/*
** COMMAND: scrub*
** %fossil scrub ?OPTIONS? ?REPOSITORY?
**
** The command removes sensitive information (such as passwords) from a
** repository so that the repository can be sent to an untrusted reader.
**
** By default, only passwords are removed. However, if the --verily option
** is added, then private branches, concealed email addresses, IP
** addresses of correspondents, and similar privacy-sensitive fields
** are also purged. If the --private option is used, then only private
** branches are removed and all other information is left intact.
**
** This command permanently deletes the scrubbed information. THE EFFECTS
** OF THIS COMMAND ARE IRREVERSIBLE. USE WITH CAUTION!
**
** The user is prompted to confirm the scrub unless the --force option
** is used.
**
** Options:
** --force do not prompt for confirmation
** --private only private branches are removed from the repository
** --verily scrub real thoroughly (see above)
*/
void scrub_cmd(void){
int bVerily = find_option("verily",0,0)!=0;
int bForce = find_option("force", "f", 0)!=0;
int privateOnly = find_option("private",0,0)!=0;
int bNeedRebuild = 0;
db_find_and_open_repository(OPEN_ANY_SCHEMA, 2);
db_close(1);
db_open_repository(g.zRepositoryName);
if( !bForce ){
Blob ans;
char cReply;
blob_zero(&ans);
prompt_user(
"Scrubbing the repository will permanently delete information.\n"
"Changes cannot be undone. Continue (y/N)? ", &ans);
cReply = blob_str(&ans)[0];
if( cReply!='y' && cReply!='Y' ){
fossil_exit(1);
}
}
db_begin_transaction();
if( privateOnly || bVerily ){
bNeedRebuild = db_exists("SELECT 1 FROM private");
delete_private_content();
}
if( !privateOnly ){
db_multi_exec(
"UPDATE user SET pw='';"
"DELETE FROM config WHERE name GLOB 'last-sync-*';"
"DELETE FROM config WHERE name GLOB 'peer-*';"
"DELETE FROM config WHERE name GLOB 'login-group-*';"
"DELETE FROM config WHERE name GLOB 'skin:*';"
"DELETE FROM config WHERE name GLOB 'subrepo:*';"
);
if( bVerily ){
db_multi_exec(
"DELETE FROM concealed;"
"UPDATE rcvfrom SET ipaddr='unknown';"
"DROP TABLE IF EXISTS accesslog;"
"UPDATE user SET photo=NULL, info='';"
);
}
}
if( !bNeedRebuild ){
db_end_transaction(0);
db_multi_exec("VACUUM;");
}else{
rebuild_db(0, 1, 0);
db_end_transaction(0);
}
}
/*
** fossil branch new BRANCH-NAME ?ORIGIN-CHECK-IN? ?-bgcolor COLOR?
** argv0 argv1 argv2 argv3 argv4
*/
void branch_new(void){
int rootid; /* RID of the root check-in - what we branch off of */
int brid; /* RID of the branch check-in */
int noSign; /* True if the branch is unsigned */
int i; /* Loop counter */
char *zUuid; /* Artifact ID of origin */
Stmt q; /* Generic query */
const char *zBranch; /* Name of the new branch */
char *zDate; /* Date that branch was created */
char *zComment; /* Check-in comment for the new branch */
const char *zColor; /* Color of the new branch */
Blob branch; /* manifest for the new branch */
Manifest *pParent; /* Parsed parent manifest */
Blob mcksum; /* Self-checksum on the manifest */
const char *zDateOvrd; /* Override date string */
const char *zUserOvrd; /* Override user name */
int isPrivate = 0; /* True if the branch should be private */
noSign = find_option("nosign","",0)!=0;
zColor = find_option("bgcolor","c",1);
isPrivate = find_option("private",0,0)!=0;
zDateOvrd = find_option("date-override",0,1);
zUserOvrd = find_option("user-override",0,1);
verify_all_options();
if( g.argc<5 ){
usage("new BRANCH-NAME CHECK-IN ?-bgcolor COLOR?");
}
db_find_and_open_repository(0, 0);
noSign = db_get_int("omitsign", 0)|noSign;
/* fossil branch new name */
zBranch = g.argv[3];
if( zBranch==0 || zBranch[0]==0 ){
