Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch http-auth Through [2600f59f2d] Excluding Merge-Ins
This is equivalent to a diff from 167b24c744 to 2600f59f2d
|
2014-02-02
| ||
| 01:49 | Remove the HTTP Authorization setting if the URL is changed with remote-url. ... (check-in: 456a1edd70 user: andybradford tags: http-auth) | |
|
2014-02-01
| ||
| 23:39 | Handle --once preference and prevent sending HTTP Authorization when the URL is named on the command line. ... (check-in: 2600f59f2d user: andybradford tags: http-auth) | |
| 22:06 | Only automatically provide Authorization if the URL is HTTPS. User can express preference to use Authorization over unencrypted HTTP via the --httpauth command line option. ... (check-in: 906cfae444 user: andybradford tags: http-auth) | |
| 19:24 | Remove malplaced period from the middle of a sentence. ... (check-in: 4c8a3fb2b7 user: andybradford tags: trunk) | |
| 05:58 | Bring in latest from trunk. ... (check-in: da070fafe2 user: andybradford tags: http-auth) | |
|
2014-01-29
| ||
| 22:51 | (experimental) Allow not only --utc or --localtime to be specified, but any timezone (minutes from UTC = -999...999) ... (Closed-Leaf check-in: c3e3ceb9b6 user: jan.nijtmans tags: tz-minutes) | |
| 20:43 | Typo fix. ... (check-in: 167b24c744 user: stephan tags: trunk) | |
| 15:16 | Added is-a-leaf and leaf status to info [/help/info] and friends, per ML request. ... (check-in: 0b5670dce6 user: stephan tags: trunk) | |
Changes to src/clone.c.
| ︙ | ︙ | |||
107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 |
**
** Options:
** --admin-user|-A USERNAME Make USERNAME the administrator
** --once Don't save url.
** --private Also clone private branches
** --ssl-identity=filename Use the SSL identity if requested by the server
** --ssh-command|-c 'command' Use this SSH command
**
** See also: init
*/
void clone_cmd(void){
char *zPassword;
const char *zDefaultUser; /* Optional name of the default user */
int nErr = 0;
int bPrivate = 0; /* Also clone private branches */
int urlFlags = URL_PROMPT_PW | URL_REMEMBER;
if( find_option("private",0,0)!=0 ) bPrivate = SYNC_PRIVATE;
if( find_option("once",0,0)!=0) urlFlags &= ~URL_REMEMBER;
zDefaultUser = find_option("admin-user","A",1);
clone_ssh_find_options();
url_proxy_options();
if( g.argc < 4 ){
usage("?OPTIONS? FILE-OR-URL NEW-REPOSITORY");
}
db_open_config(0);
| > > | 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 |
**
** Options:
** --admin-user|-A USERNAME Make USERNAME the administrator
** --once Don't save url.
** --private Also clone private branches
** --ssl-identity=filename Use the SSL identity if requested by the server
** --ssh-command|-c 'command' Use this SSH command
** --httpauth|-B Add HTTP Basic Authorization to requests
**
** See also: init
*/
void clone_cmd(void){
char *zPassword;
const char *zDefaultUser; /* Optional name of the default user */
int nErr = 0;
int bPrivate = 0; /* Also clone private branches */
int urlFlags = URL_PROMPT_PW | URL_REMEMBER;
if( find_option("private",0,0)!=0 ) bPrivate = SYNC_PRIVATE;
if( find_option("once",0,0)!=0) urlFlags &= ~URL_REMEMBER;
