Merge branch 'cb/credential-store-ignore-bogus-lines'

With the recent tightening of the code that is used to parse
various parts of a URL for use in the credential subsystem, a
hand-edited credential-store file causes the credential helper to
die, which is a bit too harsh to the users.  Demote the error
behaviour to just ignore and keep using well-formed lines instead.

* cb/credential-store-ignore-bogus-lines:
  credential-store: ignore bogus lines from store file
  credential-store: document the file format a bit more

diff --git a/Documentation/git-credential-store.txt b/Documentation/git-credential-store.txt
index 693dd9d9d760fe2a113d4e15ab7816f34b2cd47d..76b0798856336fe739e8325ed1b5716abb099bfe 100644 (file)
--- a/Documentation/git-credential-store.txt
+++ b/Documentation/git-credential-store.txt
@@ -94,6 +94,10 @@ stored on its own line as a URL like:
 https://user:pass@example.com
 ------------------------------
 
+No other kinds of lines (e.g. empty lines or comment lines) are
+allowed in the file, even though some may be silently ignored. Do
+not view or edit the file with editors.
+
 When Git needs authentication for a particular URL context,
 credential-store will consider that context a pattern to match against
 each entry in the credentials file.  If the protocol, hostname, and

diff --git a/credential-store.c b/credential-store.c
index c010497cb21db3c2bc921caf1b34be3e60ff5570..294e77168156225efcb3b6840bc1dd7883c6dcac 100644 (file)
--- a/credential-store.c
+++ b/credential-store.c
@@ -24,8 +24,8 @@ static int parse_credential_file(const char *fn,
        }
 
        while (strbuf_getline_lf(&line, fh) != EOF) {
-               credential_from_url(&entry, line.buf);
-               if (entry.username && entry.password &&
+               if (!credential_from_url_gently(&entry, line.buf, 1) &&
+                   entry.username && entry.password &&
                    credential_match(c, &entry)) {
                        found_credential = 1;
                        if (match_cb) {

diff --git a/t/t0302-credential-store.sh b/t/t0302-credential-store.sh
index d6b54e8c65a3ec4408fe07ee76a6d8bed957207a..716bf1af9fd04e64b7d5c03570b5ba74a8529d46 100755 (executable)
--- a/t/t0302-credential-store.sh
+++ b/t/t0302-credential-store.sh
@@ -107,7 +107,6 @@ test_expect_success 'store: if both xdg and home files exist, only store in home
        test_must_be_empty "$HOME/.config/git/credentials"
 '
 
-
 test_expect_success 'erase: erase matching credentials from both xdg and home files' '
        echo "https://home-user:home-pass@example.com" >"$HOME/.git-credentials" &&
        mkdir -p "$HOME/.config/git" &&
@@ -120,4 +119,94 @@ test_expect_success 'erase: erase matching credentials from both xdg and home fi
        test_must_be_empty "$HOME/.config/git/credentials"
 '
 
+invalid_credential_test() {
+       test_expect_success "get: ignore credentials without $1 as invalid" '
+               echo "$2" >"$HOME/.git-credentials" &&
+               check fill store <<-\EOF
+               protocol=https
+               host=example.com
+               --
+               protocol=https
+               host=example.com
+               username=askpass-username
+               password=askpass-password
+               --
+               askpass: Username for '\''https://example.com'\'':
+               askpass: Password for '\''https://askpass-username@example.com'\'':
+               --
+               EOF
+       '
+}
+
+invalid_credential_test "scheme" ://user:pass@example.com
+invalid_credential_test "valid host/path" https://user:pass@
+invalid_credential_test "username/password" https://pass@example.com
+
+test_expect_success 'get: credentials with DOS line endings are invalid' '
+       printf "https://user:pass@example.com\r\n" >"$HOME/.git-credentials" &&
+       check fill store <<-\EOF
+       protocol=https
+       host=example.com
+       --
+       protocol=https
+       host=example.com
+       username=askpass-username
+       password=askpass-password
+       --
+       askpass: Username for '\''https://example.com'\'':
+       askpass: Password for '\''https://askpass-username@example.com'\'':
+       --
+       EOF
+'
+
+test_expect_success 'get: credentials with path and DOS line endings are valid' '
+       printf "https://user:pass@example.com/repo.git\r\n" >"$HOME/.git-credentials" &&
+       check fill store <<-\EOF
+       url=https://example.com/repo.git
+       --
+       protocol=https
+       host=example.com
+       username=user
+       password=pass
+       --
+       EOF
+'
+
+test_expect_success 'get: credentials with DOS line endings are invalid if path is relevant' '
+       printf "https://user:pass@example.com/repo.git\r\n" >"$HOME/.git-credentials" &&
+       test_config credential.useHttpPath true &&
+       check fill store <<-\EOF
+       url=https://example.com/repo.git
+       --
+       protocol=https
+       host=example.com
+       path=repo.git
+       username=askpass-username
+       password=askpass-password
+       --
+       askpass: Username for '\''https://example.com/repo.git'\'':
+       askpass: Password for '\''https://askpass-username@example.com/repo.git'\'':
+       --
+       EOF
+'
+
+test_expect_success 'get: store file can contain empty/bogus lines' '
+       echo "" >"$HOME/.git-credentials" &&
+       q_to_tab <<-\CREDENTIAL >>"$HOME/.git-credentials" &&
+       #comment
+       Q
+       https://user:pass@example.com
+       CREDENTIAL
+       check fill store <<-\EOF
+       protocol=https
+       host=example.com
+       --
+       protocol=https
+       host=example.com
+       username=user
+       password=pass
+       --
+       EOF
+'
+
 test_done