#include "cache.h" #include "credential.h" #include "string-list.h" #include "parse-options.h" static struct lock_file credential_lock; static void parse_credential_file(const char *fn, struct credential *c, void (*match_cb)(struct credential *), void (*other_cb)(struct strbuf *)) { FILE *fh; struct strbuf line = STRBUF_INIT; struct credential entry = CREDENTIAL_INIT; fh = fopen(fn, "r"); if (!fh) { if (errno != ENOENT) die_errno("unable to open %s", fn); return; } while (strbuf_getline(&line, fh, '\n') != EOF) { credential_from_url(&entry, line.buf); if (entry.username && entry.password && credential_match(c, &entry)) { if (match_cb) { match_cb(&entry); break; } } else if (other_cb) other_cb(&line); } credential_clear(&entry); strbuf_release(&line); fclose(fh); } static void print_entry(struct credential *c) { printf("username=%s\n", c->username); printf("password=%s\n", c->password); } static void print_line(struct strbuf *buf) { strbuf_addch(buf, '\n'); write_or_die(credential_lock.fd, buf->buf, buf->len); } static void rewrite_credential_file(const char *fn, struct credential *c, struct strbuf *extra) { if (hold_lock_file_for_update(&credential_lock, fn, 0) < 0) die_errno("unable to get credential storage lock"); if (extra) print_line(extra); parse_credential_file(fn, c, NULL, print_line); if (commit_lock_file(&credential_lock) < 0) die_errno("unable to commit credential store"); } static void store_credential(const char *fn, struct credential *c) { struct strbuf buf = STRBUF_INIT; /* * Sanity check that what we are storing is actually sensible. * In particular, we can't make a URL without a protocol field. * Without either a host or pathname (depending on the scheme), * we have no primary key. And without a username and password, * we are not actually storing a credential. */ if (!c->protocol || !(c->host || c->path) || !c->username || !c->password) return; strbuf_addf(&buf, "%s://", c->protocol); strbuf_addstr_urlencode(&buf, c->username, 1); strbuf_addch(&buf, ':'); strbuf_addstr_urlencode(&buf, c->password, 1); strbuf_addch(&buf, '@'); if (c->host) strbuf_addstr_urlencode(&buf, c->host, 1); if (c->path) { strbuf_addch(&buf, '/'); strbuf_addstr_urlencode(&buf, c->path, 0); } rewrite_credential_file(fn, c, &buf); strbuf_release(&buf); } static void remove_credential(const char *fn, struct credential *c) { /* * Sanity check that we actually have something to match * against. The input we get is a restrictive pattern, * so technically a blank credential means "erase everything". * But it is too easy to accidentally send this, since it is equivalent * to empty input. So explicitly disallow it, and require that the * pattern have some actual content to match. */ if (c->protocol || c->host || c->path || c->username) rewrite_credential_file(fn, c, NULL); } static int lookup_credential(const char *fn, struct credential *c) { parse_credential_file(fn, c, print_entry, NULL); return c->username && c->password; } int main(int argc, char **argv) { const char * const usage[] = { "git credential-store [options] <action>", NULL }; const char *op; struct credential c = CREDENTIAL_INIT; char *file = NULL; struct option options[] = { OPT_STRING(0, "file", &file, "path", "fetch and store credentials in <path>"), OPT_END() }; umask(077); argc = parse_options(argc, (const char **)argv, NULL, options, usage, 0); if (argc != 1) usage_with_options(usage, options); op = argv[0]; if (!file) file = expand_user_path("~/.git-credentials"); if (!file) die("unable to set up default path; use --file"); if (credential_read(&c, stdin) < 0) die("unable to read credential"); if (!strcmp(op, "get")) lookup_credential(file, &c); else if (!strcmp(op, "erase")) remove_credential(file, &c); else if (!strcmp(op, "store")) store_credential(file, &c); else ; /* Ignore unknown operation. */ return 0; }