Commit Graph

46 Commits

Author SHA1 Message Date
Ævar Arnfjörð Bjarmason
627be1538d git-credential-netrc: remove use of "autodie"
The "autodie" module was added in Perl 5.10.1, but our INSTALL
document says "version 5.8 or later is needed".

As discussed in <87efhfvxzu.fsf@evledraar.gmail.com> this script is in
contrib/, so we might not want to apply that policy, however in this
case "autodie" was recently added as a "gratuitous safeguard" in
786ef50a23 ("git-credential-netrc: accept gpg option",
2018-05-12) (see
<CAHqJXRE8OKSKcck1APHAHccLZhox+tZi8nNu2RA74RErX8s3Pg@mail.gmail.com>).

Looking at it more carefully the addition of "autodie" inadvertently
introduced a logic error, since having it is equivalent to this patch:

    @@ -245,10 +244,10 @@ sub load_netrc {
     	if ($gpgmode) {
     		my @cmd = ($options{'gpg'}, qw(--decrypt), $file);
     		log_verbose("Using GPG to open $file: [@cmd]");
    -		open $io, "-|", @cmd;
    +		open $io, "-|", @cmd or die "@cmd: $!";
     	} else {
     		log_verbose("Opening $file...");
    -		open $io, '<', $file;
    +		open $io, '<', $file or die "$file: $!$!;
     	}

     	# nothing to do if the open failed (we log the error later)

As shown in the context the intent of that code is not do die but to
log the error later.

Per my reading of the file this was the only thing autodie was doing
in this file (there was no other code it altered). So let's remove it,
both to fix the logic error and to get rid of the dependency.

1. <87efhfvxzu.fsf@evledraar.gmail.com>
   (https://public-inbox.org/git/87efhfvxzu.fsf@evledraar.gmail.com/)
2. <CAHqJXRE8OKSKcck1APHAHccLZhox+tZi8nNu2RA74RErX8s3Pg@mail.gmail.com>
   (https://public-inbox.org/git/CAHqJXRE8OKSKcck1APHAHccLZhox+tZi8nNu2RA74RErX8s3Pg@mail.gmail.com/)

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2018-06-13 09:49:50 -07:00
Luis Marsano
786ef50a23 git-credential-netrc: accept gpg option
git-credential-netrc was hardcoded to decrypt with 'gpg' regardless of
the gpg.program option. This is a problem on distributions like Debian
that call modern GnuPG something else, like 'gpg2'.
Set the command according to these settings in descending precedence
1. the git-credential-netrc command -g|--gpg option
2. the git gpg.program configuration option
3. the default: 'gpg'

For conformance with Documentation/CodingGuidelines
- use Git.pm for repository and global option queries
- document -g|--gpg command option in command usage
- test repository & command options
- write documentation placeholders according to main standards

Signed-off-by: Luis Marsano <luis.marsano@gmail.com>
Acked-by: Ted Zlatanov <tzz@lifelogs.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2018-05-14 08:53:08 +09:00
Luis Marsano
f07eeed123 git-credential-netrc: adapt to test framework for git
git-credential-netrc tests did not run in a test repository.
Reuse the main test framework to stage a temporary repository.
To imitate Perl tests under t/
- switch to Test::More module
- use File::Basename & File::Spec::Functions

Signed-off-by: Luis Marsano <luis.marsano@gmail.com>
Acked-by: Ted Zlatanov <tzz@lifelogs.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2018-05-14 08:53:08 +09:00
Junio C Hamano
f13b8ec25e Merge branch 'tz/fsf-address-update'
* tz/fsf-address-update:
  Replace Free Software Foundation address in license notices
  Replace Free Software Foundation address in license notices
2017-11-15 12:14:34 +09:00
Junio C Hamano
55b5d92092 Merge branch 'js/wincred-empty-cred'
MinGW updates.

* js/wincred-empty-cred:
  wincred: handle empty username/password correctly
  t0302: check helper can handle empty credentials
2017-11-09 14:31:31 +09:00
Todd Zullinger
484257925f Replace Free Software Foundation address in license notices
The mailing address for the FSF has changed over the years.  Rather than
updating the address across all files, refer readers to gnu.org, as the
GNU GPL documentation now suggests for license notices.  The mailing
address is retained in the full license files (COPYING and LGPL-2.1).

