Fossil

Differences From Artifact [cf2093b0ee]:

• File src/db.c — part of check-in [41ba6ea7db] at 2022-12-30 20:54:10 on branch trunk — Security enhancement: Do not store the passwords for remote URLs directly, but instead store the sha1_shared_secret() encoding of those passwords. It is the SHA1 encoding that gets transmitted to the server anyhow, so we might as well just store that. The SHA1 encoding cannot be used to log in. The password is still protected using obscure() even though it is now a SHA1 hash. (user: drh size: 165367)

To Artifact [a56088a937]:

• File src/db.c — part of check-in [aa1a0b31e2] at 2022-12-30 21:12:38 on branch trunk — Improved comment on the db_obscure() routine. No functional code changes. (user: drh size: 165656)

1379
1380
1381
1382
1383
1384
1385






1386
1387
1388
1389
1390
1391
1392

**
** Note that user.pw uses a different obscuration algorithm, but
** you don't need to use 'fossil sql' for that anyway.  Just call
**
**    fossil user pass monkey123
**
** to change the local user entry's password in the same way.






*/
void db_obscure(
  sqlite3_context *context,
  int argc,
  sqlite3_value **argv
){
  const unsigned char *zIn = sqlite3_value_text(argv[0]);

>
>
>
>
>
>

1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398

**
** Note that user.pw uses a different obscuration algorithm, but
** you don't need to use 'fossil sql' for that anyway.  Just call
**
**    fossil user pass monkey123
**
** to change the local user entry's password in the same way.
**
** 2022-12-30:  If the user-data pointer is not NULL, then operate
** as unobscure() rather than obscure().  The obscure() variant of
** this routine is commonly available.  But unobscure is (currently)
** only registered by the "fossil remote config-data --show-passwords"
** command.
*/
void db_obscure(
  sqlite3_context *context,
  int argc,
  sqlite3_value **argv
){
  const unsigned char *zIn = sqlite3_value_text(argv[0]);