Fossil SCM
Merge the latest trunk changes into the versionable-settings branch.
Commit
9c915adb0a3d84c5032867e69d650797c59741cc
Parent
3fa5cfaec83f357…
4 files changed
+1
-1
+8
-4
+7
+9
M
Makefile
+1
-1
| --- Makefile | ||
| +++ Makefile | ||
| @@ -58,11 +58,11 @@ | ||
| 58 | 58 | |
| 59 | 59 | # You should not need to change anything below this line |
| 60 | 60 | ############################################################################### |
| 61 | 61 | # |
| 62 | 62 | # Automatic platform-specific options. |
| 63 | -HOST_OS!= uname -s | |
| 63 | +HOST_OS :sh = uname -s | |
| 64 | 64 | |
| 65 | 65 | LIB.SunOS= -lsocket -lnsl |
| 66 | 66 | LIB += $(LIB.$(HOST_OS)) |
| 67 | 67 | |
| 68 | 68 | TCC.DragonFly += -DUSE_PREAD |
| 69 | 69 |
| --- Makefile | |
| +++ Makefile | |
| @@ -58,11 +58,11 @@ | |
| 58 | |
| 59 | # You should not need to change anything below this line |
| 60 | ############################################################################### |
| 61 | # |
| 62 | # Automatic platform-specific options. |
| 63 | HOST_OS!= uname -s |
| 64 | |
| 65 | LIB.SunOS= -lsocket -lnsl |
| 66 | LIB += $(LIB.$(HOST_OS)) |
| 67 | |
| 68 | TCC.DragonFly += -DUSE_PREAD |
| 69 |
| --- Makefile | |
| +++ Makefile | |
| @@ -58,11 +58,11 @@ | |
| 58 | |
| 59 | # You should not need to change anything below this line |
| 60 | ############################################################################### |
| 61 | # |
| 62 | # Automatic platform-specific options. |
| 63 | HOST_OS :sh = uname -s |
| 64 | |
| 65 | LIB.SunOS= -lsocket -lnsl |
| 66 | LIB += $(LIB.$(HOST_OS)) |
| 67 | |
| 68 | TCC.DragonFly += -DUSE_PREAD |
| 69 |
+8
-4
| --- src/cgi.c | ||
| +++ src/cgi.c | ||
| @@ -191,20 +191,24 @@ | ||
| 191 | 191 | const char *zName, /* Name of the cookie */ |
| 192 | 192 | const char *zValue, /* Value of the cookie. Automatically escaped */ |
| 193 | 193 | const char *zPath, /* Path cookie applies to. NULL means "/" */ |
| 194 | 194 | int lifetime /* Expiration of the cookie in seconds from now */ |
| 195 | 195 | ){ |
| 196 | + char *zSecure = ""; | |
| 196 | 197 | if( zPath==0 ) zPath = g.zTop; |
| 198 | + if( g.zBaseURL!=0 && strncmp(g.zBaseURL, "https:", 6)==0 ){ | |
| 199 | + zSecure = " secure;"; | |
| 200 | + } | |
| 197 | 201 | if( lifetime>0 ){ |
| 198 | 202 | lifetime += (int)time(0); |
| 199 | 203 | blob_appendf(&extraHeader, |
| 200 | - "Set-Cookie: %s=%t; Path=%s; expires=%z; Version=1\r\n", | |
| 201 | - zName, zValue, zPath, cgi_rfc822_datestamp(lifetime)); | |
| 204 | + "Set-Cookie: %s=%t; Path=%s; expires=%z; HttpOnly;%s Version=1\r\n", | |
| 205 | + zName, zValue, zPath, cgi_rfc822_datestamp(lifetime), zSecure); | |
| 202 | 206 | }else{ |
| 203 | 207 | blob_appendf(&extraHeader, |
| 204 | - "Set-Cookie: %s=%t; Path=%s; Version=1\r\n", | |
| 205 | - zName, zValue, zPath); | |
| 208 | + "Set-Cookie: %s=%t; Path=%s; HttpOnly;%s Version=1\r\n", | |
| 209 | + zName, zValue, zPath, zSecure); | |
| 206 | 210 | } |
| 207 | 211 | } |
| 208 | 212 | |
| 209 | 213 | #if 0 |
| 210 | 214 | /* |
| 211 | 215 |
| --- src/cgi.c | |
| +++ src/cgi.c | |
| @@ -191,20 +191,24 @@ | |
