Fossil SCM
Automatically detect HTTP 401 status and resend with Authorization.
Commit
fcaa8ea99afd55ae9a520efdd0d84b4d4793b254
Parent
72014480dc13fc5…
5 files changed
-2
+6
-2
+1
-2
-6
-2
| --- src/clone.c | ||
| +++ src/clone.c | ||
| @@ -109,11 +109,10 @@ | ||
| 109 | 109 | ** --admin-user|-A USERNAME Make USERNAME the administrator |
| 110 | 110 | ** --once Don't save url. |
| 111 | 111 | ** --private Also clone private branches |
| 112 | 112 | ** --ssl-identity=filename Use the SSL identity if requested by the server |
| 113 | 113 | ** --ssh-command|-c 'command' Use this SSH command |
| 114 | -** --httpauth Add HTTP Basic Authorization to requests | |
| 115 | 114 | ** |
| 116 | 115 | ** See also: init |
| 117 | 116 | */ |
| 118 | 117 | void clone_cmd(void){ |
| 119 | 118 | char *zPassword; |
| @@ -122,11 +121,10 @@ | ||
| 122 | 121 | int bPrivate = 0; /* Also clone private branches */ |
| 123 | 122 | int urlFlags = URL_PROMPT_PW | URL_REMEMBER; |
| 124 | 123 | |
| 125 | 124 | if( find_option("private",0,0)!=0 ) bPrivate = SYNC_PRIVATE; |
| 126 | 125 | if( find_option("once",0,0)!=0) urlFlags &= ~URL_REMEMBER; |
| 127 | - g.fUseHttpAuth = find_option("httpauth",0,0)!=0; | |
| 128 | 126 | zDefaultUser = find_option("admin-user","A",1); |
| 129 | 127 | clone_ssh_find_options(); |
| 130 | 128 | url_proxy_options(); |
| 131 | 129 | if( g.argc < 4 ){ |
| 132 | 130 | usage("?OPTIONS? FILE-OR-URL NEW-REPOSITORY"); |
| 133 | 131 |
| --- src/clone.c | |
| +++ src/clone.c | |
| @@ -109,11 +109,10 @@ | |
| 109 | ** --admin-user|-A USERNAME Make USERNAME the administrator |
| 110 | ** --once Don't save url. |
| 111 | ** --private Also clone private branches |
| 112 | ** --ssl-identity=filename Use the SSL identity if requested by the server |
| 113 | ** --ssh-command|-c 'command' Use this SSH command |
| 114 | ** --httpauth Add HTTP Basic Authorization to requests |
| 115 | ** |
| 116 | ** See also: init |
| 117 | */ |
| 118 | void clone_cmd(void){ |
| 119 | char *zPassword; |
| @@ -122,11 +121,10 @@ | |
| 122 | int bPrivate = 0; /* Also clone private branches */ |
| 123 | int urlFlags = URL_PROMPT_PW | URL_REMEMBER; |
| 124 | |
| 125 | if( find_option("private",0,0)!=0 ) bPrivate = SYNC_PRIVATE; |
| 126 | if( find_option("once",0,0)!=0) urlFlags &= ~URL_REMEMBER; |
| 127 | g.fUseHttpAuth = find_option("httpauth",0,0)!=0; |
| 128 | zDefaultUser = find_option("admin-user","A",1); |
| 129 | clone_ssh_find_options(); |
| 130 | url_proxy_options(); |
| 131 | if( g.argc < 4 ){ |
| 132 | usage("?OPTIONS? FILE-OR-URL NEW-REPOSITORY"); |
| 133 |
| --- src/clone.c | |
| +++ src/clone.c | |
| @@ -109,11 +109,10 @@ | |
| 109 | ** --admin-user|-A USERNAME Make USERNAME the administrator |
| 110 | ** --once Don't save url. |
