[thirdparty/git.git] / contrib / credential / osxkeychain / git-credential-osxkeychain.c

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <Security/Security.h>

static SecProtocolType protocol;
static char *host;
static char *path;
static char *username;
static char *password;
static UInt16 port;

static void die(const char *err, ...)
{
	char msg[4096];
	va_list params;
	va_start(params, err);
	vsnprintf(msg, sizeof(msg), err, params);
	fprintf(stderr, "%s\n", msg);
	va_end(params);
	exit(1);
}

static void *xstrdup(const char *s1)
{
	void *ret = strdup(s1);
	if (!ret)
		die("Out of memory");
	return ret;
}

#define KEYCHAIN_ITEM(x) (x ? strlen(x) : 0), x
#define KEYCHAIN_ARGS \
	NULL, /* default keychain */ \
	KEYCHAIN_ITEM(host), \
	0, NULL, /* account domain */ \
	KEYCHAIN_ITEM(username), \
	KEYCHAIN_ITEM(path), \
	port, \
	protocol, \
	kSecAuthenticationTypeDefault

static void write_item(const char *what, const char *buf, int len)
{
	printf("%s=", what);
	fwrite(buf, 1, len, stdout);
	putchar('\n');
}

static void find_username_in_item(SecKeychainItemRef item)
{
	SecKeychainAttributeList list;
	SecKeychainAttribute attr;

	list.count = 1;
	list.attr = &attr;
	attr.tag = kSecAccountItemAttr;

	if (SecKeychainItemCopyContent(item, NULL, &list, NULL, NULL))
		return;

	write_item("username", attr.data, attr.length);
	SecKeychainItemFreeContent(&list, NULL);
}

static void find_internet_password(void)
{
	void *buf;
	UInt32 len;
	SecKeychainItemRef item;

	if (SecKeychainFindInternetPassword(KEYCHAIN_ARGS, &len, &buf, &item))
		return;

	write_item("password", buf, len);
	if (!username)
		find_username_in_item(item);

	SecKeychainItemFreeContent(NULL, buf);
}

static void delete_internet_password(void)
{
	SecKeychainItemRef item;

	/*
	 * Require at least a protocol and host for removal, which is what git
	 * will give us; if you want to do something more fancy, use the
	 * Keychain manager.
	 */
	if (!protocol || !host)
		return;

	if (SecKeychainFindInternetPassword(KEYCHAIN_ARGS, 0, NULL, &item))
		return;

	SecKeychainItemDelete(item);
}

static void add_internet_password(void)
{
	/* Only store complete credentials */
	if (!protocol || !host || !username || !password)
		return;

	if (SecKeychainAddInternetPassword(
	      KEYCHAIN_ARGS,
	      KEYCHAIN_ITEM(password),
	      NULL))
		return;
}

static void read_credential(void)
{
	char buf[1024];

	while (fgets(buf, sizeof(buf), stdin)) {
		char *v;

		if (!strcmp(buf, "\n"))
			break;
		buf[strlen(buf)-1] = '\0';

		v = strchr(buf, '=');
		if (!v)
			die("bad input: %s", buf);
		*v++ = '\0';

		if (!strcmp(buf, "protocol")) {
			if (!strcmp(v, "https"))
				protocol = kSecProtocolTypeHTTPS;
			else if (!strcmp(v, "http"))
				protocol = kSecProtocolTypeHTTP;
			else /* we don't yet handle other protocols */
				exit(0);
		}
		else if (!strcmp(buf, "host")) {
			char *colon = strchr(v, ':');
			if (colon) {
				*colon++ = '\0';
				port = atoi(colon);
			}
			host = xstrdup(v);
		}
		else if (!strcmp(buf, "path"))
			path = xstrdup(v);
		else if (!strcmp(buf, "username"))
			username = xstrdup(v);
		else if (!strcmp(buf, "password"))
			password = xstrdup(v);
	}
}

int main(int argc, const char **argv)
{
	const char *usage =
		"usage: git credential-osxkeychain <get|store|erase>";

	if (!argv[1])
		die(usage);

	read_credential();

	if (!strcmp(argv[1], "get"))
		find_internet_password();
	else if (!strcmp(argv[1], "store"))
		add_internet_password();
	else if (!strcmp(argv[1], "erase"))
		delete_internet_password();
	/* otherwise, ignore unknown action */

