Fossil SCM

Use the canonical URL as the key for storing the authorization. Reset the authorization information on a redirect.

andybradford 2014-02-05 08:57 http-auth

Commit cf471cbb3f6fe7d27193cdbb6b4bdd288ef6fca2

Parent 9493a9c763c8911…

2 files changed +9 -3 +6 -3

M src/clone.c

+9 -3

		--- src/clone.c
		+++ src/clone.c
		@@ -207,38 +207,44 @@
207	207	** remember decision. Otherwise, if the URL is being changed and no preference
208	208	** has been indicated, err on the safe side and revert the decision.
209	209	** Set the global preference if the URL is not being changed.
210	210	*/
211	211	void remember_or_get_http_auth(const char zHttpAuth, int fRemember, const char zUrl){
	212	+ char *zKey = mprintf("http-auth:%s", g.urlCanonical);
212	213	if( zHttpAuth && zHttpAuth[0] ){
213	214	g.zHttpAuth = mprintf("%s", zHttpAuth);
214	215	}
215	216	if( fRemember ){
216	217	if( g.zHttpAuth && g.zHttpAuth[0] ){
217	218	set_httpauth(g.zHttpAuth);
218	219	}else if( zUrl && zUrl[0] ){
219		- db_unset("http-auth", 0);
	220	+ db_unset(zKey, 0);
220	221	}else{
221	222	g.zHttpAuth = get_httpauth();
222	223	}
223	224	}else if( g.zHttpAuth==0 && zUrl==0 ){
224	225	g.zHttpAuth = get_httpauth();
225	226	}
	227	+ free(zKey);
226	228	}
227	229
228	230	/*
229	231	** Get the HTTP Authorization preference from db.
230	232	*/
231	233	char *get_httpauth(void){
232		- return unobscure(db_get("http-auth", 0));
	234	+ char *zKey = mprintf("http-auth:%s", g.urlCanonical);
	235	+ return unobscure(db_get(zKey, 0));
	236	+ free(zKey);
233	237	}
234	238
235	239	/*
236	240	** Set the HTTP Authorization preference in db.
237	241	*/
238	242	void set_httpauth(const char *zHttpAuth){
239		- db_set("http-auth", obscure(zHttpAuth), 0);
	243	+ char *zKey = mprintf("http-auth:%s", g.urlCanonical);
	244	+ db_set(zKey, obscure(zHttpAuth), 0);
	245	+ free(zKey);
240	246	}
241	247
242	248	/*
243	249	** Look for SSH clone command line options and setup in globals.
244	250	*/
245	251

	--- src/clone.c
	+++ src/clone.c
	@@ -207,38 +207,44 @@
207	** remember decision. Otherwise, if the URL is being changed and no preference
208	** has been indicated, err on the safe side and revert the decision.
209	** Set the global preference if the URL is not being changed.
210	*/
211	void remember_or_get_http_auth(const char zHttpAuth, int fRemember, const char zUrl){

212	if( zHttpAuth && zHttpAuth[0] ){
213	g.zHttpAuth = mprintf("%s", zHttpAuth);
214	}
215	if( fRemember ){
216	if( g.zHttpAuth && g.zHttpAuth[0] ){
217	set_httpauth(g.zHttpAuth);
218	}else if( zUrl && zUrl[0] ){
219	db_unset("http-auth", 0);
220	}else{
221	g.zHttpAuth = get_httpauth();
222	}
223	}else if( g.zHttpAuth==0 && zUrl==0 ){
224	g.zHttpAuth = get_httpauth();
225	}

226	}
227
228	/*
229	** Get the HTTP Authorization preference from db.
230	*/
231	char *get_httpauth(void){
232	return unobscure(db_get("http-auth", 0));


233	}
234
235	/*
236	** Set the HTTP Authorization preference in db.
237	*/
238	void set_httpauth(const char *zHttpAuth){
239	db_set("http-auth", obscure(zHttpAuth), 0);


240	}
241
242	/*
243	** Look for SSH clone command line options and setup in globals.
244	*/
245

	--- src/clone.c
	+++ src/clone.c
	@@ -207,38 +207,44 @@
207	** remember decision. Otherwise, if the URL is being changed and no preference
208	** has been indicated, err on the safe side and revert the decision.
209	** Set the global preference if the URL is not being changed.
210	*/
211	void remember_or_get_http_auth(const char zHttpAuth, int fRemember, const char zUrl){
212	char *zKey = mprintf("http-auth:%s", g.urlCanonical);
213	if( zHttpAuth && zHttpAuth[0] ){
214	g.zHttpAuth = mprintf("%s", zHttpAuth);
215	}
216	if( fRemember ){
217	if( g.zHttpAuth && g.zHttpAuth[0] ){
218	set_httpauth(g.zHttpAuth);
219	}else if( zUrl && zUrl[0] ){
220	db_unset(zKey, 0);
221	}else{
222	g.zHttpAuth = get_httpauth();
223	}
224	}else if( g.zHttpAuth==0 && zUrl==0 ){
225	g.zHttpAuth = get_httpauth();
226	}
227	free(zKey);
228	}
229
230	/*
231	** Get the HTTP Authorization preference from db.
232	*/
233	char *get_httpauth(void){
234	char *zKey = mprintf("http-auth:%s", g.urlCanonical);
235	return unobscure(db_get(zKey, 0));
236	free(zKey);
237	}
238
239	/*
240	** Set the HTTP Authorization preference in db.
241	*/
242	void set_httpauth(const char *zHttpAuth){
243	char *zKey = mprintf("http-auth:%s", g.urlCanonical);
244	db_set(zKey, obscure(zHttpAuth), 0);
245	free(zKey);
246	}
247
248	/*
249	** Look for SSH clone command line options and setup in globals.
250	*/
251

