2 * A git credential helper that interface with Windows' Credential Manager
12 #define ARRAY_SIZE(x) (sizeof(x)/sizeof(x[0]))
14 __attribute__((format (printf
, 1, 2)))
15 static void die(const char *err
, ...)
19 va_start(params
, err
);
20 vsnprintf(msg
, sizeof(msg
), err
, params
);
21 fprintf(stderr
, "%s\n", msg
);
26 static void *xmalloc(size_t size
)
28 void *ret
= malloc(size
);
36 /* MinGW doesn't have wincred.h, so we need to define stuff */
38 typedef struct _CREDENTIAL_ATTRIBUTEW
{
43 } CREDENTIAL_ATTRIBUTEW
, *PCREDENTIAL_ATTRIBUTEW
;
45 typedef struct _CREDENTIALW
{
51 DWORD CredentialBlobSize
;
52 LPBYTE CredentialBlob
;
55 PCREDENTIAL_ATTRIBUTEW Attributes
;
58 } CREDENTIALW
, *PCREDENTIALW
;
60 #define CRED_TYPE_GENERIC 1
61 #define CRED_PERSIST_LOCAL_MACHINE 2
62 #define CRED_MAX_ATTRIBUTES 64
64 typedef BOOL (WINAPI
*CredWriteWT
)(PCREDENTIALW
, DWORD
);
65 typedef BOOL (WINAPI
*CredEnumerateWT
)(LPCWSTR
, DWORD
, DWORD
*,
67 typedef VOID (WINAPI
*CredFreeT
)(PVOID
);
68 typedef BOOL (WINAPI
*CredDeleteWT
)(LPCWSTR
, DWORD
, DWORD
);
70 static HMODULE advapi
;
71 static CredWriteWT CredWriteW
;
72 static CredEnumerateWT CredEnumerateW
;
73 static CredFreeT CredFree
;
74 static CredDeleteWT CredDeleteW
;
76 static void load_cred_funcs(void)
79 advapi
= LoadLibraryExA("advapi32.dll", NULL
,
80 LOAD_LIBRARY_SEARCH_SYSTEM32
);
82 die("failed to load advapi32.dll");
84 /* get function pointers */
85 CredWriteW
= (CredWriteWT
)GetProcAddress(advapi
, "CredWriteW");
86 CredEnumerateW
= (CredEnumerateWT
)GetProcAddress(advapi
,
88 CredFree
= (CredFreeT
)GetProcAddress(advapi
, "CredFree");
89 CredDeleteW
= (CredDeleteWT
)GetProcAddress(advapi
, "CredDeleteW");
90 if (!CredWriteW
|| !CredEnumerateW
|| !CredFree
|| !CredDeleteW
)
91 die("failed to load functions");
94 static WCHAR
*wusername
, *password
, *protocol
, *host
, *path
, target
[1024];
96 static void write_item(const char *what
, LPCWSTR wbuf
, int wlen
)
100 if (!wbuf
|| !wlen
) {
101 printf("%s=\n", what
);
105 int len
= WideCharToMultiByte(CP_UTF8
, 0, wbuf
, wlen
, NULL
, 0, NULL
,
109 if (!WideCharToMultiByte(CP_UTF8
, 0, wbuf
, wlen
, buf
, len
, NULL
, FALSE
))
110 die("WideCharToMultiByte failed!");
113 fwrite(buf
, 1, len
, stdout
);
119 * Match an (optional) expected string and a delimiter in the target string,
120 * consuming the matched text by updating the target pointer.
