]>
git.ipfire.org Git - thirdparty/git.git/blob - credential-cache--daemon.c
2 #include "credential.h"
3 #include "unix-socket.h"
6 static const char *socket_path
;
8 static void cleanup_socket(void)
14 static void cleanup_socket_on_signal(int sig
)
21 struct credential_cache_entry
{
22 struct credential item
;
23 unsigned long expiration
;
25 static struct credential_cache_entry
*entries
;
26 static int entries_nr
;
27 static int entries_alloc
;
29 static void cache_credential(struct credential
*c
, int timeout
)
31 struct credential_cache_entry
*e
;
33 ALLOC_GROW(entries
, entries_nr
+ 1, entries_alloc
);
34 e
= &entries
[entries_nr
++];
36 /* take ownership of pointers */
37 memcpy(&e
->item
, c
, sizeof(*c
));
38 memset(c
, 0, sizeof(*c
));
39 e
->expiration
= time(NULL
) + timeout
;
42 static struct credential_cache_entry
*lookup_credential(const struct credential
*c
)
45 for (i
= 0; i
< entries_nr
; i
++) {
46 struct credential
*e
= &entries
[i
].item
;
47 if (credential_match(c
, e
))
53 static void remove_credential(const struct credential
*c
)
55 struct credential_cache_entry
*e
;
57 e
= lookup_credential(c
);
62 static int check_expirations(void)
64 static unsigned long wait_for_entry_until
;
66 unsigned long now
= time(NULL
);
67 unsigned long next
= (unsigned long)-1;
70 * Initially give the client 30 seconds to actually contact us
71 * and store a credential before we decide there's no point in
72 * keeping the daemon around.
74 if (!wait_for_entry_until
)
75 wait_for_entry_until
= now
+ 30;
77 while (i
< entries_nr
) {
78 if (entries
[i
].expiration
<= now
) {
80 credential_clear(&entries
[i
].item
);
82 memcpy(&entries
[i
], &entries
[entries_nr
], sizeof(*entries
));
84 * Stick around 30 seconds in case a new credential
85 * shows up (e.g., because we just removed a failed
86 * one, and we will soon get the correct one).
88 wait_for_entry_until
= now
+ 30;
91 if (entries
[i
].expiration
< next
)
92 next
= entries
[i
].expiration
;
98 if (wait_for_entry_until
<= now
)
100 next
= wait_for_entry_until
;
106 static int read_request(FILE *fh
, struct credential
*c
,
107 struct strbuf
*action
, int *timeout
) {
108 static struct strbuf item
= STRBUF_INIT
;
111 strbuf_getline(&item
, fh
, '\n');
112 p
= skip_prefix(item
.buf
, "action=");
114 return error("client sent bogus action line: %s", item
.buf
);
115 strbuf_addstr(action
, p
);
117 strbuf_getline(&item
, fh
, '\n');
118 p
= skip_prefix(item
.buf
, "timeout=");
120 return error("client sent bogus timeout line: %s", item
.buf
);
123 if (credential_read(c
, fh
) < 0)
128 static void serve_one_client(FILE *in
, FILE *out
)
130 struct credential c
= CREDENTIAL_INIT
;
131 struct strbuf action
= STRBUF_INIT
;
134 if (read_request(in
, &c
, &action
, &timeout
) < 0)
136 else if (!strcmp(action
.buf
, "get")) {
137 struct credential_cache_entry
*e
= lookup_credential(&c
);
139 fprintf(out
, "username=%s\n", e
->item
.username
);
140 fprintf(out
, "password=%s\n", e
->item
.password
);
143 else if (!strcmp(action
.buf
, "exit"))
145 else if (!strcmp(action
.buf
, "erase"))
146 remove_credential(&c
);
147 else if (!strcmp(action
.buf
, "store")) {
149 warning("cache client didn't specify a timeout");
150 else if (!c
.username
|| !c
.password
)
151 warning("cache client gave us a partial credential");
153 remove_credential(&c
);
154 cache_credential(&c
, timeout
);
158 warning("cache client sent unknown action: %s", action
.buf
);
160 credential_clear(&c
);
161 strbuf_release(&action
);
164 static int serve_cache_loop(int fd
)
167 unsigned long wakeup
;
169 wakeup
= check_expirations();
175 if (poll(&pfd
, 1, 1000 * wakeup
) < 0) {
177 die_errno("poll failed");
181 if (pfd
.revents
& POLLIN
) {
185 client
= accept(fd
, NULL
, NULL
);
187 warning("accept failed: %s", strerror(errno
));
190 client2
= dup(client
);
192 warning("dup failed: %s", strerror(errno
));
197 in
= xfdopen(client
, "r");
198 out
= xfdopen(client2
, "w");
199 serve_one_client(in
, out
);
206 static void serve_cache(const char *socket_path
)
210 fd
= unix_stream_listen(socket_path
);
212 die_errno("unable to bind to '%s'", socket_path
);
217 while (serve_cache_loop(fd
))
224 static const char permissions_advice
[] =
225 "The permissions on your socket directory are too loose; other\n"
226 "users may be able to read your cached credentials. Consider running:\n"
229 static void check_socket_directory(const char *path
)
232 char *path_copy
= xstrdup(path
);
233 char *dir
= dirname(path_copy
);
235 if (!stat(dir
, &st
)) {
236 if (st
.st_mode
& 077)
237 die(permissions_advice
, dir
);
243 * We must be sure to create the directory with the correct mode,
244 * not just chmod it after the fact; otherwise, there is a race
245 * condition in which somebody can chdir to it, sleep, then try to open
246 * our protected socket.
248 if (safe_create_leading_directories_const(dir
) < 0)
249 die_errno("unable to create directories for '%s'", dir
);
250 if (mkdir(dir
, 0700) < 0)
251 die_errno("unable to mkdir '%s'", dir
);
255 int main(int argc
, const char **argv
)
257 socket_path
= argv
[1];
260 die("usage: git-credential-cache--daemon <socket_path>");
261 check_socket_directory(socket_path
);
263 atexit(cleanup_socket
);
264 sigchain_push_common(cleanup_socket_on_signal
);
266 serve_cache(socket_path
);