| 111 | ** --private Also clone private branches |
| 112 | ** --ssl-identity=filename Use the SSL identity if requested by the server |
| 113 | ** --ssh-command|-c 'command' Use this SSH command |
| 114 | ** |
| 115 | ** See also: init |
| 116 | */ |
| 117 | void clone_cmd(void){ |
| 118 | char *zPassword; |
| @@ -122,11 +121,10 @@ | |
| 121 | int bPrivate = 0; /* Also clone private branches */ |
| 122 | int urlFlags = URL_PROMPT_PW | URL_REMEMBER; |
| 123 | |
| 124 | if( find_option("private",0,0)!=0 ) bPrivate = SYNC_PRIVATE; |
| 125 | if( find_option("once",0,0)!=0) urlFlags &= ~URL_REMEMBER; |
| 126 | zDefaultUser = find_option("admin-user","A",1); |
| 127 | clone_ssh_find_options(); |
| 128 | url_proxy_options(); |
| 129 | if( g.argc < 4 ){ |
| 130 | usage("?OPTIONS? FILE-OR-URL NEW-REPOSITORY"); |
| 131 |
+6
-2
| --- src/http.c | ||
| +++ src/http.c | ||
| @@ -84,11 +84,10 @@ | ||
| 84 | 84 | ** the complete payload (including the login card) already compressed. |
| 85 | 85 | */ |
| 86 | 86 | static void http_build_header(Blob *pPayload, Blob *pHdr){ |
| 87 | 87 | int i; |
| 88 | 88 | const char *zSep; |
| 89 | - const int fUseHttpAuth = db_get_boolean("use-http-auth", 0); | |
| 90 | 89 | |
| 91 | 90 | blob_zero(pHdr); |
| 92 | 91 | i = strlen(g.urlPath); |
| 93 | 92 | if( i>0 && g.urlPath[i-1]=='/' ){ |
| 94 | 93 | zSep = ""; |
| @@ -97,11 +96,11 @@ | ||
| 97 | 96 | } |
| 98 | 97 | blob_appendf(pHdr, "POST %s%sxfer/xfer HTTP/1.0\r\n", g.urlPath, zSep); |
| 99 | 98 | if( g.urlProxyAuth ){ |
| 100 | 99 | blob_appendf(pHdr, "Proxy-Authorization: %s\r\n", g.urlProxyAuth); |
| 101 | 100 | } |
| 102 | - if( g.urlPasswd && g.urlUser && fUseHttpAuth ){ | |
| 101 | + if( g.urlPasswd && g.urlUser && g.fUseHttpAuth ){ | |
| 103 | 102 | char *zCredentials = mprintf("%s:%s", g.urlUser, g.urlPasswd); |
| 104 | 103 | char *zEncoded = encode64(zCredentials, -1); |
| 105 | 104 | blob_appendf(pHdr, "Authorization: Basic %s\r\n", zEncoded); |
| 106 | 105 | fossil_free(zEncoded); |
| 107 | 106 | fossil_free(zCredentials); |
| @@ -200,10 +199,15 @@ | ||
| 200 | 199 | iLength = -1; |
| 201 | 200 | while( (zLine = transport_receive_line(GLOBAL_URL()))!=0 && zLine[0]!=0 ){ |
| 202 | 201 | /* printf("[%s]\n", zLine); fflush(stdout); */ |
| 203 | 202 | if( fossil_strnicmp(zLine, "http/1.", 7)==0 ){ |
| 204 | 203 | if( sscanf(zLine, "HTTP/1.%d %d", &iHttpVersion, &rc)!=2 ) goto write_err; |
| 204 | + if( rc==401 ){ | |
| 205 | + g.fUseHttpAuth = 1; | |
| 206 | + transport_close(GLOBAL_URL()); | |
| 207 | + return http_exchange(pSend, pReply, useLogin, maxRedirect); | |
| 208 | + } | |
| 205 | 209 | if( rc!=200 && rc!=302 ){ |
| 206 | 210 | int ii; |
| 207 | 211 | for(ii=7; zLine[ii] && zLine[ii]!=' '; ii++){} |
| 208 | 212 | while( zLine[ii]==' ' ) ii++; |
