Diff
Not logged in
HomeFilesLeavesTimelineBranchesTagsTicketsWikiLogin

Differences From:

File src/tkt.c part of check-in [b3ee50c946] - Implement history display for tickets. by drh on 2008-07-15 19:03:42. [view]

To:

File src/tkt.c part of check-in [f46fe42d6d] - Store private ticket fields (ex: the originators email address) as their SHA1 hash so that malefactors cannot read them. Add the new "concealed" table to the repository database and store mappings from SHA1 hashes back to email addresses in that table. Ticket a24ec6005f. Note: run "rebuild" on repositories after updating to this version of fossil in order to create the "concealed" table. Need to add the ability to manage the concealed table from the web interface and the ability to sync concealed content between trusted repositories. by drh on 2008-07-24 02:04:36. [view] 
@@ -97,8 +97,14 @@
 ** Load the values for all fields into the interpreter.
 **
 ** Only load those fields which do not already exist as
 ** variables.
+**
+** Fields of the TICKET table that begin with "private_" are
+** expanded using the db_reveal() function.  This function will
+** decode the content so that it is legable if g.okRdAddr is true.
+** Otherwise, db_reveal() is a no-op and the content remains
+** obscured.
 */
 static void initializeVariablesFromDb(void){
   const char *zName;
   Stmt q;
@@ -111,18 +117,24 @@
     n = db_column_count(&q);
     for(i=0; i<n; i++){
       const char *zVal = db_column_text(&q, i);
       const char *zName = db_column_name(&q, i);
-      if( zVal==0 ) zVal = "";
+      char *zRevealed = 0;
+      if( zVal==0 ){
+        zVal = "";
+      }else if( strncmp(zName, "private_", 8)==0 ){
+        zVal = zRevealed = db_reveal(zVal);
+      }
       for(j=0; j<nField; j++){
         if( strcmp(azField[j],zName)==0 ){
           azValue[j] = mprintf("%s", zVal);
           break;
         }
       }
       if( Th_Fetch(zName, &size)==0 ){
-        Th_Store(db_column_name(&q,i), zVal);
+        Th_Store(zName, zVal);
       }
+      free(zRevealed);
     }
   }else{
     db_finalize(&q);
     db_prepare(&q, "PRAGMA table_info(ticket)");
@@ -354,9 +366,13 @@
 
 /*
 ** Subscript command:   submit_ticket
 **
-** Construct and submit a new ticket artifact.
+** Construct and submit a new ticket artifact.  The fields of the artifact
+** are the names of the columns in the TICKET table.  The content is
+** taken from TH variables.  If the content is unchanged, the field is
+** omitted from the artifact.  Fields whose names begin with "private_"
+** are concealed using the db_conceal() function.
 */
 static int submitTicketCmd(
   Th_Interp *interp,
   void *pUuid,
@@ -385,8 +401,12 @@
     }else{
       zValue = Th_Fetch(azField[i], &nValue);
       if( zValue ){
         while( nValue>0 && isspace(zValue[nValue-1]) ){ nValue--; }
+        if( strncmp(azField[i], "private_", 8)==0 ){
+          zValue = db_conceal(zValue, nValue);
+          nValue = strlen(zValue);
+        }
         if( strncmp(zValue, azValue[i], nValue)
                 || strlen(azValue[i])!=nValue ){
           blob_appendf(&tktchng, "J %s %z\n",
              azField[i], fossilize(zValue,nValue));

Fossil version [c0211010a1] 2009-12-13 01:31:36