Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | merged and conflict-resolved trunk [c0274f996266aef]. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | json-multitag-test | json |
| Files: | files | file ages | folders |
| SHA1: |
4fbf77d4f371c1960fb4524be3098834 |
| User & Date: | stephan 2011-10-04 23:40:59 |
Context
|
2011-10-05
| ||
| 00:53 | lots of minor cleanups in JSON error handling (mostly cosmetic). Added some new FOSSIL-xxxx codes. (check-in: 2e41514f user: stephan tags: json-multitag-test, json) | |
|
2011-10-04
| ||
| 23:40 | merged and conflict-resolved trunk [c0274f996266aef]. (check-in: 4fbf77d4 user: stephan tags: json-multitag-test, json) | |
| 23:07 | Merge the --args FILENAME patch into trunk. (check-in: c0274f99 user: drh tags: trunk) | |
| 20:02 | Started adding /json/artifact tickets support, but grokking tkt.c is more than i am up for tonight. Changed how permissions checks are done under /json/artifact (previous approach is just plain silly without C++ templates) (check-in: cee8bc67 user: stephan tags: json-multitag-test, json) | |
Changes
Changes to src/blob.c.
309 310 311 312 313 314 315 316 317 318 319 320 321 322 |
szA = blob_size(pA);
szB = blob_size(pB);
sz = szA<szB ? szA : szB;
rc = memcmp(blob_buffer(pA), blob_buffer(pB), sz);
if( rc==0 ){
rc = szA - szB;
}
return rc;
}
/*
** Compare a blob to a string. Return TRUE if they are equal.
*/
int blob_eq_str(Blob *pBlob, const char *z, int n){
|
> > > > > > > > > > > > > > > > > > > > > > > > > > |
309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 |
szA = blob_size(pA);
szB = blob_size(pB);
sz = szA<szB ? szA : szB;
rc = memcmp(blob_buffer(pA), blob_buffer(pB), sz);
if( rc==0 ){
rc = szA - szB;
}
return rc;
}
/*
** Compare two blobs in constant time and return zero if they are equal.
** Constant time comparison only applies for blobs of the same length.
** If lengths are different, immediately returns 1.
*/
int blob_constant_time_cmp(Blob *pA, Blob *pB){
int szA, szB, i;
unsigned char *buf1, *buf2;
unsigned char rc = 0;
blob_is_init(pA);
blob_is_init(pB);
szA = blob_size(pA);
szB = blob_size(pB);
if( szA!=szB || szA==0 ) return 1;
buf1 = blob_buffer(pA);
buf2 = blob_buffer(pB);
for( i=0; i<szA; i++ ){
rc = rc | (buf1[i] ^ buf2[i]);
}
return rc;
}
/*
** Compare a blob to a string. Return TRUE if they are equal.
*/
int blob_eq_str(Blob *pBlob, const char *z, int n){
|
Changes to src/cgi.c.
323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 |
** stale cache is the least of the problem. So we provide an Expires
** header set to a reasonable period (default: one week).
*/
/*time_t expires = time(0) + atoi(db_config("constant_expires","604800"));*/
time_t expires = time(0) + 604800;
fprintf(g.httpOut, "Expires: %s\r\n", cgi_rfc822_datestamp(expires));
}else{
fprintf(g.httpOut, "Cache-control: no-cache, no-store\r\n");
}
/* Content intended for logged in users should only be cached in
** the browser, not some shared location.
*/
fprintf(g.httpOut, "Content-Type: %s; charset=utf-8\r\n", zContentType);
if( fossil_strcmp(zContentType,"application/x-fossil")==0 ){
|
| |
323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 |
** stale cache is the least of the problem. So we provide an Expires
** header set to a reasonable period (default: one week).
*/
/*time_t expires = time(0) + atoi(db_config("constant_expires","604800"));*/
time_t expires = time(0) + 604800;
fprintf(g.httpOut, "Expires: %s\r\n", cgi_rfc822_datestamp(expires));
}else{
fprintf(g.httpOut, "Cache-control: no-cache\r\n");
}
/* Content intended for logged in users should only be cached in
** the browser, not some shared location.
*/
fprintf(g.httpOut, "Content-Type: %s; charset=utf-8\r\n", zContentType);
if( fossil_strcmp(zContentType,"application/x-fossil")==0 ){
|
Changes to src/login.c.
