die("unable to read credential from stdin");
if (!strcmp(op, "fill")) {
- credential_fill(&c, 0);
+ credential_fill(the_repository, &c, 0);
credential_next_state(&c);
credential_write(&c, stdout, CREDENTIAL_OP_RESPONSE);
} else if (!strcmp(op, "approve")) {
credential_set_all_capabilities(&c, CREDENTIAL_OP_HELPER);
- credential_approve(&c);
+ credential_approve(the_repository, &c);
} else if (!strcmp(op, "reject")) {
credential_set_all_capabilities(&c, CREDENTIAL_OP_HELPER);
- credential_reject(&c);
+ credential_reject(the_repository, &c);
} else {
usage(usage_msg);
}
-#define USE_THE_REPOSITORY_VARIABLE
#define DISABLE_SIGN_COMPARE_WARNINGS
#include "git-compat-util.h"
return matches;
}
-static void credential_apply_config(struct credential *c)
+static void credential_apply_config(struct repository *r, struct credential *c)
{
char *normalized_url;
struct urlmatch_config config = URLMATCH_CONFIG_INIT;
credential_format(c, &url);
normalized_url = url_normalize(url.buf, &config.url);
- git_config(urlmatch_config_entry, &config);
+ repo_config(r, urlmatch_config_entry, &config);
string_list_clear(&config.vars, 1);
free(normalized_url);
urlmatch_config_release(&config);
return xstrdup(r);
}
-static int credential_getpass(struct credential *c)
+static int credential_getpass(struct repository *r, struct credential *c)
{
int interactive;
char *value;
- if (!git_config_get_maybe_bool("credential.interactive", &interactive) &&
+ if (!repo_config_get_maybe_bool(r, "credential.interactive", &interactive) &&
!interactive) {
- trace2_data_intmax("credential", the_repository,
+ trace2_data_intmax("credential", r,
"interactive/skipped", 1);
return -1;
}
- if (!git_config_get_string("credential.interactive", &value)) {
+ if (!repo_config_get_string(r, "credential.interactive", &value)) {
int same = !strcmp(value, "never");
free(value);
if (same) {
- trace2_data_intmax("credential", the_repository,
+ trace2_data_intmax("credential", r,
"interactive/skipped", 1);
return -1;
}
}
- trace2_region_enter("credential", "interactive", the_repository);
+ trace2_region_enter("credential", "interactive", r);
if (!c->username)
c->username = credential_ask_one("Username", c,
PROMPT_ASKPASS|PROMPT_ECHO);
if (!c->password)
c->password = credential_ask_one("Password", c,
PROMPT_ASKPASS);
- trace2_region_leave("credential", "interactive", the_repository);
+ trace2_region_leave("credential", "interactive", r);
return 0;
}
return r;
}
-void credential_fill(struct credential *c, int all_capabilities)
+void credential_fill(struct repository *r,
+ struct credential *c, int all_capabilities)
{
int i;
credential_next_state(c);
c->multistage = 0;
- credential_apply_config(c);
+ credential_apply_config(r, c);
if (all_capabilities)
credential_set_all_capabilities(c, CREDENTIAL_OP_INITIAL);
c->helpers.items[i].string);
}
- if (credential_getpass(c) ||
+ if (credential_getpass(r, c) ||
(!c->username && !c->password && !c->credential))
die("unable to get password from user");
}
-void credential_approve(struct credential *c)
+void credential_approve(struct repository *r, struct credential *c)
{
int i;
credential_next_state(c);
- credential_apply_config(c);
+ credential_apply_config(r, c);
for (i = 0; i < c->helpers.nr; i++)
credential_do(c, c->helpers.items[i].string, "store");
c->approved = 1;
}
-void credential_reject(struct credential *c)
+void credential_reject(struct repository *r, struct credential *c)
{
int i;
credential_next_state(c);
- credential_apply_config(c);
+ credential_apply_config(r, c);
for (i = 0; i < c->helpers.nr; i++)
credential_do(c, c->helpers.items[i].string, "erase");
#include "string-list.h"
#include "strvec.h"
+struct repository;
+
/**
* The credentials API provides an abstracted way of gathering
* authentication credentials from the user.
* // Fill in the username and password fields by contacting
* // helpers and/or asking the user. The function will die if it
* // fails.
- * credential_fill(&c);
+ * credential_fill(repo, &c);
*
* // Otherwise, we have a username and password. Try to use it.
*
* If all_capabilities is set, this is an internal user that is prepared
* to deal with all known capabilities, and we should advertise that fact.
*/
-void credential_fill(struct credential *, int all_capabilities);
+void credential_fill(struct repository *, struct credential *,
+ int all_capabilities);
/**
* Inform the credential subsystem that the provided credentials
* that they may store the result to be used again. Any errors
* from helpers are ignored.
