From: Jeff King <peff@peff.net>
To: Junio C Hamano <gitster@pobox.com>
Cc: git@vger.kernel.org
Subject: Re: [PATCHv2 0/13] credential helpers
Date: Fri, 9 Dec 2011 18:18:00 -0500 [thread overview]
Message-ID: <20111209231800.GA14376@sigill.intra.peff.net> (raw)
In-Reply-To: <7vzkf1fwvn.fsf@alter.siamese.dyndns.org>
On Fri, Dec 09, 2011 at 10:00:44AM -0800, Junio C Hamano wrote:
> Jeff King <peff@peff.net> writes:
>
> > It works, and it detects truncated output both ways properly (I know
> > because I had to update every test, since the old output was missing the
> > end-of-credential marker).
> >
> > It makes me a little sad, because the original format (relying on EOF)
> > was so Unix-y.
>
> It saddens me, too. A reasonable middle ground would be to stop treating
> an empty input as "no restriction" but "never matches".
>
> I suspect that it is far more likely for a helper to fail (due to
> configuration errors, for example) before it produces any output than
> after it gives some but not all output lines.
Yeah, I think that's a reasonable compromise. Instead of the patch I
posted earlier, how about this:
diff --git a/credential-store.c b/credential-store.c
index a2c2cd0..26f7589 100644
--- a/credential-store.c
+++ b/credential-store.c
@@ -96,7 +96,16 @@ static void store_credential(const char *fn, struct credential *c)
static void remove_credential(const char *fn, struct credential *c)
{
- rewrite_credential_file(fn, c, NULL);
+ /*
+ * Sanity check that we actually have something to match
+ * against. The input we get is a restrictive pattern,
+ * so technically a blank credential means "erase everything".
+ * But it is too easy to accidentally send this, since it is equivalent
+ * to empty input. So explicitly disallow it, and require that the
+ * pattern have some actual content to match.
+ */
+ if (c->protocol || c->host || c->path || c->username)
+ rewrite_credential_file(fn, c, NULL);
}
static int lookup_credential(const char *fn, struct credential *c)
We _could_ modify credential_match() to automatically reject such a
pattern at that level, but it does actually have a use on the lookup
side. In config, a context like "https://example.com/foo.git" would
match each of:
[credential "https://example.com/foo.git"]
helper = ...
[credential "https://example.com"]
helper = ...
[credential "https://"]
helper = ...
[credential]
helper = ...
The final one is an just an extension of the others to the empty pattern
(you could also spell it [credential ""], and it would have the same
effect).
So the "empty pattern" does actually have a use, from the end-users's
point of view. It's just that with removal, it's a little more dangerous
and a little less likely to be useful (as compared to lookup).
-Peff
next prev parent reply other threads:[~2011-12-09 23:18 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-06 6:21 [PATCHv2 0/13] credential helpers Jeff King
2011-12-06 6:22 ` [PATCHv2 01/13] test-lib: add test_config_global variant Jeff King
2011-12-06 6:22 ` [PATCHv2 02/13] t5550: fix typo Jeff King
2011-12-06 6:22 ` [PATCHv2 03/13] introduce credentials API Jeff King
2011-12-06 6:22 ` [PATCHv2 04/13] credential: add function for parsing url components Jeff King
2011-12-06 6:22 ` [PATCHv2 05/13] http: use credential API to get passwords Jeff King
2011-12-06 6:22 ` [PATCHv2 06/13] credential: apply helper config Jeff King
2011-12-06 23:58 ` Junio C Hamano
2011-12-07 0:45 ` Jeff King
2011-12-07 0:49 ` Jeff King
2011-12-06 6:22 ` [PATCHv2 07/13] credential: add credential.*.username Jeff King
2011-12-06 6:22 ` [PATCHv2 08/13] credential: make relevance of http path configurable Jeff King
2011-12-06 6:22 ` [PATCHv2 09/13] docs: end-user documentation for the credential subsystem Jeff King
2011-12-06 6:22 ` [PATCHv2 10/13] credentials: add "cache" helper Jeff King
2011-12-06 6:23 ` [PATCHv2 11/13] strbuf: add strbuf_add*_urlencode Jeff King
2011-12-06 6:23 ` [PATCHv2 12/13] credentials: add "store" helper Jeff King
2011-12-06 21:50 ` Junio C Hamano
2011-12-09 23:19 ` Jeff King
2011-12-06 6:23 ` [PATCHv2 13/13] t: add test harness for external credential helpers Jeff King
2011-12-06 21:51 ` Junio C Hamano
2011-12-06 22:08 ` Jeff King
2011-12-06 21:40 ` [PATCHv2 0/13] " Junio C Hamano
2011-12-07 6:42 ` Jeff King
2011-12-08 21:34 ` Junio C Hamano
2011-12-09 2:29 ` Jeff King
2011-12-09 18:00 ` Junio C Hamano
2011-12-09 23:18 ` Jeff King [this message]
2011-12-09 23:34 ` Junio C Hamano
2011-12-09 23:39 ` Jeff King
2011-12-09 23:56 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111209231800.GA14376@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).