git.oblomov.eu Git - git/blob - credential.c

   1 #include "cache.h"
   2 #include "config.h"
   3 #include "credential.h"
   4 #include "string-list.h"
   5 #include "run-command.h"
   6 #include "url.h"
   7 #include "prompt.h"
   8 #include "sigchain.h"
   9 #include "urlmatch.h"
  10
  11 void credential_init(struct credential *c)
  12 {
  13         memset(c, 0, sizeof(*c));
  14         c->helpers.strdup_strings = 1;
  15 }
  16
  17 void credential_clear(struct credential *c)
  18 {
  19         free(c->protocol);
  20         free(c->host);
  21         free(c->path);
  22         free(c->username);
  23         free(c->password);
  24         string_list_clear(&c->helpers, 0);
  25
  26         credential_init(c);
  27 }
  28
  29 int credential_match(const struct credential *want,
  30                      const struct credential *have)
  31 {
  32 #define CHECK(x) (!want->x || (have->x && !strcmp(want->x, have->x)))
  33         return CHECK(protocol) &&
  34                CHECK(host) &&
  35                CHECK(path) &&
  36                CHECK(username);
  37 #undef CHECK
  38 }
  39
  40 static int credential_config_callback(const char *var, const char *value,
  41                                       void *data)
  42 {
  43         struct credential *c = data;
  44         const char *key;
  45
  46         if (!skip_prefix(var, "credential.", &key))
  47                 return 0;
  48
  49         if (!value)
  50                 return config_error_nonbool(var);
  51
  52         if (!strcmp(key, "helper")) {
  53                 if (*value)
  54                         string_list_append(&c->helpers, value);
  55                 else
  56                         string_list_clear(&c->helpers, 0);
  57         } else if (!strcmp(key, "username")) {
  58                 if (!c->username_from_proto) {
  59                         free(c->username);
  60                         c->username = xstrdup(value);
  61                 }
  62         }
  63         else if (!strcmp(key, "usehttppath"))
  64                 c->use_http_path = git_config_bool(var, value);
  65
  66         return 0;
  67 }
  68
  69 static int proto_is_http(const char *s)
  70 {
  71         if (!s)
  72                 return 0;
  73         return !strcmp(s, "https") || !strcmp(s, "http");
  74 }
  75
  76 static void credential_describe(struct credential *c, struct strbuf *out);
  77 static void credential_format(struct credential *c, struct strbuf *out);
  78
  79 static int select_all(const struct urlmatch_item *a,
  80                       const struct urlmatch_item *b)
  81 {
  82         return 0;
  83 }
  84
  85 static void credential_apply_config(struct credential *c)
  86 {
  87         char *normalized_url;
  88         struct urlmatch_config config = { STRING_LIST_INIT_DUP };
  89         struct strbuf url = STRBUF_INIT;
  90
  91         if (!c->host)
  92                 die(_("refusing to work with credential missing host field"));
  93         if (!c->protocol)
  94                 die(_("refusing to work with credential missing protocol field"));
  95
  96         if (c->configured)
  97                 return;
  98
  99         config.section = "credential";
 100         config.key = NULL;
 101         config.collect_fn = credential_config_callback;
 102         config.cascade_fn = NULL;
 103         config.select_fn = select_all;
 104         config.cb = c;
 105
 106         credential_format(c, &url);
 107         normalized_url = url_normalize(url.buf, &config.url);
 108
 109         git_config(urlmatch_config_entry, &config);
 110         free(normalized_url);
 111         strbuf_release(&url);
 112
 113         c->configured = 1;
 114
 115         if (!c->use_http_path && proto_is_http(c->protocol)) {
 116                 FREE_AND_NULL(c->path);
 117         }
 118 }
 119
 120 static void credential_describe(struct credential *c, struct strbuf *out)
 121 {
 122         if (!c->protocol)
 123                 return;
 124         strbuf_addf(out, "%s://", c->protocol);
 125         if (c->username && *c->username)
 126                 strbuf_addf(out, "%s@", c->username);
 127         if (c->host)
 128                 strbuf_addstr(out, c->host);
 129         if (c->path)
 130                 strbuf_addf(out, "/%s", c->path);
 131 }
 132
 133 static void credential_format(struct credential *c, struct strbuf *out)
 134 {
 135         if (!c->protocol)
 136                 return;
 137         strbuf_addf(out, "%s://", c->protocol);
 138         if (c->username && *c->username) {
 139                 strbuf_add_percentencode(out, c->username);
 140                 strbuf_addch(out, '@');
 141         }
 142         if (c->host)
 143                 strbuf_addstr(out, c->host);
 144         if (c->path) {
 145                 strbuf_addch(out, '/');
 146                 strbuf_add_percentencode(out, c->path);
 147         }
 148 }
 149
 150 static char *credential_ask_one(const char *what, struct credential *c,
 151                                 int flags)
 152 {
 153         struct strbuf desc = STRBUF_INIT;
 154         struct strbuf prompt = STRBUF_INIT;
 155         char *r;
 156
 157         credential_describe(c, &desc);
 158         if (desc.len)
