3 #include "credential.h"
4 #include "string-list.h"
5 #include "run-command.h"
9 void credential_init(struct credential *c)
11 memset(c, 0, sizeof(*c));
12 c->helpers.strdup_strings = 1;
15 void credential_clear(struct credential *c)
22 string_list_clear(&c->helpers, 0);
27 int credential_match(const struct credential *want,
28 const struct credential *have)
30 #define CHECK(x) (!want->x || (have->x && !strcmp(want->x, have->x)))
31 return CHECK(protocol) &&
39 static int credential_from_potentially_partial_url(struct credential *c,
42 static int credential_config_callback(const char *var, const char *value,
45 struct credential *c = data;
46 const char *key, *dot;
48 if (!skip_prefix(var, "credential.", &key))
52 return config_error_nonbool(var);
54 dot = strrchr(key, '.');
56 struct credential want = CREDENTIAL_INIT;
57 char *url = xmemdupz(key, dot - key);
60 if (credential_from_potentially_partial_url(&want, url) < 0) {
61 warning(_("skipping credential lookup for key: %s"),
63 credential_clear(&want);
67 matched = credential_match(&want, c);
69 credential_clear(&want);
77 if (!strcmp(key, "helper")) {
79 string_list_append(&c->helpers, value);
81 string_list_clear(&c->helpers, 0);
82 } else if (!strcmp(key, "username")) {
84 c->username = xstrdup(value);
86 else if (!strcmp(key, "usehttppath"))
87 c->use_http_path = git_config_bool(var, value);
92 static int proto_is_http(const char *s)
96 return !strcmp(s, "https") || !strcmp(s, "http");
99 static void credential_apply_config(struct credential *c)
102 die(_("refusing to work with credential missing host field"));
104 die(_("refusing to work with credential missing protocol field"));
108 git_config(credential_config_callback, c);
111 if (!c->use_http_path && proto_is_http(c->protocol)) {
112 FREE_AND_NULL(c->path);
116 static void credential_describe(struct credential *c, struct strbuf *out)
120 strbuf_addf(out, "%s://", c->protocol);
121 if (c->username && *c->username)
122 strbuf_addf(out, "%s@", c->username);
124 strbuf_addstr(out, c->host);
126 strbuf_addf(out, "/%s", c->path);
129 static char *credential_ask_one(const char *what, struct credential *c,
132 struct strbuf desc = STRBUF_INIT;
133 struct strbuf prompt = STRBUF_INIT;
136 credential_describe(c, &desc);
138 strbuf_addf(&prompt, "%s for '%s': ", what, desc.buf);
140 strbuf_addf(&prompt, "%s: ", what);
142 r = git_prompt(prompt.buf, flags);
144 strbuf_release(&desc);
145 strbuf_release(&prompt);
149 static void credential_getpass(struct credential *c)
152 c->username = credential_ask_one("Username", c,
153 PROMPT_ASKPASS|PROMPT_ECHO);
155 c->password = credential_ask_one("Password", c,
159 int credential_read(struct credential *c, FILE *fp)
161 struct strbuf line = STRBUF_INIT;
163 while (strbuf_getline_lf(&line, fp) != EOF) {
164 char *key = line.buf;
165 char *value = strchr(key, '=');
171 warning("invalid credential line: %s", key);
172 strbuf_release(&line);
177 if (!strcmp(key, "username")) {
179 c->username = xstrdup(value);
180 } else if (!strcmp(key, "password")) {
182 c->password = xstrdup(value);
183 } else if (!strcmp(key, "protocol")) {
185 c->protocol = xstrdup(value);
186 } else if (!strcmp(key, "host")) {
188 c->host = xstrdup(value);
189 } else if (!strcmp(key, "path")) {
191 c->path = xstrdup(value);
192 } else if (!strcmp(key, "url")) {
193 credential_from_url(c, value);
194 } else if (!strcmp(key, "quit")) {
195 c->quit = !!git_config_bool("quit", value);
198 * Ignore other lines; we don't know what they mean, but
199 * this future-proofs us when later versions of git do
200 * learn new lines, and the helpers are updated to match.
204 strbuf_release(&line);
208 static void credential_write_item(FILE *fp, const char *key, const char *value,
211 if (!value && required)
212 BUG("credential value for %s is missing", key);
215 if (strchr(value, '\n'))
216 die("credential value for %s contains newline", key);
217 fprintf(fp, "%s=%s\n", key, value);
220 void credential_write(const struct credential *c, FILE *fp)
222 credential_write_item(fp, "protocol", c->protocol, 1);
223 credential_write_item(fp, "host", c->host, 1);
224 credential_write_item(fp, "path", c->path, 0);
225 credential_write_item(fp, "username", c->username, 0);
226 credential_write_item(fp, "password", c->password, 0);
229 static int run_credential_helper(struct credential *c,
233 struct child_process helper = CHILD_PROCESS_INIT;
234 const char *argv[] = { NULL, NULL };
239 helper.use_shell = 1;
244 helper.no_stdout = 1;
246 if (start_command(&helper) < 0)
249 fp = xfdopen(helper.in, "w");
250 credential_write(c, fp);
255 fp = xfdopen(helper.out, "r");
256 r = credential_read(c, fp);
259 finish_command(&helper);
264 if (finish_command(&helper))
269 static int credential_do(struct credential *c, const char *helper,
270 const char *operation)
272 struct strbuf cmd = STRBUF_INIT;
275 if (helper[0] == '!')
