Fossil SCM

Merge from trunk

brickviking 2024-11-05 09:55 bv-corrections01 merge
Commit e367ca73732011d92ea3d013839ecc7286e3d412173d243e1a0d1a9d2d2f1b97
Parent f8aa183761b9e19…
9 files changed +1 -1 +7 -6 +2 -2 +1 -1 +4 +40 -2 +1 -1 +1 -1 +1
~ BUILD.txt ~ skins/default/css.txt ~ src/checkin.c ~ src/diff.c ~ src/http.c ~ src/http_ssl.c ~ src/main.mk ~ tools/makemake.tcl ~ www/changes.wiki
M BUILD.txt
+1 -1
--- BUILD.txt
+++ BUILD.txt
@@ -42,11 +42,11 @@
4242
 mkdir build
4343
 cd build
4444
 ../configure
4545
 make
4646
47
-This will now keep all generates files separate from the maintained
47
+This will now keep all generated files separate from the maintained
4848
 source code.
4949
5050
 --------------------------------------------------------------------------
5151
5252
 Here are some notes on what is happening behind the scenes:
5353
--- BUILD.txt
+++ BUILD.txt
@@ -42,11 +42,11 @@
42 mkdir build
43 cd build
44 ../configure
45 make
46
47 This will now keep all generates files separate from the maintained
48 source code.
49
50 --------------------------------------------------------------------------
51
52 Here are some notes on what is happening behind the scenes:
53
--- BUILD.txt
+++ BUILD.txt
@@ -42,11 +42,11 @@
42 mkdir build
43 cd build
44 ../configure
45 make
46
47 This will now keep all generated files separate from the maintained
48 source code.
49
50 --------------------------------------------------------------------------
51
52 Here are some notes on what is happening behind the scenes:
53
M skins/default/css.txt
+7 -6
--- skins/default/css.txt
+++ skins/default/css.txt
@@ -42,10 +42,11 @@
4242
 .artifact h1.page-title,
4343
 .dir h1.page-title,
4444
 .doc h1.page-title,
4545
 .wiki h1.page-title {
4646
 display: block; /* …for potentially long doc titles… */
47
+ color: #444;
4748
 }
4849
 .artifact .title > .page-title,
4950
 .dir .title > .page-title,
5051
 .doc .title > .page-title,
5152
 .wiki .title > .page-title {
@@ -725,16 +726,16 @@
725726
 margin-left: 20pt; /* special case for MD in forum; need less indent */
726727
 }
727728
728729
 /* Fossil UI uses these, but in sufficiently constrained ways that we
729730
 * don't have to be nearly as careful to avoid an overreach. */
730
- .doc > .content h1, .artifact h1, .dir h1, .fileedit h1, .wiki h1 { margin-left: 10pt; }
731
- .doc > .content h2, .artifact h2, .dir h2, .fileedit h2, .wiki h2 { margin-left: 20pt; }
732
- .doc > .content h3, .artifact h3, .dir h3, .fileedit h3, .wiki h3 { margin-left: 30pt; }
733
- .doc > .content h4, .artifact h4, .dir h4, .fileedit h4, .wiki h4 { margin-left: 40pt; }
734
- .doc > .content h5, .artifact h5, .dir h5, .fileedit h5, .wiki h5 { margin-left: 50pt; }
735
- .doc > .content hr, .artifact hr, .dir hr, .fileedit hr, .wiki hr { margin-left: 10pt; }
731
+ .doc > .content h1, .artifact .content h1, .dir .content h1, .fileedit .content h1, .wiki .content h1 { margin-left: 10pt; }
732
+ .doc > .content h2, .artifact .content h2, .dir .content h2, .fileedit .content h2, .wiki .content h2 { margin-left: 20pt; }
733
+ .doc > .content h3, .artifact .content h3, .dir .content h3, .fileedit .content h3, .wiki .content h3 { margin-left: 30pt; }
734
+ .doc > .content h4, .artifact .content h4, .dir .content h4, .fileedit .content h4, .wiki .content h4 { margin-left: 40pt; }
735
+ .doc > .content h5, .artifact .content h5, .dir .content h5, .fileedit .content h5, .wiki .content h5 { margin-left: 50pt; }
736
+ .doc > .content hr, .artifact .content hr, .dir .content hr, .fileedit .content hr, .wiki .content hr { margin-left: 10pt; }
736737
737738
 /* Don't need to be nearly as careful with tags Fossil UI doesn't use. */
738739
 .doc dd, .artifact dd, .dir dd, .fileedit dd, .wikiedit dd { margin-left: 30pt; margin-bottom: 1em; }
739740
 .doc dl, .artifact dl, .dir dl, .fileedit dl, .wikiedit dl { margin-left: 60pt; }
740741
 .doc dt, .artifact dt, .dir dt, .fileedit dt, .wikiedit dt { margin-left: 10pt; }
741742
--- skins/default/css.txt
+++ skins/default/css.txt
@@ -42,10 +42,11 @@
42 .artifact h1.page-title,
43 .dir h1.page-title,
44 .doc h1.page-title,
45 .wiki h1.page-title {
46 display: block; /* …for potentially long doc titles… */
 