| 209 | 213 | fossil_warning("server says: %s", &zLine[ii]); |
| 210 | 214 |
| --- src/http.c | |
| +++ src/http.c | |
| @@ -84,11 +84,10 @@ | |
| 84 | ** the complete payload (including the login card) already compressed. |
| 85 | */ |
| 86 | static void http_build_header(Blob *pPayload, Blob *pHdr){ |
| 87 | int i; |
| 88 | const char *zSep; |
| 89 | const int fUseHttpAuth = db_get_boolean("use-http-auth", 0); |
| 90 | |
| 91 | blob_zero(pHdr); |
| 92 | i = strlen(g.urlPath); |
| 93 | if( i>0 && g.urlPath[i-1]=='/' ){ |
| 94 | zSep = ""; |
| @@ -97,11 +96,11 @@ | |
| 97 | } |
| 98 | blob_appendf(pHdr, "POST %s%sxfer/xfer HTTP/1.0\r\n", g.urlPath, zSep); |
| 99 | if( g.urlProxyAuth ){ |
| 100 | blob_appendf(pHdr, "Proxy-Authorization: %s\r\n", g.urlProxyAuth); |
| 101 | } |
| 102 | if( g.urlPasswd && g.urlUser && fUseHttpAuth ){ |
| 103 | char *zCredentials = mprintf("%s:%s", g.urlUser, g.urlPasswd); |
| 104 | char *zEncoded = encode64(zCredentials, -1); |
| 105 | blob_appendf(pHdr, "Authorization: Basic %s\r\n", zEncoded); |
| 106 | fossil_free(zEncoded); |
| 107 | fossil_free(zCredentials); |
| @@ -200,10 +199,15 @@ | |
| 200 | iLength = -1; |
| 201 | while( (zLine = transport_receive_line(GLOBAL_URL()))!=0 && zLine[0]!=0 ){ |
| 202 | /* printf("[%s]\n", zLine); fflush(stdout); */ |
| 203 | if( fossil_strnicmp(zLine, "http/1.", 7)==0 ){ |
| 204 | if( sscanf(zLine, "HTTP/1.%d %d", &iHttpVersion, &rc)!=2 ) goto write_err; |
| 205 | if( rc!=200 && rc!=302 ){ |
| 206 | int ii; |
| 207 | for(ii=7; zLine[ii] && zLine[ii]!=' '; ii++){} |
| 208 | while( zLine[ii]==' ' ) ii++; |
| 209 | fossil_warning("server says: %s", &zLine[ii]); |
| 210 |
| --- src/http.c | |
| +++ src/http.c | |
| @@ -84,11 +84,10 @@ | |
| 84 | ** the complete payload (including the login card) already compressed. |
| 85 | */ |
| 86 | static void http_build_header(Blob *pPayload, Blob *pHdr){ |
| 87 | int i; |
| 88 | const char *zSep; |
| 89 | |
| 90 | blob_zero(pHdr); |
| 91 | i = strlen(g.urlPath); |
| 92 | if( i>0 && g.urlPath[i-1]=='/' ){ |
| 93 | zSep = ""; |
| @@ -97,11 +96,11 @@ | |
| 96 | } |
| 97 | blob_appendf(pHdr, "POST %s%sxfer/xfer HTTP/1.0\r\n", g.urlPath, zSep); |
| 98 | if( g.urlProxyAuth ){ |
| 99 | blob_appendf(pHdr, "Proxy-Authorization: %s\r\n", g.urlProxyAuth); |
| 100 | } |
| 101 | if( g.urlPasswd && g.urlUser && g.fUseHttpAuth ){ |
| 102 | char *zCredentials = mprintf("%s:%s", g.urlUser, g.urlPasswd); |
| 103 | char *zEncoded = encode64(zCredentials, -1); |
| 104 | blob_appendf(pHdr, "Authorization: Basic %s\r\n", zEncoded); |
| 105 | fossil_free(zEncoded); |
| 106 | fossil_free(zCredentials); |
| @@ -200,10 +199,15 @@ | |
| 199 | iLength = -1; |
| 200 | while( (zLine = transport_receive_line(GLOBAL_URL()))!=0 && zLine[0]!=0 ){ |
