Commit graph

64 commits

Author SHA1 Message Date
Dirk Hohndel
9620d11828 cloudstorage: update remote if cloud server changes
If we can't reach the cloud server in the URL (which might come from the
settings or be passed in by the user), we try the alternative server(s).
If we end up changing servers, we need to update the remote that we have
already parsed from the URL.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2021-04-19 12:51:01 -07:00
Dirk Hohndel
766f297bc4 cloudstorage: try alternative server if first connection fails
If we can't reach our preferred server, try using a different one.
The diff makes more sense when ignoring white space.

With this we check the connection to the cloud server much earlier and
in case of failure to connect try a different cloud_base_url.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2021-04-19 12:51:01 -07:00
Dirk Hohndel
cfe20ee5f4 cloudstorage: create consistent local directory names
With the new names for the cloud server we'd get different local cache
directory names depending on which server gets used. In order to avoid
that, normalize the name before generating the hash that determines the
local directory name.

Additionally, the old code had an extra '/' in the URL, due to the way
the URL was assembled. Again, to match the existing hash for people
upgrading from older Subsurface versions, add that to our normalized
name as well.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2021-04-19 12:51:01 -07:00
Dirk Hohndel
7fa031b648 cloudstorage: try to pick between multiple cloud servers
The backend infrastructure will soon be able to support more than one
cloud server which automagically stay in sync with each other.

One critical requirement for that to work is that once a session was
started with one of the servers, the complete session happens with that
server - we must not switch from server to server while doing a git
transaction. To make sure that's the case, we aren't trying to use DNS
tricks to make this load balancing scheme work, but instead try to
determine at program start which server is the best one to use.

Right now this is super simplistic. Two servers, one in the US, one in
Europe. By default we use the European server (most of our users appear
to be in Europe), but if we can figure out that the client is actually
in the Americas, use the US server. We might improve that heuristic over
time, but as a first attempt it seems not entirely bogus.

The way this is implemented is a simple combination of two free
webservices that together appear to give us a very reliable estimate
which continent the user is located on.

api.ipify.org gives us our external IP address
ip-api.com gives us the continent that IP address is on

If any of this fails or takes too long to respond, we simply ignore it
since either server will work. One oddity is that if we decide to change
servers we only change the settings that are stored on disk, not the
runtime preferences. This goes back to the comment above that we have to
avoid changing servers in mid sync.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2021-04-19 12:51:01 -07:00
Dirk Hohndel
c5eb806adb cloudstorage: some cleanup of cloud url handling
We know the preference is never empty, so stop testing for this. But
don't maintain two different preferences with basically the same
content. Instead add the '/git' suffix where needed and keep this all in
one place.

Simplify the extraction of the branch name from the cloud URL.

Also a typo fix and a new comment.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2021-04-19 12:51:01 -07:00
Berthold Stoeger
fb93232931 cleanup: silence two compiler warnings in git-access.c
gcc complained about two constructs of the kind
	remote_id && SSRF_INFO("...");
And while I am not a fan of excessive warnings, I must say
it has a point here. That's just code obfuscation. In fact,
it appears that the condition was wrong - the SSRF_INFO
should probably be invoked if remote_id is NULL. The way
it was written it would be invoked if it was *not* NULL.

Change both instances to unfancy if statements.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2020-09-22 14:10:12 -07:00
Dirk Hohndel
8b478a969d git-storage: add global flag to indicate successful cloud sync
This may seem like a bit heavy handed as it adds more global state, but given
the number of ways in which attempts to sync with the cloud can fail it seems
much more reliable to claim success in the spots where we actually know that we
have successfully synced with the remote server. Transporting that information
back through the various call chains turned out to be very disruptive and ugly,
so I went with global state instead.

Whenever we access cloud storage (or any git repo), we always first check if it
actually is a git repo by calling is_git_repository() - so this is the perfect
spot to initialize the variable to false.

And there are only two spots where we either clone the remote repo
(create_local_repo()) or update the remote with the (potentially merged) local
changes (check_remote_status()). So those are the two places where we set the
variable to true.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-06-14 13:35:33 -07:00
Dirk Hohndel
fe9e33ccac git storage: significantly expand logging to stderr
In many cases we did not log the issues the code ran into to stderr which made
remote debugging user problems much harder. This hopefully will help with that.