47 }
48 .artifact .title > .page-title,
49 .dir .title > .page-title,
50 .doc .title > .page-title,
51 .wiki .title > .page-title {
@@ -725,16 +726,16 @@
725 margin-left: 20pt; /* special case for MD in forum; need less indent */
726 }
727
728 /* Fossil UI uses these, but in sufficiently constrained ways that we
729 * don't have to be nearly as careful to avoid an overreach. */
730 .doc > .content h1, .artifact h1, .dir h1, .fileedit h1, .wiki h1 { margin-left: 10pt; }
731 .doc > .content h2, .artifact h2, .dir h2, .fileedit h2, .wiki h2 { margin-left: 20pt; }
732 .doc > .content h3, .artifact h3, .dir h3, .fileedit h3, .wiki h3 { margin-left: 30pt; }
733 .doc > .content h4, .artifact h4, .dir h4, .fileedit h4, .wiki h4 { margin-left: 40pt; }
734 .doc > .content h5, .artifact h5, .dir h5, .fileedit h5, .wiki h5 { margin-left: 50pt; }
735 .doc > .content hr, .artifact hr, .dir hr, .fileedit hr, .wiki hr { margin-left: 10pt; }
736
737 /* Don't need to be nearly as careful with tags Fossil UI doesn't use. */
738 .doc dd, .artifact dd, .dir dd, .fileedit dd, .wikiedit dd { margin-left: 30pt; margin-bottom: 1em; }
739 .doc dl, .artifact dl, .dir dl, .fileedit dl, .wikiedit dl { margin-left: 60pt; }
740 .doc dt, .artifact dt, .dir dt, .fileedit dt, .wikiedit dt { margin-left: 10pt; }
741
--- skins/default/css.txt
+++ skins/default/css.txt
@@ -42,10 +42,11 @@
42 .artifact h1.page-title,
43 .dir h1.page-title,
44 .doc h1.page-title,
45 .wiki h1.page-title {
46 display: block; /* …for potentially long doc titles… */
47 color: #444;
48 }
49 .artifact .title > .page-title,
50 .dir .title > .page-title,
51 .doc .title > .page-title,
52 .wiki .title > .page-title {
@@ -725,16 +726,16 @@
726 margin-left: 20pt; /* special case for MD in forum; need less indent */
727 }
728
729 /* Fossil UI uses these, but in sufficiently constrained ways that we
730 * don't have to be nearly as careful to avoid an overreach. */
731 .doc > .content h1, .artifact .content h1, .dir .content h1, .fileedit .content h1, .wiki .content h1 { margin-left: 10pt; }
732 .doc > .content h2, .artifact .content h2, .dir .content h2, .fileedit .content h2, .wiki .content h2 { margin-left: 20pt; }
733 .doc > .content h3, .artifact .content h3, .dir .content h3, .fileedit .content h3, .wiki .content h3 { margin-left: 30pt; }
734 .doc > .content h4, .artifact .content h4, .dir .content h4, .fileedit .content h4, .wiki .content h4 { margin-left: 40pt; }
735 .doc > .content h5, .artifact .content h5, .dir .content h5, .fileedit .content h5, .wiki .content h5 { margin-left: 50pt; }
736 .doc > .content hr, .artifact .content hr, .dir .content hr, .fileedit .content hr, .wiki .content hr { margin-left: 10pt; }
737
738 /* Don't need to be nearly as careful with tags Fossil UI doesn't use. */
739 .doc dd, .artifact dd, .dir dd, .fileedit dd, .wikiedit dd { margin-left: 30pt; margin-bottom: 1em; }
740 .doc dl, .artifact dl, .dir dl, .fileedit dl, .wikiedit dl { margin-left: 60pt; }
741 .doc dt, .artifact dt, .dir dt, .fileedit dt, .wikiedit dt { margin-left: 10pt; }
742
M src/checkin.c
+2 -2
--- src/checkin.c
+++ src/checkin.c
@@ -967,12 +967,12 @@
967967
 /*
968968
 ** COMMAND: tree
969969
 **
970970
 ** Usage: %fossil tree ?OPTIONS? ?PATHS ...?
971971
 **
972
-** List all files in the current check-out in after the fashion of the
973
-** "tree" command. If PATHS is included, only the named files
972
+** List all files in the current check-out much like the "tree"
973
+** command does. If PATHS is included, only the named files
974974
 ** (or their children if directories) are shown.
975975
 **
976976
 ** Options:
977977
 ** -r VERSION The specific check-in to list
978978
