Fossil

Changes On Branch fix_remote_url_overwrite_with_proxy
Login

Changes On Branch fix_remote_url_overwrite_with_proxy

Hide Diff Patch Side-by-Side Diff

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Changes In Branch fix_remote_url_overwrite_with_proxy Excluding Merge-Ins

This is equivalent to a diff from bb09ff84 to a242bb72

2022-05-11
15:42
Fix remote-url overwriting by proxy url bug and use the http_proxy environment variable only when explicitly requested by setting the proxy setting to "system". ... (check-in: a791d5e8 user: mgagnon tags: trunk)
15:34
Only use the "http_proxy" environment variable if it is set to "system", if unset or set to "off", always use direct http connection. ... (Closed-Leaf check-in: a242bb72 user: mgagnon tags: fix_remote_url_overwrite_with_proxy)
15:06
Merge in latest changes from trunk ... (check-in: 5605aef9 user: mgagnon tags: fix_remote_url_overwrite_with_proxy)
11:50
Show the OpenSSL version and the SERVER_SOFTWARE to administrators on the /stat page. ... (check-in: bb09ff84 user: drh tags: trunk)
11:08
Fix NULL pointer dereference introduced by check-in [b05a6c6bc826d3c2]. Fix for the problem reported by forum post/bfb99db2886ca3b5. ... (check-in: c68fa2ed user: drh tags: trunk)

Changes to src/db.c. 

4366
4367
4368
4369
4370
4371
4372
4373
4374

4375
4376

4377
4378
4379
4380
4381
4382
4383

4366
4367
4368
4369
4370
4371
4372


4373


4374
4375
4376
4377
4378
4379
4380
4381








-
-
+
-
-
+








** to obtain a check-in lock during auto-sync, the server will 
** send the "pragma avoid-delta-manifests" statement in its reply,
** which will cause the client to avoid generating a delta
** manifest.
*/
/*
** SETTING: proxy            width=32 default=off
** URL of the HTTP proxy.  If undefined or "off" then
** the "http_proxy" environment variable is consulted.
** URL of the HTTP proxy. If "system", the "http_proxy" environment variable is
** If the http_proxy environment variable is undefined
** then a direct HTTP connection is used.
** consulted. If undefined or "off", a direct HTTP connection is used.
*/
/*
** SETTING: redirect-to-https   default=0 width=-1
** Specifies whether or not to redirect http:// requests to
** https:// URIs. A value of 0 (the default) means not to
** redirect, 1 means to redirect only the /login page, and 2
** means to always redirect.

Changes to src/sync.c. 

22
23
24
25
26
27
28






29
30

31
32

33
34

35
36
37
38
39
40
41

22
23
24
25
26
27
28
29
30
31
32
33
34
35

36
37

38
39

40
41
42
43
44
45
46
47








+
+
+
+
+
+

-
+

-
+

-
+








#include <assert.h>

/*
** Explain what type of sync operation is about to occur
*/
static void sync_explain(unsigned syncFlags){
  if( g.url.isAlias ){
    const char *url;
    if( g.url.useProxy ){
      url = g.url.proxyUrlCanonical;
    }else{
      url = g.url.canonical;
    }
    if( (syncFlags & (SYNC_PUSH|SYNC_PULL))==(SYNC_PUSH|SYNC_PULL) ){
      fossil_print("Sync with %s\n", g.url.canonical);
      fossil_print("Sync with %s\n", url);
    }else if( syncFlags & SYNC_PUSH ){
      fossil_print("Push to %s\n", g.url.canonical);
      fossil_print("Push to %s\n", url);
    }else if( syncFlags & SYNC_PULL ){
      fossil_print("Pull from %s\n", g.url.canonical);
      fossil_print("Pull from %s\n", url);
    }
  }
}


/*
** Call client_sync() one or more times in order to complete a

Changes to src/url.c. 

61
62
63
64
65
66
67
68


69
70
71
72
73
74
75

61
62
63
64
65
66
67

68
69
70
71
72
73
74
75
76








-
+
+








  char *user;           /* User id for http: */
  char *passwd;         /* Password for http: */
  char *canonical;      /* Canonical representation of the URL */
  char *proxyAuth;      /* Proxy-Authorizer: string */
  char *fossil;         /* The fossil query parameter on ssh: */
  unsigned flags;       /* Boolean flags controlling URL processing */
  int useProxy;         /* Used to remember that a proxy is in use */
  char *proxyUrlPath;
  char *proxyUrlPath;   /* Remember path when proxy is use */
  char *proxyUrlCanonical; /* Remember canonical path when proxy is use */
  int proxyOrigPort;    /* Tunneled port number for https through proxy */
};
#endif /* INTERFACE */


/*
** Parse the URL in the zUrl argument. Store results in the pUrlData object.

532
533
534
535
536
537
538
539

540
541
542
543
544
545
546

533
534
535
536
537
538
539

540
541
542
543
544
545
546
547








-
+








** by the canonical name of the proxy (with userid and password suppressed).
*/
void url_enable_proxy(const char *zMsg){
  const char *zProxy;
  zProxy = zProxyOpt;
  if( zProxy==0 ){
    zProxy = db_get("proxy", 0);
    if( zProxy==0 || zProxy[0]==0 || is_false(zProxy) ){
    if( fossil_strcmp(zProxy, "system")==0 ){
      zProxy = fossil_getenv("http_proxy");
    }
  }
  if( zProxy && zProxy[0] && !is_false(zProxy)
      && !g.url.isSsh && !g.url.isFile ){
    char *zOriginalUrl = g.url.canonical;
    char *zOriginalHost = g.url.hostname;

562
563
564
565
566
567
568

569
570
571
572
573
574
575

563
564
565
566
567
568
569
570
571
572
573
574
575
576
577








+








      g.url.proxyAuth = mprintf("Basic %z", zCredentials2);
      free(zCredentials1);
    }
    g.url.user = zOriginalUser;
    g.url.passwd = zOriginalPasswd;
    g.url.isHttps = fOriginalIsHttps;
    g.url.useProxy = 1;
    g.url.proxyUrlCanonical = zOriginalUrl;;
    g.url.proxyUrlPath = zOriginalUrlPath;
    g.url.proxyOrigPort = iOriginalPort;
    g.url.flags = uOriginalFlags;
  }
}

#if INTERFACE

720
721
722
723
724
725
726






727
728

729
730

731
732
733
734
735
736
737

722
723
724
725
726
727
728
729
730
731
732
733
734
735

736
737

738
739
740
741
742
743
744
745








+
+
+
+
+
+

-
+

-
+








}

/*
** Remember the URL and password if requested.
*/
void url_remember(void){
  if( g.url.flags & URL_REMEMBER ){
    const char *url;
    if( g.url.useProxy ){
      url = g.url.proxyUrlCanonical;
    }else{
      url = g.url.canonical;
    }
    if( g.url.flags & URL_USE_PARENT ){
      db_set("parent-project-url", g.url.canonical, 0);
      db_set("parent-project-url", url, 0);
    }else{
      db_set("last-sync-url", g.url.canonical, 0);
      db_set("last-sync-url", url, 0);
    }
    if( g.url.user!=0 && g.url.passwd!=0 && ( g.url.flags & URL_REMEMBER_PW ) ){
      if( g.url.flags & URL_USE_PARENT ){
        db_set("parent-project-pw", obscure(g.url.passwd), 0);
      }else{
        db_set("last-sync-pw", obscure(g.url.passwd), 0);
      }