g.fUseHttpAuth = find_option("httpauth","B",0)!=0;
zDefaultUser = find_option("admin-user","A",1);
clone_ssh_find_options();
url_proxy_options();
if( g.argc < 4 ){
usage("?OPTIONS? FILE-OR-URL NEW-REPOSITORY");
}
db_open_config(0);
|
| ︙ | ︙ | |||
157 158 159 160 161 162 163 164 165 166 167 168 169 170 |
db_begin_transaction();
db_record_repository_filename(g.argv[3]);
db_initial_setup(0, 0, zDefaultUser, 0);
user_select();
db_set("content-schema", CONTENT_SCHEMA, 0);
db_set("aux-schema", AUX_SCHEMA, 0);
db_set("rebuilt", get_version(), 0);
url_remember();
if( g.zSSLIdentity!=0 ){
/* If the --ssl-identity option was specified, store it as a setting */
Blob fn;
blob_zero(&fn);
file_canonical_name(g.zSSLIdentity, &fn, 0);
db_set("ssl-identity", blob_str(&fn), 0);
| > | 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 |
db_begin_transaction();
db_record_repository_filename(g.argv[3]);
db_initial_setup(0, 0, zDefaultUser, 0);
user_select();
db_set("content-schema", CONTENT_SCHEMA, 0);
db_set("aux-schema", AUX_SCHEMA, 0);
db_set("rebuilt", get_version(), 0);
remember_or_get_http_auth(urlFlags & URL_REMEMBER, g.argv[2]);
url_remember();
if( g.zSSLIdentity!=0 ){
/* If the --ssl-identity option was specified, store it as a setting */
Blob fn;
blob_zero(&fn);
file_canonical_name(g.zSSLIdentity, &fn, 0);
db_set("ssl-identity", blob_str(&fn), 0);
|
| ︙ | ︙ | |||
193 194 195 196 197 198 199 200 201 202 203 204 205 206 |
fossil_print("Rebuilding repository meta-data...\n");
rebuild_db(0, 1, 0);
fossil_print("project-id: %s\n", db_get("project-code", 0));
zPassword = db_text(0, "SELECT pw FROM user WHERE login=%Q", g.zLogin);
fossil_print("admin-user: %s (password is \"%s\")\n", g.zLogin, zPassword);
db_end_transaction(0);
}
/*
** Look for SSH clone command line options and setup in globals.
*/
void clone_ssh_find_options(void){
const char *zSshCmd; /* SSH command string */
| > > > > > > > > > > > > > > > > > > > > | 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 |
fossil_print("Rebuilding repository meta-data...\n");
rebuild_db(0, 1, 0);
fossil_print("project-id: %s\n", db_get("project-code", 0));
zPassword = db_text(0, "SELECT pw FROM user WHERE login=%Q", g.zLogin);
fossil_print("admin-user: %s (password is \"%s\")\n", g.zLogin, zPassword);
db_end_transaction(0);
}
/*
** If user chooses to use HTTP Authentication over unencrypted HTTP,
** remember decision. Otherwise, if the URL is being changed and no preference
** has been indicated, err on the safe side and revert the decision.
** Set the global preference if the URL is not being changed.
*/
void remember_or_get_http_auth(int fRemember, const char *zUrl){
if( fRemember ){
if( g.fUseHttpAuth==1 ){
db_set_int("use-http-auth", 1, 0);
}else if( zUrl && zUrl[0] ){
db_unset("use-http-auth", 0);
}else{
g.fUseHttpAuth = db_get_boolean("use-http-auth",0)!=0;
}
}else if( g.fUseHttpAuth==0 && zUrl==0 ){
g.fUseHttpAuth = db_get_boolean("use-http-auth",0)!=0;
}
}
/*
** Look for SSH clone command line options and setup in globals.
*/
void clone_ssh_find_options(void){
const char *zSshCmd; /* SSH command string */
|
| ︙ | ︙ |
Changes to src/http.c.
