]>
Commit | Line | Data |
---|---|---|
71e1b4b6 JK |
1 | #include "cache.h" |
2 | #include "credential.h" | |
3 | #include "string-list.h" | |
4 | #include "parse-options.h" | |
5 | ||
6 | static struct lock_file credential_lock; | |
7 | ||
8 | static void parse_credential_file(const char *fn, | |
9 | struct credential *c, | |
10 | void (*match_cb)(struct credential *), | |
11 | void (*other_cb)(struct strbuf *)) | |
12 | { | |
13 | FILE *fh; | |
14 | struct strbuf line = STRBUF_INIT; | |
15 | struct credential entry = CREDENTIAL_INIT; | |
16 | ||
17 | fh = fopen(fn, "r"); | |
18 | if (!fh) { | |
19 | if (errno != ENOENT) | |
20 | die_errno("unable to open %s", fn); | |
21 | return; | |
22 | } | |
23 | ||
24 | while (strbuf_getline(&line, fh, '\n') != EOF) { | |
25 | credential_from_url(&entry, line.buf); | |
26 | if (entry.username && entry.password && | |
27 | credential_match(c, &entry)) { | |
28 | if (match_cb) { | |
29 | match_cb(&entry); | |
30 | break; | |
31 | } | |
32 | } | |
33 | else if (other_cb) | |
34 | other_cb(&line); | |
35 | } | |
36 | ||
37 | credential_clear(&entry); | |
38 | strbuf_release(&line); | |
39 | fclose(fh); | |
40 | } | |
41 | ||
42 | static void print_entry(struct credential *c) | |
43 | { | |
44 | printf("username=%s\n", c->username); | |
45 | printf("password=%s\n", c->password); | |
46 | } | |
47 | ||
48 | static void print_line(struct strbuf *buf) | |
49 | { | |
50 | strbuf_addch(buf, '\n'); | |
51 | write_or_die(credential_lock.fd, buf->buf, buf->len); | |
52 | } | |
53 | ||
54 | static void rewrite_credential_file(const char *fn, struct credential *c, | |
55 | struct strbuf *extra) | |
56 | { | |
57 | if (hold_lock_file_for_update(&credential_lock, fn, 0) < 0) | |
58 | die_errno("unable to get credential storage lock"); | |
59 | if (extra) | |
60 | print_line(extra); | |
61 | parse_credential_file(fn, c, NULL, print_line); | |
62 | if (commit_lock_file(&credential_lock) < 0) | |
63 | die_errno("unable to commit credential store"); | |
64 | } | |
65 | ||
66 | static void store_credential(const char *fn, struct credential *c) | |
67 | { | |
68 | struct strbuf buf = STRBUF_INIT; | |
69 | ||
70 | /* | |
71 | * Sanity check that what we are storing is actually sensible. | |
72 | * In particular, we can't make a URL without a protocol field. | |
73 | * Without either a host or pathname (depending on the scheme), | |
74 | * we have no primary key. And without a username and password, | |
75 | * we are not actually storing a credential. | |
76 | */ | |
77 | if (!c->protocol || !(c->host || c->path) || | |
78 | !c->username || !c->password) | |
79 | return; | |
80 | ||
81 | strbuf_addf(&buf, "%s://", c->protocol); | |
82 | strbuf_addstr_urlencode(&buf, c->username, 1); | |
83 | strbuf_addch(&buf, ':'); | |
84 | strbuf_addstr_urlencode(&buf, c->password, 1); | |
85 | strbuf_addch(&buf, '@'); | |
86 | if (c->host) | |
87 | strbuf_addstr_urlencode(&buf, c->host, 1); | |
88 | if (c->path) { | |
89 | strbuf_addch(&buf, '/'); | |
90 | strbuf_addstr_urlencode(&buf, c->path, 0); | |
91 | } | |
92 | ||
93 | rewrite_credential_file(fn, c, &buf); | |
94 | strbuf_release(&buf); | |
95 | } | |
96 | ||
97 | static void remove_credential(const char *fn, struct credential *c) | |
98 | { | |
99 | /* | |
100 | * Sanity check that we actually have something to match | |
101 | * against. The input we get is a restrictive pattern, | |
102 | * so technically a blank credential means "erase everything". | |
103 | * But it is too easy to accidentally send this, since it is equivalent | |
104 | * to empty input. So explicitly disallow it, and require that the | |
105 | * pattern have some actual content to match. | |
106 | */ | |
107 | if (c->protocol || c->host || c->path || c->username) | |
108 | rewrite_credential_file(fn, c, NULL); | |
109 | } | |
110 | ||
111 | static int lookup_credential(const char *fn, struct credential *c) | |
112 | { | |
113 | parse_credential_file(fn, c, print_entry, NULL); | |
114 | return c->username && c->password; | |
115 | } | |
116 | ||
117 | int main(int argc, const char **argv) | |
118 | { | |
119 | const char * const usage[] = { | |
120 | "git credential-store [options] <action>", | |
121 | NULL | |
122 | }; | |
123 | const char *op; | |
124 | struct credential c = CREDENTIAL_INIT; | |
125 | char *file = NULL; | |
126 | struct option options[] = { | |
127 | OPT_STRING(0, "file", &file, "path", | |
128 | "fetch and store credentials in <path>"), | |
129 | OPT_END() | |
130 | }; | |
131 | ||
132 | umask(077); | |
133 | ||
134 | argc = parse_options(argc, argv, NULL, options, usage, 0); | |
135 | if (argc != 1) | |
136 | usage_with_options(usage, options); | |
137 | op = argv[0]; | |
138 | ||
139 | if (!file) | |
140 | file = expand_user_path("~/.git-credentials"); | |
141 | if (!file) | |
142 | die("unable to set up default path; use --file"); | |
143 | ||
144 | if (credential_read(&c, stdin) < 0) | |
145 | die("unable to read credential"); | |
146 | ||
147 | if (!strcmp(op, "get")) | |
148 | lookup_credential(file, &c); | |
149 | else if (!strcmp(op, "erase")) | |
150 | remove_credential(file, &c); | |
151 | else if (!strcmp(op, "store")) | |
152 | store_credential(file, &c); | |
153 | else | |
154 | ; /* Ignore unknown operation. */ | |
155 | ||
156 | return 0; | |
157 | } |