Sync with Git 2.47.2
Git 2.47.2 # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEE4fA2sf7nIh/HeOzvsLXohpav5ssFAmdkT1sACgkQsLXohpav # 5svdhRAAq0WoZIg+33vYNNVSTm3Ux9RJslmXs3lQuhuUJ61hK/28drSLU29GH7x7 # 3nmmjp1cegnXRVLBAfoYDdzPprNNrQFQEHQEzgG/GDZw0OXn+WTZuNyrrUYoa+sd # QSLlElRj2qrpHIMOsMIBKBSNB+qjJHOMGdxcBAS768TfnQpGIpc1KJa24TxsVBzC # ScP4uvrFfPyQrqFUgiUhCeqLnO/6T5i/QAn/8cS5a1+zor5ZHSlw28TZTOxN2odo # Rulp/FtehiDEzmRowgD3M4fImAPY6Ib6VORCYASqpJFFla30tu2bQqEi6raOMTec # hg5Ibkmj6fHFONaYvoTMRkYHmtUnNgIPU/CYPwswNk8w1+PPQfJ+TYjBXOQgdTLW # F0azHBHh7NRmEHVydiF9CqjgNVRzjO4IEZfGqXNFPPMvR6UUzDaIkrpYbwXBFMin # GNPV3QISeXj9ROjJoCv0nclXETwWemykjZlD6b5krXn5TaJlFb+69qJvXrCLq5WY # EoevSqKkB9HVK9si7P8Sh1cPGOr3kfiFPmMNKFVI8l0+iDFgBywOomWNS/JEzqu1 # nN142DKdL1W/rkeMUhbX2h11CZNvHKIOy3iaA4MTOing8/eMzyUUQ73Ck7odYs4f # rZ0tTXKJhxojPvBpTxYe9SxM0bDLREiOv0zX76+sIuhbAQCmk0o= # =MNNf # -----END PGP SIGNATURE----- # gpg: Signature made Thu 19 Dec 2024 08:52:43 AM PST # gpg: using RSA key E1F036B1FEE7221FC778ECEFB0B5E88696AFE6CB # gpg: Good signature from "Junio C Hamano <gitster@pobox.com>" [ultimate] # gpg: aka "Junio C Hamano <junio@pobox.com>" [ultimate] # gpg: aka "Junio C Hamano <jch@google.com>" [ultimate] * tag 'v2.47.2': Git 2.47.2 Git 2.46.3 Git 2.45.3 Git 2.44.3 Git 2.43.6 Git 2.42.4 Git 2.41.3 Git 2.40.4 credential: disallow Carriage Returns in the protocol by default credential: sanitize the user prompt credential_format(): also encode <host>[:<port>] t7300: work around platform-specific behaviour with long paths on MinGW compat/regex: fix argument order to calloc(3) mingw: drop bogus (and unneeded) declaration of `_pgmptr` ci: remove 'Upload failed tests' directories' step from linux32 jobs
This commit is contained in:
Junio C Hamano
51
credential.c
51
credential.c
@ -13,7 +13,7 @@
|
||||
#include "sigchain.h"
|
||||
#include "strbuf.h"
|
||||
#include "urlmatch.h"
|
||||
#include "git-compat-util.h"
|
||||
#include "environment.h"
|
||||
#include "trace2.h"
|
||||
#include "repository.h"
|
||||
|
||||
@ -130,6 +130,10 @@ static int credential_config_callback(const char *var, const char *value,
|
||||
}
|
||||
else if (!strcmp(key, "usehttppath"))
|
||||
c->use_http_path = git_config_bool(var, value);
|
||||
else if (!strcmp(key, "sanitizeprompt"))
|
||||
c->sanitize_prompt = git_config_bool(var, value);
|
||||
else if (!strcmp(key, "protectprotocol"))
|
||||
c->protect_protocol = git_config_bool(var, value);
|
||||
|
||||
return 0;
|
||||
}
|
||||
@ -227,7 +231,8 @@ static void credential_format(struct credential *c, struct strbuf *out)
|
||||
strbuf_addch(out, '@');
|
||||
}
|
||||
if (c->host)
|
||||
strbuf_addstr(out, c->host);
|
||||
strbuf_add_percentencode(out, c->host,
|
||||
STRBUF_ENCODE_HOST_AND_PORT);
|
||||
if (c->path) {
|
||||
strbuf_addch(out, '/');
|
||||
strbuf_add_percentencode(out, c->path, 0);
|
||||
@ -241,7 +246,10 @@ static char *credential_ask_one(const char *what, struct credential *c,
|
||||
struct strbuf prompt = STRBUF_INIT;
|
||||
char *r;
|
||||
|
||||
credential_describe(c, &desc);
|
||||
if (c->sanitize_prompt)
|
||||
credential_format(c, &desc);
|
||||
else
|
||||
credential_describe(c, &desc);
|
||||
if (desc.len)
|
||||
strbuf_addf(&prompt, "%s for '%s': ", what, desc.buf);
|
||||
else
|
||||
@ -382,7 +390,8 @@ int credential_read(struct credential *c, FILE *fp,
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void credential_write_item(FILE *fp, const char *key, const char *value,