378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 ... 554 555 556 557 558 559 560 561 562 563 564 565 566 567 ... 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 ... 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 ... 659 660 661 662 663 664 665 666 667 668 669 670 671 672 |
login_clear_login_data();
redirect_to_g();
}
if( g.perm.Password && zPasswd && (zNew1 = P("n1"))!=0 && (zNew2 = P("n2"))!=0 ){
/* The user requests a password change */
zSha1Pw = sha1_shared_secret(zPasswd, g.zLogin, 0);
if( db_int(1, "SELECT 0 FROM user"
" WHERE uid=%d AND (pw=%Q OR pw=%Q)",
g.userUid, zPasswd, zSha1Pw) ){
sleep(1);
zErrMsg =
@ <p><span class="loginError">
@ You entered an incorrect old password while attempting to change
@ your password. Your password is unchanged.
@ </span></p>
;
................................................................................
@ <tr><td></td>
@ <td><input type="submit" value="Change Password" /></td></tr>
@ </table>
@ </form>
}
style_footer();
}
/*
** Attempt to find login credentials for user zLogin on a peer repository
** with project code zCode. Transfer those credentials to the local
** repository.
**
** Return true if a transfer was made and false if not.
................................................................................
zCode
);
if( zOtherRepo==0 ) return 0; /* No such peer repository */
rc = sqlite3_open(zOtherRepo, &pOther);
if( rc==SQLITE_OK ){
sqlite3_create_function(pOther,"now",0,SQLITE_ANY,0,db_now_function,0,0);
sqlite3_busy_timeout(pOther, 5000);
zSQL = mprintf(
"SELECT cexpire FROM user"
" WHERE cookie=%Q"
" AND ipaddr=%Q"
" AND login=%Q"
" AND length(cap)>0"
" AND length(pw)>0"
" AND cexpire>julianday('now')",
zHash, zRemoteAddr, zLogin
);
pStmt = 0;
rc = sqlite3_prepare_v2(pOther, zSQL, -1, &pStmt, 0);
if( rc==SQLITE_OK && sqlite3_step(pStmt)==SQLITE_ROW ){
db_multi_exec(
"UPDATE user SET cookie=%Q, ipaddr=%Q, cexpire=%.17g"
" WHERE login=%Q",
................................................................................
if( fossil_strcmp(zLogin, "anonymous")==0 ) return 0;
if( fossil_strcmp(zLogin, "nobody")==0 ) return 0;
if( fossil_strcmp(zLogin, "developer")==0 ) return 0;
if( fossil_strcmp(zLogin, "reader")==0 ) return 0;
uid = db_int(0,
"SELECT uid FROM user"
" WHERE login=%Q"
" AND cookie=%Q"
" AND ipaddr=%Q"
" AND cexpire>julianday('now')"
" AND length(cap)>0"
" AND length(pw)>0",
zLogin, zCookie, zRemoteAddr
);
return uid;
}
/*
** This routine examines the login cookie to see if it exists and and
** is valid. If the login cookie checks out, it then sets global
................................................................................
