3 #include "credential.h"
4 #include "string-list.h"
5 #include "run-command.h"
11 void credential_init(struct credential
*c
)
13 struct credential blank
= CREDENTIAL_INIT
;
14 memcpy(c
, &blank
, sizeof(*c
));
17 void credential_clear(struct credential
*c
)
24 string_list_clear(&c
->helpers
, 0);
25 strvec_clear(&c
->wwwauth_headers
);
30 int credential_match(const struct credential
*want
,
31 const struct credential
*have
)
33 #define CHECK(x) (!want->x || (have->x && !strcmp(want->x, have->x)))
34 return CHECK(protocol
) &&
42 static int credential_from_potentially_partial_url(struct credential
*c
,
45 static int credential_config_callback(const char *var
, const char *value
,
48 struct credential
*c
= data
;
51 if (!skip_prefix(var
, "credential.", &key
))
55 return config_error_nonbool(var
);
57 if (!strcmp(key
, "helper")) {
59 string_list_append(&c
->helpers
, value
);
61 string_list_clear(&c
->helpers
, 0);
62 } else if (!strcmp(key
, "username")) {
63 if (!c
->username_from_proto
) {
65 c
->username
= xstrdup(value
);
68 else if (!strcmp(key
, "usehttppath"))
69 c
->use_http_path
= git_config_bool(var
, value
);
74 static int proto_is_http(const char *s
)
78 return !strcmp(s
, "https") || !strcmp(s
, "http");
81 static void credential_describe(struct credential
*c
, struct strbuf
*out
);
82 static void credential_format(struct credential
*c
, struct strbuf
*out
);
84 static int select_all(const struct urlmatch_item
*a
,
85 const struct urlmatch_item
*b
)
90 static int match_partial_url(const char *url
, void *cb
)
92 struct credential
*c
= cb
;
93 struct credential want
= CREDENTIAL_INIT
;
96 if (credential_from_potentially_partial_url(&want
, url
) < 0)
97 warning(_("skipping credential lookup for key: credential.%s"),
100 matches
= credential_match(&want
, c
);
101 credential_clear(&want
);
106 static void credential_apply_config(struct credential
*c
)
108 char *normalized_url
;
109 struct urlmatch_config config
= URLMATCH_CONFIG_INIT
;
110 struct strbuf url
= STRBUF_INIT
;
113 die(_("refusing to work with credential missing host field"));
115 die(_("refusing to work with credential missing protocol field"));
120 config
.section
= "credential";
122 config
.collect_fn
= credential_config_callback
;
123 config
.cascade_fn
= NULL
;
124 config
.select_fn
= select_all
;
125 config
.fallback_match_fn
= match_partial_url
;
128 credential_format(c
, &url
);
129 normalized_url
= url_normalize(url
.buf
, &config
.url
);
131 git_config(urlmatch_config_entry
, &config
);
132 string_list_clear(&config
.vars
, 1);
133 free(normalized_url
);
134 urlmatch_config_release(&config
);
135 strbuf_release(&url
);
139 if (!c
->use_http_path
&& proto_is_http(c
->protocol
)) {
140 FREE_AND_NULL(c
->path
);
144 static void credential_describe(struct credential
*c
, struct strbuf
*out
)
148 strbuf_addf(out
, "%s://", c
->protocol
);
149 if (c
->username
&& *c
->username
)
150 strbuf_addf(out
, "%s@", c
->username
);
152 strbuf_addstr(out
, c
->host
);
154 strbuf_addf(out
, "/%s", c
->path
);
157 static void credential_format(struct credential
*c
, struct strbuf
*out
)
161 strbuf_addf(out
, "%s://", c
->protocol
);
162 if (c
->username
&& *c
->username
) {
163 strbuf_add_percentencode(out
, c
->username
, STRBUF_ENCODE_SLASH
);