Since I was looking at the code, I also made the existing messages more
consistent.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-06-14 13:35:33 -07:00
Dirk Hohndel
12bafa4e41 core: debug cert calls
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-04-18 09:00:21 -07:00
Dirk Hohndel
8629fa3f18 core: bring back libgit2 certificate callback
Turns out that at least on Android libgit2 sometimes rejects valid
certificates. And I cannot quite figure out when and why. But since we
actually already checked the validity of the certificate when we called
canReachCloudServer() (and the Qt code handles certificates correctly),
we'll simply ignore this here and override the check to always return
true for our cloud server.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-04-18 09:00:21 -07:00
Dirk Hohndel
f9f4a9c232 debug output: ensure our debug output is captured on Android
I would have bet money that Android used to send stderr to the logcat
log, but apparently it doesn't (anymore?). So in order to be able to
have a chance to debug weird cloud storage issues on Android, let's do
some wholesale replacement of fprintf(stderr,...) with our own version
of the INFO macro that we long ago borrowed from libdivecomputer (and
rename it to ensure we don't have a conflict there).

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-04-18 09:00:21 -07:00
Dirk Hohndel
2f8f6c4fa1 git-storage: add helper function to delete remote branch
This will be used by the test to clean up test branches that are created
on the server. Since we aren't testing that functionality (it's not
something that Subsurface itself ever does) the helper prints out errors
it encounters, but doesn't report them back to the caller.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-04-15 07:58:10 -07:00
Linus Torvalds
f4ffd7a8fb git-storage: fix up old broken local caches to use the right branch
If you had one of the unfortunate local git caches with a local HEAD
just pointing to 'master', this will make note of that and then fix it
up to use the proper branch name in the cache repository.

[Dirk Hohndel: demoted from error to fprintf as most users won't care]

Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-04-15 07:58:10 -07:00
Linus Torvalds
433149af19 git-storage: make creation of empty cache repo set the initial branch
In create_and_push_remote(), we set up the remote tracking etc to use
the proper branch name, but never actually set up the initial local
branch for the new cache repository at all.  So the repository would end
up with the default 'master' branch, instead of the branch name it
should have.

This went unnoticed, because most setups start by initializing the git
caches by cloning from the cloud, and that worked fine.

Debugged-by: Dirk Hohndel <dirk@hohndel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2020-04-15 07:58:10 -07:00
Dirk Hohndel
1c420dc64a
Merge pull request #2736 from Subsurface-divelog/removeCloudOverride
core: remove cloud certificate override
2020-04-10 17:22:06 -07:00
Dirk Hohndel
53fb533a99 cloud-storage: create consistent commit message for merges
This never made sense and I think I just forgot to complete this code
when I first worked on it. Now we can see which version of Subsurface or
Subsurface-mobile created a merge.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-04-10 09:53:24 -07:00
Dirk Hohndel
67a717dc05 cleanup: remove support for ancient versions of libgit2
We require a minimum of libgit2 0.26.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-04-09 17:05:30 -07:00
Dirk Hohndel
ccbd4d1916 core: remove cloud certificate override
This code stopped being useful a long time ago.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2020-04-09 13:54:43 -07:00
Berthold Stoeger
594d1d3514 Cleanup: move file-related function declarations to file.h
A number of architecture-dependent functions were declared in
dive.h. Move them to file.h so that not all file-manipulating
translation units have to include dive.h. This is a small step
in avoiding mass-recompilation on every change to dive.h

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2019-08-08 16:26:31 -07:00
Berthold Stoeger
5da09a21bb Cleanup: move error reporting function declarations to errorhelper.h
Move the declarations of the "report_error()" and "set_error_cb()"
functions and the "verbose" variable to errorhelper.h.
Thus, error-reporting translation units don't have to import the
big dive.h header file.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2019-08-08 16:26:30 -07:00
Berthold Stoeger
8f119dcf72 Cleanup: remove includes from qthelper.h
To reduce interdependencies, remove the dive.h and divelist.h
includes in qthelper.h

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2019-07-18 05:42:55 -07:00
Berthold Stoeger
7c64822b9b Cleanup: remove "sha1.h" include in "dive.h"
No point in pulling that in for all users of "dive.h"

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2019-04-12 18:19:07 +03:00
Dirk Hohndel
87eb95d004 Core: fix missing argument to report_error
The format requires a string argument.