276 strbuf_addstr(&cmd, helper + 1);
277 else if (is_absolute_path(helper))
278 strbuf_addstr(&cmd, helper);
280 strbuf_addf(&cmd, "git credential-%s", helper);
282 strbuf_addf(&cmd, " %s", operation);
283 r = run_credential_helper(c, cmd.buf, !strcmp(operation, "get"));
285 strbuf_release(&cmd);
289 void credential_fill(struct credential *c)
293 if (c->username && c->password)
296 credential_apply_config(c);
298 for (i = 0; i < c->helpers.nr; i++) {
299 credential_do(c, c->helpers.items[i].string, "get");
300 if (c->username && c->password)
303 die("credential helper '%s' told us to quit",
304 c->helpers.items[i].string);
307 credential_getpass(c);
308 if (!c->username && !c->password)
309 die("unable to get password from user");
312 void credential_approve(struct credential *c)
318 if (!c->username || !c->password)
321 credential_apply_config(c);
323 for (i = 0; i < c->helpers.nr; i++)
324 credential_do(c, c->helpers.items[i].string, "store");
328 void credential_reject(struct credential *c)
332 credential_apply_config(c);
334 for (i = 0; i < c->helpers.nr; i++)
335 credential_do(c, c->helpers.items[i].string, "erase");
337 FREE_AND_NULL(c->username);
338 FREE_AND_NULL(c->password);
342 static int check_url_component(const char *url, int quiet,
343 const char *name, const char *value)
347 if (!strchr(value, '\n'))
351 warning(_("url contains a newline in its %s component: %s"),
357 * Potentially-partial URLs can, but do not have to, contain
359 * - a protocol (or scheme) of the form "<protocol>://"
361 * - a host name (the part after the protocol and before the first slash after
364 * - a user name and potentially a password (as "<user>[:<password>]@" part of
367 * - a path (the part after the host name, if any, starting with the slash)
369 * Missing parts will be left unset in `struct credential`. Thus, `https://`
370 * will have only the `protocol` set, `example.com` only the host name, and
371 * `/git` only the path.
373 * Note that an empty host name in an otherwise fully-qualified URL (e.g.
374 * `cert:///path/to/cert.pem`) will be treated as unset if we expect the URL to
375 * be potentially partial, and only then (otherwise, the empty string is used).
377 * The credential_from_url() function does not allow partial URLs.
379 static int credential_from_url_1(struct credential *c, const char *url,
380 int allow_partial_url, int quiet)
382 const char *at, *colon, *cp, *slash, *host, *proto_end;
388 * (1) proto://<host>/...
389 * (2) proto://<user>@<host>/...
390 * (3) proto://<user>:<pass>@<host>/...
392 proto_end = strstr(url, "://");
393 if (!allow_partial_url && (!proto_end || proto_end == url)) {
395 warning(_("url has no scheme: %s"), url);
398 cp = proto_end ? proto_end + 3 : url;
399 at = strchr(cp, '@');
400 colon = strchr(cp, ':');
401 slash = strchrnul(cp, '/');
403 if (!at || slash <= at) {
407 else if (!colon || at <= colon) {
409 c->username = url_decode_mem(cp, at - cp);
413 c->username = url_decode_mem(cp, colon - cp);
414 c->password = url_decode_mem(colon + 1, at - (colon + 1));
418 if (proto_end && proto_end - url > 0)
419 c->protocol = xmemdupz(url, proto_end - url);
420 if (!allow_partial_url || slash - host > 0)
421 c->host = url_decode_mem(host, slash - host);
422 /* Trim leading and trailing slashes from path */
423 while (*slash == '/')
427 c->path = url_decode(slash);
428 p = c->path + strlen(c->path) - 1;
429 while (p > c->path && *p == '/')
433 if (check_url_component(url, quiet, "username", c->username) < 0 ||
434 check_url_component(url, quiet, "password", c->password) < 0 ||
435 check_url_component(url, quiet, "protocol", c->protocol) < 0 ||
436 check_url_component(url, quiet, "host", c->host) < 0 ||
437 check_url_component(url, quiet, "path", c->path) < 0)
443 static int credential_from_potentially_partial_url(struct credential *c,
446 return credential_from_url_1(c, url, 1, 0);
449 int credential_from_url_gently(struct credential *c, const char *url, int quiet)
451 return credential_from_url_1(c, url, 0, quiet);
454 void credential_from_url(struct credential *c, const char *url)
456 if (credential_from_url_gently(c, url, 0) < 0)
457 die(_("credential url cannot be parsed: %s"), url);