Fossil SCM
Remove HTTP usernames from SYNCLOG entries.
Commit
40170e6164a2b7e1dfccc4fd92528c01e1e5828a899ffdc05855ac561436cbb3
Parent
dc861e5f2b9edb2…
1 file changed
+33
-1
+33
-1
| --- src/sync.c | ||
| +++ src/sync.c | ||
| @@ -91,26 +91,56 @@ | ||
| 91 | 91 | azOther[i] = 0; |
| 92 | 92 | } |
| 93 | 93 | fossil_free(azOther); |
| 94 | 94 | return nErr; |
| 95 | 95 | } |
| 96 | + | |
| 97 | +/* | |
| 98 | +** Modify the URL to remove the username/password. | |
| 99 | +*/ | |
| 100 | +static void remove_url_username(char *z){ | |
| 101 | + int i, j; | |
| 102 | + for(i=0; z[i] && z[i]!='/'; i++){} | |
| 103 | + if( z[i+1]!='/' ) return; | |
| 104 | + i += 2; | |
| 105 | + for(j=i; z[j] && z[j]!='@'; j++){} | |
| 106 | + if( z[j]==0 ) return; | |
| 107 | + j++; | |
| 108 | + do{ | |
| 109 | + z[i++] = z[j]; | |
| 110 | + }while( z[j++]!=0 ); | |
| 111 | +} | |
| 96 | 112 | |
| 97 | 113 | /* |
| 98 | 114 | ** Make a new entry, or update an existing entry, in the SYNCLOG table. |
| 99 | 115 | ** |
| 100 | 116 | ** For an ordinary push/pull, zType is NULL. But it may also be a string |
| 101 | 117 | ** describing non-standard operations. For example zType might be "git" |
| 102 | 118 | ** when doing a "fossil git export", or zType might be "import" when doing |
| 103 | 119 | ** a "fossil pull --from-parent-project". |
| 120 | +** | |
| 121 | +** Usernames are stripped from the zFrom and zTo URLs | |
| 104 | 122 | */ |
| 105 | 123 | void sync_log_entry( |
| 106 | 124 | const char *zFrom, /* Content comes from this machine */ |
| 107 | 125 | const char *zTo, /* Content goes to this machine */ |
| 108 | 126 | i64 iTime, /* Transfer time, or 0 for "now" */ |
| 109 | 127 | const char *zType /* Type of sync. NULL for normal */ |
| 110 | 128 | ){ |
| 129 | + char *zFree1 = 0; | |
| 130 | + char *zFree2 = 0; | |
| 111 | 131 | schema_synclog(); |
| 132 | + if( sqlite3_strglob("http*://*@*", zFrom)==0 ){ | |
| 133 | + zFree1 = fossil_strdup(zFrom); | |
| 134 | + remove_url_username(zFree1); | |
| 135 | + zFrom = zFree1; | |
| 136 | + } | |
| 137 | + if( sqlite3_strglob("http*://*@*", zTo)==0 ){ | |
| 138 | + zFree2 = fossil_strdup(zTo); | |
| 139 | + remove_url_username(zFree2); | |
| 140 | + zTo = zFree2; | |
| 141 | + } | |
| 112 | 142 | if( iTime<=0 ){ |
| 113 | 143 | db_multi_exec( |
| 114 | 144 | "INSERT INTO repository.synclog(sfrom,sto,stime,stype)" |
| 115 | 145 | " VALUES(%Q,%Q,unixepoch(),%Q)" |
| 116 | 146 | " ON CONFLICT DO UPDATE SET stime=unixepoch()", |
| @@ -122,10 +152,12 @@ | ||
| 122 | 152 | " VALUES(%Q,%Q,%lld,%Q)" |
| 123 | 153 | " ON CONFLICT DO UPDATE SET stime=%lld WHERE stime<%lld", |
| 124 | 154 | zFrom, zTo, iTime, zType, iTime, iTime |
| 125 | 155 | ); |
| 126 | 156 | } |
| 157 | + fossil_free(zFree1); | |
