3 #include "credential.h"
4 #include "string-list.h"
5 #include "run-command.h"
9 void credential_init(struct credential
*c
)
11 memset(c
, 0, sizeof(*c
));
12 c
->helpers
.strdup_strings
= 1;
15 void credential_clear(struct credential
*c
)
22 string_list_clear(&c
->helpers
, 0);
27 int credential_match(const struct credential
*want
,
28 const struct credential
*have
)
30 #define CHECK(x) (!want->x || (have->x && !strcmp(want->x, have->x)))
31 return CHECK(protocol
) &&
38 static int credential_config_callback(const char *var
, const char *value
,
41 struct credential
*c
= data
;
42 const char *key
, *dot
;
44 if (!skip_prefix(var
, "credential.", &key
))
48 return config_error_nonbool(var
);
50 dot
= strrchr(key
, '.');
52 struct credential want
= CREDENTIAL_INIT
;
53 char *url
= xmemdupz(key
, dot
- key
);
56 credential_from_url(&want
, url
);
57 matched
= credential_match(&want
, c
);
59 credential_clear(&want
);
67 if (!strcmp(key
, "helper")) {
69 string_list_append(&c
->helpers
, value
);
71 string_list_clear(&c
->helpers
, 0);
72 } else if (!strcmp(key
, "username")) {
74 c
->username
= xstrdup(value
);
76 else if (!strcmp(key
, "usehttppath"))
77 c
->use_http_path
= git_config_bool(var
, value
);
82 static int proto_is_http(const char *s
)
86 return !strcmp(s
, "https") || !strcmp(s
, "http");
89 static void credential_apply_config(struct credential
*c
)
92 die(_("refusing to work with credential missing host field"));
94 die(_("refusing to work with credential missing protocol field"));
98 git_config(credential_config_callback
, c
);
101 if (!c
->use_http_path
&& proto_is_http(c
->protocol
)) {
102 FREE_AND_NULL(c
->path
);
106 static void credential_describe(struct credential
*c
, struct strbuf
*out
)
110 strbuf_addf(out
, "%s://", c
->protocol
);
111 if (c
->username
&& *c
->username
)
112 strbuf_addf(out
, "%s@", c
->username
);
114 strbuf_addstr(out
, c
->host
);
116 strbuf_addf(out
, "/%s", c
->path
);
119 static char *credential_ask_one(const char *what
, struct credential
*c
,
122 struct strbuf desc
= STRBUF_INIT
;
123 struct strbuf prompt
= STRBUF_INIT
;
126 credential_describe(c
, &desc
);
128 strbuf_addf(&prompt
, "%s for '%s': ", what
, desc
.buf
);
130 strbuf_addf(&prompt
, "%s: ", what
);
132 r
= git_prompt(prompt
.buf
, flags
);
134 strbuf_release(&desc
);
135 strbuf_release(&prompt
);
139 static void credential_getpass(struct credential
*c
)
142 c
->username
= credential_ask_one("Username", c
,
143 PROMPT_ASKPASS
|PROMPT_ECHO
);
145 c
->password
= credential_ask_one("Password", c
,
149 int credential_read(struct credential
*c
, FILE *fp
)
151 struct strbuf line
= STRBUF_INIT
;
153 while (strbuf_getline_lf(&line
, fp
) != EOF
) {
154 char *key
= line
.buf
;
155 char *value
= strchr(key
, '=');
161 warning("invalid credential line: %s", key
);
162 strbuf_release(&line
);
167 if (!strcmp(key
, "username")) {
169 c
->username
= xstrdup(value
);
170 } else if (!strcmp(key
, "password")) {
172 c
->password
= xstrdup(value
);
173 } else if (!strcmp(key
, "protocol")) {
175 c
->protocol
= xstrdup(value
);
176 } else if (!strcmp(key
, "host")) {
178 c
->host
= xstrdup(value
);
179 } else if (!strcmp(key
, "path")) {
181 c
->path
= xstrdup(value
);
182 } else if (!strcmp(key
, "url")) {
183 credential_from_url(c
, value
);
184 } else if (!strcmp(key
, "quit")) {
185 c
->quit
= !!git_config_bool("quit", value
);
188 * Ignore other lines; we don't know what they mean, but
189 * this future-proofs us when later versions of git do
190 * learn new lines, and the helpers are updated to match.