 ** -R|--repository REPO Extract info from repository REPO
979979
--- src/checkin.c
+++ src/checkin.c
@@ -967,12 +967,12 @@
967 /*
968 ** COMMAND: tree
969 **
970 ** Usage: %fossil tree ?OPTIONS? ?PATHS ...?
971 **
972 ** List all files in the current check-out in after the fashion of the
973 ** "tree" command. If PATHS is included, only the named files
974 ** (or their children if directories) are shown.
975 **
976 ** Options:
977 ** -r VERSION The specific check-in to list
978 ** -R|--repository REPO Extract info from repository REPO
979
--- src/checkin.c
+++ src/checkin.c
@@ -967,12 +967,12 @@
967 /*
968 ** COMMAND: tree
969 **
970 ** Usage: %fossil tree ?OPTIONS? ?PATHS ...?
971 **
972 ** List all files in the current check-out much like the "tree"
973 ** command does. If PATHS is included, only the named files
974 ** (or their children if directories) are shown.
975 **
976 ** Options:
977 ** -r VERSION The specific check-in to list
978 ** -R|--repository REPO Extract info from repository REPO
979
M src/diff.c
+1 -1
--- src/diff.c
+++ src/diff.c
@@ -2462,11 +2462,11 @@
24622462
 int span; /* combined width of the input sequences */
24632463
 int cutoff = 4; /* Max hash chain entries to follow */
24642464
 int nextCutoff = -1; /* Value of cutoff for next iteration */
24652465
24662466
 span = (iE1 - iS1) + (iE2 - iS2);
2467
- bestScore = -10000;
2467
+ bestScore = -9223300000*(sqlite3_int64)1000000000;
24682468
 score = 0;
24692469
 iSXb = iSXp = iS1;
24702470
 iEXb = iEXp = iS1;
24712471
 iSYb = iSYp = iS2;
24722472
 iEYb = iEYp = iS2;
24732473
--- src/diff.c
+++ src/diff.c
@@ -2462,11 +2462,11 @@
2462 int span; /* combined width of the input sequences */
2463 int cutoff = 4; /* Max hash chain entries to follow */
2464 int nextCutoff = -1; /* Value of cutoff for next iteration */
2465
2466 span = (iE1 - iS1) + (iE2 - iS2);
2467 bestScore = -10000;
2468 score = 0;
2469 iSXb = iSXp = iS1;
2470 iEXb = iEXp = iS1;
2471 iSYb = iSYp = iS2;
2472 iEYb = iEYp = iS2;
2473
--- src/diff.c
+++ src/diff.c
@@ -2462,11 +2462,11 @@
2462 int span; /* combined width of the input sequences */
2463 int cutoff = 4; /* Max hash chain entries to follow */
2464 int nextCutoff = -1; /* Value of cutoff for next iteration */
2465
2466 span = (iE1 - iS1) + (iE2 - iS2);
2467 bestScore = -9223300000*(sqlite3_int64)1000000000;
2468 score = 0;
2469 iSXb = iSXp = iS1;
2470 iEXb = iEXp = iS1;
2471 iSYb = iSYp = iS2;
2472 iEYb = iEYp = iS2;
2473
M src/http.c
+4
--- src/http.c
+++ src/http.c
@@ -768,10 +768,11 @@
768768
 ** a GET request where there is no PAYLOAD.
769769
 **
770770
 ** Options:
771771
 ** --compress Use ZLIB compression on the payload
772772
 ** --mimetype TYPE Mimetype of the payload
773
+** --no-cert-verify Disable TLS cert verification
773774
 ** --out FILE Store the reply in FILE
774775
 ** -v Verbose output
775776
 ** --xfer PAYLOAD in a Fossil xfer protocol message
776777
 */
777778
 void test_httpmsg_command(void){
@@ -783,10 +784,13 @@
783784
784785
 zMimetype = find_option("mimetype",0,1);
785786
 zOutFile = find_option("out","o",1);
786787
 if( find_option("verbose","v",0)!=0 ) mHttpFlags |= HTTP_VERBOSE;
787788
 if( find_option("compress",0,0)!=0 ) mHttpFlags &= ~HTTP_NOCOMPRESS;
789
+ if( find_option("no-cert-verify",0,0)!=0 ){
790
+ ssl_disable_cert_verification();
791
+ }
788792
 if( find_option("xfer",0,0)!=0 ){
789793
 mHttpFlags |= HTTP_USE_LOGIN;
790794
 mHttpFlags &= ~HTTP_GENERIC;
791795
 }
792796
 verify_all_options();
793797
--- src/http.c
+++ src/http.c
@@ -768,10 +768,11 @@
768 ** a GET request where there is no PAYLOAD.
769 **
770 ** Options:
771 ** --compress Use ZLIB compression on the payload
772 ** --mimetype TYPE Mimetype of the payload
 
