Fossil SCM

Fix another case where PROTECT_READONLY needs to be relaxed even though the request not from the same origin.

drh 2022-12-31 18:51 trunk

Commit 03e21b9cd51d859b1812a35030084a618fa883809dc41388a347c21f03711bbf

Parent fbcd9a77b75fa8d…

2 files changed +1 -1 +12 -8

M src/db.c

+1 -1

		--- src/db.c
		+++ src/db.c
		@@ -137,11 +137,11 @@
137	137	int (xAuth)(void,int,const char,const char,const char,const char);
138	138	void pAuthArg; / Argument to the authorizer */
139	139	const char zAuthName; / Name of the authorizer */
140	140	int bProtectTriggers; /* True if protection triggers already exist */
141	141	int nProtect; /* Slots of aProtect used */
142		- unsigned aProtect[10]; /* Saved values of protectMask */
	142	+ unsigned aProtect[12]; /* Saved values of protectMask */
143	143	} db = {
144	144	PROTECT_USER\|PROTECT_CONFIG\|PROTECT_BASELINE, /* protectMask */
145	145	0, 0, 0, 0, 0, 0, };
146	146
147	147	/*
148	148

	--- src/db.c
	+++ src/db.c
	@@ -137,11 +137,11 @@
137	int (xAuth)(void,int,const char,const char,const char,const char);
138	void pAuthArg; / Argument to the authorizer */
139	const char zAuthName; / Name of the authorizer */
140	int bProtectTriggers; /* True if protection triggers already exist */
141	int nProtect; /* Slots of aProtect used */
142	unsigned aProtect[10]; /* Saved values of protectMask */
143	} db = {
144	PROTECT_USER\|PROTECT_CONFIG\|PROTECT_BASELINE, /* protectMask */
145	0, 0, 0, 0, 0, 0, };
146
147	/*
148

	--- src/db.c
	+++ src/db.c
	@@ -137,11 +137,11 @@
137	int (xAuth)(void,int,const char,const char,const char,const char);
138	void pAuthArg; / Argument to the authorizer */
139	const char zAuthName; / Name of the authorizer */
140	int bProtectTriggers; /* True if protection triggers already exist */
141	int nProtect; /* Slots of aProtect used */
142	unsigned aProtect[12]; /* Saved values of protectMask */
143	} db = {
144	PROTECT_USER\|PROTECT_CONFIG\|PROTECT_BASELINE, /* protectMask */
145	0, 0, 0, 0, 0, 0, };
146
147	/*
148

M src/login.c

+12 -8

		--- src/login.c
		+++ src/login.c
		@@ -152,18 +152,22 @@
152	152
153	153	/*
154	154	** Make sure the accesslog table exists. Create it if it does not
155	155	*/
156	156	void create_accesslog_table(void){
157		- db_multi_exec(
158		- "CREATE TABLE IF NOT EXISTS repository.accesslog("
159		- " uname TEXT,"
160		- " ipaddr TEXT,"
161		- " success BOOLEAN,"
162		- " mtime TIMESTAMP"
163		- ");"
164		- );
	157	+ if( !db_table_exists("repository","accesslog") ){
	158	+ db_unprotect(PROTECT_READONLY);
	159	+ db_multi_exec(
	160	+ "CREATE TABLE IF NOT EXISTS repository.accesslog("
	161	+ " uname TEXT,"
	162	+ " ipaddr TEXT,"
	163	+ " success BOOLEAN,"
	164	+ " mtime TIMESTAMP"
	165	+ ");"
	166	+ );
	167	+ db_protect_pop();
	168	+ }
165	169	}
166	170
167	171	/*
168	172	** Make a record of a login attempt, if login record keeping is enabled.
169	173	*/
170	174

	--- src/login.c
	+++ src/login.c
	@@ -152,18 +152,22 @@
152
153	/*
154	** Make sure the accesslog table exists. Create it if it does not
155	*/
156	void create_accesslog_table(void){
157	db_multi_exec(
158	"CREATE TABLE IF NOT EXISTS repository.accesslog("
159	" uname TEXT,"
160	" ipaddr TEXT,"
161	" success BOOLEAN,"
162	" mtime TIMESTAMP"
163	");"
164	);




165	}
166
167	/*
168	** Make a record of a login attempt, if login record keeping is enabled.
169	*/
170

	--- src/login.c
	+++ src/login.c
	@@ -152,18 +152,22 @@
152
153	/*
154	** Make sure the accesslog table exists. Create it if it does not
155	*/
156	void create_accesslog_table(void){
157	if( !db_table_exists("repository","accesslog") ){
158	db_unprotect(PROTECT_READONLY);
159	db_multi_exec(
160	"CREATE TABLE IF NOT EXISTS repository.accesslog("
161	" uname TEXT,"
162	" ipaddr TEXT,"
163	" success BOOLEAN,"
164	" mtime TIMESTAMP"
165	");"
166	);
167	db_protect_pop();
168	}
169	}
170
171	/*
172	** Make a record of a login attempt, if login record keeping is enabled.
173	*/
174