| #include "builtin.h" |
| #include "config.h" |
| #include "gettext.h" |
| #include "lockfile.h" |
| #include "credential.h" |
| #include "path.h" |
| #include "string-list.h" |
| #include "parse-options.h" |
| #include "write-or-die.h" |
| |
| static struct lock_file credential_lock; |
| |
| static int parse_credential_file(const char *fn, |
| struct credential *c, |
| void (*match_cb)(struct credential *), |
| void (*other_cb)(struct strbuf *), |
| int match_password) |
| { |
| FILE *fh; |
| struct strbuf line = STRBUF_INIT; |
| struct credential entry = CREDENTIAL_INIT; |
| int found_credential = 0; |
| |
| fh = fopen(fn, "r"); |
| if (!fh) { |
| if (errno != ENOENT && errno != EACCES) |
| die_errno("unable to open %s", fn); |
| return found_credential; |
| } |
| |
| while (strbuf_getline_lf(&line, fh) != EOF) { |
| if (!credential_from_url_gently(&entry, line.buf, 1) && |
| entry.username && entry.password && |
| credential_match(c, &entry, match_password)) { |
| found_credential = 1; |
| if (match_cb) { |
| match_cb(&entry); |
| break; |
| } |
| } |
| else if (other_cb) |
| other_cb(&line); |
| } |
| |
| credential_clear(&entry); |
| strbuf_release(&line); |
| fclose(fh); |
| return found_credential; |
| } |
| |
| static void print_entry(struct credential *c) |
| { |
| printf("username=%s\n", c->username); |
| printf("password=%s\n", c->password); |
| } |
| |
| static void print_line(struct strbuf *buf) |
| { |
| strbuf_addch(buf, '\n'); |
| write_or_die(get_lock_file_fd(&credential_lock), buf->buf, buf->len); |
| } |
| |
| static void rewrite_credential_file(const char *fn, struct credential *c, |
| struct strbuf *extra, int match_password) |
| { |
| int timeout_ms = 1000; |
| |
| git_config_get_int("credentialstore.locktimeoutms", &timeout_ms); |
| if (hold_lock_file_for_update_timeout(&credential_lock, fn, 0, timeout_ms) < 0) |
| die_errno(_("unable to get credential storage lock in %d ms"), timeout_ms); |
| if (extra) |
| print_line(extra); |
| parse_credential_file(fn, c, NULL, print_line, match_password); |
| if (commit_lock_file(&credential_lock) < 0) |
| die_errno("unable to write credential store"); |
| } |
| |
| static int is_rfc3986_unreserved(char ch) |
| { |
| return isalnum(ch) || |
| ch == '-' || ch == '_' || ch == '.' || ch == '~'; |
| } |
| |
| static int is_rfc3986_reserved_or_unreserved(char ch) |
| { |
| if (is_rfc3986_unreserved(ch)) |
| return 1; |
| switch (ch) { |
| case '!': case '*': case '\'': case '(': case ')': case ';': |
| case ':': case '@': case '&': case '=': case '+': case '$': |
| case ',': case '/': case '?': case '#': case '[': case ']': |
| return 1; |
| } |
| return 0; |
| } |
| |
| static void store_credential_file(const char *fn, struct credential *c) |
| { |
| struct strbuf buf = STRBUF_INIT; |
| |
| strbuf_addf(&buf, "%s://", c->protocol); |
| strbuf_addstr_urlencode(&buf, c->username, is_rfc3986_unreserved); |
| strbuf_addch(&buf, ':'); |
| strbuf_addstr_urlencode(&buf, c->password, is_rfc3986_unreserved); |
| strbuf_addch(&buf, '@'); |
| if (c->host) |
| strbuf_addstr_urlencode(&buf, c->host, is_rfc3986_unreserved); |
| if (c->path) { |
| strbuf_addch(&buf, '/'); |
| strbuf_addstr_urlencode(&buf, c->path, |
| is_rfc3986_reserved_or_unreserved); |
| } |
| |
| rewrite_credential_file(fn, c, &buf, 0); |
| strbuf_release(&buf); |
| } |
| |
| static void store_credential(const struct string_list *fns, struct credential *c) |
| { |
| struct string_list_item *fn; |
| |
| /* |
| * Sanity check that what we are storing is actually sensible. |
| * In particular, we can't make a URL without a protocol field. |
| * Without either a host or pathname (depending on the scheme), |
| * we have no primary key. And without a username and password, |
| * we are not actually storing a credential. |
| */ |
| if (!c->protocol || !(c->host || c->path) || !c->username || !c->password) |
| return; |
| |
| for_each_string_list_item(fn, fns) |
| if (!access(fn->string, F_OK)) { |
| store_credential_file(fn->string, c); |
| return; |
| } |
| /* |
| * Write credential to the filename specified by fns->items[0], thus |
| * creating it |
| */ |
| if (fns->nr) |
| store_credential_file(fns->items[0].string, c); |
| } |
| |
| static void remove_credential(const struct string_list *fns, struct credential *c) |
| { |
| struct string_list_item *fn; |
| |
| /* |
| * Sanity check that we actually have something to match |
| * against. The input we get is a restrictive pattern, |
| * so technically a blank credential means "erase everything". |
| * But it is too easy to accidentally send this, since it is equivalent |
| * to empty input. So explicitly disallow it, and require that the |
| * pattern have some actual content to match. |
| */ |
| if (!c->protocol && !c->host && !c->path && !c->username) |
| return; |
| for_each_string_list_item(fn, fns) |
| if (!access(fn->string, F_OK)) |
| rewrite_credential_file(fn->string, c, NULL, 1); |
| } |
| |
| static void lookup_credential(const struct string_list *fns, struct credential *c) |
| { |
| struct string_list_item *fn; |
| |
| for_each_string_list_item(fn, fns) |
| if (parse_credential_file(fn->string, c, print_entry, NULL, 0)) |
| return; /* Found credential */ |
| } |
| |
| int cmd_credential_store(int argc, const char **argv, const char *prefix) |
| { |
| const char * const usage[] = { |
| "git credential-store [<options>] <action>", |
| NULL |
| }; |
| const char *op; |
| struct credential c = CREDENTIAL_INIT; |
| struct string_list fns = STRING_LIST_INIT_DUP; |
| char *file = NULL; |
| struct option options[] = { |
| OPT_STRING(0, "file", &file, "path", |
| "fetch and store credentials in <path>"), |
| OPT_END() |
| }; |
| |
| umask(077); |
| |
| argc = parse_options(argc, (const char **)argv, prefix, options, usage, 0); |
| if (argc != 1) |
| usage_with_options(usage, options); |
| op = argv[0]; |
| |
| if (file) { |
| string_list_append(&fns, file); |
| } else { |
| if ((file = interpolate_path("~/.git-credentials", 0))) |
| string_list_append_nodup(&fns, file); |
| file = xdg_config_home("credentials"); |
| if (file) |
| string_list_append_nodup(&fns, file); |
| } |
| if (!fns.nr) |
| die("unable to set up default path; use --file"); |
| |
| if (credential_read(&c, stdin) < 0) |
| die("unable to read credential"); |
| |
| if (!strcmp(op, "get")) |
| lookup_credential(&fns, &c); |
| else if (!strcmp(op, "erase")) |
| remove_credential(&fns, &c); |
| else if (!strcmp(op, "store")) |
| store_credential(&fns, &c); |
| else |
| ; /* Ignore unknown operation. */ |
| |
| string_list_clear(&fns, 0); |
| return 0; |
| } |