credential.c

   1 #include "cache.h"
   2 #include "config.h"
   3 #include "credential.h"
   4 #include "string-list.h"
   5 #include "run-command.h"
   6 #include "url.h"
   7 #include "prompt.h"
   8 #include "sigchain.h"
   9 #include "urlmatch.h"
  10
  11 void credential_init(struct credential *c)
  12 {
  13         memset(c, 0, sizeof(*c));
  14         c->helpers.strdup_strings = 1;
  15 }
  16
  17 void credential_clear(struct credential *c)
  18 {
  19         free(c->protocol);
  20         free(c->host);
  21         free(c->path);
  22         free(c->username);
  23         free(c->password);
  24         string_list_clear(&c->helpers, 0);
  25
  26         credential_init(c);
  27 }
  28
  29 int credential_match(const struct credential *want,
  30                      const struct credential *have)
  31 {
  32 #define CHECK(x) (!want->x || (have->x && !strcmp(want->x, have->x)))
  33         return CHECK(protocol) &&
  34                CHECK(host) &&
  35                CHECK(path) &&
  36                CHECK(username);
  37 #undef CHECK
  38 }
  39
  40 static int credential_config_callback(const char *var, const char *value,
  41                                       void *data)
  42 {
  43         struct credential *c = data;
  44         const char *key;
  45
  46         if (!skip_prefix(var, "credential.", &key))
  47                 return 0;
  48
  49         if (!value)
  50                 return config_error_nonbool(var);
  51
  52         if (!strcmp(key, "helper")) {
  53                 if (*value)
  54                         string_list_append(&c->helpers, value);
  55                 else
  56                         string_list_clear(&c->helpers, 0);
  57         } else if (!strcmp(key, "username")) {
  58                 if (!c->username_from_proto) {
  59                         free(c->username);
  60                         c->username = xstrdup(value);
  61                 }
  62         }
  63         else if (!strcmp(key, "usehttppath"))
  64                 c->use_http_path = git_config_bool(var, value);
  65
  66         return 0;
  67 }
  68
  69 static int proto_is_http(const char *s)
  70 {
  71         if (!s)
  72                 return 0;
  73         return !strcmp(s, "https") || !strcmp(s, "http");
  74 }
  75
  76 static void credential_describe(struct credential *c, struct strbuf *out);
  77 static void credential_format(struct credential *c, struct strbuf *out);
  78
  79 static int select_all(const struct urlmatch_item *a,
  80                       const struct urlmatch_item *b)
  81 {
  82         return 0;
  83 }
  84
  85 static void credential_apply_config(struct credential *c)
  86 {
  87         char *normalized_url;
  88         struct urlmatch_config config = { STRING_LIST_INIT_DUP };
  89         struct strbuf url = STRBUF_INIT;
  90
  91         if (c->configured)
  92                 return;
  93
  94         config.section = "credential";
  95         config.key = NULL;
  96         config.collect_fn = credential_config_callback;
  97         config.cascade_fn = NULL;
  98         config.select_fn = select_all;
  99         config.cb = c;
 100
 101         credential_format(c, &url);
 102         normalized_url = url_normalize(url.buf, &config.url);
 103
 104         git_config(urlmatch_config_entry, &config);
 105         free(normalized_url);
 106         strbuf_release(&url);
 107
 108         c->configured = 1;
 109
 110         if (!c->use_http_path && proto_is_http(c->protocol)) {
 111                 FREE_AND_NULL(c->path);
 112         }
 113 }
 114
 115 static void credential_describe(struct credential *c, struct strbuf *out)
 116 {
 117         if (!c->protocol)
 118                 return;
 119         strbuf_addf(out, "%s://", c->protocol);
 120         if (c->username && *c->username)
 121                 strbuf_addf(out, "%s@", c->username);
 122         if (c->host)
 123                 strbuf_addstr(out, c->host);
 124         if (c->path)
 125                 strbuf_addf(out, "/%s", c->path);
 126 }
 127
 128 static void credential_format(struct credential *c, struct strbuf *out)
 129 {
 130         if (!c->protocol)
 131                 return;
 132         strbuf_addf(out, "%s://", c->protocol);
 133         if (c->username && *c->username) {
 134                 strbuf_add_percentencode(out, c->username);
 135                 strbuf_addch(out, '@');
 136         }
 137         if (c->host)
 138                 strbuf_addstr(out, c->host);
 139         if (c->path) {
 140                 strbuf_addch(out, '/');
 141                 strbuf_add_percentencode(out, c->path);
 142         }
 143 }
 144
 145 static char *credential_ask_one(const char *what, struct credential *c,
 146                                 int flags)
 147 {
 148         struct strbuf desc = STRBUF_INIT;
 149         struct strbuf prompt = STRBUF_INIT;
 150         char *r;
 151
 152         credential_describe(c, &desc);
 153         if (desc.len)
 154                 strbuf_addf(&prompt, "%s for '%s': ", what, desc.buf);