M src/http.c

+6 -3

		--- src/http.c
		+++ src/http.c
		@@ -136,13 +136,13 @@
136	136	*/
137	137	static int use_fossil_creds_for_httpauth_prompt(void){
138	138	Blob x;
139	139	char c;
140	140	char *zPrompt = mprintf(
141		- "\n%s requires Basic Authorization over %s.\n"
142		- "Use Fossil username and password (y/N)? ", g.urlName,
143		- g.urlIsHttps==1 ? "encrypted HTTPS" : "unencrypted HTTP");
	141	+ "\n%s Authorization required by:\n%s%s\n"
	142	+ "Use Fossil username and password (y/N)? ",
	143	+ g.urlIsHttps==1 ? "Encrypted HTTPS" : "Unencrypted HTTP", g.urlCanonical);
144	144	prompt_user(zPrompt, &x);
145	145	c = blob_str(&x)[0];
146	146	blob_reset(&x);
147	147	free(zPrompt);
148	148	return ( c=='y' \|\| c=='Y' );
		@@ -337,10 +337,13 @@
337	337	j -= 4;
338	338	zLine[j] = 0;
339	339	}
340	340	fossil_print("redirect to %s\n", &zLine[i]);
341	341	url_parse(&zLine[i], 0);
	342	+ fSeenHttpAuth = 0;
	343	+ if( g.zHttpAuth ) free(g.zHttpAuth);
	344	+ g.zHttpAuth = get_httpauth();
342	345	transport_close(GLOBAL_URL());
343	346	return http_exchange(pSend, pReply, useLogin, maxRedirect);
344	347	}else if( fossil_strnicmp(zLine, "content-type: ", 14)==0 ){
345	348	if( fossil_strnicmp(&zLine[14], "application/x-fossil-debug", -1)==0 ){
346	349	isCompressed = 0;
347	350

	--- src/http.c
	+++ src/http.c
	@@ -136,13 +136,13 @@
136	*/
137	static int use_fossil_creds_for_httpauth_prompt(void){
138	Blob x;
139	char c;
140	char *zPrompt = mprintf(
141	"\n%s requires Basic Authorization over %s.\n"
142	"Use Fossil username and password (y/N)? ", g.urlName,
143	g.urlIsHttps==1 ? "encrypted HTTPS" : "unencrypted HTTP");
144	prompt_user(zPrompt, &x);
145	c = blob_str(&x)[0];
146	blob_reset(&x);
147	free(zPrompt);
148	return ( c=='y' \|\| c=='Y' );
	@@ -337,10 +337,13 @@
337	j -= 4;
338	zLine[j] = 0;
339	}
340	fossil_print("redirect to %s\n", &zLine[i]);
341	url_parse(&zLine[i], 0);



342	transport_close(GLOBAL_URL());
343	return http_exchange(pSend, pReply, useLogin, maxRedirect);
344	}else if( fossil_strnicmp(zLine, "content-type: ", 14)==0 ){
345	if( fossil_strnicmp(&zLine[14], "application/x-fossil-debug", -1)==0 ){
346	isCompressed = 0;
347

	--- src/http.c
	+++ src/http.c
	@@ -136,13 +136,13 @@
136	*/
137	static int use_fossil_creds_for_httpauth_prompt(void){
138	Blob x;
139	char c;
140	char *zPrompt = mprintf(
141	"\n%s Authorization required by:\n%s%s\n"
142	"Use Fossil username and password (y/N)? ",
143	g.urlIsHttps==1 ? "Encrypted HTTPS" : "Unencrypted HTTP", g.urlCanonical);
144	prompt_user(zPrompt, &x);
145	c = blob_str(&x)[0];
146	blob_reset(&x);
147	free(zPrompt);
148	return ( c=='y' \|\| c=='Y' );
	@@ -337,10 +337,13 @@
337	j -= 4;
338	zLine[j] = 0;
339	}
340	fossil_print("redirect to %s\n", &zLine[i]);
341	url_parse(&zLine[i], 0);
342	fSeenHttpAuth = 0;
343	if( g.zHttpAuth ) free(g.zHttpAuth);
344	g.zHttpAuth = get_httpauth();
345	transport_close(GLOBAL_URL());
346	return http_exchange(pSend, pReply, useLogin, maxRedirect);
347	}else if( fossil_strnicmp(zLine, "content-type: ", 14)==0 ){
348	if( fossil_strnicmp(&zLine[14], "application/x-fossil-debug", -1)==0 ){
349	isCompressed = 0;
350

Fossil SCM

Keyboard Shortcuts