Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
History of src/auth.c
|
2019-08-01
| ||
| 22:48 | The sqlite3_set_authorizer() interface should only expire prepared statements when it is setting a new authorizer, not when clearing the authorizer. And statements that are running when sqlite3_set_authorizer() is invoked should be allowed to continue running to completion. file: [a3d5bfdb] check-in: [961e2f08] user: drh branch: trunk, size: 9052 | |
|
2018-11-20
| ||
| 16:02 | Consolidate the two sqlite3SchemaToIndex() routines. file: [6ea0bfef] check-in: [dfab7170] user: dan branch: reuse-schema1, size: 9056 | |
|
2018-10-06
| ||
| 13:46 | Add test cases and assert() statements to ensure that the authorizer is being called as expected from within ALTER TABLE. file: [0fac7103] check-in: [ff10d2c7] user: dan branch: trunk, size: 9036 | |
|
2018-08-09
| ||
| 20:47 | Experimental implementation of ALTER TABLE ... RENAME COLUMN. Still buggy. file: [32a5bbe3] check-in: [fa0fc01e] user: dan branch: alter-table-rename-column, size: 8942 | |
|
2018-07-24
| ||
| 22:02 | Do not abort running queries due to a CREATE INDEX statement. Allow them to run to completion before being reprepared. Fix for ticket [c694113e50321afdf9]. file: [8272da9f] check-in: [2bd59333] user: drh branch: trunk, size: 8941 | |
|
2018-06-02
| ||
| 11:31 | Ensure that sqlite3AuthRead() is only call for TK_COLUMN and TK_TRIGGER expression nodes. This fixes a harmless assert() identified by OSSFuzz. Move the assert() into a position where it is tested even if the authorizer is disabled. file: [a38f3c63] check-in: [d0c3beef] user: drh branch: trunk, size: 8938 | |
|
2017-08-17
| ||
| 18:54 | Size optimization in the authorizer error message generation logic. file: [6277d638] check-in: [0367a4d5] user: drh branch: trunk, size: 8938 | |
|
2017-05-11
| ||
| 13:43 | New requirements marks and documentation for the authorizer. file: [79f96c6f] check-in: [3980ea09] user: drh branch: trunk, size: 8961 | |
|
2016-08-18
| ||
| 14:33 | Rename the Db.zName field to Db.zDbSName to make it more descriptive and to distinguish it from all of the other "zName" variables scattered throughout the code. file: [930b376a] check-in: [92a22f01] user: drh branch: zDbSName, size: 8506 | |
|
2016-07-28
| ||
| 18:38 | Disable the authorizer callback when reparsing the schema. This avoids undesirable authorization failures following an ALTER TABLE. file: [5c8e0f37] check-in: [805d01cd] user: drh branch: trunk, size: 8490 | |
|
2014-10-24
| ||
| 00:35 | Add the SQLITE_ENABLE_API_ARMOR compile-time option. This is a work in progress and is not yet completely functional. file: [b56c78eb] check-in: [c297a84b] user: drh branch: api-armor, size: 8450 | |
|
2014-09-11
| ||
| 13:44 | Add support for the extra parameter on the sqlite3_set_authorizer() callback and support for failing an ATTACH with an authentication-required database using bad credentials. The extension is now feature complete, but much testing and bug-fixing remains. file: [d8abcde5] check-in: [596e728b] user: drh branch: user-auth, size: 8351 | |
|
2009-11-10
| ||
| 01:30 | Remove the obsolete "$Id:$" RCS identifier strings from the source code. file: [523da7fb] check-in: [f6c045f6] user: drh branch: trunk, size: 8146 | |
|
2009-10-03
| ||
| 07:04 | Handle an SQLITE_IGNORE returned when requesting authorization to read parent key columns by pretending the parent key columns contain NULL values. file: [a5471a69] check-in: [3c24df38] user: dan branch: trunk, size: 8209 | |
|
2009-10-02
| ||
| 14:23 | When inserting a row into a child table, invoke the authorization callback to request permission to read the parent key columns. file: [50a4fd3a] check-in: [9842f2d5] user: dan branch: trunk, size: 8298 | |
|
2009-09-08
| ||