| 201 | /* printf("[%s]\n", zLine); fflush(stdout); */ |
| 202 | if( fossil_strnicmp(zLine, "http/1.", 7)==0 ){ |
| 203 | if( sscanf(zLine, "HTTP/1.%d %d", &iHttpVersion, &rc)!=2 ) goto write_err; |
| 204 | if( rc==401 ){ |
| 205 | g.fUseHttpAuth = 1; |
| 206 | transport_close(GLOBAL_URL()); |
| 207 | return http_exchange(pSend, pReply, useLogin, maxRedirect); |
| 208 | } |
| 209 | if( rc!=200 && rc!=302 ){ |
| 210 | int ii; |
| 211 | for(ii=7; zLine[ii] && zLine[ii]!=' '; ii++){} |
| 212 | while( zLine[ii]==' ' ) ii++; |
| 213 | fossil_warning("server says: %s", &zLine[ii]); |
| 214 |
+1
| --- src/main.c | ||
| +++ src/main.c | ||
| @@ -649,10 +649,11 @@ | ||
| 649 | 649 | g.fSshClient = 0; |
| 650 | 650 | g.zSshCmd = 0; |
| 651 | 651 | if( g.fSqlTrace ) g.fSqlStats = 1; |
| 652 | 652 | g.fSqlPrint = find_option("sqlprint", 0, 0)!=0; |
| 653 | 653 | g.fHttpTrace = find_option("httptrace", 0, 0)!=0; |
| 654 | + g.fUseHttpAuth = 0; | |
| 654 | 655 | g.zLogin = find_option("user", "U", 1); |
| 655 | 656 | g.zSSLIdentity = find_option("ssl-identity", 0, 1); |
| 656 | 657 | g.zErrlog = find_option("errorlog", 0, 1); |
| 657 | 658 | if( find_option("utc",0,0) ) g.fTimeFormat = 1; |
| 658 | 659 | if( find_option("localtime",0,0) ) g.fTimeFormat = 2; |
| 659 | 660 |
| --- src/main.c | |
| +++ src/main.c | |
| @@ -649,10 +649,11 @@ | |
| 649 | g.fSshClient = 0; |
| 650 | g.zSshCmd = 0; |
| 651 | if( g.fSqlTrace ) g.fSqlStats = 1; |
| 652 | g.fSqlPrint = find_option("sqlprint", 0, 0)!=0; |
| 653 | g.fHttpTrace = find_option("httptrace", 0, 0)!=0; |
| 654 | g.zLogin = find_option("user", "U", 1); |
| 655 | g.zSSLIdentity = find_option("ssl-identity", 0, 1); |
| 656 | g.zErrlog = find_option("errorlog", 0, 1); |
| 657 | if( find_option("utc",0,0) ) g.fTimeFormat = 1; |
| 658 | if( find_option("localtime",0,0) ) g.fTimeFormat = 2; |
| 659 |
| --- src/main.c | |
| +++ src/main.c | |
| @@ -649,10 +649,11 @@ | |
| 649 | g.fSshClient = 0; |
| 650 | g.zSshCmd = 0; |
| 651 | if( g.fSqlTrace ) g.fSqlStats = 1; |
| 652 | g.fSqlPrint = find_option("sqlprint", 0, 0)!=0; |
| 653 | g.fHttpTrace = find_option("httptrace", 0, 0)!=0; |
| 654 | g.fUseHttpAuth = 0; |
| 655 | g.zLogin = find_option("user", "U", 1); |
| 656 | g.zSSLIdentity = find_option("ssl-identity", 0, 1); |
| 657 | g.zErrlog = find_option("errorlog", 0, 1); |
| 658 | if( find_option("utc",0,0) ) g.fTimeFormat = 1; |
| 659 | if( find_option("localtime",0,0) ) g.fTimeFormat = 2; |
| 660 |
-2
| --- src/sync.c | ||
| +++ src/sync.c | ||
| @@ -94,11 +94,10 @@ | ||
| 94 | 94 | } |
| 95 | 95 | if( find_option("once",0,0)!=0 ) urlFlags &= ~URL_REMEMBER; |
| 96 | 96 | if( find_option("private",0,0)!=0 ){ |
| 97 | 97 | *pSyncFlags |= SYNC_PRIVATE; |
| 98 | 98 | } |
