Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Provide the option to force all web page requests to go over HTTPS. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | https-all-pages-option |
| Files: | files | file ages | folders |
| SHA3-256: |
f372e18979177614b552a5ddca34daa9 |
| User & Date: | drh 2019-01-21 17:33:02 |
Context
|
2019-01-21
| ||
| 18:05 | Fixes to the automatic HTTPS redirector. check-in: 14ff7af4 user: drh tags: https-all-pages-option | |
| 17:33 | Provide the option to force all web page requests to go over HTTPS. check-in: f372e189 user: drh tags: https-all-pages-option | |
| 16:57 | Fix a documentation error on the setup_access page. check-in: 742d64d9 user: drh tags: trunk | |
Changes
Changes to src/login.c.
547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 ... 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 .... 1459 1460 1461 1462 1463 1464 1465 1466 1467 1468 1469 1470 1471 1472 1473 |
int uid; /* User id logged in user */
char *zSha1Pw;
const char *zIpAddr; /* IP address of requestor */
const char *zReferer;
int noAnon = P("noanon")!=0;
login_check_credentials();
if( login_wants_https_redirect() ){
const char *zQS = P("QUERY_STRING");
if( P("redir")!=0 ){
style_header("Insecure Connection");
@ <h1>Unable To Establish An Encrypted Connection</h1>
@ <p>This website requires that login credentials be sent over
@ an encrypted connection. The current connection is not encrypted
@ across the entire route between your browser and the server.
@ An attempt was made to redirect to %h(g.zHttpsURL) but
@ the connection is still insecure even after the redirect.</p>
@ <p>This is probably some kind of configuration problem. Please
@ contact your sysadmin.</p>
@ <p>Sorry it did not work out.</p>
style_footer();
return;
}
if( zQS==0 ){
zQS = "?redir=1";
}else if( zQS[0]!=0 ){
zQS = mprintf("?%s&redir=1", zQS);
}
cgi_redirectf("%s%T%s", g.zHttpsURL, P("PATH_INFO"), zQS);
return;
}
sqlite3_create_function(g.db, "constant_time_cmp", 2, SQLITE_UTF8, 0,
constant_time_cmp_function, 0, 0);
zUsername = P("u");
zPasswd = P("p");
anonFlag = g.zLogin==0 && PB("anon");
/* Handle log-out requests */
................................................................................
" AND length(cap)>0"
" AND length(pw)>0"
" AND constant_time_cmp(cookie,%Q)=0",
zLogin, zRemoteAddr, zCookie
);
return uid;
}
/*
** Return true if it is appropriate to redirect login requests to HTTPS.
**
** Redirect to https is appropriate if all of the above are true:
** (1) The redirect-to-https flag is set
** (2) The current connection is http, not https or ssh
** (3) The sslNotAvailable flag is clear
*/
int login_wants_https_redirect(void){
if( g.sslNotAvailable ) return 0;
if( db_get_boolean("redirect-to-https",0)==0 ) return 0;
if( P("HTTPS")!=0 ) return 0;
return 1;
}
/*
** Attempt to use Basic Authentication to establish the user. Return the
** (non-zero) uid if successful. Return 0 if it does not work.
*/
static int logic_basic_authentication(const char *zIpAddr){
const char *zAuth = PD("HTTP_AUTHORIZATION", 0);
................................................................................
}else
#endif /* FOSSIL_ENABLE_JSON */
{
const char *zUrl = PD("REQUEST_URI", "index");
const char *zQS = P("QUERY_STRING");
Blob redir;
blob_init(&redir, 0, 0);
if( login_wants_https_redirect() && !g.sslNotAvailable ){
blob_appendf(&redir, "%s/login?g=%T", g.zHttpsURL, zUrl);
}else{
blob_appendf(&redir, "%R/login?g=%T", zUrl);
}
if( anonOk ) blob_append(&redir, "&anon", 5);
if( zQS && zQS[0] ){
blob_appendf(&redir, "&%s", zQS);
|
| < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < | |
547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 ... 889 890 891 892 893 894 895 896 897 898 899 900 901 902 .... 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 1430 1431 1432 1433 1434 |
int uid; /* User id logged in user */
char *zSha1Pw;
const char *zIpAddr; /* IP address of requestor */
const char *zReferer;
int noAnon = P("noanon")!=0;
login_check_credentials();
fossil_redirect_to_https_if_needed(1);
sqlite3_create_function(g.db, "constant_time_cmp", 2, SQLITE_UTF8, 0,
constant_time_cmp_function, 0, 0);
zUsername = P("u");
zPasswd = P("p");
anonFlag = g.zLogin==0 && PB("anon");
/* Handle log-out requests */
................................................................................