 155         else
 156                 strbuf_addf(&prompt, "%s: ", what);
 157
 158         r = git_prompt(prompt.buf, flags);
 159
 160         strbuf_release(&desc);
 161         strbuf_release(&prompt);
 162         return xstrdup(r);
 163 }
 164
 165 static void credential_getpass(struct credential *c)
 166 {
 167         if (!c->username)
 168                 c->username = credential_ask_one("Username", c,
 169                                                  PROMPT_ASKPASS|PROMPT_ECHO);
 170         if (!c->password)
 171                 c->password = credential_ask_one("Password", c,
 172                                                  PROMPT_ASKPASS);
 173 }
 174
 175 int credential_read(struct credential *c, FILE *fp)
 176 {
 177         struct strbuf line = STRBUF_INIT;
 178
 179         while (strbuf_getline_lf(&line, fp) != EOF) {
 180                 char *key = line.buf;
 181                 char *value = strchr(key, '=');
 182
 183                 if (!line.len)
 184                         break;
 185
 186                 if (!value) {
 187                         warning("invalid credential line: %s", key);
 188                         strbuf_release(&line);
 189                         return -1;
 190                 }
 191                 *value++ = '\0';
 192
 193                 if (!strcmp(key, "username")) {
 194                         free(c->username);
 195                         c->username = xstrdup(value);
 196                         c->username_from_proto = 1;
 197                 } else if (!strcmp(key, "password")) {
 198                         free(c->password);
 199                         c->password = xstrdup(value);
 200                 } else if (!strcmp(key, "protocol")) {
 201                         free(c->protocol);
 202                         c->protocol = xstrdup(value);
 203                 } else if (!strcmp(key, "host")) {
 204                         free(c->host);
 205                         c->host = xstrdup(value);
 206                 } else if (!strcmp(key, "path")) {
 207                         free(c->path);
 208                         c->path = xstrdup(value);
 209                 } else if (!strcmp(key, "url")) {
 210                         credential_from_url(c, value);
 211                 } else if (!strcmp(key, "quit")) {
 212                         c->quit = !!git_config_bool("quit", value);
 213                 }
 214                 /*
 215                  * Ignore other lines; we don't know what they mean, but
 216                  * this future-proofs us when later versions of git do
 217                  * learn new lines, and the helpers are updated to match.
 218                  */
 219         }
 220
 221         strbuf_release(&line);
 222         return 0;
 223 }
 224
 225 static void credential_write_item(FILE *fp, const char *key, const char *value)
 226 {
 227         if (!value)
 228                 return;
 229         if (strchr(value, '\n'))
 230                 die("credential value for %s contains newline", key);
 231         fprintf(fp, "%s=%s\n", key, value);
 232 }
 233
 234 void credential_write(const struct credential *c, FILE *fp)
 235 {
 236         credential_write_item(fp, "protocol", c->protocol);
 237         credential_write_item(fp, "host", c->host);
 238         credential_write_item(fp, "path", c->path);
 239         credential_write_item(fp, "username", c->username);
 240         credential_write_item(fp, "password", c->password);
 241 }
 242
 243 static int run_credential_helper(struct credential *c,
 244                                  const char *cmd,
 245                                  int want_output)
 246 {
 247         struct child_process helper = CHILD_PROCESS_INIT;
 248         const char *argv[] = { NULL, NULL };
 249         FILE *fp;
 250
 251         argv[0] = cmd;
 252         helper.argv = argv;
 253         helper.use_shell = 1;
 254         helper.in = -1;
 255         if (want_output)
 256                 helper.out = -1;
 257         else
 258                 helper.no_stdout = 1;
 259
 260         if (start_command(&helper) < 0)
 261                 return -1;
 262
 263         fp = xfdopen(helper.in, "w");
 264         sigchain_push(SIGPIPE, SIG_IGN);
 265         credential_write(c, fp);
 266         fclose(fp);
 267         sigchain_pop(SIGPIPE);
 268
 269         if (want_output) {
 270                 int r;
 271                 fp = xfdopen(helper.out, "r");
 272                 r = credential_read(c, fp);
 273                 fclose(fp);
 274                 if (r < 0) {
 275                         finish_command(&helper);
 276                         return -1;
 277                 }
 278         }
 279
 280         if (finish_command(&helper))
 281                 return -1;
 282         return 0;
 283 }
 284
 285 static int credential_do(struct credential *c, const char *helper,
 286                          const char *operation)
 287 {
 288         struct strbuf cmd = STRBUF_INIT;
 289         int r;
 290
 291         if (helper[0] == '!')
