Fossil

Check-in [1460b747]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Merge change to fossil ui which first looks for default user if set before falling back to the Setup user.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1:1460b7476ff5e4c35e8dda590fdbca41503d195e
User & Date: andybradford 2013-11-12 03:43:19
Context
2013-11-12
08:32
Backout remaining of [8e01c2257d] and fix corresponding change log entry, as it apparently is not accepted upstream. See: http://www.mail-archive.com/fossil-users@lists.fossil-scm.org/msg13883.html. Sorry Joerg. check-in: 0625a42c user: jan.nijtmans tags: trunk
03:43
Merge change to fossil ui which first looks for default user if set before falling back to the Setup user. check-in: 1460b747 user: andybradford tags: trunk
02:41
Merge in fixes for the password embedded in the URL, save password prompting, and new clone --once option. check-in: ff159bfd user: andybradford tags: trunk
2013-11-10
03:49
Logic correction. Should check if the local db is open before trying to use it, not before checking if the variable is null. Closed-Leaf check-in: 8a7a45e0 user: andybradford tags: pending-review
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/login.c.

776
777
778
779
780
781
782

783
784
785
786
787
788
789
...
797
798
799
800
801
802
803




804

805
806
807
808
809
810
811
void login_check_credentials(void){
  int uid = 0;                  /* User id */
  const char *zCookie;          /* Text of the login cookie */
  const char *zIpAddr;          /* Raw IP address of the requestor */
  char *zRemoteAddr;            /* Abbreviated IP address of the requestor */
  const char *zCap = 0;         /* Capability string */
  const char *zPublicPages = 0; /* GLOB patterns of public pages */


  /* Only run this check once.  */
  if( g.userUid!=0 ) return;

  sqlite3_create_function(g.db, "constant_time_cmp", 2, SQLITE_UTF8, 0,
		  constant_time_cmp_function, 0, 0);

................................................................................
  zRemoteAddr = ipPrefix(zIpAddr = PD("REMOTE_ADDR","nil"));
  if( ( fossil_strcmp(zIpAddr, "127.0.0.1")==0 ||
        g.fSshClient & CGI_SSH_CLIENT )
   && g.useLocalauth
   && db_get_int("localauth",0)==0
   && P("HTTPS")==0
  ){




    uid = db_int(0, "SELECT uid FROM user WHERE cap LIKE '%%s%%'");

    g.zLogin = db_text("?", "SELECT login FROM user WHERE uid=%d", uid);
    zCap = "sx";
    g.noPswd = 1;
    g.isHuman = 1;
    sqlite3_snprintf(sizeof(g.zCsrfToken), g.zCsrfToken, "localhost");
  }








>







 







>
>
>
>
|
>







776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
...
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
void login_check_credentials(void){
  int uid = 0;                  /* User id */
  const char *zCookie;          /* Text of the login cookie */
  const char *zIpAddr;          /* Raw IP address of the requestor */
  char *zRemoteAddr;            /* Abbreviated IP address of the requestor */
  const char *zCap = 0;         /* Capability string */
  const char *zPublicPages = 0; /* GLOB patterns of public pages */
  const char *zLogin = 0;       /* Login user for credentials */

  /* Only run this check once.  */
  if( g.userUid!=0 ) return;

  sqlite3_create_function(g.db, "constant_time_cmp", 2, SQLITE_UTF8, 0,
		  constant_time_cmp_function, 0, 0);

................................................................................
  zRemoteAddr = ipPrefix(zIpAddr = PD("REMOTE_ADDR","nil"));
  if( ( fossil_strcmp(zIpAddr, "127.0.0.1")==0 ||
        g.fSshClient & CGI_SSH_CLIENT )
   && g.useLocalauth
   && db_get_int("localauth",0)==0
   && P("HTTPS")==0
  ){
    if( g.localOpen ) zLogin = db_lget("default-user",0);
    if( zLogin!=0 ){
      uid = db_int(0, "SELECT uid FROM user WHERE login=%Q", zLogin);
    }else{
      uid = db_int(0, "SELECT uid FROM user WHERE cap LIKE '%%s%%'");
    }
    g.zLogin = db_text("?", "SELECT login FROM user WHERE uid=%d", uid);
    zCap = "sx";
    g.noPswd = 1;
    g.isHuman = 1;
    sqlite3_snprintf(sizeof(g.zCsrfToken), g.zCsrfToken, "localhost");
  }

Changes to www/changes.wiki.

27
28
29
30
31
32
33

34
35
36
37
38
39
40
     have the -n|--limit option. The various timeline-related functions
     now output "+++ end of timeline reached +++" whenever appropriate.
     Use "-n 0" if no limit is desired, the end of timeline marker will
     not be printed then.
  *  Fix handling of password embedded in Fossil URL.
  *  New --once option to [/help?cmd=clone | fossil clone] command which does
     not store the URL or password when cloning.


<h2>Changes For Version 1.27 (2013-09-11)</h2>
  *  Enhance the [/help?cmd=changes | fossil changes],
     [/help?cmd=clean | fossil clean], [/help?cmd=extras | fossil extras],
     [/help?cmd=ls | fossil ls] and [/help?cmd=status | fossil status] commands
     to restrict operation to files and directories named on the command-line.
  *  New --integrate option to [/help?cmd=merge | fossil merge], which







>







27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
     have the -n|--limit option. The various timeline-related functions
     now output "+++ end of timeline reached +++" whenever appropriate.
     Use "-n 0" if no limit is desired, the end of timeline marker will
     not be printed then.
  *  Fix handling of password embedded in Fossil URL.
  *  New --once option to [/help?cmd=clone | fossil clone] command which does
     not store the URL or password when cloning.
  *  Modify [/help?cmd=ui | fossil ui] to respect "default user" in open repository.

<h2>Changes For Version 1.27 (2013-09-11)</h2>
  *  Enhance the [/help?cmd=changes | fossil changes],
     [/help?cmd=clean | fossil clean], [/help?cmd=extras | fossil extras],
     [/help?cmd=ls | fossil ls] and [/help?cmd=status | fossil status] commands
     to restrict operation to files and directories named on the command-line.
  *  New --integrate option to [/help?cmd=merge | fossil merge], which