773 ** --out FILE Store the reply in FILE
774 ** -v Verbose output
775 ** --xfer PAYLOAD in a Fossil xfer protocol message
776 */
777 void test_httpmsg_command(void){
@@ -783,10 +784,13 @@
783
784 zMimetype = find_option("mimetype",0,1);
785 zOutFile = find_option("out","o",1);
786 if( find_option("verbose","v",0)!=0 ) mHttpFlags |= HTTP_VERBOSE;
787 if( find_option("compress",0,0)!=0 ) mHttpFlags &= ~HTTP_NOCOMPRESS;
 
 
 
788 if( find_option("xfer",0,0)!=0 ){
789 mHttpFlags |= HTTP_USE_LOGIN;
790 mHttpFlags &= ~HTTP_GENERIC;
791 }
792 verify_all_options();
793
--- src/http.c
+++ src/http.c
@@ -768,10 +768,11 @@
768 ** a GET request where there is no PAYLOAD.
769 **
770 ** Options:
771 ** --compress Use ZLIB compression on the payload
772 ** --mimetype TYPE Mimetype of the payload
773 ** --no-cert-verify Disable TLS cert verification
774 ** --out FILE Store the reply in FILE
775 ** -v Verbose output
776 ** --xfer PAYLOAD in a Fossil xfer protocol message
777 */
778 void test_httpmsg_command(void){
@@ -783,10 +784,13 @@
784
785 zMimetype = find_option("mimetype",0,1);
786 zOutFile = find_option("out","o",1);
787 if( find_option("verbose","v",0)!=0 ) mHttpFlags |= HTTP_VERBOSE;
788 if( find_option("compress",0,0)!=0 ) mHttpFlags &= ~HTTP_NOCOMPRESS;
789 if( find_option("no-cert-verify",0,0)!=0 ){
790 ssl_disable_cert_verification();
791 }
792 if( find_option("xfer",0,0)!=0 ){
793 mHttpFlags |= HTTP_USE_LOGIN;
794 mHttpFlags &= ~HTTP_GENERIC;
795 }
796 verify_all_options();
797
M src/http_ssl.c
+40 -2
--- src/http_ssl.c
+++ src/http_ssl.c
@@ -247,11 +247,11 @@
247247
248248
 /*
249249
 ** Call this routine once before any other use of the SSL interface.
250250
 ** This routine does initial configuration of the SSL module.
251251
 */
252
-static void ssl_global_init_client(void){
252
+static void ssl_global_init_client(int bDebug){
253253
 const char *identityFile;
254254
255255
 if( sslIsInit==0 ){
256256
 const char *zFile;
257257
 const char *zCaFile = 0;
@@ -301,10 +301,30 @@
301301
 zCaFile = zFile;
302302
 zCaDirectory = 0;
303303
 break;
304304
 }
305305
 }
306
+ if( zFile ) break;
307
+ }
308
+ if( bDebug ){
309
+ fossil_print("case-0: X509_get_default_cert_file_env = %s\n",
310
+ X509_get_default_cert_file_env());
311
+ fossil_print("case-1: X509_get_default_cert_dir_env = %s\n",
312
+ X509_get_default_cert_dir_env());
313
+ fossil_print("case-2: ssl-ca-location = %s\n",
314
+ g.repositoryOpen ? db_get("ssl-ca-location","(none)") : "(none)");
315
+ fossil_print("case-3: X509_get_default_cert_file = %s\n",
316
+ X509_get_default_cert_file());
317
+ fossil_print("case-4: X509_get_default_cert_dir = %s\n",
318
+ X509_get_default_cert_dir());
319
+ if( i>=5 ){
320
+ fossil_print("No trust store found.\n");
321
+ }else{
322
+ fossil_print("case-used = %d\n"
323
+ "zCaFile = %s\n"
324
+ "zCaDirectory = %s\n", i, zCaFile, zCaDirectory);