| 158 | + fossil_free(zFree2); | |
| 127 | 159 | } |
| 128 | 160 | |
| 129 | 161 | |
| 130 | 162 | /* |
| 131 | 163 | ** If the repository is configured for autosyncing, then do an |
| @@ -755,11 +787,11 @@ | ||
| 755 | 787 | ** together with the time since the most recent push or pull. |
| 756 | 788 | */ |
| 757 | 789 | void synclog_cmd(void){ |
| 758 | 790 | Stmt q; |
| 759 | 791 | int cnt; |
| 760 | - const int nIndent = 3; | |
| 792 | + const int nIndent = 2; | |
| 761 | 793 | db_find_and_open_repository(0,0); |
| 762 | 794 | db_prepare(&q, |
| 763 | 795 | "WITH allpull(xfrom,xto,xtime) AS MATERIALIZED (\n" |
| 764 | 796 | " SELECT sfrom, sto, max(stime) FROM synclog GROUP BY 1\n" |
| 765 | 797 | "),\n" |
| 766 | 798 |
| --- src/sync.c | |
| +++ src/sync.c | |
| @@ -91,26 +91,56 @@ | |
| 91 | azOther[i] = 0; |
| 92 | } |
| 93 | fossil_free(azOther); |
| 94 | return nErr; |
| 95 | } |
| 96 | |
| 97 | /* |
| 98 | ** Make a new entry, or update an existing entry, in the SYNCLOG table. |
| 99 | ** |
| 100 | ** For an ordinary push/pull, zType is NULL. But it may also be a string |
| 101 | ** describing non-standard operations. For example zType might be "git" |
| 102 | ** when doing a "fossil git export", or zType might be "import" when doing |
| 103 | ** a "fossil pull --from-parent-project". |
| 104 | */ |
| 105 | void sync_log_entry( |
| 106 | const char *zFrom, /* Content comes from this machine */ |
| 107 | const char *zTo, /* Content goes to this machine */ |
| 108 | i64 iTime, /* Transfer time, or 0 for "now" */ |
| 109 | const char *zType /* Type of sync. NULL for normal */ |
| 110 | ){ |
| 111 | schema_synclog(); |
| 112 | if( iTime<=0 ){ |
| 113 | db_multi_exec( |
| 114 | "INSERT INTO repository.synclog(sfrom,sto,stime,stype)" |
| 115 | " VALUES(%Q,%Q,unixepoch(),%Q)" |
| 116 | " ON CONFLICT DO UPDATE SET stime=unixepoch()", |
| @@ -122,10 +152,12 @@ | |
| 122 | " VALUES(%Q,%Q,%lld,%Q)" |
| 123 | " ON CONFLICT DO UPDATE SET stime=%lld WHERE stime<%lld", |
| 124 | zFrom, zTo, iTime, zType, iTime, iTime |
| 125 | ); |
| 126 | } |
| 127 | } |
| 128 | |
| 129 | |
| 130 | /* |
| 131 | ** If the repository is configured for autosyncing, then do an |
| @@ -755,11 +787,11 @@ | |
| 755 | ** together with the time since the most recent push or pull. |
| 756 | */ |
| 757 | void synclog_cmd(void){ |
| 758 | Stmt q; |
| 759 | int cnt; |
| 760 | const int nIndent = 3; |
| 761 | db_find_and_open_repository(0,0); |
| 762 | db_prepare(&q, |
| 763 | "WITH allpull(xfrom,xto,xtime) AS MATERIALIZED (\n" |
| 764 | " SELECT sfrom, sto, max(stime) FROM synclog GROUP BY 1\n" |
| 765 | "),\n" |
| 766 |
| --- src/sync.c | |
| +++ src/sync.c | |
| @@ -91,26 +91,56 @@ | |
| 91 | azOther[i] = 0; |
| 92 | } |
| 93 | fossil_free(azOther); |