fossil_panic("branch name cannot be empty");
}
if( db_exists(
"SELECT 1 FROM tagxref"
" WHERE tagtype>0"
" AND tagid=(SELECT tagid FROM tag WHERE tagname='sym-%s')",
zBranch)!=0 ){
fossil_fatal("branch \"%s\" already exists", zBranch);
}
user_select();
db_begin_transaction();
rootid = name_to_typed_rid(g.argv[4], "ci");
if( rootid==0 ){
fossil_fatal("unable to locate check-in off of which to branch");
}
pParent = manifest_get(rootid, CFTYPE_MANIFEST);
if( pParent==0 ){
fossil_fatal("%s is not a valid check-in", g.argv[4]);
}
/* Create a manifest for the new branch */
blob_zero(&branch);
if( pParent->zBaseline ){
blob_appendf(&branch, "B %s\n", pParent->zBaseline);
}
zComment = mprintf("Create new branch named \"%h\"", zBranch);
blob_appendf(&branch, "C %F\n", zComment);
zDate = date_in_standard_format(zDateOvrd ? zDateOvrd : "now");
blob_appendf(&branch, "D %s\n", zDate);
/* Copy all of the content from the parent into the branch */
for(i=0; i<pParent->nFile; ++i){
blob_appendf(&branch, "F %F", pParent->aFile[i].zName);
if( pParent->aFile[i].zUuid ){
blob_appendf(&branch, " %s", pParent->aFile[i].zUuid);
if( pParent->aFile[i].zPerm && pParent->aFile[i].zPerm[0] ){
blob_appendf(&branch, " %s", pParent->aFile[i].zPerm);
}
}
blob_append(&branch, "\n", 1);
}
zUuid = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", rootid);
blob_appendf(&branch, "P %s\n", zUuid);
if( pParent->zRepoCksum ){
blob_appendf(&branch, "R %s\n", pParent->zRepoCksum);
}
manifest_destroy(pParent);
/* Add the symbolic branch name and the "branch" tag to identify
** this as a new branch */
if( content_is_private(rootid) ) isPrivate = 1;
if( isPrivate && zColor==0 ) zColor = "#fec084";
if( zColor!=0 ){
blob_appendf(&branch, "T *bgcolor * %F\n", zColor);
}
blob_appendf(&branch, "T *branch * %F\n", zBranch);
blob_appendf(&branch, "T *sym-%F *\n", zBranch);
if( isPrivate ){
blob_appendf(&branch, "T +private *\n");
noSign = 1;
}
/* Cancel all other symbolic tags */
db_prepare(&q,
"SELECT tagname FROM tagxref, tag"
" WHERE tagxref.rid=%d AND tagxref.tagid=tag.tagid"
" AND tagtype>0 AND tagname GLOB 'sym-*'"
" ORDER BY tagname",
rootid);
while( db_step(&q)==SQLITE_ROW ){
const char *zTag = db_column_text(&q, 0);
blob_appendf(&branch, "T -%F *\n", zTag);
}
db_finalize(&q);
blob_appendf(&branch, "U %F\n", zUserOvrd ? zUserOvrd : g.zLogin);
md5sum_blob(&branch, &mcksum);
blob_appendf(&branch, "Z %b\n", &mcksum);
if( !noSign && clearsign(&branch, &branch) ){
Blob ans;
blob_zero(&ans);
prompt_user("unable to sign manifest. continue (y/N)? ", &ans);
if( blob_str(&ans)[0]!='y' ){
db_end_transaction(1);
fossil_exit(1);
}
}
brid = content_put_ex(&branch, 0, 0, 0, isPrivate);
if( brid==0 ){
fossil_panic("trouble committing manifest: %s", g.zErrMsg);
}
db_multi_exec("INSERT OR IGNORE INTO unsent VALUES(%d)", brid);
if( manifest_crosslink(brid, &branch)==0 ){
fossil_panic("unable to install new manifest");
}
assert( blob_is_reset(&branch) );
content_deltify(rootid, brid, 0);
zUuid = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", brid);
fossil_print("New branch: %s\n", zUuid);
if( g.argc==3 ){
fossil_print(
"\n"
"Note: the local check-out has not been updated to the new\n"
" branch. To begin working on the new branch, do this:\n"
"\n"
" %s update %s\n",
fossil_nameofexe(), zBranch
);
}
/* Commit */
db_end_transaction(0);
/* Do an autosync push, if requested */
if( !isPrivate ) autosync(AUTOSYNC_PUSH);
}
/*
** This routine is called if a blob operation fails because we
** have run out of memory.
*/
static void blob_panic(void){
static const char zErrMsg[] = "out of memory\n";
fputs(zErrMsg, stderr);
fossil_exit(1);
}