Found via LGTM.com

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2019-03-17 11:23:49 -07:00
Dirk Hohndel
ae653703a5 prefs: git_local_only is not a preference
It's the current state of the app, so it should be a global variable, not a
preference.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2018-09-10 16:26:49 -07:00
jan Iversen
061be82e31 core: replace (void) with UNUSED(x) and include ssrf.h
Unused parameters in C are "silenced" by adding UNUSED(x)

Signed-off-by: Jan Iversen <jani@apache.org>
2018-05-24 08:34:14 -07:00
Dirk Hohndel
826c01d0a0 Core: don't inline rarely used function
This is only used by one caller and there doesn't appear to be a reason
to inline it in the first place.

Suggested-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2018-05-14 10:13:39 -07:00
Dirk Hohndel
543cefa61e Android: build fix
On other OSs this compiles fine without adding this header, but Android
is special...

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2018-05-14 10:13:39 -07:00
Dirk Hohndel
ea83b5ed37 Core: remove dive.h from files that don't need it
Of course, quite a few of them indirectly get it through other header
files.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2018-05-14 10:13:39 -07:00
Dirk Hohndel
d577467f97 Core: introduce new subsurface-string header
First small step to shrinking dive.h.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2018-05-14 10:13:39 -07:00
Berthold Stoeger
cd5e17cf79 Cleanup: Unify qthelper.h and qthelperfromc.h
Since all qt-helpers are defined in qthelper.cpp, there seems to be
no reason to have two include files. By unifying the two files,
duplication and inconsistencies are removed. The C++-only part is
simply compiled away with #ifdefs.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2018-02-26 19:06:02 +02:00
Berthold Stoeger
5c248d91cd Coding-style: remove superfluous parentheses
Mostly replace "return (expression);" by "return expression;" and one
case of "function((parameter))" by "function(parameter)".

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2018-02-17 19:38:52 -08:00
Berthold Stoeger
7594e7ca7f Unify username handling of remote git repositories
The username was extracted from https:// urls but not from ssh://
urls. Unify this by extracting the username from any remote url.
This is done with regard to unifying the file handling in the
frontend.

For this approach to work, the credential callback of the ssh://
transport had to be adapted. It now also supports username/password
in addition to private-key authentication.

Currently, the only way the user can use the username/password
authentication is by deleting a potential public key.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2018-01-19 09:45:08 +02:00
Berthold Stoeger
5a767ce964 Support non-https:// repositories for saving
On saving to a remote git repository, the transport was set to https://,
which broke saving to ssh:// repositories. Instead determine the
transport from the remote url.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2018-01-19 09:45:08 +02:00
Berthold Stoeger
cec642b4d2 Create local cache and push to remote for any remote repository
This used to be done only for cloud repositories.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2018-01-19 09:45:08 +02:00
Berthold Stoeger
0b0eacce30 Check cloudserver availability only for cloud repositories
The check used to be done for any https:// repository.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2018-01-19 09:45:08 +02:00
Berthold Stoeger
b188f00587 Factor out counting of authentication attempts into function
Moreover, make the maximum number of authentication attempts a
const variable.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2018-01-19 09:45:08 +02:00
Berthold Stoeger
2d24dceafa Use format_string() in core/git_access.c
Since this helper-function exists, we might just use it. A subtle
reuse of a buffer (string of second use was known to be shorter than
string of first use) was replaced by a separate allocation.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2018-01-17 21:45:48 +02:00
Berthold Stoeger
daede13571 Fix leak(s) in core/git-access.c
The libgit2 functions git_cred_ssh_key_new() and git_cred_userpass_plaintext_new()
copy their arguments. Therefore, free the string arguments or don't
copy them in the first place.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2018-01-13 21:55:33 +01:00
Berthold Stoeger
35b5b9282f Enter offline mode if sync with cloud failed
In case syncing with the online repository failed, enter offline mode.
This reflects the message sent to the user ("working with local copy").

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2018-01-08 12:00:42 +01:00
Dirk Hohndel
2fed7a9441 Cleanup: avoid memory leak
No point in doing the strdup of the password if we then bail.