 159                 strbuf_addf(&prompt, "%s for '%s': ", what, desc.buf);
 160         else
 161                 strbuf_addf(&prompt, "%s: ", what);
 162
 163         r = git_prompt(prompt.buf, flags);
 164
 165         strbuf_release(&desc);
 166         strbuf_release(&prompt);
 167         return xstrdup(r);
 168 }
 169
 170 static void credential_getpass(struct credential *c)
 171 {
 172         if (!c->username)
 173                 c->username = credential_ask_one("Username", c,
 174                                                  PROMPT_ASKPASS|PROMPT_ECHO);
 175         if (!c->password)
 176                 c->password = credential_ask_one("Password", c,
 177                                                  PROMPT_ASKPASS);
 178 }
 179
 180 int credential_read(struct credential *c, FILE *fp)
 181 {
 182         struct strbuf line = STRBUF_INIT;
 183
 184         while (strbuf_getline_lf(&line, fp) != EOF) {
 185                 char *key = line.buf;
 186                 char *value = strchr(key, '=');
 187
 188                 if (!line.len)
 189                         break;
 190
 191                 if (!value) {
 192                         warning("invalid credential line: %s", key);
 193                         strbuf_release(&line);
 194                         return -1;
 195                 }
 196                 *value++ = '\0';
 197
 198                 if (!strcmp(key, "username")) {
 199                         free(c->username);
 200                         c->username = xstrdup(value);
 201                         c->username_from_proto = 1;
 202                 } else if (!strcmp(key, "password")) {
 203                         free(c->password);
 204                         c->password = xstrdup(value);
 205                 } else if (!strcmp(key, "protocol")) {
 206                         free(c->protocol);
 207                         c->protocol = xstrdup(value);
 208                 } else if (!strcmp(key, "host")) {
 209                         free(c->host);
 210                         c->host = xstrdup(value);
 211                 } else if (!strcmp(key, "path")) {
 212                         free(c->path);
 213                         c->path = xstrdup(value);
 214                 } else if (!strcmp(key, "url")) {
 215                         credential_from_url(c, value);
 216                 } else if (!strcmp(key, "quit")) {
 217                         c->quit = !!git_config_bool("quit", value);
 218                 }
 219                 /*
 220                  * Ignore other lines; we don't know what they mean, but
 221                  * this future-proofs us when later versions of git do
 222                  * learn new lines, and the helpers are updated to match.
 223                  */
 224         }
 225
 226         strbuf_release(&line);
 227         return 0;
 228 }
 229
 230 static void credential_write_item(FILE *fp, const char *key, const char *value,
 231                                   int required)
 232 {
 233         if (!value && required)
 234                 BUG("credential value for %s is missing", key);
 235         if (!value)
 236                 return;
 237         if (strchr(value, '\n'))
 238                 die("credential value for %s contains newline", key);
 239         fprintf(fp, "%s=%s\n", key, value);
 240 }
 241
 242 void credential_write(const struct credential *c, FILE *fp)
 243 {
 244         credential_write_item(fp, "protocol", c->protocol, 1);
 245         credential_write_item(fp, "host", c->host, 1);
 246         credential_write_item(fp, "path", c->path, 0);
 247         credential_write_item(fp, "username", c->username, 0);
 248         credential_write_item(fp, "password", c->password, 0);
 249 }
 250
 251 static int run_credential_helper(struct credential *c,
 252                                  const char *cmd,
 253                                  int want_output)
 254 {
 255         struct child_process helper = CHILD_PROCESS_INIT;
 256         const char *argv[] = { NULL, NULL };
 257         FILE *fp;
 258
 259         argv[0] = cmd;
 260         helper.argv = argv;
 261         helper.use_shell = 1;
 262         helper.in = -1;
 263         if (want_output)
 264                 helper.out = -1;
 265         else
 266                 helper.no_stdout = 1;
 267
 268         if (start_command(&helper) < 0)
 269                 return -1;
 270
 271         fp = xfdopen(helper.in, "w");
 272         sigchain_push(SIGPIPE, SIG_IGN);
 273         credential_write(c, fp);
 274         fclose(fp);
 275         sigchain_pop(SIGPIPE);
 276
 277         if (want_output) {
 278                 int r;
 279                 fp = xfdopen(helper.out, "r");
 280                 r = credential_read(c, fp);
 281                 fclose(fp);
 282                 if (r < 0) {
 283                         finish_command(&helper);
 284                         return -1;
 285                 }
 286         }
 287
 288         if (finish_command(&helper))
 289                 return -1;
 290         return 0;
 291 }
 292
 293 static int credential_do(struct credential *c, const char *helper,
 294                          const char *operation)
 295 {
 296         struct strbuf cmd = STRBUF_INIT;
 297         int r;
 298
 299         if (helper[0] == '!')