| 01:14 | Code simplifications, especially to the pseudo-table logic, and comment improvements. file: [d6a88bf8] check-in: [52449a95] user: drh branch: trunk, size: 7382 | |
|
2009-08-31
| ||
| 08:22 | Fix some authorization callback problems. file: [4cfb8fae] check-in: [8a746fbf] user: dan branch: trunk, size: 7374 | |
|
2009-07-02
| ||
| 18:40 | Fix to sqlite3AuthRead to accommodate "new" or "old" references that are used in a context where a column reference may also be used (i.e. "SELECT new. FROM <tble>"). Ticket #3944. (CVS 6838) file: [802a9439] check-in: [45fd5419] user: danielk1977 branch: trunk, size: 7513 | |
|
2009-05-04
| ||
| 18:01 | Changes to auth.c to promote full coverage testing. (CVS 6600) file: [98db07c2] check-in: [c7615b44] user: drh branch: trunk, size: 7575 | |
| 01:58 | Work toward cleaning up the authorizer interface. Work is on-going. This is an incremental check-in. (CVS 6598) file: [3aa04c55] check-in: [694662f7] user: drh branch: trunk, size: 7522 | |
|
2007-09-18
| ||
| 15:55 | Remove unneeded pSchema field from the Expr structure. (CVS 4434) file: [c8b2ab5c] check-in: [b2d605a2] user: drh branch: trunk, size: 7658 | |
|
2007-09-01
| ||
| 18:24 | Fix a bug in jrnlTruncate(). And other coverage improvements. (CVS 4367) file: [d41c34f3] check-in: [02b751fb] user: danielk1977 branch: trunk, size: 7614 | |
|
2007-08-21
| ||
| 19:33 | The sqlite3_value object now carries an sqlite3* pointer to use for recording malloc failures. This eliminates the need to pass sqlite3* pointers into many internal interfaces. Also added more mutexing. (CVS 4263) file: [083c1205] check-in: [92872761] user: drh branch: trunk, size: 7627 | |
|
2007-05-14
| ||
| 11:34 | Remove terms with operator TK_AS from the expression tree. Ticket #2356. (CVS 3991) file: [5ea90bc9] check-in: [5627ff74] user: drh branch: trunk, size: 7559 | |
|
2006-06-16
| ||
| 08:01 | Add some tests (and fixes) for virtual tables and the authorization callback. Still more to come. (CVS 3260) file: [902f4722] check-in: [9497c66e] user: danielk1977 branch: trunk, size: 7597 | |
|
2006-01-13
| ||
| 13:55 | Make sure the authenticator does not try to authenticate columns in subqueries. Ticket #1607. (CVS 2939) file: [9ae84d2d] check-in: [55b7dfaf] user: drh branch: trunk, size: 7496 | |
|
2006-01-05
| ||
| 11:34 | Add the shared schema/pager modifications. Very few tests so far. (CVS 2859) file: [cdec356a] check-in: [deeda0dc] user: danielk1977 branch: trunk, size: 7374 | |
|
2005-07-29
| ||
| 15:36 | Fix authentication so that it works with AS aliases. Ticket #1338. (CVS 2570) file: [31e2304b] check-in: [cc7ae73e] user: drh branch: trunk, size: 7248 | |
|
2005-01-29
| ||
| 08:32 | Modify sub-query handling. Tickets #1083 and #1084. (CVS 2286) file: [18c5a0be] check-in: [b1b50f31] user: danielk1977 branch: trunk, size: 7223 | |
|
2005-01-22
| ||
| 03:03 | Add the experimental sqlite3_expired() API. (CVS 2263) file: [4b15c853] check-in: [df648d50] user: drh branch: trunk, size: 7191 | |
|
2004-09-30
| ||
| 13:43 | Allow functions to be created when there are outstanding VMs. (Ticket #926) Fix problems with sqlite3_errcode(). Add tests for sqlite3_errcode(). (CVS 1989) file: [3b81f2a4] check-in: [d0f1dc58] user: drh branch: trunk, size: 7152 | |
|
2004-09-09
| ||
| 13:55 | Fix a segfault in the authorizer when it is given a SELECT statement with no FROM clause. Ticket #896. (CVS 1954) file: [65408baa] check-in: [97d63b92] user: drh branch: trunk, size: 7153 | |
| 13:54 | Fix a segfault in the authorizer when it is given a SELECT statement with no FROM clause. Ticket #896. (CVS 1953) file: [8d678ab1] check-in: [205d85d7] user: drh branch: version_2, size: 7056 | |
|
2004-09-06
| ||
| 17:24 | Fix a naming conflict between sqlite versions 2 and 3. An open sqlite3 connection now *must* be called "sqlite3". You cannot call it "sqlite". This might break existing code. (CVS 1941) file: [038d7c7c] check-in: [3ddf5a9d] user: drh branch: trunk, size: 7153 | |
