Fossil

Check-in [6036bc62]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Verify the repository fingerprint whenever a repository is opened from a checkout database. For now, abort with an error if the fingerprint is incorrect. To do: have Fossil automatically adjust RIDs in the checkout database if the fingerprint is incorrect.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | repo-fingerprint
Files: files | file ages | folders
SHA3-256:6036bc621e10c14a0fa3ef47f79b875512b7f98a84aafc6f349717b728bf8378
User & Date: drh 2019-01-11 03:31:53
Wiki:repo-fingerprint
Context
2019-01-16
00:11
Detect when the repository associated with a check-out has been swapped out for a clone with different RID values, and give the user a warning. Still to do: automatically recover. check-in: 1b114d24 user: drh tags: trunk
2019-01-11
03:31
Verify the repository fingerprint whenever a repository is opened from a checkout database. For now, abort with an error if the fingerprint is incorrect. To do: have Fossil automatically adjust RIDs in the checkout database if the fingerprint is incorrect. Closed-Leaf check-in: 6036bc62 user: drh tags: repo-fingerprint
2019-01-10
21:07
Store "fingerprint" and "checkout-hash" in the VVAR table whenever the working checkout changes. check-in: e07139a0 user: drh tags: repo-fingerprint
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to src/db.c.

1653
1654
1655
1656
1657
1658
1659



















1660
1661
1662
1663
1664
1665
1666
....
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765


3766
3767
3768





3769
3770
3771
3772
3773
3774
3775
....
3786
3787
3788
3789
3790
3791
3792
























    db_set_int("hash-policy", g.eHashPolicy, 0);
  }

  /* Make a change to the CHECK constraint on the BLOB table for
  ** version 2.0 and later.
  */
  rebuild_schema_update_2_0();   /* Do the Fossil-2.0 schema updates */



















}

/*
** Return true if there have been any changes to the repository
** database since it was opened.
**
** Changes to "config" and "localdb" and "temp" do not count.
................................................................................
  db_finalize(&q);
  return z;
}

/*
** COMMAND: test-fingerprint
**
** Usage: %fossil test-fingerprint ?RCVID?
**
** Display the repository fingerprint.


*/
void test_fingerprint(void){
  int rcvid = 0;





  db_find_and_open_repository(OPEN_ANY_SCHEMA,0);
  if( g.argc==3 ){
    rcvid = atoi(g.argv[2]);
  }else if( g.argc!=2 ){
    fossil_fatal("wrong number of arguments");
  } 
  fossil_print("%z\n", db_fingerprint(rcvid));
................................................................................
  z = db_text(0,"SELECT uuid FROM blob WHERE rid=%d",rid);
  db_lset("checkout-hash", z);
  fossil_free(z);
  z = db_fingerprint(0);
  db_lset("fingerprint", z);
  fossil_free(z);
}































>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







 







|

|
>
>



>
>
>
>
>







 







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
....
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
3797
3798
3799
3800
3801
....
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
3840
3841
3842
    db_set_int("hash-policy", g.eHashPolicy, 0);
  }

  /* Make a change to the CHECK constraint on the BLOB table for
  ** version 2.0 and later.
  */
  rebuild_schema_update_2_0();   /* Do the Fossil-2.0 schema updates */

  /* If the checkout database was opened first, then check to make
  ** sure that the repository database that was just opened has not
  ** be replaced by a clone of the same project, with different RID
  ** values.
  */
  if( g.localOpen && !db_fingerprint_ok() ){
    fossil_print(
      "Oops. It looks like the repository database file located at\n"
      "    \"%s\"\n", zDbName
    );
    fossil_print(
      "has been swapped with a clone that may have different\n"
      "integer keys for the various artifacts. As of 2019-01-11,\n"
      "we are working on enhancing Fossil to be able to deal with\n"
      "that automatically, but we are not there yet. Sorry.\n\n"
    );
    fossil_fatal("bad fingerprint");
  }
}

/*
** Return true if there have been any changes to the repository
** database since it was opened.
**
** Changes to "config" and "localdb" and "temp" do not count.
................................................................................
  db_finalize(&q);
  return z;
}

/*
** COMMAND: test-fingerprint
**
** Usage: %fossil test-fingerprint ?RCVID? ?--check?
**
** Display the repository fingerprint.  Or if the --check option
** is provided and this command is run from a checkout, invoke the
** db_fingerprint_ok() method and print its result.
*/
void test_fingerprint(void){
  int rcvid = 0;
  if( find_option("check",0,0)!=0 ){
    db_must_be_within_tree();
    fossil_print("db_fingerprint_ok() => %d\n", db_fingerprint_ok());
    return;
  }
  db_find_and_open_repository(OPEN_ANY_SCHEMA,0);
  if( g.argc==3 ){
    rcvid = atoi(g.argv[2]);
  }else if( g.argc!=2 ){
    fossil_fatal("wrong number of arguments");
  } 
  fossil_print("%z\n", db_fingerprint(rcvid));
................................................................................
  z = db_text(0,"SELECT uuid FROM blob WHERE rid=%d",rid);
  db_lset("checkout-hash", z);
  fossil_free(z);
  z = db_fingerprint(0);
  db_lset("fingerprint", z);
  fossil_free(z);
}

/*
** Verify that the fingerprint recorded in the "fingerprint" entry
** of the VVAR table matches the fingerprint on the currently
** connected repository.  Return true if the fingerprint is ok, and
** return false if the fingerprint does not match.
*/
int db_fingerprint_ok(void){
  char *zCkout;   /* The fingerprint recorded in the checkout database */
  char *zRepo;    /* The fingerprint of the repository */
  int rc;         /* Result */

  zCkout = db_text(0,"SELECT value FROM localdb.vvar WHERE name='fingerprint'");
  if( zCkout==0 ){
    /* This is an older checkout that does not record a fingerprint.
    ** We have to assume everything is ok */
    return 2;
  }
  zRepo = db_fingerprint(atoi(zCkout));
  rc = fossil_strcmp(zCkout,zRepo)==0;
  fossil_free(zCkout);
  fossil_free(zRepo);
  return rc;
}