| Jeff King | 71e1b4b | 2011-12-10 05:34:44 -0500 | [diff] [blame] | 1 | #include "cache.h" |
| 2 | #include "credential.h" |
| 3 | #include "string-list.h" |
| 4 | #include "parse-options.h" |
| 5 | |
| 6 | static struct lock_file credential_lock; |
| 7 | |
| 8 | static void parse_credential_file(const char *fn, |
| 9 | struct credential *c, |
| 10 | void (*match_cb)(struct credential *), |
| 11 | void (*other_cb)(struct strbuf *)) |
| 12 | { |
| 13 | FILE *fh; |
| 14 | struct strbuf line = STRBUF_INIT; |
| 15 | struct credential entry = CREDENTIAL_INIT; |
| 16 | |
| 17 | fh = fopen(fn, "r"); |
| 18 | if (!fh) { |
| 19 | if (errno != ENOENT) |
| 20 | die_errno("unable to open %s", fn); |
| 21 | return; |
| 22 | } |
| 23 | |
| 24 | while (strbuf_getline(&line, fh, '\n') != EOF) { |
| 25 | credential_from_url(&entry, line.buf); |
| 26 | if (entry.username && entry.password && |
| 27 | credential_match(c, &entry)) { |
| 28 | if (match_cb) { |
| 29 | match_cb(&entry); |
| 30 | break; |
| 31 | } |
| 32 | } |
| 33 | else if (other_cb) |
| 34 | other_cb(&line); |
| 35 | } |
| 36 | |
| 37 | credential_clear(&entry); |
| 38 | strbuf_release(&line); |
| 39 | fclose(fh); |
| 40 | } |
| 41 | |
| 42 | static void print_entry(struct credential *c) |
| 43 | { |
| 44 | printf("username=%s\n", c->username); |
| 45 | printf("password=%s\n", c->password); |
| 46 | } |
| 47 | |
| 48 | static void print_line(struct strbuf *buf) |
| 49 | { |
| 50 | strbuf_addch(buf, '\n'); |
| 51 | write_or_die(credential_lock.fd, buf->buf, buf->len); |
| 52 | } |
| 53 | |
| 54 | static void rewrite_credential_file(const char *fn, struct credential *c, |
| 55 | struct strbuf *extra) |
| 56 | { |
| 57 | if (hold_lock_file_for_update(&credential_lock, fn, 0) < 0) |
| 58 | die_errno("unable to get credential storage lock"); |
| 59 | if (extra) |
| 60 | print_line(extra); |
| 61 | parse_credential_file(fn, c, NULL, print_line); |
| 62 | if (commit_lock_file(&credential_lock) < 0) |
| 63 | die_errno("unable to commit credential store"); |
| 64 | } |
| 65 | |
| 66 | static void store_credential(const char *fn, struct credential *c) |
| 67 | { |
| 68 | struct strbuf buf = STRBUF_INIT; |
| 69 | |
| 70 | /* |
| 71 | * Sanity check that what we are storing is actually sensible. |
| 72 | * In particular, we can't make a URL without a protocol field. |
| 73 | * Without either a host or pathname (depending on the scheme), |
| 74 | * we have no primary key. And without a username and password, |
| 75 | * we are not actually storing a credential. |
| 76 | */ |
| 77 | if (!c->protocol || !(c->host || c->path) || |
| 78 | !c->username || !c->password) |
| 79 | return; |
| 80 | |
| 81 | strbuf_addf(&buf, "%s://", c->protocol); |
| 82 | strbuf_addstr_urlencode(&buf, c->username, 1); |
| 83 | strbuf_addch(&buf, ':'); |
| 84 | strbuf_addstr_urlencode(&buf, c->password, 1); |
| 85 | strbuf_addch(&buf, '@'); |
| 86 | if (c->host) |
| 87 | strbuf_addstr_urlencode(&buf, c->host, 1); |
| 88 | if (c->path) { |
| 89 | strbuf_addch(&buf, '/'); |
| 90 | strbuf_addstr_urlencode(&buf, c->path, 0); |
| 91 | } |
| 92 | |
| 93 | rewrite_credential_file(fn, c, &buf); |
| 94 | strbuf_release(&buf); |
| 95 | } |
| 96 | |
| 97 | static void remove_credential(const char *fn, struct credential *c) |
| 98 | { |
| 99 | /* |
| 100 | * Sanity check that we actually have something to match |
| 101 | * against. The input we get is a restrictive pattern, |
| 102 | * so technically a blank credential means "erase everything". |
| 103 | * But it is too easy to accidentally send this, since it is equivalent |
| 104 | * to empty input. So explicitly disallow it, and require that the |
| 105 | * pattern have some actual content to match. |
| 106 | */ |
| 107 | if (c->protocol || c->host || c->path || c->username) |
| 108 | rewrite_credential_file(fn, c, NULL); |
| 109 | } |
| 110 | |
| 111 | static int lookup_credential(const char *fn, struct credential *c) |
| 112 | { |
| 113 | parse_credential_file(fn, c, print_entry, NULL); |
| 114 | return c->username && c->password; |
| 115 | } |
| 116 | |
| 117 | int main(int argc, const char **argv) |
| 118 | { |
| 119 | const char * const usage[] = { |
| 120 | "git credential-store [options] <action>", |
| 121 | NULL |
| 122 | }; |
| 123 | const char *op; |
| 124 | struct credential c = CREDENTIAL_INIT; |
| 125 | char *file = NULL; |
| 126 | struct option options[] = { |
| 127 | OPT_STRING(0, "file", &file, "path", |
| 128 | "fetch and store credentials in <path>"), |
| 129 | OPT_END() |
| 130 | }; |
| 131 | |
| 132 | umask(077); |
| 133 | |
| 134 | argc = parse_options(argc, argv, NULL, options, usage, 0); |
| 135 | if (argc != 1) |
| 136 | usage_with_options(usage, options); |
| 137 | op = argv[0]; |
| 138 | |
| 139 | if (!file) |
| 140 | file = expand_user_path("~/.git-credentials"); |
| 141 | if (!file) |
| 142 | die("unable to set up default path; use --file"); |
| 143 | |
| 144 | if (credential_read(&c, stdin) < 0) |
| 145 | die("unable to read credential"); |
| 146 | |
| 147 | if (!strcmp(op, "get")) |
| 148 | lookup_credential(file, &c); |
| 149 | else if (!strcmp(op, "erase")) |
| 150 | remove_credential(file, &c); |
| 151 | else if (!strcmp(op, "store")) |
| 152 | store_credential(file, &c); |
| 153 | else |
| 154 | ; /* Ignore unknown operation. */ |
| 155 | |
| 156 | return 0; |
| 157 | } |
