-in: 8dde277768 user: rdb tags: tls-server-fix)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/main.c. 
3065
3066
3067
3068
3069
3070
3071

3072
3073
3074
3075
3076
3077
3078

  char *zRemote = 0;         /* Remote host on which to run "fossil ui" */
  const char *zJsMode;       /* The --jsmode parameter */
  const char *zFossilCmd =0; /* Name of "fossil" binary on remote system */
#if FOSSIL_ENABLE_SSL 
  const char *zCertFile =0;  /* Internal - TLS/SSL cert filename of the --tls-cert-file option */
  int zTls =0;               /* Internal - 1 = use a TLS/SSL cert that has been previously loaded by ssl-config load-cert command or 0 if no TLS / SSL has been loaeded  */
#endif

#if defined(_WIN32)
  const char *zStopperFile;    /* Name of file used to terminate server */
  zStopperFile = find_option("stopper", 0, 1);
#endif

  if( g.zErrlog==0 ){
    g.zErrlog = "-";








>








3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079

  char *zRemote = 0;         /* Remote host on which to run "fossil ui" */
  const char *zJsMode;       /* The --jsmode parameter */
  const char *zFossilCmd =0; /* Name of "fossil" binary on remote system */
#if FOSSIL_ENABLE_SSL 
  const char *zCertFile =0;  /* Internal - TLS/SSL cert filename of the --tls-cert-file option */
  int zTls =0;               /* Internal - 1 = use a TLS/SSL cert that has been previously loaded by ssl-config load-cert command or 0 if no TLS / SSL has been loaeded  */
#endif
  const char *zHttps =0;     /* Internal - set if if --https is present */
#if defined(_WIN32)
  const char *zStopperFile;    /* Name of file used to terminate server */
  zStopperFile = find_option("stopper", 0, 1);
#endif

  if( g.zErrlog==0 ){
    g.zErrlog = "-";

3146
3147
3148
3149
3150
3151
3152

3153
3154
3155
3156
3157
3158
3159

  if( find_option("debug-nofork",0,0)!=0 ){
    flags |= HTTP_SERVER_NOFORK;
#if !defined(_WIN32)
    /* Disable the timeout during debugging */
    zTimeout = "100000000";
#endif
  }

  /* We should be done with options.. */
  verify_all_options();

  if( g.argc!=2 && g.argc!=3 ) usage("?REPOSITORY?");
  if( isUiCmd && 3==g.argc && file_isdir(g.argv[2], ExtFILE)>0 ){
    /* If REPOSITORY arg is the root of a checkout,
    ** chdir to that checkout so that the current version








>








3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161

  if( find_option("debug-nofork",0,0)!=0 ){
    flags |= HTTP_SERVER_NOFORK;
#if !defined(_WIN32)
    /* Disable the timeout during debugging */
    zTimeout = "100000000";
#endif
  }
  zHttps = find_option("https",0,0);
  /* We should be done with options.. */
  verify_all_options();

  if( g.argc!=2 && g.argc!=3 ) usage("?REPOSITORY?");
  if( isUiCmd && 3==g.argc && file_isdir(g.argv[2], ExtFILE)>0 ){
    /* If REPOSITORY arg is the root of a checkout,
    ** chdir to that checkout so that the current version

3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209

  ** repo database to access the certificate if its been loaded
  **     
  ** The database has only just been found and made available
  */
#if FOSSIL_ENABLE_SSL
    init_ssl_decoder(zCertFile, zTls);
#endif
  if( find_option("https",0,0)!=0 || g.httpUseSSL ){
    cgi_replace_parameter("HTTPS","on");
  }
  if( g.httpUseSSL && (flags & HTTP_SERVER_SCGI)!=0 ){
    fossil_fatal("SCGI does not (yet) support TLS-encrypted connections");
  }

  if( zInitPage==0 ){








|








3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211

  ** repo database to access the certificate if its been loaded
  **     
  ** The database has only just been found and made available
  */
#if FOSSIL_ENABLE_SSL
    init_ssl_decoder(zCertFile, zTls);
#endif
  if( zHttps !=0 || g.httpUseSSL ){
    cgi_replace_parameter("HTTPS","on");
  }
  if( g.httpUseSSL && (flags & HTTP_SERVER_SCGI)!=0 ){
    fossil_fatal("SCGI does not (yet) support TLS-encrypted connections");
  }

  if( zInitPage==0 ){