| 191 | const char *zName, /* Name of the cookie */ |
| 192 | const char *zValue, /* Value of the cookie. Automatically escaped */ |
| 193 | const char *zPath, /* Path cookie applies to. NULL means "/" */ |
| 194 | int lifetime /* Expiration of the cookie in seconds from now */ |
| 195 | ){ |
| 196 | if( zPath==0 ) zPath = g.zTop; |
| 197 | if( lifetime>0 ){ |
| 198 | lifetime += (int)time(0); |
| 199 | blob_appendf(&extraHeader, |
| 200 | "Set-Cookie: %s=%t; Path=%s; expires=%z; Version=1\r\n", |
| 201 | zName, zValue, zPath, cgi_rfc822_datestamp(lifetime)); |
| 202 | }else{ |
| 203 | blob_appendf(&extraHeader, |
| 204 | "Set-Cookie: %s=%t; Path=%s; Version=1\r\n", |
| 205 | zName, zValue, zPath); |
| 206 | } |
| 207 | } |
| 208 | |
| 209 | #if 0 |
| 210 | /* |
| 211 |
| --- src/cgi.c | |
| +++ src/cgi.c | |
| @@ -191,20 +191,24 @@ | |
| 191 | const char *zName, /* Name of the cookie */ |
| 192 | const char *zValue, /* Value of the cookie. Automatically escaped */ |
| 193 | const char *zPath, /* Path cookie applies to. NULL means "/" */ |
| 194 | int lifetime /* Expiration of the cookie in seconds from now */ |
| 195 | ){ |
| 196 | char *zSecure = ""; |
| 197 | if( zPath==0 ) zPath = g.zTop; |
| 198 | if( g.zBaseURL!=0 && strncmp(g.zBaseURL, "https:", 6)==0 ){ |
| 199 | zSecure = " secure;"; |
| 200 | } |
| 201 | if( lifetime>0 ){ |
| 202 | lifetime += (int)time(0); |
| 203 | blob_appendf(&extraHeader, |
| 204 | "Set-Cookie: %s=%t; Path=%s; expires=%z; HttpOnly;%s Version=1\r\n", |
| 205 | zName, zValue, zPath, cgi_rfc822_datestamp(lifetime), zSecure); |
| 206 | }else{ |
| 207 | blob_appendf(&extraHeader, |
| 208 | "Set-Cookie: %s=%t; Path=%s; HttpOnly;%s Version=1\r\n", |
| 209 | zName, zValue, zPath, zSecure); |
| 210 | } |
| 211 | } |
| 212 | |
| 213 | #if 0 |
| 214 | /* |
| 215 |
+7
| --- src/config.h | ||
| +++ src/config.h | ||
| @@ -82,10 +82,17 @@ | ||
| 82 | 82 | |
| 83 | 83 | #ifndef _RC_COMPILE_ |
| 84 | 84 | |
| 85 | 85 | #include "sqlite3.h" |
| 86 | 86 | |
| 87 | +/* | |
| 88 | +** On Solaris, getpass() will only return up to 8 characters. getpassphrase() returns up to 257. | |
| 89 | +*/ | |
| 90 | +#if defined(__sun__) || defined(sun) | |
| 91 | + #define getpass getpassphrase | |
| 92 | +#endif | |
| 93 | + | |
| 87 | 94 | /* |
| 88 | 95 | ** Typedef for a 64-bit integer |
| 89 | 96 | */ |
| 90 | 97 | typedef sqlite3_int64 i64; |
| 91 | 98 | typedef sqlite3_uint64 u64; |
| 92 | 99 |
| --- src/config.h | |
| +++ src/config.h | |
| @@ -82,10 +82,17 @@ | |
| 82 | |
| 83 | #ifndef _RC_COMPILE_ |
| 84 | |
| 85 | #include "sqlite3.h" |
| 86 | |
| 87 | /* |
| 88 | ** Typedef for a 64-bit integer |
| 89 | */ |
| 90 | typedef sqlite3_int64 i64; |
| 91 | typedef sqlite3_uint64 u64; |
| 92 |
| --- src/config.h | |
| +++ src/config.h | |
| @@ -82,10 +82,17 @@ | |
| 82 | |
| 83 | #ifndef _RC_COMPILE_ |
| 84 | |
| 85 | #include "sqlite3.h" |
| 86 | |
| 87 | /* |
| 88 | ** On Solaris, getpass() will only return up to 8 characters. getpassphrase() returns up to 257. |
| 89 | */ |
| 90 | #if defined(__sun__) || defined(sun) |
| 91 | #define getpass getpassphrase |
