Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Add the obscure() shell function. Corresponding unobscure() is not provided. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
f7e572b0407fa2b69544def18d632b20 |
User & Date: | drh 2020-06-27 14:48:20.269 |
Context
2020-06-27
| ||
15:06 | Add query parameters "plaintext" and "raw" to the /help page. ... (check-in: 8530666c user: drh tags: trunk) | |
14:48 | Add the obscure() shell function. Corresponding unobscure() is not provided. ... (check-in: f7e572b0 user: drh tags: trunk) | |
12:45 | OpenBSD server docs: Add instructions to make fossil.log owned by 'www' user, and repository directory group writeable; remove unnecessary 'directory index' option in httpd.conf; and fix redundant double backticks. ... (check-in: 8ce8828d user: jamsek tags: trunk) | |
2020-06-26
| ||
18:52 | Adds the obscure() shell function, exposing an internal mechanism without which you cannot programmatically set the user's sync password or HTTP auth creds. The existing mechanisms assume you can type into the console. Effectively, this gives us "fossil user pass" equivalents for these other password-like values. ... (Closed-Leaf check-in: 2b5b7181 user: wyoung tags: obscure-shell-function) | |
Changes
Changes to src/db.c.
︙ | ︙ | |||
1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 | if( zOut==0 ){ sqlite3_result_error_nomem(context); return; } decode16(zIn, zOut, nIn); sqlite3_result_blob(context, zOut, nIn/2, sqlite3_free); } /* ** Register the SQL functions that are useful both to the internal ** representation and to the "fossil sql" command. */ void db_add_aux_functions(sqlite3 *db){ sqlite3_create_function(db, "checkin_mtime", 2, SQLITE_UTF8, 0, | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 | if( zOut==0 ){ sqlite3_result_error_nomem(context); return; } decode16(zIn, zOut, nIn); sqlite3_result_blob(context, zOut, nIn/2, sqlite3_free); } /* ** Return the XOR-obscured version of the input text. Useful for ** updating authentication strings in Fossil settings. To change ** the password locally stored for sync, for instance: ** ** echo "UPDATE config ** SET value = obscure('monkey123') ** WHERE name = 'last-sync-pw'" | ** fossil sql ** ** Note that user.pw uses a different obscuration algorithm, but ** you don't need to use 'fossil sql' for that anyway. Just call ** ** fossil user pass monkey123 ** ** to change the local user entry's password in the same way. */ void db_obscure( sqlite3_context *context, int argc, sqlite3_value **argv ){ const unsigned char *zIn = sqlite3_value_text(argv[0]); int nIn = sqlite3_value_bytes(argv[0]); char *zOut, *zTemp; if( 0==zIn ) return; if( 0==(zOut = sqlite3_malloc64( nIn * 2 + 3 )) ){ sqlite3_result_error_nomem(context); return; } strcpy(zOut, zTemp = obscure((char*)zIn)); fossil_free(zTemp); sqlite3_result_text(context, zOut, strlen(zOut), sqlite3_free); } /* ** Register the SQL functions that are useful both to the internal ** representation and to the "fossil sql" command. */ void db_add_aux_functions(sqlite3 *db){ sqlite3_create_function(db, "checkin_mtime", 2, SQLITE_UTF8, 0, |
︙ | ︙ | |||
1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 | 0, capability_union_step, capability_union_finalize); sqlite3_create_function(db, "fullcap", 1, SQLITE_UTF8, 0, capability_fullcap, 0, 0); sqlite3_create_function(db, "find_emailaddr", 1, SQLITE_UTF8, 0, alert_find_emailaddr_func, 0, 0); sqlite3_create_function(db, "display_name", 1, SQLITE_UTF8, 0, alert_display_name_func, 0, 0); } #if USE_SEE /* ** This is a pointer to the saved database encryption key string. */ static char *zSavedKey = 0; | > > | 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 | 0, capability_union_step, capability_union_finalize); sqlite3_create_function(db, "fullcap", 1, SQLITE_UTF8, 0, capability_fullcap, 0, 0); sqlite3_create_function(db, "find_emailaddr", 1, SQLITE_UTF8, 0, alert_find_emailaddr_func, 0, 0); sqlite3_create_function(db, "display_name", 1, SQLITE_UTF8, 0, alert_display_name_func, 0, 0); sqlite3_create_function(db, "obscure", 1, SQLITE_UTF8, 0, db_obscure, 0, 0); } #if USE_SEE /* ** This is a pointer to the saved database encryption key string. */ static char *zSavedKey = 0; |
︙ | ︙ |