undef/git-commit-vandalism
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

curl: anonymize URLs in error messages and warnings

Browse Source 
Just like 47abd85ba0 (fetch: Strip usernames from url's before storing
them, 2009-04-17) and later 882d49ca5c (push: anonymize URL in status
output, 2016-07-13), this change anonymizes URLs (read: strips them of
user names and especially passwords) in user-facing error messages and
warnings.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Reviewed-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Johannes Schindelin 2019-03-04 07:33:46 -08:00 committed by Junio C Hamano
parent 98cdfbb84a
commit c1284b21f2
1 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
remote-curl.c
View File

@ -16,6 +16,7 @@
#include "send-pack.h" #include "send-pack.h"
#include "protocol.h" #include "protocol.h"
#include "quote.h" #include "quote.h"
#include "transport.h"
static struct remote *remote; static struct remote *remote;
/* always ends with a trailing slash */ /* always ends with a trailing slash */
@ -250,7 +251,7 @@ static struct ref *parse_info_refs(struct discovery *heads)
if (data[i] == '\n') { if (data[i] == '\n') {
if (mid - start != 40) if (mid - start != 40)
die("%sinfo/refs not valid: is this a git repository?", die("%sinfo/refs not valid: is this a git repository?",
url.buf); transport_anonymize_url(url.buf));
data[i] = 0; data[i] = 0;
ref_name = mid + 1; ref_name = mid + 1;
ref = alloc_ref(ref_name); ref = alloc_ref(ref_name);
@ -388,17 +389,23 @@ static struct discovery *discover_refs(const char *service, int for_push)
break; break;
case HTTP_MISSING_TARGET: case HTTP_MISSING_TARGET:
show_http_message(&type, &charset, &buffer); show_http_message(&type, &charset, &buffer);
die("repository '%s' not found", url.buf); die("repository '%s' not found",
transport_anonymize_url(url.buf));
case HTTP_NOAUTH: case HTTP_NOAUTH:
show_http_message(&type, &charset, &buffer); show_http_message(&type, &charset, &buffer);
die("Authentication failed for '%s'", url.buf); die("Authentication failed for '%s'",
transport_anonymize_url(url.buf));
default: default:
show_http_message(&type, &charset, &buffer); show_http_message(&type, &charset, &buffer);
die("unable to access '%s': %s", url.buf, curl_errorstr); die("unable to access '%s': %s",
transport_anonymize_url(url.buf), curl_errorstr);
} }
if (options.verbosity && !starts_with(refs_url.buf, url.buf)) if (options.verbosity && !starts_with(refs_url.buf, url.buf)) {
warning(_("redirecting to %s"), url.buf); char *u = transport_anonymize_url(url.buf);
warning(_("redirecting to %s"), u);
free(u);
}
last= xcalloc(1, sizeof(*last_discovery)); last= xcalloc(1, sizeof(*last_discovery));
last->service = xstrdup(service); last->service = xstrdup(service);