 292                 strbuf_addstr(&cmd, helper + 1);
 293         else if (is_absolute_path(helper))
 294                 strbuf_addstr(&cmd, helper);
 295         else
 296                 strbuf_addf(&cmd, "git credential-%s", helper);
 297
 298         strbuf_addf(&cmd, " %s", operation);
 299         r = run_credential_helper(c, cmd.buf, !strcmp(operation, "get"));
 300
 301         strbuf_release(&cmd);
 302         return r;
 303 }
 304
 305 void credential_fill(struct credential *c)
 306 {
 307         int i;
 308
 309         if (c->username && c->password)
 310                 return;
 311
 312         credential_apply_config(c);
 313
 314         for (i = 0; i < c->helpers.nr; i++) {
 315                 credential_do(c, c->helpers.items[i].string, "get");
 316                 if (c->username && c->password)
 317                         return;
 318                 if (c->quit)
 319                         die("credential helper '%s' told us to quit",
 320                             c->helpers.items[i].string);
 321         }
 322
 323         credential_getpass(c);
 324         if (!c->username && !c->password)
 325                 die("unable to get password from user");
 326 }
 327
 328 void credential_approve(struct credential *c)
 329 {
 330         int i;
 331
 332         if (c->approved)
 333                 return;
 334         if (!c->username || !c->password)
 335                 return;
 336
 337         credential_apply_config(c);
 338
 339         for (i = 0; i < c->helpers.nr; i++)
 340                 credential_do(c, c->helpers.items[i].string, "store");
 341         c->approved = 1;
 342 }
 343
 344 void credential_reject(struct credential *c)
 345 {
 346         int i;
 347
 348         credential_apply_config(c);
 349
 350         for (i = 0; i < c->helpers.nr; i++)
 351                 credential_do(c, c->helpers.items[i].string, "erase");
 352
 353         FREE_AND_NULL(c->username);
 354         FREE_AND_NULL(c->password);
 355         c->approved = 0;
 356 }
 357
 358 static int check_url_component(const char *url, int quiet,
 359                                const char *name, const char *value)
 360 {
 361         if (!value)
 362                 return 0;
 363         if (!strchr(value, '\n'))
 364                 return 0;
 365
 366         if (!quiet)
 367                 warning(_("url contains a newline in its %s component: %s"),
 368                         name, url);
 369         return -1;
 370 }
 371
 372 int credential_from_url_gently(struct credential *c, const char *url,
 373                                int quiet)
 374 {
 375         const char *at, *colon, *cp, *slash, *host, *proto_end;
 376
 377         credential_clear(c);
 378
 379         /*
 380          * Match one of:
 381          *   (1) proto://<host>/...
 382          *   (2) proto://<user>@<host>/...
 383          *   (3) proto://<user>:<pass>@<host>/...
 384          */
 385         proto_end = strstr(url, "://");
 386         if (!proto_end)
 387                 return 0;
 388         cp = proto_end + 3;
 389         at = strchr(cp, '@');
 390         colon = strchr(cp, ':');
 391         slash = strchrnul(cp, '/');
 392
 393         if (!at || slash <= at) {
 394                 /* Case (1) */
 395                 host = cp;
 396         }
 397         else if (!colon || at <= colon) {
 398                 /* Case (2) */
 399                 c->username = url_decode_mem(cp, at - cp);
 400                 if (c->username && *c->username)
 401                         c->username_from_proto = 1;
 402                 host = at + 1;
 403         } else {
 404                 /* Case (3) */
 405                 c->username = url_decode_mem(cp, colon - cp);
 406                 if (c->username && *c->username)
 407                         c->username_from_proto = 1;
 408                 c->password = url_decode_mem(colon + 1, at - (colon + 1));
 409                 host = at + 1;
 410         }
 411
 412         if (proto_end - url > 0)
 413                 c->protocol = xmemdupz(url, proto_end - url);
 414         if (slash - host > 0)
 415                 c->host = url_decode_mem(host, slash - host);
 416         /* Trim leading and trailing slashes from path */
 417         while (*slash == '/')
 418                 slash++;
 419         if (*slash) {
 420                 char *p;
 421                 c->path = url_decode(slash);
 422                 p = c->path + strlen(c->path) - 1;
 423                 while (p > c->path && *p == '/')
 424                         *p-- = '\0';
 425         }
 426
 427         if (check_url_component(url, quiet, "username", c->username) < 0 ||
 428             check_url_component(url, quiet, "password", c->password) < 0 ||
 429             check_url_component(url, quiet, "protocol", c->protocol) < 0 ||
 430             check_url_component(url, quiet, "host", c->host) < 0 ||
 431             check_url_component(url, quiet, "path", c->path) < 0)
 432                 return -1;
 433
 434         return 0;
 435 }
 436
 437 void credential_from_url(struct credential *c, const char *url)
 438 {
 439         if (credential_from_url_gently(c, url, 0) < 0) {
 440                 warning(_("skipping credential lookup for url: %s"), url);
 441                 credential_clear(c);
 442         }
 443 }