| ︙ | ︙ | |||
60 61 62 63 64 65 66 |
zPw = 0;
}else{
/* Password failure while doing a sync from the command-line interface */
url_prompt_for_password();
zPw = g.urlPasswd;
}
| < < < < < < | 60 61 62 63 64 65 66 67 68 69 70 71 72 73 |
zPw = 0;
}else{
/* Password failure while doing a sync from the command-line interface */
url_prompt_for_password();
zPw = g.urlPasswd;
}
/* The login card wants the SHA1 hash of the password, so convert the
** password to its SHA1 hash it it isn't already a SHA1 hash.
*/
/* fossil_print("\nzPw=[%s]\n", zPw); // TESTING ONLY */
if( zPw && zPw[0] ) zPw = sha1_shared_secret(zPw, zLogin, 0);
blob_append(&pw, zPw, -1);
|
| ︙ | ︙ | |||
100 101 102 103 104 105 106 |
}else{
zSep = "/";
}
blob_appendf(pHdr, "POST %s%sxfer/xfer HTTP/1.0\r\n", g.urlPath, zSep);
if( g.urlProxyAuth ){
blob_appendf(pHdr, "Proxy-Authorization: %s\r\n", g.urlProxyAuth);
}
| | | | 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 |
}else{
zSep = "/";
}
blob_appendf(pHdr, "POST %s%sxfer/xfer HTTP/1.0\r\n", g.urlPath, zSep);
if( g.urlProxyAuth ){
blob_appendf(pHdr, "Proxy-Authorization: %s\r\n", g.urlProxyAuth);
}
if( g.urlPasswd && g.urlUser && g.fUseHttpAuth ){
char *zCredentials = mprintf("%s:%s", g.urlUser, g.urlPasswd);
char *zEncoded = encode64(zCredentials, -1);
blob_appendf(pHdr, "Authorization: Basic %s\r\n", zEncoded);
fossil_free(zEncoded);
fossil_free(zCredentials);
}
blob_appendf(pHdr, "Host: %s\r\n", g.urlHostname);
blob_appendf(pHdr, "User-Agent: %s\r\n", get_user_agent());
|
| ︙ | ︙ | |||
203 204 205 206 207 208 209 210 211 212 213 214 215 216 |
*/
closeConnection = 1;
iLength = -1;
while( (zLine = transport_receive_line(GLOBAL_URL()))!=0 && zLine[0]!=0 ){
/* printf("[%s]\n", zLine); fflush(stdout); */
if( fossil_strnicmp(zLine, "http/1.", 7)==0 ){
if( sscanf(zLine, "HTTP/1.%d %d", &iHttpVersion, &rc)!=2 ) goto write_err;
if( rc!=200 && rc!=302 ){
int ii;
for(ii=7; zLine[ii] && zLine[ii]!=' '; ii++){}
while( zLine[ii]==' ' ) ii++;
fossil_warning("server says: %s", &zLine[ii]);
goto write_err;
}
| > > > > > > > > > > > > > > > | 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 |
*/
closeConnection = 1;
iLength = -1;
while( (zLine = transport_receive_line(GLOBAL_URL()))!=0 && zLine[0]!=0 ){
/* printf("[%s]\n", zLine); fflush(stdout); */
if( fossil_strnicmp(zLine, "http/1.", 7)==0 ){
if( sscanf(zLine, "HTTP/1.%d %d", &iHttpVersion, &rc)!=2 ) goto write_err;
if( rc==401 ){
if( g.urlIsHttps || g.fUseHttpAuth ){
/* set g.fUseHttpAuth to avoid loop when doing HTTPS */
g.fUseHttpAuth = 1;
transport_close(GLOBAL_URL());
if( --maxRedirect == 0 ){
fossil_fatal("http authorization limit exceeded");
}
return http_exchange(pSend, pReply, useLogin, maxRedirect);
}else{
fossil_warning(
"Authorization over unencrypted HTTP requested; "
"use --httpauth if appropriate.");
}
}
if( rc!=200 && rc!=302 ){
int ii;
for(ii=7; zLine[ii] && zLine[ii]!=' '; ii++){}
while( zLine[ii]==' ' ) ii++;
fossil_warning("server says: %s", &zLine[ii]);
goto write_err;
}
|
| ︙ | ︙ |
Changes to src/main.c.
