diff options
| -rw-r--r-- | credential.c | 20 | ||||
| -rwxr-xr-x | t/t0300-credentials.sh | 34 |
2 files changed, 40 insertions, 14 deletions
diff --git a/credential.c b/credential.c index d1bb71b41a..39b7cb0c0b 100644 --- a/credential.c +++ b/credential.c @@ -88,6 +88,11 @@ static int proto_is_http(const char *s) static void credential_apply_config(struct credential *c) { + if (!c->host) + die(_("refusing to work with credential missing host field")); + if (!c->protocol) + die(_("refusing to work with credential missing protocol field")); + if (c->configured) return; git_config(credential_config_callback, c); @@ -190,8 +195,11 @@ int credential_read(struct credential *c, FILE *fp) return 0; } -static void credential_write_item(FILE *fp, const char *key, const char *value) +static void credential_write_item(FILE *fp, const char *key, const char *value, + int required) { + if (!value && required) + BUG("credential value for %s is missing", key); if (!value) return; if (strchr(value, '\n')) @@ -201,11 +209,11 @@ static void credential_write_item(FILE *fp, const char *key, const char *value) void credential_write(const struct credential *c, FILE *fp) { - credential_write_item(fp, "protocol", c->protocol); - credential_write_item(fp, "host", c->host); - credential_write_item(fp, "path", c->path); - credential_write_item(fp, "username", c->username); - credential_write_item(fp, "password", c->password); + credential_write_item(fp, "protocol", c->protocol, 1); + credential_write_item(fp, "host", c->host, 1); + credential_write_item(fp, "path", c->path, 0); + credential_write_item(fp, "username", c->username, 0); + credential_write_item(fp, "password", c->password, 0); } static int run_credential_helper(struct credential *c, diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh index 1c1010bc54..646f8456ff 100755 --- a/t/t0300-credentials.sh +++ b/t/t0300-credentials.sh @@ -400,18 +400,16 @@ test_expect_success 'empty helper spec resets helper list' ' EOF ' -test_expect_success 'url parser ignores embedded newlines' ' - check fill <<-EOF +test_expect_success 'url parser rejects embedded newlines' ' + test_must_fail git credential fill 2>stderr <<-\EOF && url=https://one.example.com?%0ahost=two.example.com/ - -- - username=askpass-username - password=askpass-password - -- + EOF + cat >expect <<-\EOF && warning: url contains a newline in its host component: https://one.example.com?%0ahost=two.example.com/ warning: skipping credential lookup for url: https://one.example.com?%0ahost=two.example.com/ - askpass: Username: - askpass: Password: + fatal: refusing to work with credential missing host field EOF + test_i18ncmp expect stderr ' test_expect_success 'host-less URLs are parsed as empty host' ' @@ -431,4 +429,24 @@ test_expect_success 'host-less URLs are parsed as empty host' ' EOF ' +test_expect_success 'credential system refuses to work with missing host' ' + test_must_fail git credential fill 2>stderr <<-\EOF && + protocol=http + EOF + cat >expect <<-\EOF && + fatal: refusing to work with credential missing host field + EOF + test_i18ncmp expect stderr +' + +test_expect_success 'credential system refuses to work with missing protocol' ' + test_must_fail git credential fill 2>stderr <<-\EOF && + host=example.com + EOF + cat >expect <<-\EOF && + fatal: refusing to work with credential missing protocol field + EOF + test_i18ncmp expect stderr +' + test_done |