 300                 strbuf_addstr(&cmd, helper + 1);
 301         else if (is_absolute_path(helper))
 302                 strbuf_addstr(&cmd, helper);
 303         else
 304                 strbuf_addf(&cmd, "git credential-%s", helper);
 305
 306         strbuf_addf(&cmd, " %s", operation);
 307         r = run_credential_helper(c, cmd.buf, !strcmp(operation, "get"));
 308
 309         strbuf_release(&cmd);
 310         return r;
 311 }
 312
 313 void credential_fill(struct credential *c)
 314 {
 315         int i;
 316
 317         if (c->username && c->password)
 318                 return;
 319
 320         credential_apply_config(c);
 321
 322         for (i = 0; i < c->helpers.nr; i++) {
 323                 credential_do(c, c->helpers.items[i].string, "get");
 324                 if (c->username && c->password)
 325                         return;
 326                 if (c->quit)
 327                         die("credential helper '%s' told us to quit",
 328                             c->helpers.items[i].string);
 329         }
 330
 331         credential_getpass(c);
 332         if (!c->username && !c->password)
 333                 die("unable to get password from user");
 334 }
 335
 336 void credential_approve(struct credential *c)
 337 {
 338         int i;
 339
 340         if (c->approved)
 341                 return;
 342         if (!c->username || !c->password)
 343                 return;
 344
 345         credential_apply_config(c);
 346
 347         for (i = 0; i < c->helpers.nr; i++)
 348                 credential_do(c, c->helpers.items[i].string, "store");
 349         c->approved = 1;
 350 }
 351
 352 void credential_reject(struct credential *c)
 353 {
 354         int i;
 355
 356         credential_apply_config(c);
 357
 358         for (i = 0; i < c->helpers.nr; i++)
 359                 credential_do(c, c->helpers.items[i].string, "erase");
 360
 361         FREE_AND_NULL(c->username);
 362         FREE_AND_NULL(c->password);
 363         c->approved = 0;
 364 }
 365
 366 static int check_url_component(const char *url, int quiet,
 367                                const char *name, const char *value)
 368 {
 369         if (!value)
 370                 return 0;
 371         if (!strchr(value, '\n'))
 372                 return 0;
 373
 374         if (!quiet)
 375                 warning(_("url contains a newline in its %s component: %s"),
 376                         name, url);
 377         return -1;
 378 }
 379
 380 int credential_from_url_gently(struct credential *c, const char *url,
 381                                int quiet)
 382 {
 383         const char *at, *colon, *cp, *slash, *host, *proto_end;
 384
 385         credential_clear(c);
 386
 387         /*
 388          * Match one of:
 389          *   (1) proto://<host>/...
 390          *   (2) proto://<user>@<host>/...
 391          *   (3) proto://<user>:<pass>@<host>/...
 392          */
 393         proto_end = strstr(url, "://");
 394         if (!proto_end || proto_end == url) {
 395                 if (!quiet)
 396                         warning(_("url has no scheme: %s"), url);
 397                 return -1;
 398         }
 399         cp = proto_end + 3;
 400         at = strchr(cp, '@');
 401         colon = strchr(cp, ':');
 402         slash = strchrnul(cp, '/');
 403
 404         if (!at || slash <= at) {
 405                 /* Case (1) */
 406                 host = cp;
 407         }
 408         else if (!colon || at <= colon) {
 409                 /* Case (2) */
 410                 c->username = url_decode_mem(cp, at - cp);
 411                 if (c->username && *c->username)
 412                         c->username_from_proto = 1;
 413                 host = at + 1;
 414         } else {
 415                 /* Case (3) */
 416                 c->username = url_decode_mem(cp, colon - cp);
 417                 if (c->username && *c->username)
 418                         c->username_from_proto = 1;
 419                 c->password = url_decode_mem(colon + 1, at - (colon + 1));
 420                 host = at + 1;
 421         }
 422
 423         c->protocol = xmemdupz(url, proto_end - url);
 424         c->host = url_decode_mem(host, slash - host);
 425         /* Trim leading and trailing slashes from path */
 426         while (*slash == '/')
 427                 slash++;
 428         if (*slash) {
 429                 char *p;
 430                 c->path = url_decode(slash);
 431                 p = c->path + strlen(c->path) - 1;
 432                 while (p > c->path && *p == '/')
 433                         *p-- = '\0';
 434         }
 435
 436         if (check_url_component(url, quiet, "username", c->username) < 0 ||
 437             check_url_component(url, quiet, "password", c->password) < 0 ||
 438             check_url_component(url, quiet, "protocol", c->protocol) < 0 ||
 439             check_url_component(url, quiet, "host", c->host) < 0 ||
 440             check_url_component(url, quiet, "path", c->path) < 0)
 441                 return -1;
 442
 443         return 0;
 444 }
 445
 446 void credential_from_url(struct credential *c, const char *url)
 447 {
 448         if (credential_from_url_gently(c, url, 0) < 0)
 449                 die(_("credential url cannot be parsed: %s"), url);
 450 }