325
+ }
306326
 }
307327
 if( zFile==0 ){
308328
 /* fossil_fatal("Cannot find a trust store"); */
309329
 }else if( SSL_CTX_load_verify_locations(sslCtx, zCaFile, zCaDirectory)==0 ){
310330
 fossil_fatal("Cannot load CA root certificates from %s", zFile);
@@ -333,15 +353,22 @@
333353
 identityFile = g.zSSLIdentity;
334354
 }else{
335355
 identityFile = db_get("ssl-identity", 0);
336356
 }
337357
 if( identityFile!=0 && identityFile[0]!='\0' ){
358
+ if( bDebug ){
359
+ fossil_print("identifyFile = %s\n", identityFile);
360
+ }
338361
 if( SSL_CTX_use_certificate_chain_file(sslCtx,identityFile)!=1
339362
 || SSL_CTX_use_PrivateKey_file(sslCtx,identityFile,SSL_FILETYPE_PEM)!=1
340363
 ){
341364
 fossil_fatal("Could not load SSL identity from %s", identityFile);
342365
 }
366
+ }else{
367
+ if( bDebug ){
368
+ fossil_print("No identify file found.\n");
369
+ }
343370
 }
344371
 /* Register a callback to tell the user what to do when the server asks
345372
 ** for a cert */
346373
 SSL_CTX_set_client_cert_cb(sslCtx, ssl_client_cert_callback);
347374
@@ -359,10 +386,21 @@
359386
 SSL_CTX_free(sslCtx);
360387
 ssl_clear_errmsg();
361388
 sslIsInit = 0;
362389
 }
363390
 }
391
+
392
+/*
393
+** COMMAND: test-trust-store
394
+**
395
+** Show the trust store that is used by OpenSSL.
396
+*/
397
+void test_openssl_trust_store(void){
398
+ ssl_global_init_client(1);
399
+ ssl_global_shutdown();
400
+}
401
+
364402
365403
 /*
366404
 ** Close the currently open client SSL connection. If no connection is open,
367405
 ** this routine is a no-op.
368406
 */
@@ -446,11 +484,11 @@
446484
 */
447485
 int ssl_open_client(UrlData *pUrlData){
448486
 X509 *cert;
449487
 const char *zRemoteHost;
450488
451
- ssl_global_init_client();
489
+ ssl_global_init_client(0);
452490
 if( pUrlData->useProxy ){
453491
 int rc;
454492
 char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port);
455493
 BIO *sBio = BIO_new_connect(connStr);
456494
 free(connStr);
457495
--- src/http_ssl.c
+++ src/http_ssl.c
@@ -247,11 +247,11 @@
247
248 /*
249 ** Call this routine once before any other use of the SSL interface.
250 ** This routine does initial configuration of the SSL module.
251 */
252 static void ssl_global_init_client(void){
253 const char *identityFile;
254
255 if( sslIsInit==0 ){
256 const char *zFile;
257 const char *zCaFile = 0;
@@ -301,10 +301,30 @@
301 zCaFile = zFile;
302 zCaDirectory = 0;
303 break;
304 }
305 }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
306 }
307 if( zFile==0 ){
308 /* fossil_fatal("Cannot find a trust store"); */
309 }else if( SSL_CTX_load_verify_locations(sslCtx, zCaFile, zCaDirectory)==0 ){
310 fossil_fatal("Cannot load CA root certificates from %s", zFile);
@@ -333,15 +353,22 @@
333 identityFile = g.zSSLIdentity;
334 }else{
335 identityFile = db_get("ssl-identity", 0);
336 }
337 if( identityFile!=0 && identityFile[0]!='\0' ){
 
