credential.c

   1 #include "cache.h"
   2 #include "config.h"
   3 #include "credential.h"
   4 #include "string-list.h"
   5 #include "run-command.h"
   6 #include "url.h"
   7 #include "prompt.h"
   8
   9 void credential_init(struct credential *c)
  10 {
  11         memset(c, 0, sizeof(*c));
  12         c->helpers.strdup_strings = 1;
  13 }
  14
  15 void credential_clear(struct credential *c)
  16 {
  17         free(c->protocol);
  18         free(c->host);
  19         free(c->path);
  20         free(c->username);
  21         free(c->password);
  22         string_list_clear(&c->helpers, 0);
  23
  24         credential_init(c);
  25 }
  26
  27 int credential_match(const struct credential *want,
  28                      const struct credential *have)
  29 {
  30 #define CHECK(x) (!want->x || (have->x && !strcmp(want->x, have->x)))
  31         return CHECK(protocol) &&
  32                CHECK(host) &&
  33                CHECK(path) &&
  34                CHECK(username);
  35 #undef CHECK
  36 }
  37
  38 static int credential_config_callback(const char *var, const char *value,
  39                                       void *data)
  40 {
  41         struct credential *c = data;
  42         const char *key, *dot;
  43
  44         if (!skip_prefix(var, "credential.", &key))
  45                 return 0;
  46
  47         if (!value)
  48                 return config_error_nonbool(var);
  49
  50         dot = strrchr(key, '.');
  51         if (dot) {
  52                 struct credential want = CREDENTIAL_INIT;
  53                 char *url = xmemdupz(key, dot - key);
  54                 int matched;
  55
  56                 credential_from_url(&want, url);
  57                 matched = credential_match(&want, c);
  58
  59                 credential_clear(&want);
  60                 free(url);
  61
  62                 if (!matched)
  63                         return 0;
  64                 key = dot + 1;
  65         }
  66
  67         if (!strcmp(key, "helper")) {
  68                 if (*value)
  69                         string_list_append(&c->helpers, value);
  70                 else
  71                         string_list_clear(&c->helpers, 0);
  72         } else if (!strcmp(key, "username")) {
  73                 if (!c->username)
  74                         c->username = xstrdup(value);
  75         }
  76         else if (!strcmp(key, "usehttppath"))
  77                 c->use_http_path = git_config_bool(var, value);
  78
  79         return 0;
  80 }
  81
  82 static int proto_is_http(const char *s)
  83 {
  84         if (!s)
  85                 return 0;
  86         return !strcmp(s, "https") || !strcmp(s, "http");
  87 }
  88
  89 static void credential_apply_config(struct credential *c)
  90 {
  91         if (!c->host)
  92                 die(_("refusing to work with credential missing host field"));
  93         if (!c->protocol)
  94                 die(_("refusing to work with credential missing protocol field"));
  95
  96         if (c->configured)
  97                 return;
  98         git_config(credential_config_callback, c);
  99         c->configured = 1;
 100
 101         if (!c->use_http_path && proto_is_http(c->protocol)) {
 102                 FREE_AND_NULL(c->path);
 103         }
 104 }
 105
 106 static void credential_describe(struct credential *c, struct strbuf *out)
 107 {
 108         if (!c->protocol)
 109                 return;
 110         strbuf_addf(out, "%s://", c->protocol);
 111         if (c->username && *c->username)
 112                 strbuf_addf(out, "%s@", c->username);
 113         if (c->host)
 114                 strbuf_addstr(out, c->host);
 115         if (c->path)
 116                 strbuf_addf(out, "/%s", c->path);
 117 }
 118
 119 static char *credential_ask_one(const char *what, struct credential *c,
 120                                 int flags)
 121 {
 122         struct strbuf desc = STRBUF_INIT;
 123         struct strbuf prompt = STRBUF_INIT;
 124         char *r;
 125
 126         credential_describe(c, &desc);
 127         if (desc.len)
 128                 strbuf_addf(&prompt, "%s for '%s': ", what, desc.buf);
 129         else
 130                 strbuf_addf(&prompt, "%s: ", what);
 131
 132         r = git_prompt(prompt.buf, flags);
 133
 134         strbuf_release(&desc);
 135         strbuf_release(&prompt);
 136         return xstrdup(r);
 137 }
 138
 139 static void credential_getpass(struct credential *c)
 140 {
 141         if (!c->username)
 142                 c->username = credential_ask_one("Username", c,