The old address is still present in t/diff-lib/COPYING.  This is
intentional, as the file is used in tests and the contents are not
expected to change.

Signed-off-by: Todd Zullinger <tmz@pobox.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-11-09 13:21:21 +09:00
Dennis Kaarsemaker
9c109e9bbc credential-libsecret: unlock locked secrets
Credentials exposed by the secret service DBUS interface may be locked.
Setting the SECRET_SEARCH_UNLOCK flag will make the secret service
unlock these secrets, possibly prompting the user for credentials to do
so. Without this flag, the secret is simply not loaded.

Signed-off-by: Dennis Kaarsemaker <dennis@kaarsemaker.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-11-04 10:59:21 +09:00
Jakub Bereżański
601e1e7897 wincred: handle empty username/password correctly
Empty (length 0) usernames and/or passwords, when saved in the Windows
Credential Manager, come back as null when reading the credential.

One use case for such empty credentials is with NTLM authentication, where
empty username and password instruct libcurl to authenticate using the
credentials of the currently logged-on user (single sign-on).

When locating the relevant credentials, make empty username match null.
When outputting the credentials, handle nulls correctly.

Signed-off-by: Jakub Bereżański <kuba@berezanscy.pl>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2017-11-01 13:46:39 +09:00
Junio C Hamano
bfe800c9d7 Merge branch 'mm/credential-libsecret'
A new credential helper that talks via "libsecret" with
implementations of XDG Secret Service API has been added to
contrib/credential/.

* mm/credential-libsecret:
  contrib: add credential helper for libsecret
2016-10-26 13:14:45 -07:00
Mantas Mikulėnas
87d1353a6a contrib: add credential helper for libsecret
This is based on the existing gnome-keyring helper, but instead of
libgnome-keyring (which was specific to GNOME and is deprecated), it
uses libsecret which can support other implementations of XDG Secret
Service API.

Passes t0303-credential-external.sh.

Signed-off-by: Mantas Mikulėnas <grawity@gmail.com>
Reviewed-by: Dennis Kaarsemaker <dennis@kaarsemaker.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-10-11 13:14:51 -07:00
Heiko Becker
3cddb008c1 gnome-keyring: Don't hard-code pkg-config executable
Helpful if your pkg-config executable has a prefix based on the
architecture, for example.

Signed-off-by: Heiko Becker <heirecka@exherbo.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2016-06-14 13:06:10 -07:00
Aleksey Vasenev
13d261e53a wincred: fix get credential if username has "@"
Such a username with "@" in it isn't all that unusual these days.

cf. https://groups.google.com/forum/#!msg/msysgit/YVuCqmwwRyY/HULHj5OoE88J

Signed-off-by: Aleksey Vasenev <margtu-fivt@ya.ru>
Acked-by: Erik Faye-Lund <kusmabite@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2015-01-25 20:08:56 -08:00
Pat Thoyts
248b68f3f2 wincred: avoid overwriting configured variables
Signed-off-by: Pat Thoyts <patthoyts@users.sourceforge.net>
Signed-off-by: Stepan Kasal <kasal@ucw.cz>
Acked-by: Erik Faye-Lund <kusmabite@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-05-14 10:30:07 -07:00
Pat Thoyts
ccfb5bdad9 wincred: add install target
Signed-off-by: Pat Thoyts <patthoyts@users.sourceforge.net>
Signed-off-by: Stepan Kasal <kasal@ucw.cz>
Acked-by: Erik Faye-Lund <kusmabite@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2014-05-14 10:30:03 -07:00
John Szakmeister
0162b3c430 contrib/git-credential-gnome-keyring.c: small stylistic cleanups
Signed-off-by: John Szakmeister <john@szakmeister.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Reviewed-by: Felipe Contreras <felipe.contreras@gmail.com>
2013-12-16 09:50:42 -08:00
Junio C Hamano
26145c9c73 Merge branch 'bc/gnome-keyring'
Cleanups and tweaks for credential handling to work with ancient versions
of the gnome-keyring library that are still in use.