const char *zCookie; /* Text of the login cookie */
const char *zIpAddr; /* Raw IP address of the requestor */
char *zRemoteAddr; /* Abbreviated IP address of the requestor */
const char *zCap = 0; /* Capability string */
/* Only run this check once. */
if( g.userUid!=0 ) return;
/* If the HTTP connection is coming over 127.0.0.1 and if
** local login is disabled and if we are using HTTP and not HTTPS,
** then there is no need to check user credentials.
**
** This feature allows the "fossil ui" command to give the user
** full access rights without having to log in.
|
| > > | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | < | > | < | > | > > > |
378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 ... 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 ... 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 ... 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 ... 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 |
login_clear_login_data();
redirect_to_g();
}
if( g.perm.Password && zPasswd && (zNew1 = P("n1"))!=0 && (zNew2 = P("n2"))!=0 ){
/* The user requests a password change */
zSha1Pw = sha1_shared_secret(zPasswd, g.zLogin, 0);
if( db_int(1, "SELECT 0 FROM user"
" WHERE uid=%d"
" AND (constant_time_cmp(pw,%Q)=0"
" OR constant_time_cmp(pw,%Q)=0)",
g.userUid, zSha1Pw, zPasswd) ){
sleep(1);
zErrMsg =
@ <p><span class="loginError">
@ You entered an incorrect old password while attempting to change
@ your password. Your password is unchanged.
@ </span></p>
;
................................................................................
@ <tr><td></td>
@ <td><input type="submit" value="Change Password" /></td></tr>
@ </table>
@ </form>
}
style_footer();
}
/*
** SQL function for constant time comparison of two values.
** Sets result to 0 if two values are equal.
*/
static void constant_time_cmp_function(
sqlite3_context *context,
int argc,
sqlite3_value **argv
){
const unsigned char *buf1, *buf2;
int len, i;
unsigned char rc = 0;
assert( argc==2 );
len = sqlite3_value_bytes(argv[0]);
if( len==0 || len!=sqlite3_value_bytes(argv[1]) ){
rc = 1;
}else{
buf1 = sqlite3_value_text(argv[0]);
buf2 = sqlite3_value_text(argv[1]);
for( i=0; i<len; i++ ){
rc = rc | (buf1[i] ^ buf2[i]);
}
}
sqlite3_result_int(context, rc);
}
/*
** Attempt to find login credentials for user zLogin on a peer repository
** with project code zCode. Transfer those credentials to the local
** repository.
**
** Return true if a transfer was made and false if not.
................................................................................
zCode
);
if( zOtherRepo==0 ) return 0; /* No such peer repository */
rc = sqlite3_open(zOtherRepo, &pOther);
if( rc==SQLITE_OK ){
sqlite3_create_function(pOther,"now",0,SQLITE_ANY,0,db_now_function,0,0);
sqlite3_create_function(pOther, "constant_time_cmp", 2, SQLITE_UTF8, 0,
constant_time_cmp_function, 0, 0);
sqlite3_busy_timeout(pOther, 5000);
zSQL = mprintf(
"SELECT cexpire FROM user"
" WHERE login=%Q"
" AND ipaddr=%Q"
" AND length(cap)>0"
" AND length(pw)>0"
" AND cexpire>julianday('now')"
" AND constant_time_cmp(cookie,%Q)=0",
zLogin, zRemoteAddr, zHash
);
pStmt = 0;
rc = sqlite3_prepare_v2(pOther, zSQL, -1, &pStmt, 0);
if( rc==SQLITE_OK && sqlite3_step(pStmt)==SQLITE_ROW ){
db_multi_exec(
"UPDATE user SET cookie=%Q, ipaddr=%Q, cexpire=%.17g"
" WHERE login=%Q",
................................................................................
if( fossil_strcmp(zLogin, "anonymous")==0 ) return 0;
if( fossil_strcmp(zLogin, "nobody")==0 ) return 0;
if( fossil_strcmp(zLogin, "developer")==0 ) return 0;
if( fossil_strcmp(zLogin, "reader")==0 ) return 0;
uid = db_int(0,
"SELECT uid FROM user"
" WHERE login=%Q"
" AND ipaddr=%Q"
" AND cexpire>julianday('now')"
" AND length(cap)>0"
" AND length(pw)>0"
" AND constant_time_cmp(cookie,%Q)=0",
zLogin, zRemoteAddr, zCookie
);
return uid;
}
/*
** This routine examines the login cookie to see if it exists and and
** is valid. If the login cookie checks out, it then sets global
................................................................................
