Fossil SCM

Fix a bug in the /xfer login logic.

drh 2007-07-30 18:38 trunk

Commit bfe6e64f94a6407a3f4270c5f97ec0f4a7ba58d2

Parent 947842fb0ba593e…

2 files changed +4 -1 +1

~ src/http.c ~ src/xfer.c

M src/http.c

+4 -1

		--- src/http.c
		+++ src/http.c
		@@ -175,13 +175,16 @@
175	175	char *zPrompt = mprintf("password for %s: ", g.urlUser);
176	176	Blob x;
177	177	prompt_for_password(zPrompt, &x, 0);
178	178	free(zPrompt);
179	179	g.urlPasswd = blob_str(&x);
180		- blob_append(&pw, g.urlPasswd, -1);
	180	+ }else{
	181	+ g.urlPasswd = "";
181	182	}
182	183	}
	184	+ blob_append(&pw, g.urlPasswd, -1);
	185	+ /* printf("presig=[%s]\n", blob_str(&pw)); */
183	186	sha1sum_blob(&pw, &sig);
184	187	blob_appendf(&login, "login %s %b %b\n", g.urlUser, &nonce, &sig);
185	188	}
186	189	blob_reset(&nonce);
187	190	blob_reset(&pw);
188	191

	--- src/http.c
	+++ src/http.c
	@@ -175,13 +175,16 @@
175	char *zPrompt = mprintf("password for %s: ", g.urlUser);
176	Blob x;
177	prompt_for_password(zPrompt, &x, 0);
178	free(zPrompt);
179	g.urlPasswd = blob_str(&x);
180	blob_append(&pw, g.urlPasswd, -1);

181	}
182	}


183	sha1sum_blob(&pw, &sig);
184	blob_appendf(&login, "login %s %b %b\n", g.urlUser, &nonce, &sig);
185	}
186	blob_reset(&nonce);
187	blob_reset(&pw);
188

	--- src/http.c
	+++ src/http.c
	@@ -175,13 +175,16 @@
175	char *zPrompt = mprintf("password for %s: ", g.urlUser);
176	Blob x;
177	prompt_for_password(zPrompt, &x, 0);
178	free(zPrompt);
179	g.urlPasswd = blob_str(&x);
180	}else{
181	g.urlPasswd = "";
182	}
183	}
184	blob_append(&pw, g.urlPasswd, -1);
185	/* printf("presig=[%s]\n", blob_str(&pw)); */
186	sha1sum_blob(&pw, &sig);
187	blob_appendf(&login, "login %s %b %b\n", g.urlUser, &nonce, &sig);
188	}
189	blob_reset(&nonce);
190	blob_reset(&pw);
191

M src/xfer.c

+1

		--- src/xfer.c
		+++ src/xfer.c
		@@ -230,10 +230,11 @@
230	230	blob_zero(&pw);
231	231	db_ephemeral_blob(&q, 0, &pw);
232	232	blob_zero(&combined);
233	233	blob_copy(&combined, pNonce);
234	234	blob_append(&combined, blob_buffer(&pw), blob_size(&pw));
	235	+ /* CGIDEBUG(("presig=[%s]\n", blob_str(&combined))); */
235	236	sha1sum_blob(&combined, &hash);
236	237	rc = blob_compare(&hash, pSig);
237	238	blob_reset(&hash);
238	239	blob_reset(&combined);
239	240	if( rc==0 ){
240	241

	--- src/xfer.c
	+++ src/xfer.c
	@@ -230,10 +230,11 @@
230	blob_zero(&pw);
231	db_ephemeral_blob(&q, 0, &pw);
232	blob_zero(&combined);
233	blob_copy(&combined, pNonce);
234	blob_append(&combined, blob_buffer(&pw), blob_size(&pw));

235	sha1sum_blob(&combined, &hash);
236	rc = blob_compare(&hash, pSig);
237	blob_reset(&hash);
238	blob_reset(&combined);
239	if( rc==0 ){
240

	--- src/xfer.c
	+++ src/xfer.c
	@@ -230,10 +230,11 @@
230	blob_zero(&pw);
231	db_ephemeral_blob(&q, 0, &pw);
232	blob_zero(&combined);
233	blob_copy(&combined, pNonce);
234	blob_append(&combined, blob_buffer(&pw), blob_size(&pw));
235	/* CGIDEBUG(("presig=[%s]\n", blob_str(&combined))); */
236	sha1sum_blob(&combined, &hash);
237	rc = blob_compare(&hash, pSig);
238	blob_reset(&hash);
239	blob_reset(&combined);
240	if( rc==0 ){
241

Keyboard Shortcuts

Open search /

Next entry (timeline) j

Previous entry (timeline) k

Open focused entry Enter

Show this help ?

Toggle theme Top nav button