194 strbuf_release(&line
);
198 static void credential_write_item(FILE *fp
, const char *key
, const char *value
,
201 if (!value
&& required
)
202 BUG("credential value for %s is missing", key
);
205 if (strchr(value
, '\n'))
206 die("credential value for %s contains newline", key
);
207 fprintf(fp
, "%s=%s\n", key
, value
);
210 void credential_write(const struct credential
*c
, FILE *fp
)
212 credential_write_item(fp
, "protocol", c
->protocol
, 1);
213 credential_write_item(fp
, "host", c
->host
, 1);
214 credential_write_item(fp
, "path", c
->path
, 0);
215 credential_write_item(fp
, "username", c
->username
, 0);
216 credential_write_item(fp
, "password", c
->password
, 0);
219 static int run_credential_helper(struct credential
*c
,
223 struct child_process helper
= CHILD_PROCESS_INIT
;
224 const char *argv
[] = { NULL
, NULL
};
229 helper
.use_shell
= 1;
234 helper
.no_stdout
= 1;
236 if (start_command(&helper
) < 0)
239 fp
= xfdopen(helper
.in
, "w");
240 credential_write(c
, fp
);
245 fp
= xfdopen(helper
.out
, "r");
246 r
= credential_read(c
, fp
);
249 finish_command(&helper
);
254 if (finish_command(&helper
))
259 static int credential_do(struct credential
*c
, const char *helper
,
260 const char *operation
)
262 struct strbuf cmd
= STRBUF_INIT
;
265 if (helper
[0] == '!')
266 strbuf_addstr(&cmd
, helper
+ 1);
267 else if (is_absolute_path(helper
))
268 strbuf_addstr(&cmd
, helper
);
270 strbuf_addf(&cmd
, "git credential-%s", helper
);
272 strbuf_addf(&cmd
, " %s", operation
);
273 r
= run_credential_helper(c
, cmd
.buf
, !strcmp(operation
, "get"));
275 strbuf_release(&cmd
);
279 void credential_fill(struct credential
*c
)
283 if (c
->username
&& c
->password
)
286 credential_apply_config(c
);
288 for (i
= 0; i
< c
->helpers
.nr
; i
++) {
289 credential_do(c
, c
->helpers
.items
[i
].string
, "get");
290 if (c
->username
&& c
->password
)
293 die("credential helper '%s' told us to quit",
294 c
->helpers
.items
[i
].string
);
297 credential_getpass(c
);
298 if (!c
->username
&& !c
->password
)
299 die("unable to get password from user");
302 void credential_approve(struct credential
*c
)
308 if (!c
->username
|| !c
->password
)
311 credential_apply_config(c
);
313 for (i
= 0; i
< c
->helpers
.nr
; i
++)
314 credential_do(c
, c
->helpers
.items
[i
].string
, "store");
318 void credential_reject(struct credential
*c
)
322 credential_apply_config(c
);
324 for (i
= 0; i
< c
->helpers
.nr
; i
++)
325 credential_do(c
, c
->helpers
.items
[i
].string
, "erase");
327 FREE_AND_NULL(c
->username
);
328 FREE_AND_NULL(c
->password
);
332 static int check_url_component(const char *url
, int quiet
,
333 const char *name
, const char *value
)
337 if (!strchr(value
, '\n'))
341 warning(_("url contains a newline in its %s component: %s"),
346 int credential_from_url_gently(struct credential
*c
, const char *url
,
349 const char *at
, *colon
, *cp
, *slash
, *host
, *proto_end
;
355 * (1) proto://<host>/...
356 * (2) proto://<user>@<host>/...
357 * (3) proto://<user>:<pass>@<host>/...
359 proto_end
= strstr(url
, "://");
363 at
= strchr(cp
, '@');
364 colon
= strchr(cp
, ':');
365 slash
= strchrnul(cp
, '/');
367 if (!at
|| slash
<= at
) {
371 else if (!colon
|| at
<= colon
) {
373 c
->username
= url_decode_mem(cp
, at
- cp
);
377 c
->username
= url_decode_mem(cp
, colon
- cp
);
378 c
->password
= url_decode_mem(colon
+ 1, at
- (colon
+ 1));
382 if (proto_end
- url
> 0)
383 c
->protocol
= xmemdupz(url
, proto_end
- url
);
384 c
->host
= url_decode_mem(host
, slash
- host
);
385 /* Trim leading and trailing slashes from path */
386 while (*slash
== '/')
390 c
->path
= url_decode(slash
);
391 p
= c
->path
+ strlen(c
->path
) - 1;
392 while (p
> c
->path
&& *p
== '/')
396 if (check_url_component(url
, quiet
, "username", c
->username
) < 0 ||
397 check_url_component(url
, quiet
, "password", c
->password
) < 0 ||
398 check_url_component(url
, quiet
, "protocol", c
->protocol
) < 0 ||
399 check_url_component(url
, quiet
, "host", c
->host
) < 0 ||
400 check_url_component(url
, quiet
, "path", c
->path
) < 0)
406 void credential_from_url(struct credential
*c
, const char *url
)
408 if (credential_from_url_gently(c
, url
, 0) < 0)
409 die(_("credential url cannot be parsed: %s"), url
);