 
 
338 if( SSL_CTX_use_certificate_chain_file(sslCtx,identityFile)!=1
339 || SSL_CTX_use_PrivateKey_file(sslCtx,identityFile,SSL_FILETYPE_PEM)!=1
340 ){
341 fossil_fatal("Could not load SSL identity from %s", identityFile);
342 }
 
 
 
 
343 }
344 /* Register a callback to tell the user what to do when the server asks
345 ** for a cert */
346 SSL_CTX_set_client_cert_cb(sslCtx, ssl_client_cert_callback);
347
@@ -359,10 +386,21 @@
359 SSL_CTX_free(sslCtx);
360 ssl_clear_errmsg();
361 sslIsInit = 0;
362 }
363 }
 
 
 
 
 
 
 
 
 
 
 
364
365 /*
366 ** Close the currently open client SSL connection. If no connection is open,
367 ** this routine is a no-op.
368 */
@@ -446,11 +484,11 @@
446 */
447 int ssl_open_client(UrlData *pUrlData){
448 X509 *cert;
449 const char *zRemoteHost;
450
451 ssl_global_init_client();
452 if( pUrlData->useProxy ){
453 int rc;
454 char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port);
455 BIO *sBio = BIO_new_connect(connStr);
456 free(connStr);
457
--- src/http_ssl.c
+++ src/http_ssl.c
@@ -247,11 +247,11 @@
247
248 /*
249 ** Call this routine once before any other use of the SSL interface.
250 ** This routine does initial configuration of the SSL module.
251 */
252 static void ssl_global_init_client(int bDebug){
253 const char *identityFile;
254
255 if( sslIsInit==0 ){
256 const char *zFile;
257 const char *zCaFile = 0;
@@ -301,10 +301,30 @@
301 zCaFile = zFile;
302 zCaDirectory = 0;
303 break;
304 }
305 }
306 if( zFile ) break;
307 }
308 if( bDebug ){
309 fossil_print("case-0: X509_get_default_cert_file_env = %s\n",
310 X509_get_default_cert_file_env());
311 fossil_print("case-1: X509_get_default_cert_dir_env = %s\n",
312 X509_get_default_cert_dir_env());
313 fossil_print("case-2: ssl-ca-location = %s\n",
314 g.repositoryOpen ? db_get("ssl-ca-location","(none)") : "(none)");
315 fossil_print("case-3: X509_get_default_cert_file = %s\n",
316 X509_get_default_cert_file());
317 fossil_print("case-4: X509_get_default_cert_dir = %s\n",
318 X509_get_default_cert_dir());
319 if( i>=5 ){
320 fossil_print("No trust store found.\n");
321 }else{
322 fossil_print("case-used = %d\n"
323 "zCaFile = %s\n"
324 "zCaDirectory = %s\n", i, zCaFile, zCaDirectory);
325 }
326 }
327 if( zFile==0 ){
328 /* fossil_fatal("Cannot find a trust store"); */
329 }else if( SSL_CTX_load_verify_locations(sslCtx, zCaFile, zCaDirectory)==0 ){
330 fossil_fatal("Cannot load CA root certificates from %s", zFile);
@@ -333,15 +353,22 @@
353 identityFile = g.zSSLIdentity;
354 }else{
355 identityFile = db_get("ssl-identity", 0);
356 }
357 if( identityFile!=0 && identityFile[0]!='\0' ){
358 if( bDebug ){
359 fossil_print("identifyFile = %s\n", identityFile);
360 }
361 if( SSL_CTX_use_certificate_chain_file(sslCtx,identityFile)!=1
362 || SSL_CTX_use_PrivateKey_file(sslCtx,identityFile,SSL_FILETYPE_PEM)!=1
363 ){
364 fossil_fatal("Could not load SSL identity from %s", identityFile);
365 }
366 }else{
367 if( bDebug ){
368 fossil_print("No identify file found.\n");
369 }
370 }
