Merge branch 'cb/credential-store-ignore-bogus-lines'
With the recent tightening of the code that is used to parse various parts of a URL for use in the credential subsystem, a hand-edited credential-store file causes the credential helper to die, which is a bit too harsh to the users. Demote the error behaviour to just ignore and keep using well-formed lines instead. * cb/credential-store-ignore-bogus-lines: credential-store: ignore bogus lines from store file credential-store: document the file format a bit more
This commit is contained in:
commit
933fdf8784
@ -94,6 +94,10 @@ stored on its own line as a URL like:
|
|||||||
https://user:pass@example.com
|
https://user:pass@example.com
|
||||||
------------------------------
|
------------------------------
|
||||||
|
|
||||||
|
No other kinds of lines (e.g. empty lines or comment lines) are
|
||||||
|
allowed in the file, even though some may be silently ignored. Do
|
||||||
|
not view or edit the file with editors.
|
||||||
|
|
||||||
When Git needs authentication for a particular URL context,
|
When Git needs authentication for a particular URL context,
|
||||||
credential-store will consider that context a pattern to match against
|
credential-store will consider that context a pattern to match against
|
||||||
each entry in the credentials file. If the protocol, hostname, and
|
each entry in the credentials file. If the protocol, hostname, and
|
||||||
|
@ -24,8 +24,8 @@ static int parse_credential_file(const char *fn,
|
|||||||
}
|
}
|
||||||
|
|
||||||
while (strbuf_getline_lf(&line, fh) != EOF) {
|
while (strbuf_getline_lf(&line, fh) != EOF) {
|
||||||
credential_from_url(&entry, line.buf);
|
if (!credential_from_url_gently(&entry, line.buf, 1) &&
|
||||||
if (entry.username && entry.password &&
|
entry.username && entry.password &&
|
||||||
credential_match(c, &entry)) {
|
credential_match(c, &entry)) {
|
||||||
found_credential = 1;
|
found_credential = 1;
|
||||||
if (match_cb) {
|
if (match_cb) {
|
||||||
|
@ -107,7 +107,6 @@ test_expect_success 'store: if both xdg and home files exist, only store in home
|
|||||||
test_must_be_empty "$HOME/.config/git/credentials"
|
test_must_be_empty "$HOME/.config/git/credentials"
|
||||||
'
|
'
|
||||||
|
|
||||||
|
|
||||||
test_expect_success 'erase: erase matching credentials from both xdg and home files' '
|
test_expect_success 'erase: erase matching credentials from both xdg and home files' '
|
||||||
echo "https://home-user:home-pass@example.com" >"$HOME/.git-credentials" &&
|
echo "https://home-user:home-pass@example.com" >"$HOME/.git-credentials" &&
|
||||||
mkdir -p "$HOME/.config/git" &&
|
mkdir -p "$HOME/.config/git" &&
|
||||||
@ -120,4 +119,94 @@ test_expect_success 'erase: erase matching credentials from both xdg and home fi
|
|||||||
test_must_be_empty "$HOME/.config/git/credentials"
|
test_must_be_empty "$HOME/.config/git/credentials"
|
||||||
'
|
'
|
||||||
|
|
||||||
|
invalid_credential_test() {
|
||||||
|
test_expect_success "get: ignore credentials without $1 as invalid" '
|
||||||
|
echo "$2" >"$HOME/.git-credentials" &&
|
||||||
|
check fill store <<-\EOF
|
||||||
|
protocol=https
|
||||||
|
host=example.com
|
||||||
|
--
|
||||||
|
protocol=https
|
||||||
|
host=example.com
|
||||||
|
username=askpass-username
|
||||||
|
password=askpass-password
|
||||||
|
--
|
||||||
|
askpass: Username for '\''https://example.com'\'':
|
||||||
|
askpass: Password for '\''https://askpass-username@example.com'\'':
|
||||||
|
--
|
||||||
|
EOF
|
||||||
|
'
|
||||||
|
}
|
||||||
|
|
||||||
|
invalid_credential_test "scheme" ://user:pass@example.com
|
||||||
|
invalid_credential_test "valid host/path" https://user:pass@
|
||||||
|
invalid_credential_test "username/password" https://pass@example.com
|
||||||
|
|
||||||
|
test_expect_success 'get: credentials with DOS line endings are invalid' '
|
||||||
|
printf "https://user:pass@example.com\r\n" >"$HOME/.git-credentials" &&
|
||||||
|
check fill store <<-\EOF
|
||||||
|
protocol=https
|
||||||
|
host=example.com
|
||||||
|
--
|
||||||
|
protocol=https
|
||||||
|
host=example.com
|
||||||
|
username=askpass-username
|
||||||
|
password=askpass-password
|
||||||
|
--
|
||||||
|
askpass: Username for '\''https://example.com'\'':
|
||||||
|
askpass: Password for '\''https://askpass-username@example.com'\'':
|
||||||
|
--
|
||||||
|
EOF
|
||||||
|
'
|
||||||
|
|
||||||
|
test_expect_success 'get: credentials with path and DOS line endings are valid' '
|
||||||
|
printf "https://user:pass@example.com/repo.git\r\n" >"$HOME/.git-credentials" &&
|
||||||
|
check fill store <<-\EOF
|
||||||
|
url=https://example.com/repo.git
|
||||||
|
--
|
||||||
|
protocol=https
|
||||||
|
host=example.com
|
||||||
|
username=user
|
||||||
|
password=pass
|
||||||
|
--
|
||||||
|
EOF
|
||||||
|
'
|
||||||
|
|
||||||
|
test_expect_success 'get: credentials with DOS line endings are invalid if path is relevant' '
|
||||||
|
printf "https://user:pass@example.com/repo.git\r\n" >"$HOME/.git-credentials" &&
|
||||||
|
test_config credential.useHttpPath true &&
|
||||||
|
check fill store <<-\EOF
|
||||||
|
url=https://example.com/repo.git
|
||||||
|
--
|
||||||
|
protocol=https
|
||||||
|
host=example.com
|
||||||
|
path=repo.git
|
||||||
|
username=askpass-username
|
||||||
|
password=askpass-password
|
||||||
|
--
|
||||||
|
askpass: Username for '\''https://example.com/repo.git'\'':
|
||||||
|
askpass: Password for '\''https://askpass-username@example.com/repo.git'\'':
|
||||||
|
--
|
||||||
|
EOF
|
||||||
|
'
|
||||||
|
|
||||||
|
test_expect_success 'get: store file can contain empty/bogus lines' '
|
||||||
|
echo "" >"$HOME/.git-credentials" &&
|
||||||
|
q_to_tab <<-\CREDENTIAL >>"$HOME/.git-credentials" &&
|
||||||
|
#comment
|
||||||
|
Q
|
||||||
|
https://user:pass@example.com
|
||||||
|
CREDENTIAL
|
||||||
|
check fill store <<-\EOF
|
||||||
|
protocol=https
|
||||||
|
host=example.com
|
||||||
|
--
|
||||||
|
protocol=https
|
||||||
|
host=example.com
|
||||||
|
username=user
|
||||||
|
password=pass
|
||||||
|
--
|
||||||
|
EOF
|
||||||
|
'
|
||||||
|
|
||||||
test_done
|
test_done
|
||||||
|
Loading…
Reference in New Issue
Block a user