| 92 | #endif |
| 93 | |
| 94 | /* |
| 95 | ** Typedef for a 64-bit integer |
| 96 | */ |
| 97 | typedef sqlite3_int64 i64; |
| 98 | typedef sqlite3_uint64 u64; |
| 99 |
+9
| --- src/http_ssl.c | ||
| +++ src/http_ssl.c | ||
| @@ -182,15 +182,24 @@ | ||
| 182 | 182 | if( SSL_get_verify_result(ssl) != X509_V_OK ){ |
| 183 | 183 | char *desc, *prompt; |
| 184 | 184 | char *warning = ""; |
| 185 | 185 | Blob ans; |
| 186 | 186 | BIO *mem; |
| 187 | + unsigned char md[32]; | |
| 188 | + unsigned int mdLength = 31; | |
| 187 | 189 | |
| 188 | 190 | mem = BIO_new(BIO_s_mem()); |
| 189 | 191 | X509_NAME_print_ex(mem, X509_get_subject_name(cert), 2, XN_FLAG_MULTILINE); |
| 190 | 192 | BIO_puts(mem, "\n\nIssued By:\n\n"); |
| 191 | 193 | X509_NAME_print_ex(mem, X509_get_issuer_name(cert), 2, XN_FLAG_MULTILINE); |
| 194 | + BIO_puts(mem, "\n\nSHA1 Fingerprint:\n\n "); | |
| 195 | + if(X509_digest(cert, EVP_sha1(), md, &mdLength)){ | |
| 196 | + int j; | |
| 197 | + for( j = 0; j < mdLength; ++j ) { | |
| 198 | + BIO_printf(mem, " %02x", md[j]); | |
| 199 | + } | |
| 200 | + } | |
| 192 | 201 | BIO_write(mem, "", 1); // null-terminate mem buffer |
| 193 | 202 | BIO_get_mem_data(mem, &desc); |
| 194 | 203 | |
| 195 | 204 | if( hasSavedCertificate ){ |
| 196 | 205 | warning = "WARNING: Certificate doesn't match the " |
| 197 | 206 |
| --- src/http_ssl.c | |
| +++ src/http_ssl.c | |
| @@ -182,15 +182,24 @@ | |
| 182 | if( SSL_get_verify_result(ssl) != X509_V_OK ){ |
| 183 | char *desc, *prompt; |
| 184 | char *warning = ""; |
| 185 | Blob ans; |
| 186 | BIO *mem; |
| 187 | |
| 188 | mem = BIO_new(BIO_s_mem()); |
| 189 | X509_NAME_print_ex(mem, X509_get_subject_name(cert), 2, XN_FLAG_MULTILINE); |
| 190 | BIO_puts(mem, "\n\nIssued By:\n\n"); |
| 191 | X509_NAME_print_ex(mem, X509_get_issuer_name(cert), 2, XN_FLAG_MULTILINE); |
| 192 | BIO_write(mem, "", 1); // null-terminate mem buffer |
| 193 | BIO_get_mem_data(mem, &desc); |
| 194 | |
| 195 | if( hasSavedCertificate ){ |
| 196 | warning = "WARNING: Certificate doesn't match the " |
| 197 |
| --- src/http_ssl.c | |
| +++ src/http_ssl.c | |
| @@ -182,15 +182,24 @@ | |
| 182 | if( SSL_get_verify_result(ssl) != X509_V_OK ){ |
| 183 | char *desc, *prompt; |
| 184 | char *warning = ""; |
| 185 | Blob ans; |
| 186 | BIO *mem; |
| 187 | unsigned char md[32]; |
| 188 | unsigned int mdLength = 31; |
| 189 | |
| 190 | mem = BIO_new(BIO_s_mem()); |
| 191 | X509_NAME_print_ex(mem, X509_get_subject_name(cert), 2, XN_FLAG_MULTILINE); |
| 192 | BIO_puts(mem, "\n\nIssued By:\n\n"); |
| 193 | X509_NAME_print_ex(mem, X509_get_issuer_name(cert), 2, XN_FLAG_MULTILINE); |
| 194 | BIO_puts(mem, "\n\nSHA1 Fingerprint:\n\n "); |
| 195 | if(X509_digest(cert, EVP_sha1(), md, &mdLength)){ |
| 196 | int j; |
| 197 | for( j = 0; j < mdLength; ++j ) { |
| 198 | BIO_printf(mem, " %02x", md[j]); |
| 199 | } |
| 200 | } |
| 201 | BIO_write(mem, "", 1); // null-terminate mem buffer |
| 202 | BIO_get_mem_data(mem, &desc); |
| 203 | |
| 204 | if( hasSavedCertificate ){ |
| 205 | warning = "WARNING: Certificate doesn't match the " |
| 206 |