Fossil

Check-in [c4c23106]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fixes to the login processing for "clone".
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk | release
Files: files | file ages | folders
SHA1:c4c231069e4bde488725c80689c834106a969b44
User & Date: drh 2010-01-24 17:55:07
References
2010-01-24
21:34 Ticket [0e3f8719] ssl-enabled fossil cannot log in to server status still Open with 1 other change artifact: ba22002a user: ron
Context
2010-01-25
10:03
add search to wiki check-in: 07bd8796 user: ron tags: trunk
2010-01-24
22:35
Pull in the latest changes from trunk. check-in: 97311bd9 user: drh tags: ssl
22:34
Pull in the latest changes from trunk. check-in: 1942d581 user: drh tags: clear-title
17:55
Fixes to the login processing for "clone". check-in: c4c23106 user: drh tags: trunk, release
07:53
fix [7df27f5236] check-in: 6bbb22d4 user: ron tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/http.c.

123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
...
139
140
141
142
143
144
145

146
147
148
149
150
151
152
153
** in pRecv.  pRecv is assumed to be uninitialized when
** this routine is called - this routine will initialize it.
**
** The server address is contain in the "g" global structure.  The
** url_parse() routine should have been called prior to this routine
** in order to fill this structure appropriately.
*/
void http_exchange(Blob *pSend, Blob *pReply){
  Blob login;           /* The login card */
  Blob payload;         /* The complete payload including login card */
  Blob hdr;             /* The HTTP request header */
  int closeConnection;  /* True to close the connection when done */
  int iLength;          /* Length of the reply payload */
  int rc;               /* Result code */
  int iHttpVersion;     /* Which version of HTTP protocol server uses */
................................................................................
  int i;                /* Loop counter */

  if( transport_open() ){
    fossil_fatal(transport_errmsg());
  }

  /* Construct the login card and prepare the complete payload */

  http_build_login_card(pSend, &login);
  if( g.fHttpTrace ){
    payload = login;
    blob_append(&payload, blob_buffer(pSend), blob_size(pSend));
  }else{
    blob_compress2(&login, pSend, &payload);
    blob_reset(&login);
  }







|







 







>
|







123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
...
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
** in pRecv.  pRecv is assumed to be uninitialized when
** this routine is called - this routine will initialize it.
**
** The server address is contain in the "g" global structure.  The
** url_parse() routine should have been called prior to this routine
** in order to fill this structure appropriately.
*/
void http_exchange(Blob *pSend, Blob *pReply, int useLogin){
  Blob login;           /* The login card */
  Blob payload;         /* The complete payload including login card */
  Blob hdr;             /* The HTTP request header */
  int closeConnection;  /* True to close the connection when done */
  int iLength;          /* Length of the reply payload */
  int rc;               /* Result code */
  int iHttpVersion;     /* Which version of HTTP protocol server uses */
................................................................................
  int i;                /* Loop counter */

  if( transport_open() ){
    fossil_fatal(transport_errmsg());
  }

  /* Construct the login card and prepare the complete payload */
  blob_zero(&login);
  if( useLogin ) http_build_login_card(pSend, &login);
  if( g.fHttpTrace ){
    payload = login;
    blob_append(&payload, blob_buffer(pSend), blob_size(pSend));
  }else{
    blob_compress2(&login, pSend, &payload);
    blob_reset(&login);
  }

Changes to src/xfer.c.

384
385
386
387
388
389
390



391
392
393
394
395
396
397
....
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
*/
int check_login(Blob *pLogin, Blob *pNonce, Blob *pSig){
  Stmt q;
  int rc = -1;
  char *zLogin = blob_terminate(pLogin);
  defossilize(zLogin);




  db_prepare(&q,
     "SELECT pw, cap, uid FROM user"
     " WHERE login=%Q"
     "   AND login NOT IN ('anonymous','nobody','developer','reader')"
     "   AND length(pw)>0",
     zLogin
  );
................................................................................
            xfer.nFileSent, xfer.nDeltaSent);
    nCardSent = 0;
    nCardRcvd = 0;
    xfer.nFileSent = 0;
    xfer.nDeltaSent = 0;
    xfer.nGimmeSent = 0;
    fflush(stdout);
    http_exchange(&send, &recv);
    blob_reset(&send);

    /* Begin constructing the next message (which might never be
    ** sent) by beginning with the pull or push cards
    */
    if( pullFlag ){
      blob_appendf(&send, "pull %s %s\n", zSCode, zPCode);







>
>
>







 







|







384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
....
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
*/
int check_login(Blob *pLogin, Blob *pNonce, Blob *pSig){
  Stmt q;
  int rc = -1;
  char *zLogin = blob_terminate(pLogin);
  defossilize(zLogin);

  if( strcmp(zLogin, "nobody")==0 || strcmp(zLogin,"anonymous")==0 ){
    return 0;   /* Anybody is allowed to sync as "nobody" or "anonymous" */
  }
  db_prepare(&q,
     "SELECT pw, cap, uid FROM user"
     " WHERE login=%Q"
     "   AND login NOT IN ('anonymous','nobody','developer','reader')"
     "   AND length(pw)>0",
     zLogin
  );
................................................................................
            xfer.nFileSent, xfer.nDeltaSent);
    nCardSent = 0;
    nCardRcvd = 0;
    xfer.nFileSent = 0;
    xfer.nDeltaSent = 0;
    xfer.nGimmeSent = 0;
    fflush(stdout);
    http_exchange(&send, &recv, cloneFlag==0 || nCycle>0);
    blob_reset(&send);

    /* Begin constructing the next message (which might never be
    ** sent) by beginning with the pull or push cards
    */
    if( pullFlag ){
      blob_appendf(&send, "pull %s %s\n", zSCode, zPCode);