" AND length(cap)>0"
" AND length(pw)>0"
" AND constant_time_cmp(cookie,%Q)=0",
zLogin, zRemoteAddr, zCookie
);
return uid;
}
/*
** Attempt to use Basic Authentication to establish the user. Return the
** (non-zero) uid if successful. Return 0 if it does not work.
*/
static int logic_basic_authentication(const char *zIpAddr){
const char *zAuth = PD("HTTP_AUTHORIZATION", 0);
................................................................................
}else
#endif /* FOSSIL_ENABLE_JSON */
{
const char *zUrl = PD("REQUEST_URI", "index");
const char *zQS = P("QUERY_STRING");
Blob redir;
blob_init(&redir, 0, 0);
if( fossil_wants_https(1) ){
blob_appendf(&redir, "%s/login?g=%T", g.zHttpsURL, zUrl);
}else{
blob_appendf(&redir, "%R/login?g=%T", zUrl);
}
if( anonOk ) blob_append(&redir, "&anon", 5);
if( zQS && zQS[0] ){
blob_appendf(&redir, "&%s", zQS);
|
Changes to src/main.c.
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
....
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
|
if( g.fAnyTrace ){
fprintf(stderr,"/***** sigpipe received by subprocess %d ****\n", getpid());
}
#endif
db_panic_close();
exit(1);
}
/*
** Preconditions:
**
** * Environment variables are set up according to the CGI standard.
**
** If the repository is known, it has already been opened. If unknown,
................................................................................
if( g.zContentType &&
strncmp(g.zContentType, "application/x-fossil", 20)==0 ){
/* Special case: If the content mimetype shows that it is "fossil sync"
** payload, then pretend that the PATH_INFO is /xfer so that we always
** invoke the sync page. */
zPathInfo = "/xfer";
}
/* Use the first element of PATH_INFO as the page name
** and deliver the appropriate page back to the user.
*/
set_base_url(0);
if( zPathInfo==0 || zPathInfo[0]==0
|| (zPathInfo[0]=='/' && zPathInfo[1]==0) ){
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
....
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
|
if( g.fAnyTrace ){
fprintf(stderr,"/***** sigpipe received by subprocess %d ****\n", getpid());
}
#endif
db_panic_close();
exit(1);
}
/*
** Return true if it is appropriate to redirect requests to HTTPS.
**
** Redirect to https is appropriate if all of the above are true:
** (1) The redirect-to-https flag has a valud of iLevel or greater.
** (2) The current connection is http, not https or ssh
** (3) The sslNotAvailable flag is clear
*/
int fossil_wants_https(int iLevel){
if( g.sslNotAvailable ) return 0;
if( db_get_int("redirect-to-https",0)<iLevel ) return 0;
if( P("HTTPS")!=0 ) return 0;
return 1;
}
/*
** Redirect to the equivalent HTTPS request if the current connection is
** insecure and if the redirect-to-https flag greater than or equal to
** iLevel. iLevel is 1 for /login pages and 2 for every other page.
*/
void fossil_redirect_to_https_if_needed(int iLevel){
if( fossil_wants_https(iLevel) ){
const char *zQS = P("QUERY_STRING");
if( P("redir")!=0 ){
style_header("Insecure Connection");
@ <h1>Unable To Establish An Encrypted Connection</h1>
@ <p>This website requires an encrypted connection.
@ The current connection is not encrypted
@ across the entire route between your browser and the server.
