Fossil

Check-in [05380c5f]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Cleanup the last-sync-url password handling. Automatically prompt for a new password if a sync login card fails.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | experimental
Files: files | file ages | folders
SHA1: 05380c5f606e361f65ae894cc3e8826535f11d31
User & Date: drh 2010-01-21 20:28:31.000
Context
2010-01-21
20:52
Use the saved sync-url password for autosync. ... (Closed-Leaf check-in: f703a2fc user: drh tags: experimental)
20:28
Cleanup the last-sync-url password handling. Automatically prompt for a new password if a sync login card fails. ... (check-in: 05380c5f user: drh tags: experimental)
20:14
If a sync login fails, prompt for a new password and repeat the attempt. ... (check-in: 0110b93e user: drh tags: experimental)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/http.c. 
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74

  blob_zero(&pw);
  sha1sum_blob(pPayload, &nonce);
  blob_copy(&pw, &nonce);
  zLogin = g.urlUser;
  if( g.urlPasswd ){
    zPw = g.urlPasswd;
  }else{
    char *zPrompt = mprintf("password for %s: ", g.urlUser);
    Blob x;
    prompt_for_password(zPrompt, &x, 0);
    free(zPrompt);
    zPw = blob_str(&x);
    if( !g.dontKeepUrl ) db_set("last-sync-pw", zPw, 0);
    g.urlPasswd = mprintf("%s", zPw);
  }

  /* The login card wants the SHA1 hash of the password, so convert the
  ** password to its SHA1 hash it it isn't already a SHA1 hash.
  **
  ** Except, if the password begins with "*" then use the characters
  ** after the "*" as a cleartext password.  Put an "*" at the beginning








<
<
|
<
|

<








54
55
56
57
58
59
60


61

62
63

64
65
66
67
68
69
70

  blob_zero(&pw);
  sha1sum_blob(pPayload, &nonce);
  blob_copy(&pw, &nonce);
  zLogin = g.urlUser;
  if( g.urlPasswd ){
    zPw = g.urlPasswd;
  }else{


    url_prompt_for_password();

    zPw = g.urlPasswd;
    if( !g.dontKeepUrl ) db_set("last-sync-pw", zPw, 0);

  }

  /* The login card wants the SHA1 hash of the password, so convert the
  ** password to its SHA1 hash it it isn't already a SHA1 hash.
  **
  ** Except, if the password begins with "*" then use the characters
  ** after the "*" as a cleartext password.  Put an "*" at the beginning
Changes to src/rebuild.c. 
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396

    if( blob_str(&ans)[0]!='y' ){
      exit(1);
    }
  }
  db_begin_transaction();
  db_multi_exec(
    "UPDATE user SET pw='';"
    "DELETE FROM config WHERE name='last-sync-url';"
  );
  if( bVerily ){
    bNeedRebuild = db_exists("SELECT 1 FROM private");
    db_multi_exec(
      "DELETE FROM concealed;"
      "UPDATE rcvfrom SET ipaddr='unknown';"
      "UPDATE user SET photo=NULL, info='';"








|








382
383
384
385
386
387
388
389
390
391
392
393
394
395
396

    if( blob_str(&ans)[0]!='y' ){
      exit(1);
    }
  }
  db_begin_transaction();
  db_multi_exec(
    "UPDATE user SET pw='';"
    "DELETE FROM config WHERE name GLOB 'last-sync-*';"
  );
  if( bVerily ){
    bNeedRebuild = db_exists("SELECT 1 FROM private");
    db_multi_exec(
      "DELETE FROM concealed;"
      "UPDATE rcvfrom SET ipaddr='unknown';"
      "UPDATE user SET photo=NULL, info='';"
Changes to src/sync.c. 
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236