*/
-void credential_approve(struct credential *);
+void credential_approve(struct repository *, struct credential *);
/**
* Inform the credential subsystem that the provided credentials
* for another call to `credential_fill`). Any errors from helpers
* are ignored.
*/
-void credential_reject(struct credential *);
+void credential_reject(struct repository *, struct credential *);
/**
* Enable all of the supported credential flags in this credential.
}
}
- credential_fill(&http_auth, 1);
+ credential_fill(the_repository, &http_auth, 1);
if (http_auth.password) {
if (always_auth_proactively()) {
{
if (proxy_auth.username) {
if (!proxy_auth.password && !proxy_auth.credential)
- credential_fill(&proxy_auth, 1);
+ credential_fill(the_repository, &proxy_auth, 1);
set_proxyauth_name_password(result);
}
cert_auth.host = xstrdup("");
cert_auth.username = xstrdup("");
cert_auth.path = xstrdup(ssl_cert);
- credential_fill(&cert_auth, 0);
+ credential_fill(the_repository, &cert_auth, 0);
}
return 1;
}
proxy_cert_auth.host = xstrdup("");
proxy_cert_auth.username = xstrdup("");
proxy_cert_auth.path = xstrdup(http_proxy_ssl_cert);
- credential_fill(&proxy_cert_auth, 0);
+ credential_fill(the_repository, &proxy_cert_auth, 0);
}
return 1;
}
curl_errorstr, sizeof(curl_errorstr));
if (results->curl_result == CURLE_OK) {
- credential_approve(&http_auth);
- credential_approve(&proxy_auth);
- credential_approve(&cert_auth);
+ credential_approve(the_repository, &http_auth);
+ credential_approve(the_repository, &proxy_auth);
+ credential_approve(the_repository, &cert_auth);
return HTTP_OK;
} else if (results->curl_result == CURLE_SSL_CERTPROBLEM) {
/*
* with the certificate. So we reject the credential to
* avoid caching or saving a bad password.
*/
- credential_reject(&cert_auth);
+ credential_reject(the_repository, &cert_auth);
return HTTP_NOAUTH;
} else if (results->curl_result == CURLE_SSL_PINNEDPUBKEYNOTMATCH) {
return HTTP_NOMATCHPUBLICKEY;
credential_clear_secrets(&http_auth);
return HTTP_REAUTH;
}
- credential_reject(&http_auth);
+ credential_reject(the_repository, &http_auth);
if (always_auth_proactively())
http_proactive_auth = PROACTIVE_AUTH_NONE;
return HTTP_NOAUTH;
}
} else {
if (results->http_connectcode == 407)
- credential_reject(&proxy_auth);
+ credential_reject(the_repository, &proxy_auth);
if (!curl_errorstr[0])
strlcpy(curl_errorstr,
curl_easy_strerror(results->curl_result),
int ret;
if (always_auth_proactively())
- credential_fill(&http_auth, 1);
+ credential_fill(the_repository, &http_auth, 1);
ret = http_request(url, result, target, options);
BUG("Unknown http_request target");
}
- credential_fill(&http_auth, 1);
+ credential_fill(the_repository, &http_auth, 1);
ret = http_request(url, result, target, options);
}
cred->username = xstrdup_or_null(srvc->user);
cred->password = xstrdup_or_null(srvc->pass);
- credential_fill(cred, 1);
+ credential_fill(the_repository, cred, 1);
if (!srvc->user)
srvc->user = xstrdup(cred->username);
} /* !preauth */
if (cred.username)
- credential_approve(&cred);
+ credential_approve(the_repository, &cred);
credential_clear(&cred);
/* check the target mailbox exists */
bail:
if (cred.username)
- credential_reject(&cred);
+ credential_reject(the_repository, &cred);
credential_clear(&cred);
out:
if (cred.username) {
if (res == CURLE_OK)
- credential_approve(&cred);
+ credential_approve(the_repository, &cred);
else if (res == CURLE_LOGIN_DENIED)
- credential_reject(&cred);
+ credential_reject(the_repository, &cred);
}
credential_clear(&cred);
do {
err = probe_rpc(rpc, &results);
if (err == HTTP_REAUTH)
- credential_fill(&http_auth, 0);
+ credential_fill(the_repository, &http_auth, 0);
} while (err == HTTP_REAUTH);
if (err != HTTP_OK)
return -1;
rpc->any_written = 0;
err = run_slot(slot, NULL);
if (err == HTTP_REAUTH && !large_request) {
- credential_fill(&http_auth, 0);
+ credential_fill(the_repository, &http_auth, 0);
curl_slist_free_all(headers);
goto retry;
}
projects / thirdparty / git.git / commitdiff