|
2004-06-19
| ||
| 16:06 | Omit the DB_Locked and DB_Cookie flags. Other minor cleanup. (CVS 1642) file: [60db23b9] check-in: [01f74b42] user: drh branch: trunk, size: 7150 | |
|
2004-06-14
| ||
| 11:58 | Do not authenticate statements when reading the schema. Backport of bug fix in (1588) to version 2. (CVS 1591) file: [f73ae6f7] check-in: [24adf9ed] user: drh branch: version_2, size: 7056 | |
| 11:35 | Don't invoke authorisation callback during database initialisation. (CVS 1588) file: [204e1e9c] check-in: [293fbf0a] user: danielk1977 branch: trunk, size: 7183 | |
|
2004-05-10
| ||
| 10:34 | Change the names of external symbols from sqlite_XXX to sqlite3_XXX. (CVS 1337) file: [5c2f0bea] check-in: [ba2ba242] user: danielk1977 branch: trunk, size: 7058 | |
|
2004-05-08
| ||
| 08:23 | Change lots of internal symbols from sqliteXXX to sqlite3XXX so that the library links again. It doesn't work yet, due to changes in the btree layer calling convention. (CVS 1324) file: [a2a46e3e] check-in: [8af6474c] user: danielk1977 branch: trunk, size: 7055 | |
|
2004-02-22
| ||
| 18:40 | Use sqliteErrorMsg instead of sqliteSetString whereever practical. (CVS 1264) file: [4fa3b05b] check-in: [69aac043] user: drh branch: trunk, size: 7035 | |
|
2003-12-06
| ||
| 21:43 | Always use "(char*)0" to terminate the argument list of sqliteSetString(). This is needed for 64-bit systems that use a 32-bit integer by default. (CVS 1126) file: [c59ad0da] check-in: [656c9038] user: drh branch: trunk, size: 7253 | |
|
2003-05-10
| ||
| 03:36 | Changes to comments. In particular, a lengthy comment was added to encode.c that explains how the encoder algorithm works. (CVS 966) file: [c8f50d45] check-in: [8b388b2f] user: drh branch: trunk, size: 7225 | |
|
2003-05-02
| ||
| 14:32 | VDBE cursors numbers for tables in a join do not have to be consecutive. This is one step on the road to fixing ticket #272. (CVS 947) file: [53b8923f] check-in: [be7aed20] user: drh branch: trunk, size: 6659 | |
|
2003-04-25
| ||
| 17:52 | Report the correct authorization context in the authorization callback when coding an INSTEAD OF trigger on an update or delete. (CVS 936) file: [3be3c743] check-in: [67746833] user: drh branch: trunk, size: 6625 | |
|
2003-04-24
| ||
| 01:45 | Fix some issues with INSTEAD OF triggers. (CVS 930) file: [a4afd279] check-in: [206b1739] user: drh branch: trunk, size: 5928 | |
|
2003-04-22
| ||
| 20:30 | Update the authorizer API so that it reports the database that table and indices belong to and so that it reports when actions are taken in response to a trigger. (CVS 928) file: [7b0a72a6] check-in: [c675a550] user: drh branch: trunk, size: 6112 | |
|
2003-04-16
| ||
| 20:24 | Fix the authorizer so that it correctly interprets attempts to read the OLD and NEW pseudo-tables of a trigger. (CVS 911) file: [2dd558db] check-in: [f04bd432] user: drh branch: trunk, size: 5432 | |
|
2003-01-31
| ||
| 17:21 | The sqlite_exec() function now returns SQLITE_AUTH when authorization fails. Ticket #231. (CVS 857) file: [f37bfc94] check-in: [d93c1aeb] user: drh branch: trunk, size: 5008 | |
|
2003-01-13
| ||
| 23:27 | Revise the sqlite_set_authorizer API to provide more detailed information about the SQL statement being authorized. Only partially tested so far. (CVS 830) file: [9c2db0bc] check-in: [45de93f9] user: drh branch: trunk, size: 4918 | |
|
2003-01-12
| ||
| 19:33 | The initial round of tests for the sqlite_set_authorizer() API. More are needed before release. Ticket #215. (CVS 829) file: [de3c70e5] check-in: [5707b3d5] user: drh branch: trunk, size: 7327 | |
| 18:07 | Forgot to include the new "auth.c" source file in the previous checkin. (CVS 828) file: [1ba84533] check-in: [76019164] user: drh branch: trunk, size: 7346 Added | |