3 #include "credential.h"
4 #include "string-list.h"
5 #include "run-command.h"
11 void credential_init(struct credential
*c
)
13 memset(c
, 0, sizeof(*c
));
14 c
->helpers
.strdup_strings
= 1;
17 void credential_clear(struct credential
*c
)
24 string_list_clear(&c
->helpers
, 0);
29 int credential_match(const struct credential
*want
,
30 const struct credential
*have
)
32 #define CHECK(x) (!want->x || (have->x && !strcmp(want->x, have->x)))
33 return CHECK(protocol
) &&
40 static int credential_config_callback(const char *var
, const char *value
,
43 struct credential
*c
= data
;
46 if (!skip_prefix(var
, "credential.", &key
))
50 return config_error_nonbool(var
);
52 if (!strcmp(key
, "helper")) {
54 string_list_append(&c
->helpers
, value
);
56 string_list_clear(&c
->helpers
, 0);
57 } else if (!strcmp(key
, "username")) {
58 if (!c
->username_from_proto
) {
60 c
->username
= xstrdup(value
);
63 else if (!strcmp(key
, "usehttppath"))
64 c
->use_http_path
= git_config_bool(var
, value
);
69 static int proto_is_http(const char *s
)
73 return !strcmp(s
, "https") || !strcmp(s
, "http");
76 static void credential_describe(struct credential
*c
, struct strbuf
*out
);
77 static void credential_format(struct credential
*c
, struct strbuf
*out
);
79 static int select_all(const struct urlmatch_item
*a
,
80 const struct urlmatch_item
*b
)
85 static void credential_apply_config(struct credential
*c
)
88 struct urlmatch_config config
= { STRING_LIST_INIT_DUP
};
89 struct strbuf url
= STRBUF_INIT
;
94 config
.section
= "credential";
96 config
.collect_fn
= credential_config_callback
;
97 config
.cascade_fn
= NULL
;
98 config
.select_fn
= select_all
;
101 credential_format(c
, &url
);
102 normalized_url
= url_normalize(url
.buf
, &config
.url
);
104 git_config(urlmatch_config_entry
, &config
);
105 free(normalized_url
);
106 strbuf_release(&url
);
110 if (!c
->use_http_path
&& proto_is_http(c
->protocol
)) {
111 FREE_AND_NULL(c
->path
);
115 static void credential_describe(struct credential
*c
, struct strbuf
*out
)
119 strbuf_addf(out
, "%s://", c
->protocol
);
120 if (c
->username
&& *c
->username
)
121 strbuf_addf(out
, "%s@", c
->username
);
123 strbuf_addstr(out
, c
->host
);
125 strbuf_addf(out
, "/%s", c
->path
);
128 static void credential_format(struct credential
*c
, struct strbuf
*out
)
132 strbuf_addf(out
, "%s://", c
->protocol
);
133 if (c
->username
&& *c
->username
) {
134 strbuf_add_percentencode(out
, c
->username
);
135 strbuf_addch(out
, '@');
138 strbuf_addstr(out
, c
->host
);
140 strbuf_addch(out
, '/');
141 strbuf_add_percentencode(out
, c
->path
);
145 static char *credential_ask_one(const char *what
, struct credential
*c
,
148 struct strbuf desc
= STRBUF_INIT
;
149 struct strbuf prompt
= STRBUF_INIT
;
152 credential_describe(c
, &desc
);
154 strbuf_addf(&prompt
, "%s for '%s': ", what
, desc
.buf
);
156 strbuf_addf(&prompt
, "%s: ", what
);
158 r
= git_prompt(prompt
.buf
, flags
);
160 strbuf_release(&desc
);
161 strbuf_release(&prompt
);
165 static void credential_getpass(struct credential
*c
)
168 c
->username
= credential_ask_one("Username", c
,
169 PROMPT_ASKPASS
|PROMPT_ECHO
);
171 c
->password
= credential_ask_one("Password", c
,
175 int credential_read(struct credential
*c
, FILE *fp
)
177 struct strbuf line
= STRBUF_INIT
;
179 while (strbuf_getline_lf(&line
, fp
) != EOF
) {
180 char *key
= line
.buf
;
181 char *value
= strchr(key
, '=');
187 warning("invalid credential line: %s", key
);
188 strbuf_release(&line
);
193 if (!strcmp(key
, "username")) {
195 c
->username
= xstrdup(value
);
196 c
->username_from_proto
= 1;
197 } else if (!strcmp(key
, "password")) {
199 c
->password
= xstrdup(value
);
200 } else if (!strcmp(key
, "protocol")) {
202 c
->protocol
= xstrdup(value
);
203 } else if (!strcmp(key
, "host")) {
205 c
->host
= xstrdup(value
);
206 } else if (!strcmp(key
, "path")) {
208 c
->path
= xstrdup(value
);
209 } else if (!strcmp(key
, "url")) {
210 credential_from_url(c
, value
);
211 } else if (!strcmp(key
, "quit")) {
212 c
->quit
= !!git_config_bool("quit", value
);
215 * Ignore other lines; we don't know what they mean, but
216 * this future-proofs us when later versions of git do
217 * learn new lines, and the helpers are updated to match.
