Index: src/checkin.c
==================================================================
--- src/checkin.c
+++ src/checkin.c
@@ -32,60 +32,72 @@
** are not true files results in a fatal error.
*/
static void status_report(
Blob *report, /* Append the status report here */
const char *zPrefix, /* Prefix on each line of the report */
- int missingIsFatal /* MISSING and NOT_A_FILE are fatal errors */
+ int missingIsFatal, /* MISSING and NOT_A_FILE are fatal errors */
+ int cwdRelative /* Report relative to the current working dir */
){
Stmt q;
int nPrefix = strlen(zPrefix);
int nErr = 0;
+ Blob rewrittenPathname;
db_prepare(&q,
"SELECT pathname, deleted, chnged, rid, coalesce(origname!=pathname,0)"
" FROM vfile "
" WHERE file_is_selected(id)"
" AND (chnged OR deleted OR rid=0 OR pathname!=origname) ORDER BY 1"
);
+ blob_zero(&rewrittenPathname);
while( db_step(&q)==SQLITE_ROW ){
const char *zPathname = db_column_text(&q,0);
+ const char *zDisplayName = zPathname;
int isDeleted = db_column_int(&q, 1);
int isChnged = db_column_int(&q,2);
int isNew = db_column_int(&q,3)==0;
int isRenamed = db_column_int(&q,4);
char *zFullName = mprintf("%s%s", g.zLocalRoot, zPathname);
+ if( cwdRelative ){
+ file_relative_name(zFullName, &rewrittenPathname);
+ zDisplayName = blob_str(&rewrittenPathname);
+ if( zDisplayName[0]=='.' && zDisplayName[1]=='/' ){
+ zDisplayName += 2; /* no unnecessary ./ prefix */
+ }
+ }
blob_append(report, zPrefix, nPrefix);
if( isDeleted ){
- blob_appendf(report, "DELETED %s\n", zPathname);
+ blob_appendf(report, "DELETED %s\n", zDisplayName);
}else if( !file_isfile(zFullName) ){
if( file_access(zFullName, 0)==0 ){
- blob_appendf(report, "NOT_A_FILE %s\n", zPathname);
+ blob_appendf(report, "NOT_A_FILE %s\n", zDisplayName);
if( missingIsFatal ){
- fossil_warning("not a file: %s", zPathname);
+ fossil_warning("not a file: %s", zDisplayName);
nErr++;
}
}else{
- blob_appendf(report, "MISSING %s\n", zPathname);
+ blob_appendf(report, "MISSING %s\n", zDisplayName);
if( missingIsFatal ){
- fossil_warning("missing file: %s", zPathname);
+ fossil_warning("missing file: %s", zDisplayName);
nErr++;
}
}
}else if( isNew ){
- blob_appendf(report, "ADDED %s\n", zPathname);
+ blob_appendf(report, "ADDED %s\n", zDisplayName);
}else if( isDeleted ){
- blob_appendf(report, "DELETED %s\n", zPathname);
+ blob_appendf(report, "DELETED %s\n", zDisplayName);
}else if( isChnged==2 ){
- blob_appendf(report, "UPDATED_BY_MERGE %s\n", zPathname);
+ blob_appendf(report, "UPDATED_BY_MERGE %s\n", zDisplayName);
}else if( isChnged==3 ){
- blob_appendf(report, "ADDED_BY_MERGE %s\n", zPathname);
+ blob_appendf(report, "ADDED_BY_MERGE %s\n", zDisplayName);
}else if( isChnged==1 ){
- blob_appendf(report, "EDITED %s\n", zPathname);
+ blob_appendf(report, "EDITED %s\n", zDisplayName);
}else if( isRenamed ){
- blob_appendf(report, "RENAMED %s\n", zPathname);
+ blob_appendf(report, "RENAMED %s\n", zDisplayName);
}
free(zFullName);
}
+ blob_reset(&rewrittenPathname);
db_finalize(&q);
db_prepare(&q, "SELECT uuid FROM vmerge JOIN blob ON merge=rid"
" WHERE id=0");
while( db_step(&q)==SQLITE_ROW ){
blob_append(report, zPrefix, nPrefix);
@@ -94,33 +106,59 @@
db_finalize(&q);
if( nErr ){
fossil_fatal("aborting due to prior errors");
}
}
+
+/*
+** Use the "relative-paths" setting and the --abs-paths and
+** --rel-paths command line options to determine whether the
+** status report should be shown relative to the current
+** working directory.
