From: Jonathan Nieder Date: Sun, 19 Apr 2020 23:32:24 +0000 (-0700) Subject: Git 2.26.2 X-Git-Tag: v2.26.2^0 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=af6b65d45ef179ed52087e80cb089f6b2349f4ec;p=thirdparty%2Fgit.git Git 2.26.2 This merges up the security fix from v2.17.5. Signed-off-by: Jonathan Nieder --- af6b65d45ef179ed52087e80cb089f6b2349f4ec diff --cc Documentation/RelNotes/2.26.2.txt index 0000000000,0000000000..d434d0c695 new file mode 100644 --- /dev/null +++ b/Documentation/RelNotes/2.26.2.txt @@@ -1,0 -1,0 +1,5 @@@ ++Git v2.26.2 Release Notes ++========================= ++ ++This release merges the security fix that appears in v2.17.5; see ++the release notes for that version for details. diff --cc GIT-VERSION-GEN index a65cf74d93,77217e0897..dafe6d036a --- a/GIT-VERSION-GEN +++ b/GIT-VERSION-GEN @@@ -1,7 -1,7 +1,7 @@@ #!/bin/sh GVF=GIT-VERSION-FILE - DEF_VER=v2.26.1 -DEF_VER=v2.25.4 ++DEF_VER=v2.26.2 LF=' ' diff --cc RelNotes index 9ccd8cad43,f579f9f817..3427be6818 --- a/RelNotes +++ b/RelNotes @@@ -1,1 -1,1 +1,1 @@@ - Documentation/RelNotes/2.26.1.txt -Documentation/RelNotes/2.25.4.txt ++Documentation/RelNotes/2.26.2.txt diff --cc credential.c index 21b3ba152f,cf11cc98f4..108d9e183a --- a/credential.c +++ b/credential.c @@@ -73,38 -87,16 +73,43 @@@ static int proto_is_http(const char *s return !strcmp(s, "https") || !strcmp(s, "http"); } +static void credential_describe(struct credential *c, struct strbuf *out); +static void credential_format(struct credential *c, struct strbuf *out); + +static int select_all(const struct urlmatch_item *a, + const struct urlmatch_item *b) +{ + return 0; +} + static void credential_apply_config(struct credential *c) { + char *normalized_url; + struct urlmatch_config config = { STRING_LIST_INIT_DUP }; + struct strbuf url = STRBUF_INIT; + + if (!c->host) + die(_("refusing to work with credential missing host field")); + if (!c->protocol) + die(_("refusing to work with credential missing protocol field")); + if (c->configured) return; - git_config(credential_config_callback, c); + + config.section = "credential"; + config.key = NULL; + config.collect_fn = credential_config_callback; + config.cascade_fn = NULL; + config.select_fn = select_all; + config.cb = c; + + credential_format(c, &url); + normalized_url = url_normalize(url.buf, &config.url); + + git_config(urlmatch_config_entry, &config); + free(normalized_url); + strbuf_release(&url); + c->configured = 1; if (!c->use_http_path && proto_is_http(c->protocol)) { diff --cc t/t0300-credentials.sh index 5b78ebbc3f,6d44e7e5cc..5555a1524f --- a/t/t0300-credentials.sh +++ b/t/t0300-credentials.sh @@@ -397,32 -364,22 +472,42 @@@ test_expect_success 'http paths can be EOF ' +test_expect_success 'context uses urlmatch' ' + test_config "credential.https://*.org.useHttpPath" true && + check fill "verbatim foo bar" <<-\EOF + protocol=https + host=example.org + path=foo.git + -- + protocol=https + host=example.org + path=foo.git + username=foo + password=bar + -- + verbatim: get + verbatim: protocol=https + verbatim: host=example.org + verbatim: path=foo.git + EOF +' + test_expect_success 'helpers can abort the process' ' test_must_fail git \ - -c credential.helper="!f() { echo quit=1; }; f" \ + -c credential.helper=quit \ -c credential.helper="verbatim foo bar" \ - credential fill >stdout && - test_must_be_empty stdout + credential fill >stdout 2>stderr <<-\EOF && + protocol=http + host=example.com + EOF + test_must_be_empty stdout && + cat >expect <<-\EOF && + quit: get + quit: protocol=http + quit: host=example.com + fatal: credential helper '\''quit'\'' told us to quit + EOF + test_i18ncmp expect stderr ' test_expect_success 'empty helper spec resets helper list' '