credential-cache: respect authtype capability

Previously, credential-cache populated authtype regardless whether
"get" request had authtype capability. As documented in
git-credential.txt, authtype "should not be sent unless the appropriate
capability ... is provided".

Add test. Without this change, the test failed because "credential fill"
printed an incomplete credential with only protocol and host attributes
(the unexpected authtype attribute was discarded by credential.c).

Signed-off-by: M Hickford <mirth.hickford@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/builtin/credential-cache--daemon.c b/builtin/credential-cache--daemon.c
index 4952b225477227862945e5f987582a76abdaf07e..9cdc3077ecfa02e4a222a6366fba45d9b08f2ff4 100644 (file)
--- a/builtin/credential-cache--daemon.c
+++ b/builtin/credential-cache--daemon.c
@@ -141,9 +141,9 @@ static void serve_one_client(FILE *in, FILE *out)
                                fprintf(out, "username=%s\n", e->item.username);
                        if (e->item.password)
                                fprintf(out, "password=%s\n", e->item.password);
-                       if (credential_has_capability(&c.capa_authtype, CREDENTIAL_OP_HELPER) && e->item.authtype)
+                       if (credential_has_capability(&c.capa_authtype, CREDENTIAL_OP_RESPONSE) && e->item.authtype)
                                fprintf(out, "authtype=%s\n", e->item.authtype);
-                       if (credential_has_capability(&c.capa_authtype, CREDENTIAL_OP_HELPER) && e->item.credential)
+                       if (credential_has_capability(&c.capa_authtype, CREDENTIAL_OP_RESPONSE) && e->item.credential)
                                fprintf(out, "credential=%s\n", e->item.credential);
                        if (e->item.password_expiry_utc != TIME_MAX)
                                fprintf(out, "password_expiry_utc=%"PRItime"\n",

diff --git a/t/lib-credential.sh b/t/lib-credential.sh
index 58b9c7406058904838832d35719478797a01d1ee..cc6bf9aa5f37178a84c2bd6d224a26ee484525d7 100644 (file)
--- a/t/lib-credential.sh
+++ b/t/lib-credential.sh
@@ -566,6 +566,21 @@ helper_test_authtype() {
                EOF
        '
 
+       test_expect_success "helper ($HELPER) gets authtype and credential only if request has authtype capability" '
+               check fill $HELPER <<-\EOF
+               protocol=https
+               host=git.example.com
+               --
+               protocol=https
+               host=git.example.com
+               username=askpass-username
+               password=askpass-password
+               --
+               askpass: Username for '\''https://git.example.com'\'':
+               askpass: Password for '\''https://askpass-username@git.example.com'\'':
+               EOF
+       '
+
        test_expect_success "helper ($HELPER) stores authtype and credential with username" '
                check approve $HELPER <<-\EOF
                capability[]=authtype