| 99 | - g.fUseHttpAuth = find_option("httpauth",0,0)!=0; | |
| 100 | 99 | if( find_option("verbose","v",0)!=0 ){ |
| 101 | 100 | *pSyncFlags |= SYNC_VERBOSE; |
| 102 | 101 | } |
| 103 | 102 | /* The --verily option to sync, push, and pull forces extra igot cards |
| 104 | 103 | ** to be exchanged. This can overcome malfunctions in the sync protocol. |
| @@ -257,11 +256,10 @@ | ||
| 257 | 256 | ** |
| 258 | 257 | ** See also: clone, push, pull, sync |
| 259 | 258 | */ |
| 260 | 259 | void remote_url_cmd(void){ |
| 261 | 260 | char *zUrl; |
| 262 | - g.fUseHttpAuth = find_option("httpauth",0,0)!=0; | |
| 263 | 261 | db_find_and_open_repository(0, 0); |
| 264 | 262 | if( g.argc!=2 && g.argc!=3 ){ |
| 265 | 263 | usage("remote-url ?URL|off?"); |
| 266 | 264 | } |
| 267 | 265 | if( g.argc==3 ){ |
| 268 | 266 |
| --- src/sync.c | |
| +++ src/sync.c | |
| @@ -94,11 +94,10 @@ | |
| 94 | } |
| 95 | if( find_option("once",0,0)!=0 ) urlFlags &= ~URL_REMEMBER; |
| 96 | if( find_option("private",0,0)!=0 ){ |
| 97 | *pSyncFlags |= SYNC_PRIVATE; |
| 98 | } |
| 99 | g.fUseHttpAuth = find_option("httpauth",0,0)!=0; |
| 100 | if( find_option("verbose","v",0)!=0 ){ |
| 101 | *pSyncFlags |= SYNC_VERBOSE; |
| 102 | } |
| 103 | /* The --verily option to sync, push, and pull forces extra igot cards |
| 104 | ** to be exchanged. This can overcome malfunctions in the sync protocol. |
| @@ -257,11 +256,10 @@ | |
| 257 | ** |
| 258 | ** See also: clone, push, pull, sync |
| 259 | */ |
| 260 | void remote_url_cmd(void){ |
| 261 | char *zUrl; |
| 262 | g.fUseHttpAuth = find_option("httpauth",0,0)!=0; |
| 263 | db_find_and_open_repository(0, 0); |
| 264 | if( g.argc!=2 && g.argc!=3 ){ |
| 265 | usage("remote-url ?URL|off?"); |
| 266 | } |
| 267 | if( g.argc==3 ){ |
| 268 |
| --- src/sync.c | |
| +++ src/sync.c | |
| @@ -94,11 +94,10 @@ | |
| 94 | } |
| 95 | if( find_option("once",0,0)!=0 ) urlFlags &= ~URL_REMEMBER; |
| 96 | if( find_option("private",0,0)!=0 ){ |
| 97 | *pSyncFlags |= SYNC_PRIVATE; |
| 98 | } |
| 99 | if( find_option("verbose","v",0)!=0 ){ |
| 100 | *pSyncFlags |= SYNC_VERBOSE; |
| 101 | } |
| 102 | /* The --verily option to sync, push, and pull forces extra igot cards |
| 103 | ** to be exchanged. This can overcome malfunctions in the sync protocol. |
| @@ -257,11 +256,10 @@ | |
| 256 | ** |
| 257 | ** See also: clone, push, pull, sync |
| 258 | */ |
| 259 | void remote_url_cmd(void){ |
| 260 | char *zUrl; |
| 261 | db_find_and_open_repository(0, 0); |
| 262 | if( g.argc!=2 && g.argc!=3 ){ |
| 263 | usage("remote-url ?URL|off?"); |
| 264 | } |
| 265 | if( g.argc==3 ){ |
| 266 |
-6
| --- src/url.c | ||
| +++ src/url.c | ||
| @@ -104,11 +104,10 @@ | ||
| 104 | 104 | int i, j, c; |
| 105 | 105 | char *zFile = 0; |
| 106 | 106 | |
| 107 | 107 | if( zUrl==0 ){ |
