Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | More robust test for the ssh case, minor refactoring. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | ssh-signing |
| Files: | files | file ages | folders |
| SHA3-256: |
d2bfab5888ba0e04e679e6782d3028bc |
| User & Date: | danield 2025-01-04 23:18:14.802 |
Context
|
2025-01-04
| ||
| 23:28 | Merge trunk. check-in: 02cdfa5e08 user: danield tags: ssh-signing | |
| 23:18 | More robust test for the ssh case, minor refactoring. check-in: d2bfab5888 user: danield tags: ssh-signing | |
|
2025-01-03
| ||
| 15:57 | Make clear the one can use the Fossil user name in the .allowed_signers file. check-in: b25a0eff1f user: danield tags: ssh-signing | |
Changes
Changes to src/clearsign.c.
| ︙ | ︙ | |||
27 28 29 30 31 32 33 |
** pOut.
*/
int clearsign(Blob *pIn, Blob *pOut){
char *zRand;
char *zIn;
char *zOut;
char *zBase = db_get("pgp-command", "gpg --clearsign -o ");
| | < | > | | | 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 |
** pOut.
*/
int clearsign(Blob *pIn, Blob *pOut){
char *zRand;
char *zIn;
char *zOut;
char *zBase = db_get("pgp-command", "gpg --clearsign -o ");
int useSsh = 0;
char *zCmd;
int rc;
if( is_false(zBase) ){
return 0;
}
zRand = db_text(0, "SELECT hex(randomblob(10))");
zOut = mprintf("out-%s", zRand);
blob_write_to_file(pIn, zOut);
useSsh = (fossil_strncmp(command_basename(zBase), "ssh", 3)==0);
if( useSsh ){
zIn = mprintf("out-%s.sig", zRand);
zCmd = mprintf("%s %s", zBase, zOut);
}else{
zIn = mprintf("in-%z", zRand);
zCmd = mprintf("%s %s %s", zBase, zIn, zOut);
}
rc = fossil_system(zCmd);
free(zCmd);
if( rc==0 ){
if( pOut==pIn ){
blob_reset(pIn);
}
blob_zero(pOut);
if( useSsh ){
/* As of 2025, SSH cannot create non-detached SSH signatures */
/* We put one together */
Blob tmpBlob;
blob_zero(&tmpBlob);
blob_read_from_file(&tmpBlob, zOut, ExtFILE);
/* Add armor header line and manifest */
blob_appendf(pOut, "%s", "-----BEGIN SSH SIGNED MESSAGE-----\n\n");
blob_appendf(pOut, "%s", blob_str(&tmpBlob));
|
| ︙ | ︙ |
Changes to src/file.c.
| ︙ | ︙ | |||
586 587 588 589 590 591 592 593 594 595 596 597 598 599 |
const char *zTail = file_tail(z);
if( zTail && zTail!=z ){
return mprintf("%.*s", (int)(zTail-z-1), z);
}else{
return 0;
}
}
/* SQL Function: file_dirname(NAME)
**
** Return the directory for NAME
*/
void file_dirname_sql_function(
sqlite3_context *context,
| > > > > > > > > > > > > > > > > > | 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 |
const char *zTail = file_tail(z);
if( zTail && zTail!=z ){
return mprintf("%.*s", (int)(zTail-z-1), z);
}else{
return 0;
}
}
/*
** Return the basename of the putative executable in a command (w/o arguments).
** The returned memory should be freed via fossil_free().
*/
char *command_basename(const char *z){
const char *zTail = command_tail(z);
const char *zEnd = zTail;
while( zEnd[0] && !fossil_isspace(zEnd[0]) && zEnd[0]!='"' && zEnd[0]!='\'' ){
zEnd++;
}
if( zEnd ){
return mprintf("%.*s", (int)(zEnd-zTail), zTail);
}else{
return 0;
}
}
/* SQL Function: file_dirname(NAME)
**
** Return the directory for NAME
*/
void file_dirname_sql_function(
sqlite3_context *context,
|
| ︙ | ︙ |