Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Verify the repository fingerprint whenever a repository is opened from a checkout database. For now, abort with an error if the fingerprint is incorrect. To do: have Fossil automatically adjust RIDs in the checkout database if the fingerprint is incorrect. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | repo-fingerprint |
Files: | files | file ages | folders |
SHA3-256: |
6036bc621e10c14a0fa3ef47f79b8755 |
User & Date: | drh 2019-01-11 03:31:53 |
Wiki: | repo-fingerprint |
Context
2019-01-16
| ||
00:11 | Detect when the repository associated with a check-out has been swapped out for a clone with different RID values, and give the user a warning. Still to do: automatically recover. check-in: 1b114d24 user: drh tags: trunk | |
2019-01-11
| ||
03:31 | Verify the repository fingerprint whenever a repository is opened from a checkout database. For now, abort with an error if the fingerprint is incorrect. To do: have Fossil automatically adjust RIDs in the checkout database if the fingerprint is incorrect. Closed-Leaf check-in: 6036bc62 user: drh tags: repo-fingerprint | |
2019-01-10
| ||
21:07 | Store "fingerprint" and "checkout-hash" in the VVAR table whenever the working checkout changes. check-in: e07139a0 user: drh tags: repo-fingerprint | |
Changes
Changes to src/db.c.
1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 .... 3756 3757 3758 3759 3760 3761 3762 3763 3764 3765 3766 3767 3768 3769 3770 3771 3772 3773 3774 3775 .... 3786 3787 3788 3789 3790 3791 3792 |
db_set_int("hash-policy", g.eHashPolicy, 0); } /* Make a change to the CHECK constraint on the BLOB table for ** version 2.0 and later. */ rebuild_schema_update_2_0(); /* Do the Fossil-2.0 schema updates */ } /* ** Return true if there have been any changes to the repository ** database since it was opened. ** ** Changes to "config" and "localdb" and "temp" do not count. ................................................................................ db_finalize(&q); return z; } /* ** COMMAND: test-fingerprint ** ** Usage: %fossil test-fingerprint ?RCVID? ** ** Display the repository fingerprint. */ void test_fingerprint(void){ int rcvid = 0; db_find_and_open_repository(OPEN_ANY_SCHEMA,0); if( g.argc==3 ){ rcvid = atoi(g.argv[2]); }else if( g.argc!=2 ){ fossil_fatal("wrong number of arguments"); } fossil_print("%z\n", db_fingerprint(rcvid)); ................................................................................ z = db_text(0,"SELECT uuid FROM blob WHERE rid=%d",rid); db_lset("checkout-hash", z); fossil_free(z); z = db_fingerprint(0); db_lset("fingerprint", z); fossil_free(z); } |
> > > > > > > > > > > > > > > > > > > | | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > |
1653 1654 1655 1656 1657 1658 1659 1660 1661 1662 1663 1664 1665 1666 1667 1668 1669 1670 1671 1672 1673 1674 1675 1676 1677 1678 1679 1680 1681 1682 1683 1684 1685 .... 3775 3776 3777 3778 3779 3780 3781 3782 3783 3784 3785 3786 3787 3788 3789 3790 3791 3792 3793 3794 3795 3796 3797 3798 3799 3800 3801 .... 3812 3813 3814 3815 3816 3817 3818 3819 3820 3821 3822 3823 3824 3825 3826 3827 3828 3829 3830 3831 3832 3833 3834 3835 3836 3837 3838 3839 3840 3841 3842 |
db_set_int("hash-policy", g.eHashPolicy, 0); } /* Make a change to the CHECK constraint on the BLOB table for ** version 2.0 and later. */ rebuild_schema_update_2_0(); /* Do the Fossil-2.0 schema updates */ /* If the checkout database was opened first, then check to make ** sure that the repository database that was just opened has not ** be replaced by a clone of the same project, with different RID ** values. */ if( g.localOpen && !db_fingerprint_ok() ){ fossil_print( "Oops. It looks like the repository database file located at\n" " \"%s\"\n", zDbName ); fossil_print( "has been swapped with a clone that may have different\n" "integer keys for the various artifacts. As of 2019-01-11,\n" "we are working on enhancing Fossil to be able to deal with\n" "that automatically, but we are not there yet. Sorry.\n\n" ); fossil_fatal("bad fingerprint"); } } /* ** Return true if there have been any changes to the repository ** database since it was opened. ** ** Changes to "config" and "localdb" and "temp" do not count. ................................................................................ db_finalize(&q); return z; } /* ** COMMAND: test-fingerprint ** ** Usage: %fossil test-fingerprint ?RCVID? ?--check? ** ** Display the repository fingerprint. Or if the --check option ** is provided and this command is run from a checkout, invoke the ** db_fingerprint_ok() method and print its result. */ void test_fingerprint(void){ int rcvid = 0; if( find_option("check",0,0)!=0 ){ db_must_be_within_tree(); fossil_print("db_fingerprint_ok() => %d\n", db_fingerprint_ok()); return; } db_find_and_open_repository(OPEN_ANY_SCHEMA,0); if( g.argc==3 ){ rcvid = atoi(g.argv[2]); }else if( g.argc!=2 ){ fossil_fatal("wrong number of arguments"); } fossil_print("%z\n", db_fingerprint(rcvid)); ................................................................................ z = db_text(0,"SELECT uuid FROM blob WHERE rid=%d",rid); db_lset("checkout-hash", z); fossil_free(z); z = db_fingerprint(0); db_lset("fingerprint", z); fossil_free(z); } /* ** Verify that the fingerprint recorded in the "fingerprint" entry ** of the VVAR table matches the fingerprint on the currently ** connected repository. Return true if the fingerprint is ok, and ** return false if the fingerprint does not match. */ int db_fingerprint_ok(void){ char *zCkout; /* The fingerprint recorded in the checkout database */ char *zRepo; /* The fingerprint of the repository */ int rc; /* Result */ zCkout = db_text(0,"SELECT value FROM localdb.vvar WHERE name='fingerprint'"); if( zCkout==0 ){ /* This is an older checkout that does not record a fingerprint. ** We have to assume everything is ok */ return 2; } zRepo = db_fingerprint(atoi(zCkout)); rc = fossil_strcmp(zCkout,zRepo)==0; fossil_free(zCkout); fossil_free(zRepo); return rc; } |