const char *zCookie; /* Text of the login cookie */
const char *zIpAddr; /* Raw IP address of the requestor */
char *zRemoteAddr; /* Abbreviated IP address of the requestor */
const char *zCap = 0; /* Capability string */
/* Only run this check once. */
if( g.userUid!=0 ) return;
sqlite3_create_function(g.db, "constant_time_cmp", 2, SQLITE_UTF8, 0,
constant_time_cmp_function, 0, 0);
/* If the HTTP connection is coming over 127.0.0.1 and if
** local login is disabled and if we are using HTTP and not HTTPS,
** then there is no need to check user credentials.
**
** This feature allows the "fossil ui" command to give the user
** full access rights without having to log in.
|
Changes to src/main.c.
296
297
298
299
300
301
302
303
304
305
306
307
308
309
...
322
323
324
325
326
327
328
329
330
331
332
333
334
335
|
cson_value_free(g.json.gc.v);
free(g.zErrMsg);
memset(&g.json, 0, sizeof(g.json));
if(g.db){
db_close(0);
}
}
/*
** This procedure runs first.
*/
int main(int argc, char **argv){
const char *zCmdName = "unknown";
int idx;
................................................................................
so we can't sql for it.*/;
#else
g.json.errorDetailParanoia = 0;
#endif
g.json.outOpt = cson_output_opt_empty;
g.json.outOpt.addNewline = 1;
g.json.outOpt.indentation = 1 /* in CGI/server mode this can be configured */;
for(i=0; i<argc; i++) g.argv[i] = fossil_mbcs_to_utf8(argv[i]);
if( getenv("GATEWAY_INTERFACE")!=0 && !find_option("nocgi", 0, 0)){
zCmdName = "cgi";
g.isHTTP = 1;
}else if( argc<2 ){
fossil_fatal("Usage: %s COMMAND ...\n"
"\"%s help\" for a list of available commands\n"
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
...
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
|
cson_value_free(g.json.gc.v);
free(g.zErrMsg);
memset(&g.json, 0, sizeof(g.json));
if(g.db){
db_close(0);
}
}
/*
** Search g.argv for arguments "--args FILENAME". If found, then
** (1) remove the two arguments from g.argv
** (2) Read the file FILENAME
** (3) Use the contents of FILE to replace the two removed arguments:
** (a) Ignore blank lines in the file
** (b) Each non-empty line of the file is an argument, except
** (c) If the line begins with "-" and contains a space, it is broken
** into two arguments at the space.
*/
static void expand_args_option(void){
Blob file = empty_blob; /* Content of the file */
Blob line = empty_blob; /* One line of the file */
unsigned int nLine; /* Number of lines in the file*/
unsigned int i, j, k; /* Loop counters */
int n; /* Number of bytes in one line */
char *z; /* General use string pointer */
char **newArgv; /* New expanded g.argv under construction */
for(i=1; i<g.argc-1; i++){
z = g.argv[i];
if( z[0]!='-' ) continue;
z++;
if( z[0]=='-' ) z++;
if( z[0]==0 ) return; /* Stop searching at "--" */
if( fossil_strcmp(z, "args")==0 ) break;
}
if( i>=g.argc-1 ) return;
blob_read_from_file(&file, g.argv[i+1]);
z = blob_str(&file);
for(k=0, nLine=1; z[k]; k++) if( z[k]=='\n' ) nLine++;
newArgv = fossil_malloc( sizeof(char*)*(g.argc + nLine*2) );
for(j=0; j<i; j++) newArgv[j] = g.argv[j];
blob_rewind(&file);
while( (n = blob_line(&file, &line))>0 ){
if( n<=1 ) continue;
z = blob_buffer(&line);
z[n-1] = 0;
newArgv[j++] = z;
if( z[0]=='-' ){
for(k=1; z[k] && !fossil_isspace(z[k]); k++){}
if( z[k] ){
z[k] = 0;
k++;
if( z[k] ) newArgv[j++] = &z[k];
}
}
}
i += 2;
while( i<g.argc ) newArgv[j++] = g.argv[i++];
newArgv[j] = 0;
g.argc = j;
g.argv = newArgv;