371 /* Register a callback to tell the user what to do when the server asks
372 ** for a cert */
373 SSL_CTX_set_client_cert_cb(sslCtx, ssl_client_cert_callback);
374
@@ -359,10 +386,21 @@
386 SSL_CTX_free(sslCtx);
387 ssl_clear_errmsg();
388 sslIsInit = 0;
389 }
390 }
391
392 /*
393 ** COMMAND: test-trust-store
394 **
395 ** Show the trust store that is used by OpenSSL.
396 */
397 void test_openssl_trust_store(void){
398 ssl_global_init_client(1);
399 ssl_global_shutdown();
400 }
401
402
403 /*
404 ** Close the currently open client SSL connection. If no connection is open,
405 ** this routine is a no-op.
406 */
@@ -446,11 +484,11 @@
484 */
485 int ssl_open_client(UrlData *pUrlData){
486 X509 *cert;
487 const char *zRemoteHost;
488
489 ssl_global_init_client(0);
490 if( pUrlData->useProxy ){
491 int rc;
492 char *connStr = mprintf("%s:%d", g.url.name, pUrlData->port);
493 BIO *sBio = BIO_new_connect(connStr);
494 free(connStr);
495
M src/main.mk
+1 -1
--- src/main.mk
+++ src/main.mk
@@ -704,11 +704,11 @@
704704
705705
 # The USE_LINENOISE variable may be undefined, set to 0, or set
706706
 # to 1. If it is set to 0, then there is no need to build or link
707707
 # the linenoise.o object.
708708
 LINENOISE_DEF.0 =
709
-LINENOISE_DEF.1 = -DHAVE_LINENOISE
709
+LINENOISE_DEF.1 = -DHAVE_LINENOISE=2
710710
 LINENOISE_DEF. = $(LINENOISE_DEF.0)
711711
 LINENOISE_OBJ.0 =
712712
 LINENOISE_OBJ.1 = $(OBJDIR)/linenoise.o
713713
 LINENOISE_OBJ. = $(LINENOISE_OBJ.0)
714714
715715
--- src/main.mk
+++ src/main.mk
@@ -704,11 +704,11 @@
704
705 # The USE_LINENOISE variable may be undefined, set to 0, or set
706 # to 1. If it is set to 0, then there is no need to build or link
707 # the linenoise.o object.
708 LINENOISE_DEF.0 =
709 LINENOISE_DEF.1 = -DHAVE_LINENOISE
710 LINENOISE_DEF. = $(LINENOISE_DEF.0)
711 LINENOISE_OBJ.0 =
712 LINENOISE_OBJ.1 = $(OBJDIR)/linenoise.o
713 LINENOISE_OBJ. = $(LINENOISE_OBJ.0)
714
715
--- src/main.mk
+++ src/main.mk
@@ -704,11 +704,11 @@
704
705 # The USE_LINENOISE variable may be undefined, set to 0, or set
706 # to 1. If it is set to 0, then there is no need to build or link
707 # the linenoise.o object.
708 LINENOISE_DEF.0 =
709 LINENOISE_DEF.1 = -DHAVE_LINENOISE=2
710 LINENOISE_DEF. = $(LINENOISE_DEF.0)
711 LINENOISE_OBJ.0 =
712 LINENOISE_OBJ.1 = $(OBJDIR)/linenoise.o
713 LINENOISE_OBJ. = $(LINENOISE_OBJ.0)
714
715
M tools/makemake.tcl
+1 -1
--- tools/makemake.tcl
+++ tools/makemake.tcl
@@ -445,11 +445,11 @@
445445
446446
 # The USE_LINENOISE variable may be undefined, set to 0, or set
447447
 # to 1. If it is set to 0, then there is no need to build or link
448448
 # the linenoise.o object.
449449
 LINENOISE_DEF.0 =
450
-LINENOISE_DEF.1 = -DHAVE_LINENOISE
450
+LINENOISE_DEF.1 = -DHAVE_LINENOISE=2
451451
 LINENOISE_DEF. = $(LINENOISE_DEF.0)
452452
 LINENOISE_OBJ.0 =
453453
 LINENOISE_OBJ.1 = $(OBJDIR)/linenoise.o
454454
 LINENOISE_OBJ. = $(LINENOISE_OBJ.0)
455455
456456
--- tools/makemake.tcl
+++ tools/makemake.tcl
@@ -445,11 +445,11 @@
445
446 # The USE_LINENOISE variable may be undefined, set to 0, or set