+*/
+static int determine_cwd_relative_option()
+{
+ int relativePaths = db_get_boolean("relative-paths", 1);
+ int absPathOption = find_option("abs-paths", 0, 0)!=0;
+ int relPathOption = find_option("rel-paths", 0, 0)!=0;
+ if( absPathOption ){ relativePaths = 0; }
+ if( relPathOption ){ relativePaths = 1; }
+ return relativePaths;
+}
/*
** COMMAND: changes
**
** Usage: %fossil changes
**
** Report on the edit status of all files in the current checkout.
** See also the "status" and "extra" commands.
**
+** Pathnames are displayed according to the "relative-paths" setting,
+** unless overridden by the --abs-paths or --rel-paths options.
+**
** Options:
**
** --sha1sum Verify file status using SHA1 hashing rather
** than relying on file mtimes.
+**
+** --abs-paths Display absolute pathnames.
+**
+** --rel-paths Display pathnames relative to the current working
+** directory.
*/
void changes_cmd(void){
Blob report;
int vid;
int useSha1sum = find_option("sha1sum", 0, 0)!=0;
+ int cwdRelative = 0;
db_must_be_within_tree();
+ cwdRelative = determine_cwd_relative_option();
blob_zero(&report);
vid = db_lget_int("checkout", 0);
vfile_check_signature(vid, 0, useSha1sum);
- status_report(&report, "", 0);
+ status_report(&report, "", 0, cwdRelative);
blob_write_to_file(&report, "-");
}
/*
** COMMAND: status
@@ -127,14 +165,22 @@
**
** Usage: %fossil status
**
** Report on the status of the current checkout.
**
+** Pathnames are displayed according to the "relative-paths" setting,
+** unless overridden by the --abs-paths or --rel-paths options.
+**
** Options:
**
** --sha1sum Verify file status using SHA1 hashing rather
** than relying on file mtimes.
+**
+** --abs-paths Display absolute pathnames.
+**
+** --rel-paths Display pathnames relative to the current working
+** directory.
*/
void status_cmd(void){
int vid;
db_must_be_within_tree();
/* 012345678901234 */
@@ -212,22 +258,41 @@
** ignored but can be included by adding the --dotfiles option.
**
** The GLOBPATTERN is a comma-separated list of GLOB expressions for
** files that are ignored. The GLOBPATTERN specified by the "ignore-glob"
** is used if the --ignore option is omitted.
+**
+** Pathnames are displayed according to the "relative-paths" setting,
+** unless overridden by the --abs-paths or --rel-paths options.
+**
+** Options:
+**
+** --dotfiles Include files with names beginning with "."
+**
+** --ignore GLOBPATTERN
+** Override the "ignore-glob" setting.
+**
+** --abs-paths Display absolute pathnames.
+**
+** --rel-paths Display pathnames relative to the current working
+** directory.