| 108 | 108 | zUrl = db_get("last-sync-url", 0); |
| 109 | - g.fUseHttpAuth = db_get_boolean("use-http-auth", 0); | |
| 110 | 109 | if( zUrl==0 ) return; |
| 111 | 110 | if( pUrlData->passwd==0 ){ |
| 112 | 111 | pUrlData->passwd = unobscure(db_get("last-sync-pw", 0)); |
| 113 | 112 | } |
| 114 | 113 | } |
| @@ -535,15 +534,10 @@ | ||
| 535 | 534 | if( g.urlFlags & URL_REMEMBER ){ |
| 536 | 535 | db_set("last-sync-url", g.urlCanonical, 0); |
| 537 | 536 | if( g.urlUser!=0 && g.urlPasswd!=0 && ( g.urlFlags & URL_REMEMBER_PW ) ){ |
| 538 | 537 | db_set("last-sync-pw", obscure(g.urlPasswd), 0); |
| 539 | 538 | } |
| 540 | - if( g.fUseHttpAuth ){ | |
| 541 | - db_set_int("use-http-auth", 1, 0); | |
| 542 | - }else{ | |
| 543 | - db_unset("use-http-auth", 0); | |
| 544 | - } | |
| 545 | 539 | } |
| 546 | 540 | } |
| 547 | 541 | |
| 548 | 542 | /* Preemptively prompt for a password if a username is given in the |
| 549 | 543 | ** URL but no password. |
| 550 | 544 |
| --- src/url.c | |
| +++ src/url.c | |
| @@ -104,11 +104,10 @@ | |
| 104 | int i, j, c; |
| 105 | char *zFile = 0; |
| 106 | |
| 107 | if( zUrl==0 ){ |
| 108 | zUrl = db_get("last-sync-url", 0); |
| 109 | g.fUseHttpAuth = db_get_boolean("use-http-auth", 0); |
| 110 | if( zUrl==0 ) return; |
| 111 | if( pUrlData->passwd==0 ){ |
| 112 | pUrlData->passwd = unobscure(db_get("last-sync-pw", 0)); |
| 113 | } |
| 114 | } |
| @@ -535,15 +534,10 @@ | |
| 535 | if( g.urlFlags & URL_REMEMBER ){ |
| 536 | db_set("last-sync-url", g.urlCanonical, 0); |
| 537 | if( g.urlUser!=0 && g.urlPasswd!=0 && ( g.urlFlags & URL_REMEMBER_PW ) ){ |
| 538 | db_set("last-sync-pw", obscure(g.urlPasswd), 0); |
| 539 | } |
| 540 | if( g.fUseHttpAuth ){ |
| 541 | db_set_int("use-http-auth", 1, 0); |
| 542 | }else{ |
| 543 | db_unset("use-http-auth", 0); |
| 544 | } |
| 545 | } |
| 546 | } |
| 547 | |
| 548 | /* Preemptively prompt for a password if a username is given in the |
| 549 | ** URL but no password. |
| 550 |
| --- src/url.c | |
| +++ src/url.c | |
| @@ -104,11 +104,10 @@ | |
| 104 | int i, j, c; |
| 105 | char *zFile = 0; |
| 106 | |
| 107 | if( zUrl==0 ){ |
| 108 | zUrl = db_get("last-sync-url", 0); |
| 109 | if( zUrl==0 ) return; |
| 110 | if( pUrlData->passwd==0 ){ |
| 111 | pUrlData->passwd = unobscure(db_get("last-sync-pw", 0)); |
| 112 | } |
| 113 | } |
| @@ -535,15 +534,10 @@ | |
| 534 | if( g.urlFlags & URL_REMEMBER ){ |
| 535 | db_set("last-sync-url", g.urlCanonical, 0); |
| 536 | if( g.urlUser!=0 && g.urlPasswd!=0 && ( g.urlFlags & URL_REMEMBER_PW ) ){ |
| 537 | db_set("last-sync-pw", obscure(g.urlPasswd), 0); |
| 538 | } |
| 539 | } |
| 540 | } |
| 541 | |
| 542 | /* Preemptively prompt for a password if a username is given in the |
| 543 | ** URL but no password. |
| 544 |