  process_sync_args();
  client_sync(1,1,0,0,0);
}

/*
** COMMAND: remote-url
**
** Usage: %fossil remote-url ?URL|off?  ?--password PASSWORD?
**
** Query and/or change the default server URL used by the "pull", "push",
** and "sync" commands.
**
** The remote-url is set automatically by a "clone" command or by any
** "sync", "push", or "pull" command that specifies an explicit URL.
** The default remote-url is used by auto-syncing and by "sync", "push",
** "pull" that omit the server URL.
**
** See also: clone, push, pull, sync
*/
void remote_url_cmd(void){
  char *zUrl;
  const char *zPw = find_option("password", 0, 1);
  db_find_and_open_repository(1);
  if( g.argc!=2 && g.argc!=3 ){
    usage("remote-url ?URL|off?");
  }
  if( g.argc==3 ){
    if( strcmp(g.argv[2],"off")==0 ){
      db_unset("last-sync-url", 0);
      db_unset("last-sync-pw", 0);
    }else{
      url_parse(g.argv[2]);
      if( g.urlUser && g.urlPasswd==0 ){
        if( zPw ){
          g.urlPasswd = mprintf("%s", zPw);
        }else{
          char *zPrompt = mprintf("password for %s: ", g.urlUser);
          Blob x;
          prompt_for_password(zPrompt, &x, 0);
          free(zPrompt);
          g.urlPasswd = blob_str(&x);
        }
      }
      db_set("last-sync-url", g.urlCanonical, 0);
      if( g.urlPasswd ){
        db_set("last-sync-pw", g.urlPasswd, 0);
      }else{
        db_unset("last-sync-pw", 0);
      }








|













<











<
<
<
<
<
|
<
<
<








188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208

209
210
211
212
213
214
215
216
217
218
219





220



221
222
223
224
225
226
227

  process_sync_args();
  client_sync(1,1,0,0,0);
}

/*
** COMMAND: remote-url
**
** Usage: %fossil remote-url ?URL|off?
**
** Query and/or change the default server URL used by the "pull", "push",
** and "sync" commands.
**
** The remote-url is set automatically by a "clone" command or by any
** "sync", "push", or "pull" command that specifies an explicit URL.
** The default remote-url is used by auto-syncing and by "sync", "push",
** "pull" that omit the server URL.
**
** See also: clone, push, pull, sync
*/
void remote_url_cmd(void){
  char *zUrl;

  db_find_and_open_repository(1);
  if( g.argc!=2 && g.argc!=3 ){
    usage("remote-url ?URL|off?");
  }
  if( g.argc==3 ){
    if( strcmp(g.argv[2],"off")==0 ){
      db_unset("last-sync-url", 0);
      db_unset("last-sync-pw", 0);
    }else{
      url_parse(g.argv[2]);
      if( g.urlUser && g.urlPasswd==0 ){





        url_prompt_for_password();



      }
      db_set("last-sync-url", g.urlCanonical, 0);
      if( g.urlPasswd ){
        db_set("last-sync-pw", g.urlPasswd, 0);
      }else{
        db_unset("last-sync-pw", 0);
      }
Changes to src/url.c. 
302
303
304
305
306
307
308














    blob_appendf(&p->url, "%s%s=%T", zSep, zName1, zValue1);
  }
  if( zName2 && zValue2 ){
    blob_appendf(&p->url, "%s%s=%T", zSep, zName2, zValue2);
  }
  return blob_str(&p->url);
}





















>
>
>
>
>
>
>
>
>
>
>
>
>

302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321

    blob_appendf(&p->url, "%s%s=%T", zSep, zName1, zValue1);
  }
  if( zName2 && zValue2 ){
    blob_appendf(&p->url, "%s%s=%T", zSep, zName2, zValue2);
  }
  return blob_str(&p->url);
}

/*
** Prompt the user for the password for g.urlUser.  Store the result
** in g.urlPasswd.
*/
void url_prompt_for_password(void){
  char *zPrompt = mprintf("password for %s: ", g.urlUser);
  Blob x;
  prompt_for_password(zPrompt, &x, 0);
  free(zPrompt);
  g.urlPasswd = mprintf("%b", &x);
  blob_reset(&x);
}