From 86d7925cf930c166240801b9deafcd88a02bee64 Mon Sep 17 00:00:00 2001
From: Felipe Contreras <felipe.contreras@gmail.com>
Date: Tue, 13 May 2014 09:13:53 -0500
Subject: [PATCH] credential: fix wrong double password prompt

We shouldn't use ssh-askpass to ask for the user, that causes most tools
to ask for "password: username" followed by "password: password".
Totally confusing for the user.

Instead, use a normal prompt to ask for the user.

Reported-by: Chris  Warrick <kwpolska@gmail.com>
Signed-off-by: Felipe Contreras <felipe.contreras@gmail.com>
---
 credential.c           |  2 +-
 t/lib-credential.sh    | 36 ++++++++++++++++++------------------
 t/t0300-credentials.sh | 16 +++++++++-------
 3 files changed, 28 insertions(+), 26 deletions(-)

diff --git a/credential.c b/credential.c
index 7d6501d190..0c7cfa8251 100644
--- a/credential.c
+++ b/credential.c
@@ -132,7 +132,7 @@ static void credential_getpass(struct credential *c)
 {
 	if (!c->username)
 		c->username = credential_ask_one("Username", c,
-						 PROMPT_ASKPASS|PROMPT_ECHO);
+						 PROMPT_ECHO);
 	if (!c->password)
 		c->password = credential_ask_one("Password", c,
 						 PROMPT_ASKPASS);
diff --git a/t/lib-credential.sh b/t/lib-credential.sh
index d8e41f7ddd..2f9c5f754d 100755
--- a/t/lib-credential.sh
+++ b/t/lib-credential.sh
@@ -61,14 +61,14 @@ helper_test() {
 		check fill $HELPER <<-\EOF
 		protocol=https
 		host=example.com
+		username=foo
 		--
 		protocol=https
 		host=example.com
-		username=askpass-username
+		username=foo
 		password=askpass-password
 		--
-		askpass: Username for '\''https://example.com'\'':
-		askpass: Password for '\''https://askpass-username@example.com'\'':
+		askpass: Password for '\''https://foo@example.com'\'':
 		EOF
 	'
 
@@ -98,14 +98,14 @@ helper_test() {
 		check fill $HELPER <<-\EOF
 		protocol=http
 		host=example.com
+		username=foo
 		--
 		protocol=http
 		host=example.com
-		username=askpass-username
+		username=foo
 		password=askpass-password
 		--
-		askpass: Username for '\''http://example.com'\'':
-		askpass: Password for '\''http://askpass-username@example.com'\'':
+		askpass: Password for '\''http://foo@example.com'\'':
 		EOF
 	'
 
@@ -113,14 +113,14 @@ helper_test() {
 		check fill $HELPER <<-\EOF
 		protocol=https
 		host=other.tld
+		username=foo
 		--
 		protocol=https
 		host=other.tld
-		username=askpass-username
+		username=foo
 		password=askpass-password
 		--
-		askpass: Username for '\''https://other.tld'\'':
-		askpass: Password for '\''https://askpass-username@other.tld'\'':
+		askpass: Password for '\''https://foo@other.tld'\'':
 		EOF
 	'
 
@@ -152,15 +152,15 @@ helper_test() {
 		protocol=http
 		host=path.tld
 		path=bar.git
+		username=foo
 		--
 		protocol=http
 		host=path.tld
 		path=bar.git
-		username=askpass-username
+		username=foo
 		password=askpass-password
 		--
-		askpass: Username for '\''http://path.tld/bar.git'\'':
-		askpass: Password for '\''http://askpass-username@path.tld/bar.git'\'':
+		askpass: Password for '\''http://foo@path.tld/bar.git'\'':
 		EOF
 	'
 
@@ -172,14 +172,14 @@ helper_test() {
 		check fill $HELPER <<-\EOF
 		protocol=https
 		host=example.com
+		username=foo
 		--
 		protocol=https
 		host=example.com
-		username=askpass-username
+		username=foo
 		password=askpass-password
 		--
-		askpass: Username for '\''https://example.com'\'':
-		askpass: Password for '\''https://askpass-username@example.com'\'':
+		askpass: Password for '\''https://foo@example.com'\'':
 		EOF
 	'
 
@@ -266,14 +266,14 @@ helper_test_timeout() {
 		check fill "$HELPER" <<-\EOF
 		protocol=https
 		host=timeout.tld
+		username=foo
 		--
 		protocol=https
 		host=timeout.tld
-		username=askpass-username
+		username=foo
 		password=askpass-password
 		--
-		askpass: Username for '\''https://timeout.tld'\'':
-		askpass: Password for '\''https://askpass-username@timeout.tld'\'':
+		askpass: Password for '\''https://foo@timeout.tld'\'':
 		EOF
 	'
 }
diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
index d7ef44b4a2..907ae224b3 100755
--- a/t/t0300-credentials.sh
+++ b/t/t0300-credentials.sh
@@ -173,12 +173,12 @@ test_expect_success 'do not bother completing already-full credential' '
 # getpass() tries too hard to find the real terminal. But if our
 # askpass helper is run, we know the internal getpass is working.
 test_expect_success 'empty helper list falls back to internal getpass' '
-	check fill <<-\EOF
+	check fill "verbatim foo \"\"" <<-\EOF
 	--
-	username=askpass-username
+	username=foo
 	password=askpass-password
 	--
-	askpass: Username:
+	verbatim: get
 	askpass: Password:
 	EOF
 '
@@ -226,17 +226,19 @@ test_expect_success 'match configured credential' '
 
 test_expect_success 'do not match configured credential' '
 	test_config credential.https://foo.helper "$HELPER" &&
-	check fill <<-\EOF
+	check fill "verbatim foo \"\"" <<-\EOF
 	protocol=https
 	host=bar
 	--
 	protocol=https
 	host=bar
-	username=askpass-username
+	username=foo
 	password=askpass-password
 	--
-	askpass: Username for '\''https://bar'\'':
-	askpass: Password for '\''https://askpass-username@bar'\'':
+	verbatim: get
+	verbatim: protocol=https
+	verbatim: host=bar
+	askpass: Password for '\''https://foo@bar'\'':
 	EOF
 '
 
-- 
2.32.0.93.g670b81a890