Fossil

Changes On Branch fix_remote_url_overwrite_with_proxy
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Changes In Branch fix_remote_url_overwrite_with_proxy Excluding Merge-Ins

This is equivalent to a diff from bb09ff84 to a242bb72

2022-05-11
15:42
Fix remote-url overwriting by proxy url bug and use the http_proxy environment variable only when explicitly requested by setting the proxy setting to "system". ... (check-in: a791d5e8 user: mgagnon tags: trunk)
15:34
Only use the "http_proxy" environment variable if it is set to "system", if unset or set to "off", always use direct http connection. ... (Closed-Leaf check-in: a242bb72 user: mgagnon tags: fix_remote_url_overwrite_with_proxy)
15:06
Merge in latest changes from trunk ... (check-in: 5605aef9 user: mgagnon tags: fix_remote_url_overwrite_with_proxy)
11:50
Show the OpenSSL version and the SERVER_SOFTWARE to administrators on the /stat page. ... (check-in: bb09ff84 user: drh tags: trunk)
11:08
Fix NULL pointer dereference introduced by check-in [b05a6c6bc826d3c2]. Fix for the problem reported by forum post/bfb99db2886ca3b5. ... (check-in: c68fa2ed user: drh tags: trunk)

Changes to src/db.c.
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
** to obtain a check-in lock during auto-sync, the server will 
** send the "pragma avoid-delta-manifests" statement in its reply,
** which will cause the client to avoid generating a delta
** manifest.
*/
/*
** SETTING: proxy            width=32 default=off
** URL of the HTTP proxy.  If undefined or "off" then
** the "http_proxy" environment variable is consulted.
** If the http_proxy environment variable is undefined
** then a direct HTTP connection is used.
*/
/*
** SETTING: redirect-to-https   default=0 width=-1
** Specifies whether or not to redirect http:// requests to
** https:// URIs. A value of 0 (the default) means not to
** redirect, 1 means to redirect only the /login page, and 2
** means to always redirect.







<
|
<
|







4366
4367
4368
4369
4370
4371
4372

4373

4374
4375
4376
4377
4378
4379
4380
4381
** to obtain a check-in lock during auto-sync, the server will 
** send the "pragma avoid-delta-manifests" statement in its reply,
** which will cause the client to avoid generating a delta
** manifest.
*/
/*
** SETTING: proxy            width=32 default=off

** URL of the HTTP proxy. If "system", the "http_proxy" environment variable is

** consulted. If undefined or "off", a direct HTTP connection is used.
*/
/*
** SETTING: redirect-to-https   default=0 width=-1
** Specifies whether or not to redirect http:// requests to
** https:// URIs. A value of 0 (the default) means not to
** redirect, 1 means to redirect only the /login page, and 2
** means to always redirect.
Changes to src/sync.c.
22
23
24
25
26
27
28






29
30
31
32
33
34
35
36
37
38
39
40
41
#include <assert.h>

/*
** Explain what type of sync operation is about to occur
*/
static void sync_explain(unsigned syncFlags){
  if( g.url.isAlias ){






    if( (syncFlags & (SYNC_PUSH|SYNC_PULL))==(SYNC_PUSH|SYNC_PULL) ){
      fossil_print("Sync with %s\n", g.url.canonical);
    }else if( syncFlags & SYNC_PUSH ){
      fossil_print("Push to %s\n", g.url.canonical);
    }else if( syncFlags & SYNC_PULL ){
      fossil_print("Pull from %s\n", g.url.canonical);
    }
  }
}


/*
** Call client_sync() one or more times in order to complete a







>
>
>
>
>
>

|

|

|







22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#include <assert.h>

/*
** Explain what type of sync operation is about to occur
*/
static void sync_explain(unsigned syncFlags){
  if( g.url.isAlias ){
    const char *url;
    if( g.url.useProxy ){
      url = g.url.proxyUrlCanonical;
    }else{
      url = g.url.canonical;
    }
    if( (syncFlags & (SYNC_PUSH|SYNC_PULL))==(SYNC_PUSH|SYNC_PULL) ){
      fossil_print("Sync with %s\n", url);
    }else if( syncFlags & SYNC_PUSH ){
      fossil_print("Push to %s\n", url);
    }else if( syncFlags & SYNC_PULL ){
      fossil_print("Pull from %s\n", url);
    }
  }
}


/*
** Call client_sync() one or more times in order to complete a
Changes to src/url.c.
61
62
63
64
65
66
67
68

69
70
71
72
73
74
75
  char *user;           /* User id for http: */
  char *passwd;         /* Password for http: */
  char *canonical;      /* Canonical representation of the URL */
  char *proxyAuth;      /* Proxy-Authorizer: string */
  char *fossil;         /* The fossil query parameter on ssh: */
  unsigned flags;       /* Boolean flags controlling URL processing */
  int useProxy;         /* Used to remember that a proxy is in use */
  char *proxyUrlPath;

  int proxyOrigPort;    /* Tunneled port number for https through proxy */
};
#endif /* INTERFACE */