447 # to 1. If it is set to 0, then there is no need to build or link
448 # the linenoise.o object.
449 LINENOISE_DEF.0 =
450 LINENOISE_DEF.1 = -DHAVE_LINENOISE
451 LINENOISE_DEF. = $(LINENOISE_DEF.0)
452 LINENOISE_OBJ.0 =
453 LINENOISE_OBJ.1 = $(OBJDIR)/linenoise.o
454 LINENOISE_OBJ. = $(LINENOISE_OBJ.0)
455
456
--- tools/makemake.tcl
+++ tools/makemake.tcl
@@ -445,11 +445,11 @@
445
446 # The USE_LINENOISE variable may be undefined, set to 0, or set
447 # to 1. If it is set to 0, then there is no need to build or link
448 # the linenoise.o object.
449 LINENOISE_DEF.0 =
450 LINENOISE_DEF.1 = -DHAVE_LINENOISE=2
451 LINENOISE_DEF. = $(LINENOISE_DEF.0)
452 LINENOISE_OBJ.0 =
453 LINENOISE_OBJ.1 = $(OBJDIR)/linenoise.o
454 LINENOISE_OBJ. = $(LINENOISE_OBJ.0)
455
456
M www/changes.wiki
+1
--- www/changes.wiki
+++ www/changes.wiki
@@ -11,10 +11,11 @@
1111
 which is more familiar to Git users. Retain the legacy name for
1212
 compatibility.
1313
 * Add new query parameters to the [/help?cmd=/timeline|/timeline page]:
1414
 d2=, p2=, and dp2=.
1515
 * Add options to the [/help?cmd=tag|fossil tag] command that will list tag values.
16
+ * Add the -b|--brief option to the [/help?cmd=status|fossil status] command.
1617
 * Add ability to upload unversioned files via the [/help?cmd=/uvlist|/uvlist page].
1718
 * Add history search to the [/help?cmd=/chat|/chat page].
1819
 * Add Unix socket support to the [/help?cmd=server|server command].
1920
 * On Windows, use the root certificates managed by the operating system
2021
 (requires OpenSSL 3.2.0 or greater).
2122
--- www/changes.wiki
+++ www/changes.wiki
@@ -11,10 +11,11 @@
11 which is more familiar to Git users. Retain the legacy name for
12 compatibility.
13 * Add new query parameters to the [/help?cmd=/timeline|/timeline page]:
14 d2=, p2=, and dp2=.
15 * Add options to the [/help?cmd=tag|fossil tag] command that will list tag values.
 
16 * Add ability to upload unversioned files via the [/help?cmd=/uvlist|/uvlist page].
17 * Add history search to the [/help?cmd=/chat|/chat page].
18 * Add Unix socket support to the [/help?cmd=server|server command].
19 * On Windows, use the root certificates managed by the operating system
20 (requires OpenSSL 3.2.0 or greater).
21
--- www/changes.wiki
+++ www/changes.wiki
@@ -11,10 +11,11 @@
11 which is more familiar to Git users. Retain the legacy name for
12 compatibility.
13 * Add new query parameters to the [/help?cmd=/timeline|/timeline page]:
14 d2=, p2=, and dp2=.
15 * Add options to the [/help?cmd=tag|fossil tag] command that will list tag values.
16 * Add the -b|--brief option to the [/help?cmd=status|fossil status] command.
17 * Add ability to upload unversioned files via the [/help?cmd=/uvlist|/uvlist page].
18 * Add history search to the [/help?cmd=/chat|/chat page].
19 * Add Unix socket support to the [/help?cmd=server|server command].
20 * On Windows, use the root certificates managed by the operating system
21 (requires OpenSSL 3.2.0 or greater).
22

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button