* bc/gnome-keyring:
  contrib/git-credential-gnome-keyring.c: support really ancient gnome-keyring
  contrib/git-credential-gnome-keyring.c: support ancient gnome-keyring
  contrib/git-credential-gnome-keyring.c: report failure to store password
  contrib/git-credential-gnome-keyring.c: use glib messaging functions
  contrib/git-credential-gnome-keyring.c: use glib memory allocation functions
  contrib/git-credential-gnome-keyring.c: use secure memory for reading passwords
  contrib/git-credential-gnome-keyring.c: use secure memory functions for passwds
  contrib/git-credential-gnome-keyring.c: use gnome helpers in keyring_object()
  contrib/git-credential-gnome-keyring.c: set Gnome application name
  contrib/git-credential-gnome-keyring.c: ensure buffer is non-empty before accessing
  contrib/git-credential-gnome-keyring.c: strlen() returns size_t, not ssize_t
  contrib/git-credential-gnome-keyring.c: exit non-zero when called incorrectly
  contrib/git-credential-gnome-keyring.c: add static where applicable
  contrib/git-credential-gnome-keyring.c: *style* use "if ()" not "if()" etc.
  contrib/git-credential-gnome-keyring.c: remove unused die() function
  contrib/git-credential-gnome-keyring.c: remove unnecessary pre-declarations
2013-10-23 13:21:50 -07:00
Brandon Casey
15f7221686 contrib/git-credential-gnome-keyring.c: support really ancient gnome-keyring
The gnome-keyring lib (0.4) distributed with RHEL 4.X is really ancient
and does not provide most of the synchronous functions that even ancient
releases do.  Thankfully, we're only using one function that is missing.
Let's emulate gnome_keyring_item_delete_sync() by calling the asynchronous
function and then triggering the event loop processing until our
callback is called.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:33 -07:00
Brandon Casey
5a3db11053 contrib/git-credential-gnome-keyring.c: support ancient gnome-keyring
The gnome-keyring lib distributed with RHEL 5.X is ancient and does
not provide a few of the functions/defines that more recent versions
do, but mostly the API is the same.  Let's provide the missing bits
via macro definitions and function implementation.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:33 -07:00
Brandon Casey
81c57e2c9d contrib/git-credential-gnome-keyring.c: report failure to store password
Produce an error message when we fail to store a password to the keyring.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:33 -07:00
Brandon Casey
3006297a0e contrib/git-credential-gnome-keyring.c: use glib messaging functions
Rather than roll our own, let's use the messaging functions provided
by glib.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:32 -07:00
Brandon Casey
68a65f5fe5 contrib/git-credential-gnome-keyring.c: use glib memory allocation functions
Rather than roll our own, let's use the memory allocation/free routines
provided by glib.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:32 -07:00
Brandon Casey
da2727f23c contrib/git-credential-gnome-keyring.c: use secure memory for reading passwords
gnome-keyring provides functions to allocate non-pageable memory (if
possible).  Let's use them to allocate memory that may be used to hold
secure data read from the keyring.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:32 -07:00
Brandon Casey
9fe3e6cf9e contrib/git-credential-gnome-keyring.c: use secure memory functions for passwds
gnome-keyring provides functions for allocating non-pageable memory (if
possible) intended to be used for storing passwords.  Let's use them.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:31 -07:00
Brandon Casey
8bb7a54c57 contrib/git-credential-gnome-keyring.c: use gnome helpers in keyring_object()
Rather than carefully allocating memory for sprintf() to write into,
let's make use of the glib helper function g_strdup_printf(), which
makes things a lot easier and less error-prone.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:31 -07:00
Brandon Casey
ff55c47d0f contrib/git-credential-gnome-keyring.c: set Gnome application name
Since this is a Gnome application, let's set the application name to
something reasonable.  This will be displayed in Gnome dialog boxes
e.g. the one that prompts for the user's keyring password.

