Fossil SCM
Do not save the password for syncing operations if the user denied the save password prompt or if the FOSSIL_SECURITY_LEVEL environment variable is ≥1.
Commit
2916ec970b2dfbefaa893650b4bb7e09c9cc29973aa38129abfec1ff39693ce5
Parent
72d8240457db851…
1 file changed
+1
-1
+1
-1
| --- src/http.c | ||
| +++ src/http.c | ||
| @@ -108,11 +108,11 @@ | ||
| 108 | 108 | zProjectCode = db_get("parent-project-code", 0); |
| 109 | 109 | }else{ |
| 110 | 110 | zProjectCode = db_get("project-code", 0); |
| 111 | 111 | } |
| 112 | 112 | zPw = sha1_shared_secret(zPw, zLogin, zProjectCode); |
| 113 | - if( g.url.pwConfig!=0 ){ | |
| 113 | + if( g.url.pwConfig!=0 && (g.url.flags & URL_REMEMBER_PW)!=0 ){ | |
| 114 | 114 | char *x = obscure(zPw); |
| 115 | 115 | db_set(g.url.pwConfig/*works-like:"x"*/, x, 0); |
| 116 | 116 | fossil_free(x); |
| 117 | 117 | } |
| 118 | 118 | fossil_free(g.url.passwd); |
| 119 | 119 |
| --- src/http.c | |
| +++ src/http.c | |
| @@ -108,11 +108,11 @@ | |
| 108 | zProjectCode = db_get("parent-project-code", 0); |
| 109 | }else{ |
| 110 | zProjectCode = db_get("project-code", 0); |
| 111 | } |
| 112 | zPw = sha1_shared_secret(zPw, zLogin, zProjectCode); |
| 113 | if( g.url.pwConfig!=0 ){ |
| 114 | char *x = obscure(zPw); |
| 115 | db_set(g.url.pwConfig/*works-like:"x"*/, x, 0); |
| 116 | fossil_free(x); |
| 117 | } |
| 118 | fossil_free(g.url.passwd); |
| 119 |
| --- src/http.c | |
| +++ src/http.c | |
| @@ -108,11 +108,11 @@ | |
| 108 | zProjectCode = db_get("parent-project-code", 0); |
| 109 | }else{ |
| 110 | zProjectCode = db_get("project-code", 0); |
| 111 | } |
| 112 | zPw = sha1_shared_secret(zPw, zLogin, zProjectCode); |
| 113 | if( g.url.pwConfig!=0 && (g.url.flags & URL_REMEMBER_PW)!=0 ){ |
| 114 | char *x = obscure(zPw); |
| 115 | db_set(g.url.pwConfig/*works-like:"x"*/, x, 0); |
| 116 | fossil_free(x); |
| 117 | } |
| 118 | fossil_free(g.url.passwd); |
| 119 |