123 static LPCWSTR
wcsstr_last(LPCWSTR str
, LPCWSTR find
)
125 LPCWSTR res
= NULL
, pos
;
126 for (pos
= wcsstr(str
, find
); pos
; pos
= wcsstr(pos
+ 1, find
))
131 static int match_part_with_last(LPCWSTR
*ptarget
, LPCWSTR want
, LPCWSTR delim
, int last
)
133 LPCWSTR delim_pos
, start
= *ptarget
;
136 /* find start of delimiter (or end-of-string if delim is empty) */
138 delim_pos
= last
? wcsstr_last(start
, delim
) : wcsstr(start
, delim
);
140 delim_pos
= start
+ wcslen(start
);
143 * match text up to delimiter, or end of string (e.g. the '/' after
144 * host is optional if not followed by a path)
147 len
= delim_pos
- start
;
151 /* update ptarget if we either found a delimiter or need a match */
152 if (delim_pos
|| want
)
153 *ptarget
= delim_pos
? delim_pos
+ wcslen(delim
) : start
+ len
;
155 return !want
|| (!wcsncmp(want
, start
, len
) && !want
[len
]);
158 static int match_part(LPCWSTR
*ptarget
, LPCWSTR want
, LPCWSTR delim
)
160 return match_part_with_last(ptarget
, want
, delim
, 0);
163 static int match_part_last(LPCWSTR
*ptarget
, LPCWSTR want
, LPCWSTR delim
)
165 return match_part_with_last(ptarget
, want
, delim
, 1);
168 static int match_cred(const CREDENTIALW
*cred
)
170 LPCWSTR target
= cred
->TargetName
;
171 if (wusername
&& wcscmp(wusername
, cred
->UserName
? cred
->UserName
: L
""))
174 return match_part(&target
, L
"git", L
":") &&
175 match_part(&target
, protocol
, L
"://") &&
176 match_part_last(&target
, wusername
, L
"@") &&
177 match_part(&target
, host
, L
"/") &&
178 match_part(&target
, path
, L
"");
181 static void get_credential(void)
187 if (!CredEnumerateW(L
"git:*", 0, &num_creds
, &creds
))
190 /* search for the first credential that matches username */
191 for (i
= 0; i
< num_creds
; ++i
)
192 if (match_cred(creds
[i
])) {
193 write_item("username", creds
[i
]->UserName
,
194 creds
[i
]->UserName
? wcslen(creds
[i
]->UserName
) : 0);
195 write_item("password",
196 (LPCWSTR
)creds
[i
]->CredentialBlob
,
197 creds
[i
]->CredentialBlobSize
/ sizeof(WCHAR
));
204 static void store_credential(void)
208 if (!wusername
|| !password
)
212 cred
.Type
= CRED_TYPE_GENERIC
;
213 cred
.TargetName
= target
;
214 cred
.Comment
= L
"saved by git-credential-wincred";
215 cred
.CredentialBlobSize
= (wcslen(password
)) * sizeof(WCHAR
);
216 cred
.CredentialBlob
= (LPVOID
)password
;
217 cred
.Persist
= CRED_PERSIST_LOCAL_MACHINE
;
218 cred
.AttributeCount
= 0;
219 cred
.Attributes
= NULL
;
220 cred
.TargetAlias
= NULL
;
221 cred
.UserName
= wusername
;
223 if (!CredWriteW(&cred
, 0))
224 die("CredWrite failed");
227 static void erase_credential(void)
233 if (!CredEnumerateW(L
"git:*", 0, &num_creds
, &creds
))
236 for (i
= 0; i
< num_creds
; ++i
) {
237 if (match_cred(creds
[i
]))
238 CredDeleteW(creds
[i
]->TargetName
, creds
[i
]->Type
, 0);
244 static WCHAR
*utf8_to_utf16_dup(const char *str
)
246 int wlen
= MultiByteToWideChar(CP_UTF8
, 0, str
, -1, NULL
, 0);
247 WCHAR
*wstr
= xmalloc(sizeof(WCHAR
) * wlen
);
248 MultiByteToWideChar(CP_UTF8
, 0, str
, -1, wstr
, wlen
);
252 static void read_credential(void)
256 while (fgets(buf
, sizeof(buf
), stdin
)) {
258 int len
= strlen(buf
);
259 /* strip trailing CR / LF */
260 while (len
&& strchr("\r\n", buf
[len
- 1]))
266 v
= strchr(buf
, '=');
268 die("bad input: %s", buf
);
271 if (!strcmp(buf
, "protocol"))
272 protocol
= utf8_to_utf16_dup(v
);
273 else if (!strcmp(buf
, "host"))
274 host
= utf8_to_utf16_dup(v
);
275 else if (!strcmp(buf
, "path"))
276 path
= utf8_to_utf16_dup(v
);
277 else if (!strcmp(buf
, "username")) {
278 wusername
= utf8_to_utf16_dup(v
);
279 } else if (!strcmp(buf
, "password"))
280 password
= utf8_to_utf16_dup(v
);
282 * Ignore other lines; we don't know what they mean, but
283 * this future-proofs us when later versions of git do
284 * learn new lines, and the helpers are updated to match.
289 int main(int argc
, char *argv
[])
292 "usage: git credential-wincred <get|store|erase>\n";
297 /* git use binary pipes to avoid CRLF-issues */
298 _setmode(_fileno(stdin
), _O_BINARY
);
299 _setmode(_fileno(stdout
), _O_BINARY
);
305 if (!protocol
|| !(host
|| path
))
308 /* prepare 'target', the unique key for the credential */
309 wcscpy(target
, L
"git:");
310 wcsncat(target
, protocol
, ARRAY_SIZE(target
));
311 wcsncat(target
, L
"://", ARRAY_SIZE(target
));
313 wcsncat(target
, wusername
, ARRAY_SIZE(target
));
314 wcsncat(target
, L
"@", ARRAY_SIZE(target
));
317 wcsncat(target
, host
, ARRAY_SIZE(target
));
319 wcsncat(target
, L
"/", ARRAY_SIZE(target
));
320 wcsncat(target
, path
, ARRAY_SIZE(target
));
323 if (!strcmp(argv
[1], "get"))
325 else if (!strcmp(argv
[1], "store"))
327 else if (!strcmp(argv
[1], "erase"))
329 /* otherwise, ignore unknown action */