We add an include statement for glib.h and add the glib-2.0 cflags and
libs to the compilation arguments, but both of these are really noops
since glib is already a dependency of gnome-keyring.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:31 -07:00
Brandon Casey
73bbc0796b contrib/git-credential-gnome-keyring.c: ensure buffer is non-empty before accessing
Ensure buffer length is non-zero before attempting to access the last
element.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:31 -07:00
Brandon Casey
fb2763746f contrib/git-credential-gnome-keyring.c: strlen() returns size_t, not ssize_t
Also, initialization is not necessary since it is assigned before it is
used.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:30 -07:00
Brandon Casey
7a6d6423c5 contrib/git-credential-gnome-keyring.c: exit non-zero when called incorrectly
If the correct arguments were not specified, this program should exit
non-zero.  Let's do so.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:30 -07:00
Brandon Casey
18fe5add33 contrib/git-credential-gnome-keyring.c: add static where applicable
Mark global variable and functions as static.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:35:29 -07:00
Brandon Casey
4bc47cc009 contrib/git-credential-gnome-keyring.c: *style* use "if ()" not "if()" etc.
Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-10-16 09:34:26 -07:00
Jonathan Nieder
1e155359bf Merge branch 'tz/credential-netrc'
* tz/credential-netrc:
  git-credential-netrc: fix uninitialized warning
2013-10-08 13:56:50 -07:00
Ted Zlatanov
506524aea5 git-credential-netrc: fix uninitialized warning
Simple patch to avoid unitialized warning and log what we'll do.

Signed-off-by: Ted Zlatanov <tzz@lifelogs.com>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2013-10-08 13:56:36 -07:00
Brandon Casey
083afc0ec0 contrib/git-credential-gnome-keyring.c: remove unused die() function
Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2013-09-23 10:58:07 -07:00
Brandon Casey
e72aefc9ec contrib/git-credential-gnome-keyring.c: remove unnecessary pre-declarations
These are all defined before they are used, so it is not necessary to
pre-declare them.  Remove the pre-declarations.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2013-09-23 10:58:07 -07:00
Xidorn Quan
de56ccf799 credential-osxkeychain: support more protocols
Add protocol imap, imaps, ftp and smtp for credential-osxkeychain.

Signed-off-by: Xidorn Quan <quanxunzhen@gmail.com>
Acked-by: John Szakmeister <john@szakmeister.net>
Acked-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-05-28 11:29:47 -07:00
Junio C Hamano
ea11711210 Merge branch 'tz/credential-authinfo'
A new read-only credential helper (in contrib/) to interact with
the .netrc/.authinfo files.  Hopefully mn/send-email-authinfo topic
can rebuild on top of something like this.

* tz/credential-authinfo:
  Add contrib/credentials/netrc with GPG support
2013-03-21 14:03:00 -07:00
Junio C Hamano
c2bf648b84 Merge branch 'da/downcase-u-in-usage'
* da/downcase-u-in-usage:
  contrib/mw-to-git/t/install-wiki.sh: use a lowercase "usage:" string
  contrib/examples/git-remote.perl: use a lowercase "usage:" string
  tests: use a lowercase "usage:" string
  git-svn: use a lowercase "usage:" string
  Documentation/user-manual.txt: use a lowercase "usage:" string
  templates/hooks--update.sample: use a lowercase "usage:" string
  contrib/hooks/setgitperms.perl: use a lowercase "usage:" string
  contrib/examples: use a lowercase "usage:" string
  contrib/fast-import/import-zips.py: use spaces instead of tabs
  contrib/fast-import/import-zips.py: fix broken error message
  contrib/fast-import: use a lowercase "usage:" string
  contrib/credential: use a lowercase "usage:" string
  git-cvsimport: use a lowercase "usage:" string
  git-cvsimport: use a lowercase "usage:" string
  git-cvsexportcommit: use a lowercase "usage:" string
  git-archimport: use a lowercase "usage:" string
  git-merge-one-file: use a lowercase "usage:" string
  git-relink: use a lowercase "usage:" string
  git-svn: use a lowercase "usage:" string
  git-sh-setup: use a lowercase "usage:" string
2013-03-19 12:15:54 -07:00
Karsten Blees
8b2d219a3d wincred: improve compatibility with windows versions
On WinXP, the windows credential helper doesn't work at all (due to missing
Cred[Un]PackAuthenticationBuffer APIs). On Win7, the credential format used
by wincred is incompatible with native Windows tools (such as the control
panel applet or 'cmdkey.exe /generic'). These Windows tools only set the
TargetName, UserName and CredentialBlob members of the CREDENTIAL
structure (where CredentialBlob is the UTF-16-encoded password).