@ An attempt was made to redirect to %h(g.zHttpsURL) but
@ the connection is still insecure even after the redirect.</p>
@ <p>This is probably some kind of configuration problem. Please
@ contact your sysadmin.</p>
@ <p>Sorry it did not work out.</p>
style_footer();
return;
}
if( zQS==0 ){
zQS = "?redir=1";
}else if( zQS[0]!=0 ){
zQS = mprintf("?%s&redir=1", zQS);
}
cgi_redirectf("%s%T%s", g.zHttpsURL, P("PATH_INFO"), zQS);
}
}
/*
** Preconditions:
**
** * Environment variables are set up according to the CGI standard.
**
** If the repository is known, it has already been opened. If unknown,
................................................................................
if( g.zContentType &&
strncmp(g.zContentType, "application/x-fossil", 20)==0 ){
/* Special case: If the content mimetype shows that it is "fossil sync"
** payload, then pretend that the PATH_INFO is /xfer so that we always
** invoke the sync page. */
zPathInfo = "/xfer";
}
/* If the inbound request is unencrypted and if the redirect-to-https
** setting is 2 or more, then immediately redirect the equivalent HTTPS
** URI.
*/
fossil_redirect_to_https_if_needed(2);
/* Use the first element of PATH_INFO as the page name
** and deliver the appropriate page back to the user.
*/
set_base_url(0);
if( zPathInfo==0 || zPathInfo[0]==0
|| (zPathInfo[0]=='/' && zPathInfo[1]==0) ){
|
Changes to src/setup.c.
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
...
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
|
*/ void multiple_choice_attribute( const char *zLabel, /* The text label on the menu */ const char *zVar, /* The corresponding row in the VAR table */ const char *zQP, /* The query parameter */ const char *zDflt, /* Default value if VAR table entry does not exist */ int nChoice, /* Number of choices */ const char *const *azChoice /* Choices. 2 per choice: (VAR value, Display) */ ){ const char *z = db_get(zVar, zDflt); const char *zQ = P(zQP); int i; if( zQ && fossil_strcmp(zQ,z)!=0){ const int nZQ = (int)strlen(zQ); login_verify_csrf_secret(); ................................................................................ /* ** WEBPAGE: setup_access ** ** The access-control settings page. Requires Setup privileges. */ void setup_access(void){ login_check_credentials(); if( !g.perm.Setup ){ login_needed(0); return; } style_header("Access Control Settings"); db_begin_transaction(); @ <form action="%s(g.zTop)/setup_access" method="post"><div> login_insert_csrf_secret(); @ <input type="submit" name="submit" value="Apply Changes" /></p> @ <hr /> onoff_attribute("Redirect to HTTPS on the Login page", "redirect-to-https", "redirhttps", 0, 0); @ <p>When selected, force the use of HTTPS for the Login page. @ <p>Details: When enabled, this option causes the $secureurl TH1 @ variable is set to an "https:" variant of $baseurl. Otherwise, @ $secureurl is just an alias for $baseurl. Also when enabled, the @ Login page redirects to https if accessed via http. @ (Property: "redirect-to-https") @ <hr /> onoff_attribute("Require password for local access", "localauth", "localauth", 0, 0); @ <p>When enabled, the password sign-in is always required for @ web access. When disabled, unrestricted web access from 127.0.0.1 @ is allowed for the <a href="%R/help/ui">fossil ui</a> command or @ from the <a href="%R/help/server">fossil server</a>, |
|
>
>
>
>
>
|
|
>
|
>
>
|
|
<
|
>
|
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
...
