projects / thirdparty / git.git / blame
| Commit | Line | Data |
|---|---|---|
| 34961d30 JK |
1 | #include <stdio.h> |
| 2 | #include <string.h> | |
| 3 | #include <stdlib.h> | |
| 4 | #include <Security/Security.h> | |
| 5 | ||
| 6 | static SecProtocolType protocol; | |
| 7 | static char *host; | |
| 8 | static char *path; | |
| 9 | static char *username; | |
| 10 | static char *password; | |
| 11 | static UInt16 port; | |
| 12 | ||
| 48ca53ca | 13 | __attribute__((format (printf, 1, 2))) |
| 34961d30 JK |
14 | static void die(const char *err, ...) |
| 15 | { | |
| 16 | char msg[4096]; | |
| 17 | va_list params; | |
| 18 | va_start(params, err); | |
| 19 | vsnprintf(msg, sizeof(msg), err, params); | |
| 20 | fprintf(stderr, "%s\n", msg); | |
| 21 | va_end(params); | |
| 22 | exit(1); | |
| 23 | } | |
| 24 | ||
| 25 | static void *xstrdup(const char *s1) | |
| 26 | { | |
| 27 | void *ret = strdup(s1); | |
| 28 | if (!ret) | |
| 29 | die("Out of memory"); | |
| 30 | return ret; | |
| 31 | } | |
| 32 | ||
| 33 | #define KEYCHAIN_ITEM(x) (x ? strlen(x) : 0), x | |
| 34 | #define KEYCHAIN_ARGS \ | |
| 35 | NULL, /* default keychain */ \ | |
| 36 | KEYCHAIN_ITEM(host), \ | |
| 37 | 0, NULL, /* account domain */ \ | |
| 38 | KEYCHAIN_ITEM(username), \ | |
| 39 | KEYCHAIN_ITEM(path), \ | |
| 40 | port, \ | |
| 41 | protocol, \ | |
| 42 | kSecAuthenticationTypeDefault | |
| 43 | ||
| 44 | static void write_item(const char *what, const char *buf, int len) | |
| 45 | { | |
| 46 | printf("%s=", what); | |
| 47 | fwrite(buf, 1, len, stdout); | |
| 48 | putchar('\n'); | |
| 49 | } | |
| 50 | ||
| 51 | static void find_username_in_item(SecKeychainItemRef item) | |
| 52 | { | |
| 53 | SecKeychainAttributeList list; | |
| 54 | SecKeychainAttribute attr; | |
| 55 | ||
| 56 | list.count = 1; | |
| 57 | list.attr = &attr; | |
| 58 | attr.tag = kSecAccountItemAttr; | |
| 59 | ||
| 60 | if (SecKeychainItemCopyContent(item, NULL, &list, NULL, NULL)) | |
| 61 | return; | |
| 62 | ||
| 63 | write_item("username", attr.data, attr.length); | |
| 64 | SecKeychainItemFreeContent(&list, NULL); | |
| 65 | } | |
| 66 | ||
| 67 | static void find_internet_password(void) | |
| 68 | { | |
| 69 | void *buf; | |
| 70 | UInt32 len; | |
| 71 | SecKeychainItemRef item; | |
| 72 | ||
| 73 | if (SecKeychainFindInternetPassword(KEYCHAIN_ARGS, &len, &buf, &item)) | |
| 74 | return; | |
| 75 | ||
| 76 | write_item("password", buf, len); | |
| 77 | if (!username) | |
| 78 | find_username_in_item(item); | |
| 79 | ||
| 80 | SecKeychainItemFreeContent(NULL, buf); | |
| 81 | } | |
| 82 | ||
| 83 | static void delete_internet_password(void) | |
| 84 | { | |
| 85 | SecKeychainItemRef item; | |
| 86 | ||
| 87 | /* | |
| 88 | * Require at least a protocol and host for removal, which is what git | |
| 89 | * will give us; if you want to do something more fancy, use the | |
| 90 | * Keychain manager. | |
| 91 | */ | |
| 92 | if (!protocol || !host) | |