*/
void extra_cmd(void){
Blob path;
Blob repo;
Stmt q;
int n;
const char *zIgnoreFlag = find_option("ignore",0,1);
int allFlag = find_option("dotfiles",0,0)!=0;
+ int cwdRelative = 0;
int outputManifest;
Glob *pIgnore;
+ Blob rewrittenPathname;
+ const char *zPathname, *zDisplayName;
db_must_be_within_tree();
+ cwdRelative = determine_cwd_relative_option();
outputManifest = db_get_boolean("manifest",0);
db_multi_exec("CREATE TEMP TABLE sfile(x TEXT PRIMARY KEY)");
n = strlen(g.zLocalRoot);
blob_init(&path, g.zLocalRoot, n-1);
if( zIgnoreFlag==0 ){
@@ -243,13 +308,25 @@
fossil_all_reserved_names()
);
if( file_tree_name(g.zRepositoryName, &repo, 0) ){
db_multi_exec("DELETE FROM sfile WHERE x=%B", &repo);
}
+ blob_zero(&rewrittenPathname);
while( db_step(&q)==SQLITE_ROW ){
- fossil_print("%s\n", db_column_text(&q, 0));
+ zDisplayName = zPathname = db_column_text(&q, 0);
+ if( cwdRelative ) {
+ char *zFullName = mprintf("%s%s", g.zLocalRoot, zPathname);
+ file_relative_name(zFullName, &rewrittenPathname);
+ free(zFullName);
+ zDisplayName = blob_str(&rewrittenPathname);
+ if( zDisplayName[0]=='.' && zDisplayName[1]=='/' ){
+ zDisplayName += 2; /* no unnecessary ./ prefix */
+ }
+ }
+ fossil_print("%s\n", zDisplayName);
}
+ blob_reset(&rewrittenPathname);
db_finalize(&q);
}
/*
** COMMAND: clean
@@ -367,11 +444,11 @@
"# PRIVATE BRANCH: This check-in will be private and will not sync to\n"
"# repositories.\n"
"#\n", -1
);
}
- status_report(&text, "# ", 1);
+ status_report(&text, "# ", 1, 0);
zEditor = db_get("editor", 0);
if( zEditor==0 ){
zEditor = getenv("VISUAL");
}
if( zEditor==0 ){
Index: src/checkout.c
==================================================================
--- src/checkout.c
+++ src/checkout.c
@@ -232,10 +232,11 @@
if( !keepFlag ){
vfile_to_disk(vid, 0, 1, promptFlag);
}
checkout_set_all_exe(vid);
manifest_to_disk(vid);
+ ensure_empty_dirs_created();
db_lset_int("checkout", vid);
undo_reset();
db_multi_exec("DELETE FROM vmerge");
if( !keepFlag && db_get_boolean("repo-cksum",1) ){
vfile_aggregate_checksum_manifest(vid, &cksum1, &cksum1b);
Index: src/clone.c
==================================================================
--- src/clone.c
+++ src/clone.c
@@ -37,10 +37,11 @@
**
** Options:
**
** --admin-user|-A USERNAME Make USERNAME the administrator
** --private Also clone private branches
+** --ssl-identity=filename Use the SSL identity if requested by the server
**
*/
void clone_cmd(void){
char *zPassword;
const char *zDefaultUser; /* Optional name of the default user */
@@ -94,10 +95,18 @@
db_initial_setup(0, zDefaultUser, 0);
user_select();
db_set("content-schema", CONTENT_SCHEMA, 0);
db_set("aux-schema", AUX_SCHEMA, 0);
db_set("last-sync-url", g.argv[2], 0);
+ if( g.zSSLIdentity!=0 ){
+ /* If the --ssl-identity option was specified, store it as a setting */
+ Blob fn;
+ blob_zero(&fn);
+ file_canonical_name(g.zSSLIdentity, &fn);
+ db_set("ssl-identity", blob_str(&fn), 0);
+ blob_reset(&fn);
+ }
db_multi_exec(
"REPLACE INTO config(name,value,mtime)"
" VALUES('server-code', lower(hex(randomblob(20))), now());"
);
url_enable_proxy(0);
Index: src/configure.c
==================================================================
--- src/configure.c
+++ src/configure.c
@@ -81,10 +81,11 @@
{ "project-name", CONFIGSET_PROJ },
{ "project-description", CONFIGSET_PROJ },
{ "manifest", CONFIGSET_PROJ },
{ "ignore-glob", CONFIGSET_PROJ },
{ "crnl-glob", CONFIGSET_PROJ },
+ { "empty-dirs", CONFIGSET_PROJ },
{ "index-page", CONFIGSET_SKIN },
{ "timeline-block-markup", CONFIGSET_SKIN },
{ "timeline-max-comment", CONFIGSET_SKIN },
{ "ticket-table", CONFIGSET_TKT },
{ "ticket-common", CONFIGSET_TKT },
Index: src/db.c
==================================================================
--- src/db.c
+++ src/db.c
@@ -1399,24 +1399,93 @@
sqlite3 *dbTemp = g.db;
g.db = g.dbConfig;
g.dbConfig = dbTemp;
}
}
+
+/*
+** Logic for reading potentially versioned settings from
+** .fossil-settings/ Settings marked with (v) are 'versionable' and will be overridden by the contents of files named .fossil-settings/PROPERTY.
