36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
static void http_build_login_card(Blob *pPayload, Blob *pLogin){
Blob nonce; /* The nonce */
const char *zLogin; /* The user login name */
const char *zPw; /* The user password */
Blob pw; /* The nonce with user password appended */
Blob sig; /* The signature field */
blob_zero(pLogin);
if( g.urlUser==0 && g.zFossilUser==0 ||
fossil_strcmp(g.urlUser, "anonymous")==0 ){
zLogin = url_or_fossil_user();
|
>
<
|
<
|
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
static void http_build_login_card(Blob *pPayload, Blob *pLogin){
Blob nonce; /* The nonce */
const char *zLogin; /* The user login name */
const char *zPw; /* The user password */
Blob pw; /* The nonce with user password appended */
Blob sig; /* The signature field */
zLogin = url_or_fossil_user();
blob_zero(pLogin);
if( zLogin==0 || fossil_strcmp(g.urlUser, "anonymous")==0 ){
return; /* If no login card for users "nobody" and "anonymous" */
}
blob_zero(&nonce);
blob_zero(&pw);
sha1sum_blob(pPayload, &nonce);
blob_copy(&pw, &nonce);
if( g.urlPasswd ){
zPw = g.urlPasswd;
}else if( g.cgiOutput ){
/* Password failure while doing a sync from the web interface */
cgi_printf("*** incorrect or missing password for user %h\n", zLogin);
zPw = 0;
}else{
|