| ︙ | ︙ | |||
137 138 139 140 141 142 143 144 145 146 147 148 149 150 | char *zLocalRoot; /* The directory holding the local database */ int minPrefix; /* Number of digits needed for a distinct UUID */ int fSqlTrace; /* True if --sqltrace flag is present */ int fSqlStats; /* True if --sqltrace or --sqlstats are present */ int fSqlPrint; /* True if -sqlprint flag is present */ int fQuiet; /* True if -quiet flag is present */ int fHttpTrace; /* Trace outbound HTTP requests */ int fSystemTrace; /* Trace calls to fossil_system(), --systemtrace */ int fSshTrace; /* Trace the SSH setup traffic */ int fSshClient; /* HTTP client flags for SSH client */ char *zSshCmd; /* SSH command string */ int fNoSync; /* Do not do an autosync ever. --nosync */ char *zPath; /* Name of webpage being served */ char *zExtra; /* Extra path information past the webpage name */ | > | 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 | char *zLocalRoot; /* The directory holding the local database */ int minPrefix; /* Number of digits needed for a distinct UUID */ int fSqlTrace; /* True if --sqltrace flag is present */ int fSqlStats; /* True if --sqltrace or --sqlstats are present */ int fSqlPrint; /* True if -sqlprint flag is present */ int fQuiet; /* True if -quiet flag is present */ int fHttpTrace; /* Trace outbound HTTP requests */ int fUseHttpAuth; /* True if user requests HTTP Authorization */ int fSystemTrace; /* Trace calls to fossil_system(), --systemtrace */ int fSshTrace; /* Trace the SSH setup traffic */ int fSshClient; /* HTTP client flags for SSH client */ char *zSshCmd; /* SSH command string */ int fNoSync; /* Do not do an autosync ever. --nosync */ char *zPath; /* Name of webpage being served */ char *zExtra; /* Extra path information past the webpage name */ |
| ︙ | ︙ |
Changes to src/sync.c.
| ︙ | ︙ | |||
88 89 90 91 92 93 94 95 96 97 98 99 100 101 |
unsigned configSync = 0;
unsigned urlFlags = URL_REMEMBER | URL_PROMPT_PW;
int urlOptional = 0;
if( find_option("autourl",0,0)!=0 ){
urlOptional = 1;
urlFlags = 0;
}
if( find_option("once",0,0)!=0 ) urlFlags &= ~URL_REMEMBER;
if( find_option("private",0,0)!=0 ){
*pSyncFlags |= SYNC_PRIVATE;
}
if( find_option("verbose","v",0)!=0 ){
*pSyncFlags |= SYNC_VERBOSE;
}
| > | 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 |
unsigned configSync = 0;
unsigned urlFlags = URL_REMEMBER | URL_PROMPT_PW;
int urlOptional = 0;
if( find_option("autourl",0,0)!=0 ){
urlOptional = 1;
urlFlags = 0;
}
g.fUseHttpAuth = find_option("httpauth",0,0)!=0;
if( find_option("once",0,0)!=0 ) urlFlags &= ~URL_REMEMBER;
if( find_option("private",0,0)!=0 ){
*pSyncFlags |= SYNC_PRIVATE;
}
if( find_option("verbose","v",0)!=0 ){
*pSyncFlags |= SYNC_VERBOSE;
}
|
| ︙ | ︙ | |||
114 115 116 117 118 119 120 121 122 123 124 125 126 127 |
}else if( g.argc==3 ){
zUrl = g.argv[2];
}
if( urlFlags & URL_REMEMBER ){
clone_ssh_db_set_options();
}
url_parse(zUrl, urlFlags);
url_remember();
if( g.urlProtocol==0 ){
if( urlOptional ) fossil_exit(0);
usage("URL");
}
user_select();
if( g.argc==2 ){
| > | 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 |
}else if( g.argc==3 ){
zUrl = g.argv[2];
}
if( urlFlags & URL_REMEMBER ){
clone_ssh_db_set_options();
}
url_parse(zUrl, urlFlags);
remember_or_get_http_auth(urlFlags & URL_REMEMBER, zUrl);
url_remember();
if( g.urlProtocol==0 ){
if( urlOptional ) fossil_exit(0);
usage("URL");
}
user_select();
if( g.argc==2 ){
|
| ︙ | ︙ |