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
|
*/ void multiple_choice_attribute( const char *zLabel, /* The text label on the menu */ const char *zVar, /* The corresponding row in the VAR table */ const char *zQP, /* The query parameter */ const char *zDflt, /* Default value if VAR table entry does not exist */ int nChoice, /* Number of choices */ const char *const *azChoice /* Choices in pairs (VAR value, Display) */ ){ const char *z = db_get(zVar, zDflt); const char *zQ = P(zQP); int i; if( zQ && fossil_strcmp(zQ,z)!=0){ const int nZQ = (int)strlen(zQ); login_verify_csrf_secret(); ................................................................................ /* ** WEBPAGE: setup_access ** ** The access-control settings page. Requires Setup privileges. */ void setup_access(void){ static const char * const azRedirectOpts[] = { "0", "Off", "1", "Login Page Only", "2", "All Pages" }; login_check_credentials(); if( !g.perm.Setup ){ login_needed(0); return; } style_header("Access Control Settings"); db_begin_transaction(); @ <form action="%s(g.zTop)/setup_access" method="post"><div> login_insert_csrf_secret(); @ <input type="submit" name="submit" value="Apply Changes" /></p> @ <hr /> multiple_choice_attribute("Redirect to HTTPS", "redirect-to-https", "redirhttps", "0", count(azRedirectOpts)/2, azRedirectOpts); @ <p>Force the use of HTTPS by redirecting to HTTPS when an @ unencrypted request is received. This feature can be enabled @ for the Login page only, or for all pages. @ <p>Further details: When enabled, this option causes the $secureurl TH1 @ variable is set to an "https:" variant of $baseurl. Otherwise, @ $secureurl is just an alias for $baseurl. @ (Property: "redirect-to-https". "0" for off, "1" for Login page only, @ "2" otherwise.) @ <hr /> onoff_attribute("Require password for local access", "localauth", "localauth", 0, 0); @ <p>When enabled, the password sign-in is always required for @ web access. When disabled, unrestricted web access from 127.0.0.1 @ is allowed for the <a href="%R/help/ui">fossil ui</a> command or @ from the <a href="%R/help/server">fossil server</a>, |
Changes to src/style.c.
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
...
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
|
*/
static void style_init_th1_vars(const char *zTitle){
Th_Store("nonce", style_nonce());
Th_Store("project_name", db_get("project-name","Unnamed Fossil Project"));
Th_Store("project_description", db_get("project-description",""));
if( zTitle ) Th_Store("title", zTitle);
Th_Store("baseurl", g.zBaseURL);
Th_Store("secureurl", login_wants_https_redirect()? g.zHttpsURL: g.zBaseURL);
Th_Store("home", g.zTop);
Th_Store("index_page", db_get("index-page","/home"));
if( local_zCurrentPage==0 ) style_set_current_page("%T", g.zPath);
Th_Store("current_page", local_zCurrentPage);
Th_Store("csrf_token", g.zCsrfToken);
Th_Store("release_version", RELEASE_VERSION);
Th_Store("manifest_version", MANIFEST_VERSION);
................................................................................
}
}
/* Process through TH1 in order to give an opportunity to substitute
** variables such as $baseurl.
*/
Th_Store("baseurl", g.zBaseURL);
Th_Store("secureurl", login_wants_https_redirect()? g.zHttpsURL: g.zBaseURL);
Th_Store("home", g.zTop);
image_url_var("logo");
image_url_var("background");
Th_Render(blob_str(&css));
/* Tell CGI that the content returned by this page is considered cacheable */
g.isConst = 1;
|
|
|
|
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
...
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
|
*/
static void style_init_th1_vars(const char *zTitle){
Th_Store("nonce", style_nonce());
Th_Store("project_name", db_get("project-name","Unnamed Fossil Project"));
Th_Store("project_description", db_get("project-description",""));
if( zTitle ) Th_Store("title", zTitle);
Th_Store("baseurl", g.zBaseURL);
Th_Store("secureurl", fossil_wants_https(1)? g.zHttpsURL: g.zBaseURL);
Th_Store("home", g.zTop);
Th_Store("index_page", db_get("index-page","/home"));
if( local_zCurrentPage==0 ) style_set_current_page("%T", g.zPath);
Th_Store("current_page", local_zCurrentPage);
Th_Store("csrf_token", g.zCsrfToken);
Th_Store("release_version", RELEASE_VERSION);
Th_Store("manifest_version", MANIFEST_VERSION);
................................................................................
}
}
/* Process through TH1 in order to give an opportunity to substitute
** variables such as $baseurl.
*/
Th_Store("baseurl", g.zBaseURL);
Th_Store("secureurl", fossil_wants_https(1)? g.zHttpsURL: g.zBaseURL);
Th_Store("home", g.zTop);
image_url_var("logo");
image_url_var("background");
Th_Render(blob_str(&css));
/* Tell CGI that the content returned by this page is considered cacheable */
g.isConst = 1;
|