Remove the unnecessary packing / unpacking of the password, along with the
related API definitions, for compatibility with Windows XP.

Don't use CREDENTIAL_ATTRIBUTEs to identify credentials for compatibility
with Windows credential manager tools. Parse the protocol, username, host
and path fields from the credential's target name instead.

Credentials created with an old wincred version will have mangled or empty
passwords after this change.

Signed-off-by: Karsten Blees <blees@dcon.de>
Signed-off-by: Erik Faye-Lund <kusmabite@gmail.com>
2013-02-26 17:42:46 +01:00
Karsten Blees
3b12f46ab3 wincred: accept CRLF on stdin to simplify console usage
The windows credential helper currently only accepts LF on stdin, but bash
and cmd.exe both send CRLF. This prevents interactive use in the console.

Change the stdin parser to optionally accept CRLF.

Signed-off-by: Karsten Blees <blees@dcon.de>
Signed-off-by: Erik Faye-Lund <kusmabite@gmail.com>
2013-02-26 17:42:24 +01:00
Ted Zlatanov
5482920919 Add contrib/credentials/netrc with GPG support
This credential helper supports multiple files, returning the first one
that matches.  It checks file permissions and owner.  For *.gpg files,
it will run GPG to decrypt the file.

Signed-off-by: Ted Zlatanov <tzz@lifelogs.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-02-25 13:46:14 -08:00
David Aguilar
c358ed756e contrib/credential: use a lowercase "usage:" string
Make the usage string consistent with Git.

Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
Signed-off-by: David Aguilar <davvid@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-02-24 13:31:08 -08:00
Junio C Hamano
7ff38b0847 Merge branch 'ph/credential-gnome-keyring'
* ph/credential-gnome-keyring:
  contrib: add credential helper for GnomeKeyring
2012-09-10 15:42:30 -07:00
Philipp A. Hartmann
0e7afb18cb contrib: add credential helper for GnomeKeyring
With this installed in your $PATH, you can store
git-over-http passwords in your keyring by doing:

git config credential.helper gnome-keyring

The code is based in large part on the work of John Szakmeister
who wrote the helper originally for the initial, unpublished
version of the credential helper protocol.

This version will pass t0303 if you do:

  GIT_TEST_CREDENTIAL_HELPER=gnome-keyring \
  ./t0303-credential-external.sh

Signed-off-by: Philipp A. Hartmann <pah@qo.cx>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-08-24 11:18:31 -07:00
Erik Faye-Lund
a6253da0f3 contrib: add win32 credential-helper
Since the Windows port of Git expects binary pipes, we need to make
sure the helper-end also sets up binary pipes.

Side-step CRLF-issue in test to make it pass.

Signed-off-by: Erik Faye-Lund <kusmabite@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-08-16 20:34:56 -07:00
Jeff King
17a9ac7d6b osxkeychain: pull make config from top-level directory
The default compiler and cflags were mostly "works for me"
when I built the original version. We need to be much less
careful here than usual, because we know we are building
only on OS X.  But it's only polite to at least respect the
CFLAGS and CC definitions that the user may have provided
earlier.

While we're at it, let's update our definitions and rules to
be more like the top-level Makefile; default our CFLAGS to
include -O2, and make sure we use CFLAGS and LDFLAGS when
linking.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-05-24 10:35:40 -07:00
Jeff King
34961d30da contrib: add credential helper for OS X Keychain
With this installed in your $PATH, you can store
git-over-http passwords in your keychain by doing:

  git config credential.helper osxkeychain

The code is based in large part on the work of Jay Soffian,
who wrote the helper originally for the initial, unpublished
version of the credential helper protocol.

This version will pass t0303 if you do:

  GIT_TEST_CREDENTIAL_HELPER=osxkeychain \
  GIT_TEST_CREDENTIAL_HELPER_SETUP="export HOME=$HOME" \
  ./t0303-credential-external.sh

The "HOME" setup is unfortunately necessary. The test
scripts set HOME to the trash directory, but this causes the
keychain API to complain.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-12-12 16:09:39 -08:00