 143                                                  PROMPT_ASKPASS|PROMPT_ECHO);
 144         if (!c->password)
 145                 c->password = credential_ask_one("Password", c,
 146                                                  PROMPT_ASKPASS);
 147 }
 148
 149 int credential_read(struct credential *c, FILE *fp)
 150 {
 151         struct strbuf line = STRBUF_INIT;
 152
 153         while (strbuf_getline_lf(&line, fp) != EOF) {
 154                 char *key = line.buf;
 155                 char *value = strchr(key, '=');
 156
 157                 if (!line.len)
 158                         break;
 159
 160                 if (!value) {
 161                         warning("invalid credential line: %s", key);
 162                         strbuf_release(&line);
 163                         return -1;
 164                 }
 165                 *value++ = '\0';
 166
 167                 if (!strcmp(key, "username")) {
 168                         free(c->username);
 169                         c->username = xstrdup(value);
 170                 } else if (!strcmp(key, "password")) {
 171                         free(c->password);
 172                         c->password = xstrdup(value);
 173                 } else if (!strcmp(key, "protocol")) {
 174                         free(c->protocol);
 175                         c->protocol = xstrdup(value);
 176                 } else if (!strcmp(key, "host")) {
 177                         free(c->host);
 178                         c->host = xstrdup(value);
 179                 } else if (!strcmp(key, "path")) {
 180                         free(c->path);
 181                         c->path = xstrdup(value);
 182                 } else if (!strcmp(key, "url")) {
 183                         credential_from_url(c, value);
 184                 } else if (!strcmp(key, "quit")) {
 185                         c->quit = !!git_config_bool("quit", value);
 186                 }
 187                 /*
 188                  * Ignore other lines; we don't know what they mean, but
 189                  * this future-proofs us when later versions of git do
 190                  * learn new lines, and the helpers are updated to match.
 191                  */
 192         }
 193
 194         strbuf_release(&line);
 195         return 0;
 196 }
 197
 198 static void credential_write_item(FILE *fp, const char *key, const char *value,
 199                                   int required)
 200 {
 201         if (!value && required)
 202                 BUG("credential value for %s is missing", key);
 203         if (!value)
 204                 return;
 205         if (strchr(value, '\n'))
 206                 die("credential value for %s contains newline", key);
 207         fprintf(fp, "%s=%s\n", key, value);
 208 }
 209
 210 void credential_write(const struct credential *c, FILE *fp)
 211 {
 212         credential_write_item(fp, "protocol", c->protocol, 1);
 213         credential_write_item(fp, "host", c->host, 1);
 214         credential_write_item(fp, "path", c->path, 0);
 215         credential_write_item(fp, "username", c->username, 0);
 216         credential_write_item(fp, "password", c->password, 0);
 217 }
 218
 219 static int run_credential_helper(struct credential *c,
 220                                  const char *cmd,
 221                                  int want_output)
 222 {
 223         struct child_process helper = CHILD_PROCESS_INIT;
 224         const char *argv[] = { NULL, NULL };
 225         FILE *fp;
 226
 227         argv[0] = cmd;
 228         helper.argv = argv;
 229         helper.use_shell = 1;
 230         helper.in = -1;
 231         if (want_output)
 232                 helper.out = -1;
 233         else
 234                 helper.no_stdout = 1;
 235
 236         if (start_command(&helper) < 0)
 237                 return -1;
 238
 239         fp = xfdopen(helper.in, "w");
 240         credential_write(c, fp);
 241         fclose(fp);
 242
 243         if (want_output) {
 244                 int r;
 245                 fp = xfdopen(helper.out, "r");
 246                 r = credential_read(c, fp);
 247                 fclose(fp);
 248                 if (r < 0) {
 249                         finish_command(&helper);
 250                         return -1;
 251                 }
 252         }
 253
 254         if (finish_command(&helper))
 255                 return -1;
 256         return 0;
 257 }
 258
 259 static int credential_do(struct credential *c, const char *helper,
 260                          const char *operation)
 261 {
 262         struct strbuf cmd = STRBUF_INIT;
 263         int r;
 264
 265         if (helper[0] == '!')
