Fossil: Diff

Differences From Artifact [57c5fa4072]:

File src/db.c — part of check-in [79988f962e] at 2019-09-24 10:09:16 on branch trunk — Fix harmless memory leaks. (user: drh size: 127805)

To Artifact [225f85e3f3]:

File src/db.c — part of check-in [36d3685833] at 2019-09-27 18:47:33 on branch trunk — Update the fingerprint mechanism so that it if the revised hash algorithm fails, it retries using the legacy hash algorithm before reporting an error (and alarming users). The revised hash is always stored. The "test-fingerprint" command is updated to show both the old and the new hash algorithm and the fingerprint currently stored in the localdb. (user: drh size: 128751)

︙			︙
1733 1734 1735 1736 1737 1738 1739 ~~1740~~ 1741 1742 1743 1744 1745 1746 1747	exit(0); }else{ char *z; stash_rid_renumbering_event(); vfile_rid_renumbering_event(0); undo_reset(); bisect_reset(); ~~z = db_fingerprint(0);~~ db_lset("fingerprint", z); fossil_free(z); fossil_print( "WARNING: The repository database has been replaced by a clone.\n" "Bisect history and undo have been lost.\n" ); }	\|	1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747	exit(0); }else{ char *z; stash_rid_renumbering_event(); vfile_rid_renumbering_event(0); undo_reset(); bisect_reset(); z = db_fingerprint(0, 1); db_lset("fingerprint", z); fossil_free(z); fossil_print( "WARNING: The repository database has been replaced by a clone.\n" "Bisect history and undo have been lost.\n" ); }
︙			︙
3931 3932 3933 3934 3935 3936 3937 ~~3938~~ 3939 3940 3941 ~~3942~~ ~~3943 3944 3945~~ 3946 3947 3948 3949 3950 3951 3952	The fingerprint consists of the rcvid, a "/", and the MD5 checksum of the remaining fields of the RCVFROM table entry. MD5 is used for this because it is 4x faster than SHA3 and 5x faster than SHA1, and there are no security concerns - this is just a checksum, not a security token. / ~~char db_fingerprint(int rcvid){~~ char *z = 0; Blob sql = BLOB_INITIALIZER; Stmt q; ~~blob_append_sql(&sql,~~ ~~"SELECT rcvid, quote(uid), datetime(mtime), quote(nonce), quote(ipaddr)" " FROM rcvfrom" );~~ if( rcvid<=0 ){ blob_append_sql(&sql, " ORDER BY rcvid DESC LIMIT 1"); }else{ blob_append_sql(&sql, " WHERE rcvid=%d", rcvid); } db_prepare_blob(&q, &sql); blob_reset(&sql);	\| > > > > > \| > > > > > > \| \| \| >	3931 3932 3933 3934 3935 3936 3937 3938 3939 3940 3941 3942 3943 3944 3945 3946 3947 3948 3949 3950 3951 3952 3953 3954 3955 3956 3957 3958 3959 3960 3961 3962 3963 3964	The fingerprint consists of the rcvid, a "/", and the MD5 checksum of the remaining fields of the RCVFROM table entry. MD5 is used for this because it is 4x faster than SHA3 and 5x faster than SHA1, and there are no security concerns - this is just a checksum, not a security token. / char db_fingerprint(int rcvid, int iVersion){ char z = 0; Blob sql = BLOB_INITIALIZER; Stmt q; if( iVersion==0 ){ / The original fingerprint algorithm used "quote(mtime)". But this could give slightly different answers depending on how the floating- point hardware is configured. For example, it gave different ** answers on native Linux versus running under valgrind. / blob_append_sql(&sql, "SELECT rcvid, quote(uid), quote(mtime), quote(nonce), quote(ipaddr)" " FROM rcvfrom" ); }else{ / These days, we use "datetime(mtime)" for more consistent answers */ blob_append_sql(&sql, "SELECT rcvid, quote(uid), datetime(mtime), quote(nonce), quote(ipaddr)" " FROM rcvfrom" ); } if( rcvid<=0 ){ blob_append_sql(&sql, " ORDER BY rcvid DESC LIMIT 1"); }else{ blob_append_sql(&sql, " WHERE rcvid=%d", rcvid); } db_prepare_blob(&q, &sql); blob_reset(&sql);
︙			︙