@ These settings work in the same way, as the set commandline:
+ if( pSet->versionable ){
+ @ (v)
+ } else {
+ @
+ }
}
}
@
for(pSet=ctrlSettings; pSet->name!=0; pSet++){
if( pSet->width!=0 ){
entry_attribute(pSet->name, /*pSet->width*/ 40, pSet->name,
pSet->var!=0 ? pSet->var : pSet->name,
(char*)pSet->def);
- @
@
@
+ @
+ if( pSet->versionable ){
+ @ (v)
+ } else {
+ @
+ }
}
}
@
@ %s(zHelp_setting_cmd)
db_end_transaction(0);
style_footer();
Index: src/update.c
==================================================================
--- src/update.c
+++ src/update.c
@@ -115,10 +115,13 @@
}
if( !nochangeFlag && db_exists("SELECT 1 FROM vmerge") ){
fossil_fatal("cannot update an uncommitted merge");
}
if( !nochangeFlag && !internalUpdate ) autosync(AUTOSYNC_PULL);
+
+ /* Create any empty directories now, as well as after the update, so changes in settings are reflected now */
+ ensure_empty_dirs_created();
if( internalUpdate ){
tid = internalUpdate;
}else if( g.argc>=3 ){
if( fossil_strcmp(g.argv[2], "current")==0 ){
@@ -441,10 +444,11 @@
** Clean up the mid and pid VFILE entries. Then commit the changes.
*/
if( nochangeFlag ){
db_end_transaction(1); /* With --nochange, rollback changes */
}else{
+ ensure_empty_dirs_created();
if( g.argc<=3 ){
/* All files updated. Shift the current checkout to the target. */
db_multi_exec("DELETE FROM vfile WHERE vid!=%d", tid);
checkout_set_all_exe(tid);
manifest_to_disk(tid);
@@ -456,10 +460,63 @@
}
if( !internalUpdate ) undo_finish();
db_end_transaction(0);
}
}
+
+/*
+** Make sure empty directories are created
+*/
+void ensure_empty_dirs_created(void){
+ /* Make empty directories? */
+ char *zEmptyDirs = db_get("empty-dirs", 0);
+ if( zEmptyDirs!=0 ){
+ char *bc;
+ Blob dirName;
+ Blob dirsList;
+
+ blob_zero(&dirsList);
+ blob_init(&dirsList, zEmptyDirs, strlen(zEmptyDirs));
+ /* Replace commas by spaces */
+ bc = blob_str(&dirsList);
+ while( (*bc)!='\0' ){
+ if( (*bc)==',' ) { *bc = ' '; }
+ ++bc;
+ }
+ /* Make directories */
+ blob_zero(&dirName);
+ while( blob_token(&dirsList, &dirName) ){
+ const char *zDir = blob_str(&dirName);
+ /* Make full pathname of the directory */
+ Blob path;
+ const char *zPath;
+
+ blob_zero(&path);
+ blob_appendf(&path, "%s/%s", g.zLocalRoot, zDir);
+ zPath = blob_str(&path);
+ /* Handle various cases of existence of the directory */
+ switch( file_isdir(zPath) ){
+ case 0: { /* doesn't exist */
+ if( file_mkdir(zPath, 0)!=0 ) {
+ fossil_warning("couldn't create directory %s as "
+ "required by empty-dirs setting", zDir);
+ }
+ break;
+ }
+ case 1: { /* exists, and is a directory */
+ /* do nothing - required directory exists already */
+ break;
+ }
+ case 2: { /* exists, but isn't a directory */
+ fossil_warning("file %s found, but a directory is required "
+ "by empty-dirs setting", zDir);
+ }
+ }
+ blob_reset(&path);
+ }
+ }
+}
/*
** Get the contents of a file within the checking "revision". If
** revision==NULL then get the file content for the current checkout.
Index: www/changes.wiki
==================================================================
--- www/changes.wiki
+++ www/changes.wiki
@@ -3,10 +3,25 @@
Changes For Version 1.19 (pending)
* Added a ./configure script based on autosetup.