/*
** Parse the URL in the zUrl argument. Store results in the pUrlData object.







|
>







61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
  char *user;           /* User id for http: */
  char *passwd;         /* Password for http: */
  char *canonical;      /* Canonical representation of the URL */
  char *proxyAuth;      /* Proxy-Authorizer: string */
  char *fossil;         /* The fossil query parameter on ssh: */
  unsigned flags;       /* Boolean flags controlling URL processing */
  int useProxy;         /* Used to remember that a proxy is in use */
  char *proxyUrlPath;   /* Remember path when proxy is use */
  char *proxyUrlCanonical; /* Remember canonical path when proxy is use */
  int proxyOrigPort;    /* Tunneled port number for https through proxy */
};
#endif /* INTERFACE */


/*
** Parse the URL in the zUrl argument. Store results in the pUrlData object.
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
** by the canonical name of the proxy (with userid and password suppressed).
*/
void url_enable_proxy(const char *zMsg){
  const char *zProxy;
  zProxy = zProxyOpt;
  if( zProxy==0 ){
    zProxy = db_get("proxy", 0);
    if( zProxy==0 || zProxy[0]==0 || is_false(zProxy) ){
      zProxy = fossil_getenv("http_proxy");
    }
  }
  if( zProxy && zProxy[0] && !is_false(zProxy)
      && !g.url.isSsh && !g.url.isFile ){
    char *zOriginalUrl = g.url.canonical;
    char *zOriginalHost = g.url.hostname;







|







533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
** by the canonical name of the proxy (with userid and password suppressed).
*/
void url_enable_proxy(const char *zMsg){
  const char *zProxy;
  zProxy = zProxyOpt;
  if( zProxy==0 ){
    zProxy = db_get("proxy", 0);
    if( fossil_strcmp(zProxy, "system")==0 ){
      zProxy = fossil_getenv("http_proxy");
    }
  }
  if( zProxy && zProxy[0] && !is_false(zProxy)
      && !g.url.isSsh && !g.url.isFile ){
    char *zOriginalUrl = g.url.canonical;
    char *zOriginalHost = g.url.hostname;
562
563
564
565
566
567
568

569
570
571
572
573
574
575
      g.url.proxyAuth = mprintf("Basic %z", zCredentials2);
      free(zCredentials1);
    }
    g.url.user = zOriginalUser;
    g.url.passwd = zOriginalPasswd;
    g.url.isHttps = fOriginalIsHttps;
    g.url.useProxy = 1;

    g.url.proxyUrlPath = zOriginalUrlPath;
    g.url.proxyOrigPort = iOriginalPort;
    g.url.flags = uOriginalFlags;
  }
}

#if INTERFACE







>







563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
      g.url.proxyAuth = mprintf("Basic %z", zCredentials2);
      free(zCredentials1);
    }
    g.url.user = zOriginalUser;
    g.url.passwd = zOriginalPasswd;
    g.url.isHttps = fOriginalIsHttps;
    g.url.useProxy = 1;
    g.url.proxyUrlCanonical = zOriginalUrl;;
    g.url.proxyUrlPath = zOriginalUrlPath;
    g.url.proxyOrigPort = iOriginalPort;
    g.url.flags = uOriginalFlags;
  }
}

#if INTERFACE
720
721
722
723
724
725
726






727
728
729
730
731
732
733
734
735
736
737
}

/*
** Remember the URL and password if requested.
*/
void url_remember(void){
  if( g.url.flags & URL_REMEMBER ){






    if( g.url.flags & URL_USE_PARENT ){
      db_set("parent-project-url", g.url.canonical, 0);
    }else{
      db_set("last-sync-url", g.url.canonical, 0);
    }
    if( g.url.user!=0 && g.url.passwd!=0 && ( g.url.flags & URL_REMEMBER_PW ) ){
      if( g.url.flags & URL_USE_PARENT ){
        db_set("parent-project-pw", obscure(g.url.passwd), 0);
      }else{
        db_set("last-sync-pw", obscure(g.url.passwd), 0);
      }







>
>
>
>
>
>

|

|







722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
}

/*
** Remember the URL and password if requested.
*/
void url_remember(void){
  if( g.url.flags & URL_REMEMBER ){
    const char *url;
    if( g.url.useProxy ){
      url = g.url.proxyUrlCanonical;
    }else{
      url = g.url.canonical;
    }
    if( g.url.flags & URL_USE_PARENT ){
      db_set("parent-project-url", url, 0);
    }else{
      db_set("last-sync-url", url, 0);
    }
    if( g.url.user!=0 && g.url.passwd!=0 && ( g.url.flags & URL_REMEMBER_PW ) ){
      if( g.url.flags & URL_USE_PARENT ){
        db_set("parent-project-pw", obscure(g.url.passwd), 0);
      }else{
        db_set("last-sync-pw", obscure(g.url.passwd), 0);
      }