Coverity CID 208316
Coverity CID 209293

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2017-12-26 15:57:31 -08:00
Berthold Stoeger
d4cd4a96ea Gracefully handle cloud authentication failure in verbose mode
If the credential functions return GIT_EUSER, a call to git_remote_fetch
fails, but giterr_last() may return NULL. This led to a crash in
verbose mode.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2017-12-05 11:31:39 -08:00
Berthold Stoeger
fd34cd4830 Free unused git repository in git_create_local_repo()
In this function, a repository is created, but the returned object
is not used. Might just as well free it.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2017-12-03 19:07:03 -08:00
Berthold Stoeger
137e83f7f2 Fix file:// handling for git access.
Currently, in is_remote_git_repository(), git URLs of the form
"file://..." are recognized as local and the "file://" prefix is
removed. The shortened URL is then processed as if it was a remote
URL, which of course has to fail. So far so good - this is not
a remote repository after all. But the removal of the prefix is
not propagated to the calling is_git_repository() function and
handling as a local git repository therefore fails likewise.

To fix this issue, move removal of the "file://" prefix one level
up to the is_git_repository() function.

Signed-off-by: Berthold Stoeger <bstoeger@mail.tuwien.ac.at>
2017-12-02 08:18:42 -08:00
Dirk Hohndel
38c4dfd45c Add a useful error message if we fail to connect to cloud server
Because now we are trying to open a URL as if it was a local file.
Again, the goal is to accelerated debugging if things go wrong.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2017-10-30 12:27:29 -07:00
Dirk Hohndel
2878f32a22 Improve parsing of git error message
This is rather fragile code, and the capitalization of the error message
in libgit2 changed at some point. But commit 794739b4c0 ("strstr is a
case sensitive compare") didn't really fix the problem - as it broke
that same check for older libgit2 versions.

Instead use our new helper function to make it work with libgit2 old and
new.

Also, add some more error output so the next time we run into this it's
more obvious what broke and where.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2017-10-30 12:27:29 -07:00
Jan Mulder
e76f527fe5 Correctly create cloud account from mobile
The creation of a cloud account from mobile was broken. This fixes
it. Basically, we need to go online for a moment, and setup a correct
local and remote repo for the cloud storage.

Tested for the following scenarios: 1) inital account creation
including PIN handling from mobile, from a clean install .
2) open an already validated cloud account from a clean install.
3) open no-cloud style local account.
4) Switch between 2 already validated could accounts.
5) Try to create a cloud account without data connection.

Notice that scenario 4) does not work perfectly. A restart of
the app is needed to see the new logbook. So that is to be fixed.

Scenario 5) seems a non realistic corner case. This does not work
in a gracefull way. The user needs to remove the app, install it
again, and retry with data connection.

Further notice this is backgroud/core processing only. So no QML UI
changes as proposed (for example) bij Davide.

Signed-off-by: Jan Mulder <jlmulder@xs4all.nl>
2017-07-29 08:30:08 -07:00
Jan Mulder
794739b4c0 strstr is a case sensitive compare
strstr is a case sensitive compare and the string reported from
libgit2 reads "reference" and not "Reference". Further investigation
reveals commit 909d5494368a0080 of libgit2. Here, the change is
made from Reference to reference, breaking our rather poor way
of detecting something from an error string. So, to be future-proof
to more libgit2 oddities, it might be wise to use strcasestr
in this situation. But this seems a not fully supported variant of
strstr, so leave it at this point.

Signed-off-by: Jan Mulder <jlmulder@xs4all.nl>
2017-07-29 08:30:08 -07:00
Jan Mulder
44e8d302ef Fix small memory leak
Add 2 forgotten free() statements for the temporary used string
buffers.

Signed-off-by: Jan Mulder <jlmulder@xs4all.nl>
2017-07-29 08:30:08 -07:00
Dirk Hohndel
2b01ab7d50 Clean up git storage update messages
Translate all of them, but also remove some redundant or possibly
misleading messages. These are now seen by users, not just developers
trying to debug the code.

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2017-06-18 01:00:30 -07:00
Dirk Hohndel
b2b51c833a QML UI: redesign the user notification
The old system of cloud access updates with fake percentages just wasn't
helpful. Even worse, it hid a lot important information from the user.
This should be more useful (but it will require that we localize the
messages sent from the git progress notifications and make them more
'user ready').

Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
2017-06-17 23:22:37 -07:00