221 strbuf_release(&line
);
225 static void credential_write_item(FILE *fp
, const char *key
, const char *value
)
229 fprintf(fp
, "%s=%s\n", key
, value
);
232 void credential_write(const struct credential
*c
, FILE *fp
)
234 credential_write_item(fp
, "protocol", c
->protocol
);
235 credential_write_item(fp
, "host", c
->host
);
236 credential_write_item(fp
, "path", c
->path
);
237 credential_write_item(fp
, "username", c
->username
);
238 credential_write_item(fp
, "password", c
->password
);
241 static int run_credential_helper(struct credential
*c
,
245 struct child_process helper
= CHILD_PROCESS_INIT
;
246 const char *argv
[] = { NULL
, NULL
};
251 helper
.use_shell
= 1;
256 helper
.no_stdout
= 1;
258 if (start_command(&helper
) < 0)
261 fp
= xfdopen(helper
.in
, "w");
262 sigchain_push(SIGPIPE
, SIG_IGN
);
263 credential_write(c
, fp
);
265 sigchain_pop(SIGPIPE
);
269 fp
= xfdopen(helper
.out
, "r");
270 r
= credential_read(c
, fp
);
273 finish_command(&helper
);
278 if (finish_command(&helper
))
283 static int credential_do(struct credential
*c
, const char *helper
,
284 const char *operation
)
286 struct strbuf cmd
= STRBUF_INIT
;
289 if (helper
[0] == '!')
290 strbuf_addstr(&cmd
, helper
+ 1);
291 else if (is_absolute_path(helper
))
292 strbuf_addstr(&cmd
, helper
);
294 strbuf_addf(&cmd
, "git credential-%s", helper
);
296 strbuf_addf(&cmd
, " %s", operation
);
297 r
= run_credential_helper(c
, cmd
.buf
, !strcmp(operation
, "get"));
299 strbuf_release(&cmd
);
303 void credential_fill(struct credential
*c
)
307 if (c
->username
&& c
->password
)
310 credential_apply_config(c
);
312 for (i
= 0; i
< c
->helpers
.nr
; i
++) {
313 credential_do(c
, c
->helpers
.items
[i
].string
, "get");
314 if (c
->username
&& c
->password
)
317 die("credential helper '%s' told us to quit",
318 c
->helpers
.items
[i
].string
);
321 credential_getpass(c
);
322 if (!c
->username
&& !c
->password
)
323 die("unable to get password from user");
326 void credential_approve(struct credential
*c
)
332 if (!c
->username
|| !c
->password
)
335 credential_apply_config(c
);
337 for (i
= 0; i
< c
->helpers
.nr
; i
++)
338 credential_do(c
, c
->helpers
.items
[i
].string
, "store");
342 void credential_reject(struct credential
*c
)
346 credential_apply_config(c
);
348 for (i
= 0; i
< c
->helpers
.nr
; i
++)
349 credential_do(c
, c
->helpers
.items
[i
].string
, "erase");
351 FREE_AND_NULL(c
->username
);
352 FREE_AND_NULL(c
->password
);
356 void credential_from_url(struct credential
*c
, const char *url
)
358 const char *at
, *colon
, *cp
, *slash
, *host
, *proto_end
;
364 * (1) proto://<host>/...
365 * (2) proto://<user>@<host>/...
366 * (3) proto://<user>:<pass>@<host>/...
368 proto_end
= strstr(url
, "://");
372 at
= strchr(cp
, '@');
373 colon
= strchr(cp
, ':');
374 slash
= strchrnul(cp
, '/');
376 if (!at
|| slash
<= at
) {
380 else if (!colon
|| at
<= colon
) {
382 c
->username
= url_decode_mem(cp
, at
- cp
);
383 if (c
->username
&& *c
->username
)
384 c
->username_from_proto
= 1;
388 c
->username
= url_decode_mem(cp
, colon
- cp
);
389 if (c
->username
&& *c
->username
)
390 c
->username_from_proto
= 1;
391 c
->password
= url_decode_mem(colon
+ 1, at
- (colon
+ 1));
395 if (proto_end
- url
> 0)
396 c
->protocol
= xmemdupz(url
, proto_end
- url
);
397 if (slash
- host
> 0)
398 c
->host
= url_decode_mem(host
, slash
- host
);
399 /* Trim leading and trailing slashes from path */
400 while (*slash
== '/')
404 c
->path
= url_decode(slash
);
405 p
= c
->path
+ strlen(c
->path
) - 1;
406 while (p
> c
->path
&& *p
== '/')