| 93 | return; | |
| 94 | ||
| 95 | if (SecKeychainFindInternetPassword(KEYCHAIN_ARGS, 0, NULL, &item)) | |
| 96 | return; | |
| 97 | ||
| 98 | SecKeychainItemDelete(item); | |
| 99 | } | |
| 100 | ||
| 101 | static void add_internet_password(void) | |
| 102 | { | |
| 103 | /* Only store complete credentials */ | |
| 104 | if (!protocol || !host || !username || !password) | |
| 105 | return; | |
| 106 | ||
| 107 | if (SecKeychainAddInternetPassword( | |
| 108 | KEYCHAIN_ARGS, | |
| 109 | KEYCHAIN_ITEM(password), | |
| 110 | NULL)) | |
| 111 | return; | |
| 112 | } | |
| 113 | ||
| 114 | static void read_credential(void) | |
| 115 | { | |
| 116 | char buf[1024]; | |
| 117 | ||
| 118 | while (fgets(buf, sizeof(buf), stdin)) { | |
| 119 | char *v; | |
| 120 | ||
| 121 | if (!strcmp(buf, "\n")) | |
| 122 | break; | |
| 123 | buf[strlen(buf)-1] = '\0'; | |
| 124 | ||
| 125 | v = strchr(buf, '='); | |
| 126 | if (!v) | |
| 127 | die("bad input: %s", buf); | |
| 128 | *v++ = '\0'; | |
| 129 | ||
| 130 | if (!strcmp(buf, "protocol")) { | |
| de56ccf7 XQ |
131 | if (!strcmp(v, "imap")) |
| 132 | protocol = kSecProtocolTypeIMAP; | |
| 133 | else if (!strcmp(v, "imaps")) | |
| 134 | protocol = kSecProtocolTypeIMAPS; | |
| 135 | else if (!strcmp(v, "ftp")) | |
| 136 | protocol = kSecProtocolTypeFTP; | |
| 137 | else if (!strcmp(v, "ftps")) | |
| 138 | protocol = kSecProtocolTypeFTPS; | |
| 139 | else if (!strcmp(v, "https")) | |
| 34961d30 JK |
140 | protocol = kSecProtocolTypeHTTPS; |
| 141 | else if (!strcmp(v, "http")) | |
| 142 | protocol = kSecProtocolTypeHTTP; | |
| de56ccf7 XQ |
143 | else if (!strcmp(v, "smtp")) |
| 144 | protocol = kSecProtocolTypeSMTP; | |
| 34961d30 JK |
145 | else /* we don't yet handle other protocols */ |
| 146 | exit(0); | |
| 147 | } | |
| 148 | else if (!strcmp(buf, "host")) { | |
| 149 | char *colon = strchr(v, ':'); | |
| 150 | if (colon) { | |
| 151 | *colon++ = '\0'; | |
| 152 | port = atoi(colon); | |
| 153 | } | |
| 154 | host = xstrdup(v); | |
| 155 | } | |
| 156 | else if (!strcmp(buf, "path")) | |
| 157 | path = xstrdup(v); | |
| 158 | else if (!strcmp(buf, "username")) | |
| 159 | username = xstrdup(v); | |
| 160 | else if (!strcmp(buf, "password")) | |
| 161 | password = xstrdup(v); | |
| 162 | } | |
| 163 | } | |
| 164 | ||
| 165 | int main(int argc, const char **argv) | |
| 166 | { | |
| 167 | const char *usage = | |
| c358ed75 | 168 | "usage: git credential-osxkeychain <get|store|erase>"; |
| 34961d30 JK |
169 | |
| 170 | if (!argv[1]) | |
| 171 | die(usage); | |
| 172 | ||
| 173 | read_credential(); | |
| 174 | ||
| 175 | if (!strcmp(argv[1], "get")) | |
| 176 | find_internet_password(); | |
| 177 | else if (!strcmp(argv[1], "store")) | |
| 178 | add_internet_password(); | |
| 179 | else if (!strcmp(argv[1], "erase")) | |
| 180 | delete_internet_password(); | |
| 181 | /* otherwise, ignore unknown action */ | |
| 182 | ||
| 183 | return 0; | |
| 184 | } |