}
/*
** This procedure runs first.
*/
int main(int argc, char **argv){
const char *zCmdName = "unknown";
int idx;
................................................................................
so we can't sql for it.*/;
#else
g.json.errorDetailParanoia = 0;
#endif
g.json.outOpt = cson_output_opt_empty;
g.json.outOpt.addNewline = 1;
g.json.outOpt.indentation = 1 /* in CGI/server mode this can be configured */;
expand_args_option();
argc = g.argc;
argv = g.argv;
for(i=0; i<argc; i++) g.argv[i] = fossil_mbcs_to_utf8(argv[i]);
if( getenv("GATEWAY_INTERFACE")!=0 && !find_option("nocgi", 0, 0)){
zCmdName = "cgi";
g.isHTTP = 1;
}else if( argc<2 ){
fossil_fatal("Usage: %s COMMAND ...\n"
"\"%s help\" for a list of available commands\n"
|
Changes to src/xfer.c.
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
...
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
|
db_ephemeral_blob(&q, 0, &pw);
szPw = blob_size(&pw);
blob_zero(&combined);
blob_copy(&combined, pNonce);
blob_append(&combined, blob_buffer(&pw), szPw);
sha1sum_blob(&combined, &hash);
assert( blob_size(&hash)==40 );
rc = blob_compare(&hash, pSig);
blob_reset(&hash);
blob_reset(&combined);
if( rc!=0 && szPw!=40 ){
/* If this server stores cleartext passwords and the password did not
** match, then perhaps the client is sending SHA1 passwords. Try
** again with the SHA1 password.
*/
................................................................................
const char *zPw = db_column_text(&q, 0);
char *zSecret = sha1_shared_secret(zPw, blob_str(pLogin), 0);
blob_zero(&combined);
blob_copy(&combined, pNonce);
blob_append(&combined, zSecret, -1);
free(zSecret);
sha1sum_blob(&combined, &hash);
rc = blob_compare(&hash, pSig);
blob_reset(&hash);
blob_reset(&combined);
}
if( rc==0 ){
const char *zCap;
zCap = db_column_text(&q, 1);
login_set_capabilities(zCap, 0);
|
|
|
|
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
...
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
|
db_ephemeral_blob(&q, 0, &pw);
szPw = blob_size(&pw);
blob_zero(&combined);
blob_copy(&combined, pNonce);
blob_append(&combined, blob_buffer(&pw), szPw);
sha1sum_blob(&combined, &hash);
assert( blob_size(&hash)==40 );
rc = blob_constant_time_cmp(&hash, pSig);
blob_reset(&hash);
blob_reset(&combined);
if( rc!=0 && szPw!=40 ){
/* If this server stores cleartext passwords and the password did not
** match, then perhaps the client is sending SHA1 passwords. Try
** again with the SHA1 password.
*/
................................................................................
const char *zPw = db_column_text(&q, 0);
char *zSecret = sha1_shared_secret(zPw, blob_str(pLogin), 0);
blob_zero(&combined);
blob_copy(&combined, pNonce);
blob_append(&combined, zSecret, -1);
free(zSecret);
sha1sum_blob(&combined, &hash);
rc = blob_constant_time_cmp(&hash, pSig);
blob_reset(&hash);
blob_reset(&combined);
}
if( rc==0 ){
const char *zCap;
zCap = db_column_text(&q, 1);
login_set_capabilities(zCap, 0);
|