| 94 | return nErr; |
| 95 | } |
| 96 | |
| 97 | /* |
| 98 | ** Modify the URL to remove the username/password. |
| 99 | */ |
| 100 | static void remove_url_username(char *z){ |
| 101 | int i, j; |
| 102 | for(i=0; z[i] && z[i]!='/'; i++){} |
| 103 | if( z[i+1]!='/' ) return; |
| 104 | i += 2; |
| 105 | for(j=i; z[j] && z[j]!='@'; j++){} |
| 106 | if( z[j]==0 ) return; |
| 107 | j++; |
| 108 | do{ |
| 109 | z[i++] = z[j]; |
| 110 | }while( z[j++]!=0 ); |
| 111 | } |
| 112 | |
| 113 | /* |
| 114 | ** Make a new entry, or update an existing entry, in the SYNCLOG table. |
| 115 | ** |
| 116 | ** For an ordinary push/pull, zType is NULL. But it may also be a string |
| 117 | ** describing non-standard operations. For example zType might be "git" |
| 118 | ** when doing a "fossil git export", or zType might be "import" when doing |
| 119 | ** a "fossil pull --from-parent-project". |
| 120 | ** |
| 121 | ** Usernames are stripped from the zFrom and zTo URLs |
| 122 | */ |
| 123 | void sync_log_entry( |
| 124 | const char *zFrom, /* Content comes from this machine */ |
| 125 | const char *zTo, /* Content goes to this machine */ |
| 126 | i64 iTime, /* Transfer time, or 0 for "now" */ |
| 127 | const char *zType /* Type of sync. NULL for normal */ |
| 128 | ){ |
| 129 | char *zFree1 = 0; |
| 130 | char *zFree2 = 0; |
| 131 | schema_synclog(); |
| 132 | if( sqlite3_strglob("http*://*@*", zFrom)==0 ){ |
| 133 | zFree1 = fossil_strdup(zFrom); |
| 134 | remove_url_username(zFree1); |
| 135 | zFrom = zFree1; |
| 136 | } |
| 137 | if( sqlite3_strglob("http*://*@*", zTo)==0 ){ |
| 138 | zFree2 = fossil_strdup(zTo); |
| 139 | remove_url_username(zFree2); |
| 140 | zTo = zFree2; |
| 141 | } |
| 142 | if( iTime<=0 ){ |
| 143 | db_multi_exec( |
| 144 | "INSERT INTO repository.synclog(sfrom,sto,stime,stype)" |
| 145 | " VALUES(%Q,%Q,unixepoch(),%Q)" |
| 146 | " ON CONFLICT DO UPDATE SET stime=unixepoch()", |
| @@ -122,10 +152,12 @@ | |
| 152 | " VALUES(%Q,%Q,%lld,%Q)" |
| 153 | " ON CONFLICT DO UPDATE SET stime=%lld WHERE stime<%lld", |
| 154 | zFrom, zTo, iTime, zType, iTime, iTime |
| 155 | ); |
| 156 | } |
| 157 | fossil_free(zFree1); |
| 158 | fossil_free(zFree2); |
| 159 | } |
| 160 | |
| 161 | |
| 162 | /* |
| 163 | ** If the repository is configured for autosyncing, then do an |
| @@ -755,11 +787,11 @@ | |
| 787 | ** together with the time since the most recent push or pull. |
| 788 | */ |
| 789 | void synclog_cmd(void){ |
| 790 | Stmt q; |
| 791 | int cnt; |
| 792 | const int nIndent = 2; |
| 793 | db_find_and_open_repository(0,0); |
| 794 | db_prepare(&q, |
| 795 | "WITH allpull(xfrom,xto,xtime) AS MATERIALIZED (\n" |
| 796 | " SELECT sfrom, sto, max(stime) FROM synclog GROUP BY 1\n" |
| 797 | "),\n" |
| 798 |