git.ipfire.org Git - thirdparty/git.git/commit

author	Jeff King <peff@peff.net>
	Sun, 19 Apr 2020 03:48:05 +0000 (20:48 -0700)
committer	Jonathan Nieder <jrnieder@gmail.com>
	Sun, 19 Apr 2020 23:10:57 +0000 (16:10 -0700)
commit	24036686c4af84c9e84e486ef3debab6e6d8e6b5
tree	5a205d9cf0485377b22db673839bd1a3fc3865e3	tree \| snapshot
parent	73aafe9bc27585554181c58871a25e6d0f58a3dc	commit \| diff

credential: parse URL without host as empty host, not unset

We may feed a URL like "cert:///path/to/cert.pem" into the credential
machinery to get the key for a client-side certificate. That
credential has no hostname field, which is about to be disallowed (to
avoid confusion with protocols where a helper _would_ expect a
hostname).

This means as of the next patch, credential helpers won't work for
unlocking certs. Let's fix that by doing two things:

  - when we parse a url with an empty host, set the host field to the
    empty string (asking only to match stored entries with an empty
    host) rather than NULL (asking to match _any_ host).

  - when we build a cert:// credential by hand, similarly assign an
    empty string

It's the latter that is more likely to impact real users in practice,
since it's what's used for http connections. But we don't have good
infrastructure to test it.

The url-parsing version will help anybody using git-credential in a
script, and is easy to test.

Signed-off-by: Jeff King <peff@peff.net>
Reviewed-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>

credential.c		diff \| blob \| blame \| history
http.c		diff \| blob \| blame \| history
t/t0300-credentials.sh		diff \| blob \| blame \| history