* Added the "[/help/winsrv | fossil winsrv]" command
for creating a Fossil service on windows systems.
+ * Added "versionable settings" where settings that affect
+ the local tree can be stored in versioned files in the
+ .fossil-settings directory.
+ * The status, changes and extras commands now show
+ pathnames relative to the current working directory,
+ unless overridden by command line options or the
+ "relative-paths" setting.
WARNING: This
+ change will break scripts which rely on the current
+ output when the current working directory is not the
+ repository root.
+ * Added "empty-dirs" versionable setting.
+ * Added support for client-side SSL certificates with "ssl-identity"
+ setting and --ssl-identity option.
+ * Added "ssl-ca-location" setting to specify trusted root
+ SSL certificates.
Changes For Version 1.18 (2011-07-14)
* Added this Change Log
* Added sequential version numbering
Index: www/index.wiki
==================================================================
--- www/index.wiki
+++ www/index.wiki
@@ -127,10 +127,12 @@
* The [./selfcheck.wiki | automatic self-check] mechanism
helps insure project integrity.
* Fossil contains a [./wikitheory.wiki | built-in wiki].
* An [./event.wiki | Event] is a special kind of wiki page associated
with a point in time rather than a name.
+ * [./settings.wiki | Settings] control the behaviour of fossil.
+ * [./ssl.wiki | Use SSL] to encrypt communication with the server.
* There is a
[http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users | mailing list] (with publicly readable
[http://www.mail-archive.com/fossil-users@lists.fossil-scm.org | archives]
available for discussing fossil issues.
* [./stats.wiki | Performance statistics] taken from real-world projects
Index: www/mkindex.tcl
==================================================================
--- www/mkindex.tcl
+++ www/mkindex.tcl
@@ -9,10 +9,11 @@
set doclist {
bugtheory.wiki {Bug Tracking In Fossil}
branching.wiki {Branching, Forking, Merging, and Tagging}
build.wiki {Building and Installing Fossil}
checkin_names.wiki {Checkin And Version Names}
+ changes.wiki {Fossil Changelog}
copyright-release.html {Contributor License Agreement}
concepts.wiki {Fossil Core Concepts}
contribute.wiki {Contributing Code or Documentation To The Fossil Project}
custom_ticket.wiki {Customizing The Ticket System}
delta_encoder_algorithm.wiki {Fossil Delta Encoding Algorithm}
@@ -35,13 +36,15 @@
{Quotes: What People Are Saying About Fossil, Git, and DVCSes in General}
../test/release-checklist.wiki {Pre-Release Testing Checklist}
selfcheck.wiki {Fossil Repository Integrity Self Checks}
selfhost.wiki {Fossil Self Hosting Repositories}
server.wiki {How To Configure A Fossil Server}
+ settings.wiki {Fossil Settings}
shunning.wiki {Shunning: Deleting Content From Fossil}
stats.wiki {Performance Statistics}
style.wiki {Source Code Style Guidelines}
+ ssl.wiki {Using SSL with Fossil}
sync.wiki {The Fossil Sync Protocol}
tech_overview.wiki {A Technical Overview Of The Design And Implementation
Of Fossil}
tech_overview.wiki {SQLite Databases Used By Fossil}
theory1.wiki {Thoughts On The Design Of The Fossil DVCS}
Index: www/permutedindex.wiki
==================================================================
--- www/permutedindex.wiki
+++ www/permutedindex.wiki
@@ -11,10 +11,11 @@
At this stage, the standalone server (e.g. "fossil server") does not support SSL.