164 strbuf_addch(out
, '@');
167 strbuf_addstr(out
, c
->host
);
169 strbuf_addch(out
, '/');
170 strbuf_add_percentencode(out
, c
->path
, 0);
174 static char *credential_ask_one(const char *what
, struct credential
*c
,
177 struct strbuf desc
= STRBUF_INIT
;
178 struct strbuf prompt
= STRBUF_INIT
;
181 credential_describe(c
, &desc
);
183 strbuf_addf(&prompt
, "%s for '%s': ", what
, desc
.buf
);
185 strbuf_addf(&prompt
, "%s: ", what
);
187 r
= git_prompt(prompt
.buf
, flags
);
189 strbuf_release(&desc
);
190 strbuf_release(&prompt
);
194 static void credential_getpass(struct credential
*c
)
197 c
->username
= credential_ask_one("Username", c
,
198 PROMPT_ASKPASS
|PROMPT_ECHO
);
200 c
->password
= credential_ask_one("Password", c
,
204 int credential_read(struct credential
*c
, FILE *fp
)
206 struct strbuf line
= STRBUF_INIT
;
208 while (strbuf_getline(&line
, fp
) != EOF
) {
209 char *key
= line
.buf
;
210 char *value
= strchr(key
, '=');
216 warning("invalid credential line: %s", key
);
217 strbuf_release(&line
);
222 if (!strcmp(key
, "username")) {
224 c
->username
= xstrdup(value
);
225 c
->username_from_proto
= 1;
226 } else if (!strcmp(key
, "password")) {
228 c
->password
= xstrdup(value
);
229 } else if (!strcmp(key
, "protocol")) {
231 c
->protocol
= xstrdup(value
);
232 } else if (!strcmp(key
, "host")) {
234 c
->host
= xstrdup(value
);
235 } else if (!strcmp(key
, "path")) {
237 c
->path
= xstrdup(value
);
238 } else if (!strcmp(key
, "url")) {
239 credential_from_url(c
, value
);
240 } else if (!strcmp(key
, "quit")) {
241 c
->quit
= !!git_config_bool("quit", value
);
244 * Ignore other lines; we don't know what they mean, but
245 * this future-proofs us when later versions of git do
246 * learn new lines, and the helpers are updated to match.
250 strbuf_release(&line
);
254 static void credential_write_item(FILE *fp
, const char *key
, const char *value
,
257 if (!value
&& required
)
258 BUG("credential value for %s is missing", key
);
261 if (strchr(value
, '\n'))
262 die("credential value for %s contains newline", key
);
263 fprintf(fp
, "%s=%s\n", key
, value
);
266 void credential_write(const struct credential
*c
, FILE *fp
)
268 credential_write_item(fp
, "protocol", c
->protocol
, 1);
269 credential_write_item(fp
, "host", c
->host
, 1);
270 credential_write_item(fp
, "path", c
->path
, 0);
271 credential_write_item(fp
, "username", c
->username
, 0);
272 credential_write_item(fp
, "password", c
->password
, 0);
273 for (size_t i
= 0; i
< c
->wwwauth_headers
.nr
; i
++)
274 credential_write_item(fp
, "wwwauth[]", c
->wwwauth_headers
.v
[i
],
278 static int run_credential_helper(struct credential
*c
,
282 struct child_process helper
= CHILD_PROCESS_INIT
;
285 strvec_push(&helper
.args
, cmd
);
286 helper
.use_shell
= 1;
291 helper
.no_stdout
= 1;
293 if (start_command(&helper
) < 0)
296 fp
= xfdopen(helper
.in
, "w");
297 sigchain_push(SIGPIPE
, SIG_IGN
);
298 credential_write(c
, fp
);
300 sigchain_pop(SIGPIPE
);
304 fp
= xfdopen(helper
.out
, "r");
305 r
= credential_read(c
, fp
);
308 finish_command(&helper
);
313 if (finish_command(&helper
))
318 static int credential_do(struct credential
*c
, const char *helper
,
319 const char *operation
)
321 struct strbuf cmd
= STRBUF_INIT
;
324 if (helper
[0] == '!')