	return 0;
}
Commit	Line	Data
34961d30 JK	1	#include <stdio.h>
	2	#include <string.h>
	3	#include <stdlib.h>
	4	#include <Security/Security.h>
	5
	6	static SecProtocolType protocol;
	7	static char *host;
	8	static char *path;
	9	static char *username;
	10	static char *password;
	11	static UInt16 port;
	12
	13	static void die(const char *err, ...)
	14	{
	15	char msg[4096];
	16	va_list params;
	17	va_start(params, err);
	18	vsnprintf(msg, sizeof(msg), err, params);
	19	fprintf(stderr, "%s\n", msg);
	20	va_end(params);
	21	exit(1);
	22	}
	23
	24	static void xstrdup(const char s1)
	25	{
	26	void *ret = strdup(s1);
	27	if (!ret)
	28	die("Out of memory");
	29	return ret;
	30	}
	31
	32	#define KEYCHAIN_ITEM(x) (x ? strlen(x) : 0), x
	33	#define KEYCHAIN_ARGS \
	34	NULL, /* default keychain */ \
	35	KEYCHAIN_ITEM(host), \
	36	0, NULL, /* account domain */ \
	37	KEYCHAIN_ITEM(username), \
	38	KEYCHAIN_ITEM(path), \
	39	port, \
	40	protocol, \
	41	kSecAuthenticationTypeDefault
	42
	43	static void write_item(const char what, const char buf, int len)
	44	{
	45	printf("%s=", what);
	46	fwrite(buf, 1, len, stdout);
	47	putchar('\n');
	48	}
	49
	50	static void find_username_in_item(SecKeychainItemRef item)
	51	{
	52	SecKeychainAttributeList list;
	53	SecKeychainAttribute attr;
	54
	55	list.count = 1;
	56	list.attr = &attr;
	57	attr.tag = kSecAccountItemAttr;
	58
	59	if (SecKeychainItemCopyContent(item, NULL, &list, NULL, NULL))
	60	return;
	61
	62	write_item("username", attr.data, attr.length);
	63	SecKeychainItemFreeContent(&list, NULL);
	64	}
65
66	static void find_internet_password(void)
67	{
68	void *buf;
69	UInt32 len;
70	SecKeychainItemRef item;
71
72	if (SecKeychainFindInternetPassword(KEYCHAIN_ARGS, &len, &buf, &item))
73	return;
74
75	write_item("password", buf, len);
76	if (!username)
77	find_username_in_item(item);
78
79	SecKeychainItemFreeContent(NULL, buf);
80	}
81
82	static void delete_internet_password(void)
83	{
84	SecKeychainItemRef item;
85
86	/*
87	* Require at least a protocol and host for removal, which is what git
88	* will give us; if you want to do something more fancy, use the
89	* Keychain manager.
90	*/
91	if (!protocol \|\| !host)
92	return;
93
94	if (SecKeychainFindInternetPassword(KEYCHAIN_ARGS, 0, NULL, &item))
95	return;
96
97	SecKeychainItemDelete(item);
98	}
99
100	static void add_internet_password(void)
101	{
102	/* Only store complete credentials */
103	if (!protocol \|\| !host \|\| !username \|\| !password)
104	return;
105
106	if (SecKeychainAddInternetPassword(
107	KEYCHAIN_ARGS,
108	KEYCHAIN_ITEM(password),
109	NULL))
110	return;
111	}
112
113	static void read_credential(void)
114	{
115	char buf[1024];
116
117	while (fgets(buf, sizeof(buf), stdin)) {
118	char *v;
119
120	if (!strcmp(buf, "\n"))
121	break;
122	buf[strlen(buf)-1] = '\0';
123
124	v = strchr(buf, '=');
125	if (!v)
126	die("bad input: %s", buf);
127	*v++ = '\0';
128
129	if (!strcmp(buf, "protocol")) {
130	if (!strcmp(v, "https"))
131	protocol = kSecProtocolTypeHTTPS;
132	else if (!strcmp(v, "http"))
133	protocol = kSecProtocolTypeHTTP;
134	else /* we don't yet handle other protocols */
135	exit(0);
136	}
137	else if (!strcmp(buf, "host")) {
138	char *colon = strchr(v, ':');
139	if (colon) {
140	*colon++ = '\0';
141	port = atoi(colon);
142	}
143	host = xstrdup(v);
144	}
145	else if (!strcmp(buf, "path"))
146	path = xstrdup(v);
147	else if (!strcmp(buf, "username"))
148	username = xstrdup(v);
149	else if (!strcmp(buf, "password"))
150	password = xstrdup(v);
151	}
152	}
153
154	int main(int argc, const char **argv)
155	{
156	const char *usage =
c358ed75	157	"usage: git credential-osxkeychain <get\|store\|erase>";
34961d30 JK	158
	159	if (!argv[1])
	160	die(usage);
	161
	162	read_credential();
	163
	164	if (!strcmp(argv[1], "get"))
	165	find_internet_password();
	166	else if (!strcmp(argv[1], "store"))
	167	add_internet_password();
	168	else if (!strcmp(argv[1], "erase"))
	169	delete_internet_password();
	170	/* otherwise, ignore unknown action */
	171
	172	return 0;
	173	}