|
||||
static void credential_write_item(const struct credential *c,
|
||||
FILE *fp, const char *key, const char *value,
|
||||
int required)
|
||||
{
|
||||
if (!value && required)
|
||||
@ -391,6 +400,10 @@ static void credential_write_item(FILE *fp, const char *key, const char *value,
|
||||
return;
|
||||
if (strchr(value, '\n'))
|
||||
die("credential value for %s contains newline", key);
|
||||
if (c->protect_protocol && strchr(value, '\r'))
|
||||
die("credential value for %s contains carriage return\n"
|
||||
"If this is intended, set `credential.protectProtocol=false`",
|
||||
key);
|
||||
fprintf(fp, "%s=%s\n", key, value);
|
||||
}
|
||||
|
||||
@ -398,34 +411,34 @@ void credential_write(const struct credential *c, FILE *fp,
|
||||
enum credential_op_type op_type)
|
||||
{
|
||||
if (credential_has_capability(&c->capa_authtype, op_type))
|
||||
credential_write_item(fp, "capability[]", "authtype", 0);
|
||||
credential_write_item(c, fp, "capability[]", "authtype", 0);
|
||||
if (credential_has_capability(&c->capa_state, op_type))
|
||||
credential_write_item(fp, "capability[]", "state", 0);
|
||||
credential_write_item(c, fp, "capability[]", "state", 0);
|
||||
|
||||
if (credential_has_capability(&c->capa_authtype, op_type)) {
|
||||
credential_write_item(fp, "authtype", c->authtype, 0);
|
||||
credential_write_item(fp, "credential", c->credential, 0);
|
||||
credential_write_item(c, fp, "authtype", c->authtype, 0);
|
||||
credential_write_item(c, fp, "credential", c->credential, 0);
|
||||
if (c->ephemeral)
|
||||
credential_write_item(fp, "ephemeral", "1", 0);
|
||||
credential_write_item(c, fp, "ephemeral", "1", 0);
|
||||
}
|
||||
credential_write_item(fp, "protocol", c->protocol, 1);
|
||||
credential_write_item(fp, "host", c->host, 1);
|
||||
credential_write_item(fp, "path", c->path, 0);
|
||||
credential_write_item(fp, "username", c->username, 0);
|
||||
credential_write_item(fp, "password", c->password, 0);
|
||||
credential_write_item(fp, "oauth_refresh_token", c->oauth_refresh_token, 0);
|
||||
credential_write_item(c, fp, "protocol", c->protocol, 1);
|
||||
credential_write_item(c, fp, "host", c->host, 1);
|
||||
credential_write_item(c, fp, "path", c->path, 0);
|
||||
credential_write_item(c, fp, "username", c->username, 0);
|
||||
credential_write_item(c, fp, "password", c->password, 0);
|
||||
credential_write_item(c, fp, "oauth_refresh_token", c->oauth_refresh_token, 0);
|
||||
if (c->password_expiry_utc != TIME_MAX) {
|
||||
char *s = xstrfmt("%"PRItime, c->password_expiry_utc);
|
||||
credential_write_item(fp, "password_expiry_utc", s, 0);
|
||||
credential_write_item(c, fp, "password_expiry_utc", s, 0);
|
||||
free(s);
|
||||
}
|
||||
for (size_t i = 0; i < c->wwwauth_headers.nr; i++)
|
||||
credential_write_item(fp, "wwwauth[]", c->wwwauth_headers.v[i], 0);
|
||||
credential_write_item(c, fp, "wwwauth[]", c->wwwauth_headers.v[i], 0);
|
||||
if (credential_has_capability(&c->capa_state, op_type)) {
|
||||
if (c->multistage)
|
||||
credential_write_item(fp, "continue", "1", 0);
|
||||
credential_write_item(c, fp, "continue", "1", 0);
|
||||
for (size_t i = 0; i < c->state_headers_to_send.nr; i++)
|
||||
credential_write_item(fp, "state[]", c->state_headers_to_send.v[i], 0);
|
||||
credential_write_item(c, fp, "state[]", c->state_headers_to_send.v[i], 0);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user