325 strbuf_addstr(&cmd
, helper
+ 1);
326 else if (is_absolute_path(helper
))
327 strbuf_addstr(&cmd
, helper
);
329 strbuf_addf(&cmd
, "git credential-%s", helper
);
331 strbuf_addf(&cmd
, " %s", operation
);
332 r
= run_credential_helper(c
, cmd
.buf
, !strcmp(operation
, "get"));
334 strbuf_release(&cmd
);
338 void credential_fill(struct credential
*c
)
342 if (c
->username
&& c
->password
)
345 credential_apply_config(c
);
347 for (i
= 0; i
< c
->helpers
.nr
; i
++) {
348 credential_do(c
, c
->helpers
.items
[i
].string
, "get");
349 if (c
->username
&& c
->password
)
352 die("credential helper '%s' told us to quit",
353 c
->helpers
.items
[i
].string
);
356 credential_getpass(c
);
357 if (!c
->username
&& !c
->password
)
358 die("unable to get password from user");
361 void credential_approve(struct credential
*c
)
367 if (!c
->username
|| !c
->password
)
370 credential_apply_config(c
);
372 for (i
= 0; i
< c
->helpers
.nr
; i
++)
373 credential_do(c
, c
->helpers
.items
[i
].string
, "store");
377 void credential_reject(struct credential
*c
)
381 credential_apply_config(c
);
383 for (i
= 0; i
< c
->helpers
.nr
; i
++)
384 credential_do(c
, c
->helpers
.items
[i
].string
, "erase");
386 FREE_AND_NULL(c
->username
);
387 FREE_AND_NULL(c
->password
);
391 static int check_url_component(const char *url
, int quiet
,
392 const char *name
, const char *value
)
396 if (!strchr(value
, '\n'))
400 warning(_("url contains a newline in its %s component: %s"),
406 * Potentially-partial URLs can, but do not have to, contain
408 * - a protocol (or scheme) of the form "<protocol>://"
410 * - a host name (the part after the protocol and before the first slash after
413 * - a user name and potentially a password (as "<user>[:<password>]@" part of
416 * - a path (the part after the host name, if any, starting with the slash)
418 * Missing parts will be left unset in `struct credential`. Thus, `https://`
419 * will have only the `protocol` set, `example.com` only the host name, and
420 * `/git` only the path.
422 * Note that an empty host name in an otherwise fully-qualified URL (e.g.
423 * `cert:///path/to/cert.pem`) will be treated as unset if we expect the URL to
424 * be potentially partial, and only then (otherwise, the empty string is used).
426 * The credential_from_url() function does not allow partial URLs.
428 static int credential_from_url_1(struct credential
*c
, const char *url
,
429 int allow_partial_url
, int quiet
)
431 const char *at
, *colon
, *cp
, *slash
, *host
, *proto_end
;
437 * (1) proto://<host>/...
438 * (2) proto://<user>@<host>/...
439 * (3) proto://<user>:<pass>@<host>/...
441 proto_end
= strstr(url
, "://");
442 if (!allow_partial_url
&& (!proto_end
|| proto_end
== url
)) {
444 warning(_("url has no scheme: %s"), url
);
447 cp
= proto_end
? proto_end
+ 3 : url
;
448 at
= strchr(cp
, '@');
449 colon
= strchr(cp
, ':');
452 * A query or fragment marker before the slash ends the host portion.
453 * We'll just continue to call this "slash" for simplicity. Notably our
454 * "trim leading slashes" part won't skip over this part of the path,
455 * but that's what we'd want.
457 slash
= cp
+ strcspn(cp
, "/?#");
459 if (!at
|| slash
<= at
) {
463 else if (!colon
|| at
<= colon
) {
465 c
->username
= url_decode_mem(cp
, at
- cp
);
466 if (c
->username
&& *c
->username
)
467 c
->username_from_proto
= 1;
471 c
->username
= url_decode_mem(cp
, colon
- cp
);
472 if (c
->username
&& *c
->username
)
473 c
->username_from_proto
= 1;
474 c
->password
= url_decode_mem(colon
+ 1, at
- (colon
+ 1));
478 if (proto_end
&& proto_end
- url
> 0)
479 c
->protocol
= xmemdupz(url
, proto_end
- url
);
480 if (!allow_partial_url
|| slash
- host
> 0)
481 c
->host
= url_decode_mem(host
, slash
- host
);
482 /* Trim leading and trailing slashes from path */
483 while (*slash
== '/')
487 c
->path
= url_decode(slash
);
488 p
= c
->path
+ strlen(c
->path
) - 1;
489 while (p
> c
->path
&& *p
== '/')
493 if (check_url_component(url
, quiet
, "username", c
->username
) < 0 ||
494 check_url_component(url
, quiet
, "password", c
->password
) < 0 ||
495 check_url_component(url
, quiet
, "protocol", c
->protocol
) < 0 ||
496 check_url_component(url
, quiet
, "host", c
->host
) < 0 ||
497 check_url_component(url
, quiet
, "path", c
->path
) < 0)
503 static int credential_from_potentially_partial_url(struct credential
*c
,
506 return credential_from_url_1(c
, url
, 1, 0);
509 int credential_from_url_gently(struct credential
*c
, const char *url
, int quiet
)
511 return credential_from_url_1(c
, url
, 0, quiet
);
514 void credential_from_url(struct credential
*c
, const char *url
)
516 if (credential_from_url_gently(c
, url
, 0) < 0)
517 die(_("credential url cannot be parsed: %s"), url
);