 266                 strbuf_addstr(&cmd, helper + 1);
 267         else if (is_absolute_path(helper))
 268                 strbuf_addstr(&cmd, helper);
 269         else
 270                 strbuf_addf(&cmd, "git credential-%s", helper);
 271
 272         strbuf_addf(&cmd, " %s", operation);
 273         r = run_credential_helper(c, cmd.buf, !strcmp(operation, "get"));
 274
 275         strbuf_release(&cmd);
 276         return r;
 277 }
 278
 279 void credential_fill(struct credential *c)
 280 {
 281         int i;
 282
 283         if (c->username && c->password)
 284                 return;
 285
 286         credential_apply_config(c);
 287
 288         for (i = 0; i < c->helpers.nr; i++) {
 289                 credential_do(c, c->helpers.items[i].string, "get");
 290                 if (c->username && c->password)
 291                         return;
 292                 if (c->quit)
 293                         die("credential helper '%s' told us to quit",
 294                             c->helpers.items[i].string);
 295         }
 296
 297         credential_getpass(c);
 298         if (!c->username && !c->password)
 299                 die("unable to get password from user");
 300 }
 301
 302 void credential_approve(struct credential *c)
 303 {
 304         int i;
 305
 306         if (c->approved)
 307                 return;
 308         if (!c->username || !c->password)
 309                 return;
 310
 311         credential_apply_config(c);
 312
 313         for (i = 0; i < c->helpers.nr; i++)
 314                 credential_do(c, c->helpers.items[i].string, "store");
 315         c->approved = 1;
 316 }
 317
 318 void credential_reject(struct credential *c)
 319 {
 320         int i;
 321
 322         credential_apply_config(c);
 323
 324         for (i = 0; i < c->helpers.nr; i++)
 325                 credential_do(c, c->helpers.items[i].string, "erase");
 326
 327         FREE_AND_NULL(c->username);
 328         FREE_AND_NULL(c->password);
 329         c->approved = 0;
 330 }
 331
 332 static int check_url_component(const char *url, int quiet,
 333                                const char *name, const char *value)
 334 {
 335         if (!value)
 336                 return 0;
 337         if (!strchr(value, '\n'))
 338                 return 0;
 339
 340         if (!quiet)
 341                 warning(_("url contains a newline in its %s component: %s"),
 342                         name, url);
 343         return -1;
 344 }
 345
 346 int credential_from_url_gently(struct credential *c, const char *url,
 347                                int quiet)
 348 {
 349         const char *at, *colon, *cp, *slash, *host, *proto_end;
 350
 351         credential_clear(c);
 352
 353         /*
 354          * Match one of:
 355          *   (1) proto://<host>/...
 356          *   (2) proto://<user>@<host>/...
 357          *   (3) proto://<user>:<pass>@<host>/...
 358          */
 359         proto_end = strstr(url, "://");
 360         if (!proto_end)
 361                 return 0;
 362         cp = proto_end + 3;
 363         at = strchr(cp, '@');
 364         colon = strchr(cp, ':');
 365         slash = strchrnul(cp, '/');
 366
 367         if (!at || slash <= at) {
 368                 /* Case (1) */
 369                 host = cp;
 370         }
 371         else if (!colon || at <= colon) {
 372                 /* Case (2) */
 373                 c->username = url_decode_mem(cp, at - cp);
 374                 host = at + 1;
 375         } else {
 376                 /* Case (3) */
 377                 c->username = url_decode_mem(cp, colon - cp);
 378                 c->password = url_decode_mem(colon + 1, at - (colon + 1));
 379                 host = at + 1;
 380         }
 381
 382         if (proto_end - url > 0)
 383                 c->protocol = xmemdupz(url, proto_end - url);
 384         c->host = url_decode_mem(host, slash - host);
 385         /* Trim leading and trailing slashes from path */
 386         while (*slash == '/')
 387                 slash++;
 388         if (*slash) {
 389                 char *p;
 390                 c->path = url_decode(slash);
 391                 p = c->path + strlen(c->path) - 1;
 392                 while (p > c->path && *p == '/')
 393                         *p-- = '\0';
 394         }
 395
 396         if (check_url_component(url, quiet, "username", c->username) < 0 ||
 397             check_url_component(url, quiet, "password", c->password) < 0 ||
 398             check_url_component(url, quiet, "protocol", c->protocol) < 0 ||
 399             check_url_component(url, quiet, "host", c->host) < 0 ||
 400             check_url_component(url, quiet, "path", c->path) < 0)
 401                 return -1;
 402
 403         return 0;
 404 }
 405
 406 void credential_from_url(struct credential *c, const char *url)
 407 {
 408         if (credential_from_url_gently(c, url, 0) < 0)
 409                 die(_("credential url cannot be parsed: %s"), url);
 410 }