Fossil SCM

Fix the "fossil tls-config remove-exception" command so that it works without triggering authorizer exceptions. [forum:/forumpost/64d919b2cf|Forum post 64d919b2cf].

drh 2021-10-11 10:18 trunk
Commit 156c890a2e71d980b3f1b4565b24584130e7677df8b9a79c5f11fe4813ddf45f
Parent 160bd677316cc8d…
1 file changed +2 -2
~ src/http_ssl.c
M src/http_ssl.c
+2 -2
--- src/http_ssl.c
+++ src/http_ssl.c
@@ -586,18 +586,16 @@
586586
 Blob sql;
587587
 char *zSep = "(";
588588
 db_begin_transaction();
589589
 blob_init(&sql, 0, 0);
590590
 if( g.argc==4 && find_option("all",0,0)!=0 ){
591
- db_unprotect(PROTECT_CONFIG);
592591
 blob_append_sql(&sql,
593592
 "DELETE FROM global_config WHERE name GLOB 'cert:*';\n"
594593
 "DELETE FROM global_config WHERE name GLOB 'trusted:*';\n"
595594
 "DELETE FROM config WHERE name GLOB 'cert:*';\n"
596595
 "DELETE FROM config WHERE name GLOB 'trusted:*';\n"
597596
 );
598
- db_protect_pop();
599597
 }else{
600598
 if( g.argc<4 ){
601599
 usage("remove-exception DOMAIN-NAME ...");
602600
 }
603601
 blob_append_sql(&sql,"DELETE FROM global_config WHERE name IN ");
@@ -614,11 +612,13 @@
614612
 zSep/*safe-for-%s*/, g.argv[i], g.argv[i]);
615613
 zSep = ",";
616614
 }
617615
 blob_append_sql(&sql,");");
618616
 }
617
+ db_unprotect(PROTECT_CONFIG);
619618
 db_exec_sql(blob_str(&sql));
619
+ db_protect_pop();
620620
 db_commit_transaction();
621621
 blob_reset(&sql);
622622
 }else
623623
 /*default*/{
624624
 fossil_fatal("unknown sub-command \"%s\".\nshould be one of:"
625625
--- src/http_ssl.c
+++ src/http_ssl.c
@@ -586,18 +586,16 @@
586 Blob sql;
587 char *zSep = "(";
588 db_begin_transaction();
589 blob_init(&sql, 0, 0);
590 if( g.argc==4 && find_option("all",0,0)!=0 ){
591 db_unprotect(PROTECT_CONFIG);
592 blob_append_sql(&sql,
593 "DELETE FROM global_config WHERE name GLOB 'cert:*';\n"
594 "DELETE FROM global_config WHERE name GLOB 'trusted:*';\n"
595 "DELETE FROM config WHERE name GLOB 'cert:*';\n"
596 "DELETE FROM config WHERE name GLOB 'trusted:*';\n"
597 );
598 db_protect_pop();
599 }else{
600 if( g.argc<4 ){
601 usage("remove-exception DOMAIN-NAME ...");
602 }
603 blob_append_sql(&sql,"DELETE FROM global_config WHERE name IN ");
@@ -614,11 +612,13 @@
614 zSep/*safe-for-%s*/, g.argv[i], g.argv[i]);
615 zSep = ",";
616 }
617 blob_append_sql(&sql,");");
618 }
 
619 db_exec_sql(blob_str(&sql));
 
620 db_commit_transaction();
621 blob_reset(&sql);
622 }else
623 /*default*/{
624 fossil_fatal("unknown sub-command \"%s\".\nshould be one of:"
625
--- src/http_ssl.c
+++ src/http_ssl.c
@@ -586,18 +586,16 @@
586 Blob sql;
587 char *zSep = "(";
588 db_begin_transaction();
589 blob_init(&sql, 0, 0);
590 if( g.argc==4 && find_option("all",0,0)!=0 ){
 
591 blob_append_sql(&sql,
592 "DELETE FROM global_config WHERE name GLOB 'cert:*';\n"
593 "DELETE FROM global_config WHERE name GLOB 'trusted:*';\n"
594 "DELETE FROM config WHERE name GLOB 'cert:*';\n"
595 "DELETE FROM config WHERE name GLOB 'trusted:*';\n"
596 );
 
597 }else{
598 if( g.argc<4 ){
599 usage("remove-exception DOMAIN-NAME ...");
600 }
601 blob_append_sql(&sql,"DELETE FROM global_config WHERE name IN ");
@@ -614,11 +612,13 @@
612 zSep/*safe-for-%s*/, g.argv[i], g.argv[i]);
613 zSep = ",";
614 }
615 blob_append_sql(&sql,");");
616 }
617 db_unprotect(PROTECT_CONFIG);
618 db_exec_sql(blob_str(&sql));
619 db_protect_pop();
620 db_commit_transaction();
621 blob_reset(&sql);
622 }else
623 /*default*/{
624 fossil_fatal("unknown sub-command \"%s\".\nshould be one of:"
625

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button