++For more information, see Using SSL with Fossil. +
There are two main concerns relating to usage of Fossil for sharing sensitive information (source or any other data): ADDED www/settings.wiki Index: www/settings.wiki ================================================================== --- /dev/null +++ www/settings.wiki @@ -0,0 +1,31 @@ +
Fossil Settings + +Using Fossil Settings
+ +Settings control the behaviour of fossil. They are set with the fossil settings command, or through the web interface in the Settings page in the Admin section. + +For a list of all settings, view the Settings page, or type fossil help settings from the command line. + + +Repository settings
+ +Settings are set on a per-repository basis. When you clone a repository, a subset of settings are copied to your local repository. + +If you make a change to a setting on your local repository, it is not synced back to the server when you push or sync. If you make a change on the server, you need to manually make the change on all repositories which are cloned from this repository. + +You can also set a setting globally on your local machine. The value will be used for all repositories cloned to your machine, unless overridden explicitly in a particular repository. Global settings can be set by using the -global option on the fossil settings command. + + +"Versionable" settings
+ +Most of the settings control the behaviour of fossil on your local machine, largely acting to reflect your preference on how you want to use Fossil, how you communicate with the server, or options for hosting a repository on the web. + +However, for historical reasons, some settings affect how you work with versioned files. These are binary-glob, crnl-glob, ignore-glob, empty-dirs and manifest. The most important is ignore-glob which specifies which files should be ignored when looking for unmanaged files with the extras command. + +Because these options can change over time, and the inconvenience of replicating changes, these settings are "versionable". As well as being able to be set using the settings command or the web interface, you can created versioned files in the .fossil-settings directory named with the setting name. The contents of the file is the value of the setting, and these files are checked in, committed, merged, and so on, as with any other file. + +Where a setting is a list of values, such as ignore-glob, you can also a newline as a separator as well as a comma. + +For example, to set the list of ignored files, create a .fossil-settings/ignore-glob file where each line contains a glob for ignored files. + +If you set the value of a setting using the settings command as well as a versioned file, the versioned setting will take precedence. A warning will be displayed. ADDED www/ssl.wiki Index: www/ssl.wiki ================================================================== --- /dev/null +++ www/ssl.wiki @@ -0,0 +1,36 @@ +SSL and Fossil + +Using SSL with Fossil
+ +If you are storing sensitive information in your repository, you should use SSL to encrypt all communications. This will protect the credentials used to access the server, as well preventing eavesdropping of the contents of your repository. + +To host a repository with SSL, you need to use an web server which supports SSL in front of the Fossil server. You can host it using the CGI option or by proxying Fossil's built in HTTP server. + +Your fossil client must be built with SSL support. The configure script will attempt to find OpenSSL on your system, but if necessary, you can specify the location with the --with-openssl option. Type ./configure --help for details. + +Make sure the URL you clone from uses the https: scheme to ensure you're using SSL. If your server is configured to serve the repository from http as well as https, it's easy to accidentally use unencrypted HTTP if you forget the all important 's'. + + +Certificates
+ +To verify the identify of a server, SSL uses certificates. Fossil needs to know which certificates you trust. + +If you are using a self-signed certificate, you'll be asked if you want to accept the certificate the first time you communicate with the server. Verify the certificate fingerprint is correct, then answer "always" to remember your decision. + +If you are using a certificate signed by a certificate authority, you need to specify the certificates you trust with the ssl-ca-location setting. Set this globally with the -global option for convenience. + +This should be set to the location of a file containing all the PEM encoded certificates you trust. You can obtain a certificate using a web browser, for example, Firefox, or just refer to your system's trusted CA roots which are usually stored somewhere in /etc. + + +Client side certificates
+ +You can also use client side certificates to add an extra layer of authentication, over and above Fossil's built in user management. If you are particularly paranoid, you'll want to use this to remove the ability of anyone on the internet from making any request to Fossil. Without presenting a valid client side certificate, the web server won't invoke the fossil CGI handler. + +Configure your server to request a client side certificate, and set up a certificate authority to sign your client certificates. For each person who needs to access the repository, create a private key and certificate signed with that CA. + +The PEM encoded private key and certificate should be stored in a single file, simply by concatenating the key and certificate files. Specify the location of this file with the ssl-identity setting, or the --ssl-identity option to the clone command. + +If you've password protected the private key, the password will be requested every time you connect to the server. This password is not stored by fossil, as doing so would defeat the purpose of having a password. + +If you attempt to connect to a server which requests a client certificate, but don't provide one, fossil will show an error message which explains what to do to authenticate with the server. +