3961 3962 3963 3964 3965 3966 3967 ~~3968~~ 3969 ~~3970 3971~~ ~~3972~~ 3973 3974 3975 ~~3976 3977 3978 3979 3980~~ 3981 3982 3983 3984 3985 3986 ~~3987~~ 3988 3989 3990 3991 3992 3993 3994 3995 3996 3997 3998 3999 4000 ~~4001~~ 4002 4003 4004 4005 4006 4007 4008	db_finalize(&q); return z; } /* COMMAND: test-fingerprint Usage: %fossil test-fingerprint ?RCVID? ~~?--check?~~ Display the repository fingerprint. ~~Or if~~ the ~~--ch~~eck o~~ption~~ is pro~~vided and~~ this command ~~is run from a checkout, invoke the~~ ** ~~db_~~fingerprint~~_ok() me~~th~~od and print~~ i~~ts result~~. / void test_fingerprint(void){ int rcvid = 0; ~~~~if( find_option("check",0,0)!=0 ){~~ ~~db_must_be_within_tree();~~ ~~fossil_print("db_fingerprint_ok() => %d\n", db_fingerprint_ok());~~ ~~return;~~ }~~ db_find_and_open_repository(OPEN_ANY_SCHEMA,0); if( g.argc==3 ){ rcvid = atoi(g.argv[2]); }else if( g.argc!=2 ){ fossil_fatal("wrong number of arguments"); } ~~fossil_print("%z\n", db_fingerprint(rcvid));~~ } / Set the value of the "checkout" entry in the VVAR table. ** Also set "fingerprint" and "checkout-hash". / void db_set_checkout(int rid){ char z; db_lset_int("checkout", rid); z = db_text(0,"SELECT uuid FROM blob WHERE rid=%d",rid); db_lset("checkout-hash", z); fossil_free(z); ~~z = db_fingerprint(0);~~ db_lset("fingerprint", z); fossil_free(z); } /* Verify that the fingerprint recorded in the "fingerprint" entry of the VVAR table matches the fingerprint on the currently	\| \| \| > \| < < < < < \| > > > > > \|	3973 3974 3975 3976 3977 3978 3979 3980 3981 3982 3983 3984 3985 3986 3987 3988 3989 3990 3991 3992 3993 3994 3995 3996 3997 3998 3999 4000 4001 4002 4003 4004 4005 4006 4007 4008 4009 4010 4011 4012 4013 4014 4015 4016 4017 4018 4019 4020 4021	db_finalize(&q); return z; } /* COMMAND: test-fingerprint Usage: %fossil test-fingerprint ?RCVID? Display the repository fingerprint using the supplied RCVID or using the latest RCVID if not is given on the command line. Show both the legacy and the newer version of the fingerprint, and the currently stored fingerprint if there is one. / void test_fingerprint(void){ int rcvid = 0; db_find_and_open_repository(OPEN_ANY_SCHEMA,0); if( g.argc==3 ){ rcvid = atoi(g.argv[2]); }else if( g.argc!=2 ){ fossil_fatal("wrong number of arguments"); } fossil_print("legecy: %z\n", db_fingerprint(rcvid, 0)); fossil_print("version-1: %z\n", db_fingerprint(rcvid, 1)); if( g.localOpen ){ fossil_print("localdb: %z\n", db_lget("fingerprint","(none)")); fossil_print("db_fingerprint_ok(): %d\n", db_fingerprint_ok()); } } / Set the value of the "checkout" entry in the VVAR table. ** Also set "fingerprint" and "checkout-hash". / void db_set_checkout(int rid){ char z; db_lset_int("checkout", rid); z = db_text(0,"SELECT uuid FROM blob WHERE rid=%d",rid); db_lset("checkout-hash", z); fossil_free(z); z = db_fingerprint(0, 1); db_lset("fingerprint", z); fossil_free(z); } /* Verify that the fingerprint recorded in the "fingerprint" entry of the VVAR table matches the fingerprint on the currently
︙			︙
4016 4017 4018 4019 4020 4021 4022 ~~4023~~ 4024 ~~4025~~ ~~4026~~ 4027 4028	zCkout = db_text(0,"SELECT value FROM localdb.vvar WHERE name='fingerprint'"); if( zCkout==0 ){ /* This is an older checkout that does not record a fingerprint. ** We have to assume everything is ok */ return 2; } ~~zRepo = db_fingerprint(atoi(zCkout));~~ rc = fossil_strcmp(zCkout,zRepo)==0; ~~fossil_free(z~~Ckout~~);~~ ~~fossil_free(zRepo);~~ return rc; }	\| \| > > > > > \| > >	4029 4030 4031 4032 4033 4034 4035 4036 4037 4038 4039 4040 4041 4042 4043 4044 4045 4046 4047 4048	zCkout = db_text(0,"SELECT value FROM localdb.vvar WHERE name='fingerprint'"); if( zCkout==0 ){ /* This is an older checkout that does not record a fingerprint. ** We have to assume everything is ok / return 2; } zRepo = db_fingerprint(atoi(zCkout), 1); rc = fossil_strcmp(zCkout,zRepo)==0; fossil_free(zRepo); / If the initial test fails, try again using the older fingerprint ** algorithm */ if( !rc ){ zRepo = db_fingerprint(atoi(zCkout), 0); rc = fossil_strcmp(zCkout,zRepo)==0; fossil_free(zRepo); } fossil_free(zCkout); return rc; }