From: "M Hickford via GitGitGadget" <gitgitgadget@gmail.com>
To: git@vger.kernel.org
Cc: Jeff King <peff@peff.net>, Taylor Blau <me@ttaylorr.com>,
Glen Choo <chooglen@google.com>,
M Hickford <mirth.hickford@gmail.com>,
M Hickford <mirth.hickford@gmail.com>
Subject: [PATCH v2] credential/libsecret: erase matching creds only
Date: Wed, 26 Jul 2023 16:06:25 +0000 [thread overview]
Message-ID: <pull.1527.v2.git.git.1690387585634.gitgitgadget@gmail.com> (raw)
In-Reply-To: <pull.1527.git.git.1687591293705.gitgitgadget@gmail.com>
From: M Hickford <mirth.hickford@gmail.com>
The credential erase request typically includes protocol, host, username
and password.
credential-libsecret erases a stored credential if it matches protocol,
host and username, regardless of password.
This is confusing in the case the stored password differs from that
in the request. This case can occur when multiple credential helpers are
configured.
Only erase credential if stored password matches request (or request
omits password).
This fixes test "helper ... does not erase a password distinct from
input" introduced in aeb21ce22e (credential: avoid erasing distinct
password, 2023-06-13)
Signed-off-by: M Hickford <mirth.hickford@gmail.com>
---
credential/libsecret: erase more carefully
Patch v2 has a more detailed commit message following
https://lore.kernel.org/git/xmqqpmax5c4v.fsf@gitster.g/
Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-git-1527%2Fhickford%2Ffix-libsecret-v2
Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-git-1527/hickford/fix-libsecret-v2
Pull-Request: https://github.com/git/git/pull/1527
Range-diff vs v1:
1: dcc429c1afc ! 1: b5d5c3159ad credential/libsecret: erase matching creds only
@@ Metadata
## Commit message ##
credential/libsecret: erase matching creds only
- Fix test "helper ... does not erase a password distinct from input"
- introduced in aeb21ce22e (credential: avoid erasing distinct password,
- 2023-06-13)
+ The credential erase request typically includes protocol, host, username
+ and password.
+
+ credential-libsecret erases a stored credential if it matches protocol,
+ host and username, regardless of password.
+
+ This is confusing in the case the stored password differs from that
+ in the request. This case can occur when multiple credential helpers are
+ configured.
+
+ Only erase credential if stored password matches request (or request
+ omits password).
+
+ This fixes test "helper ... does not erase a password distinct from
+ input" introduced in aeb21ce22e (credential: avoid erasing distinct
+ password, 2023-06-13)
Signed-off-by: M Hickford <mirth.hickford@gmail.com>
.../libsecret/git-credential-libsecret.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/contrib/credential/libsecret/git-credential-libsecret.c b/contrib/credential/libsecret/git-credential-libsecret.c
index ef681f29d5b..9110714601e 100644
--- a/contrib/credential/libsecret/git-credential-libsecret.c
+++ b/contrib/credential/libsecret/git-credential-libsecret.c
@@ -52,6 +52,8 @@ struct credential_operation {
#define CREDENTIAL_OP_END { NULL, NULL }
+static void credential_clear(struct credential *c);
+
/* ----------------- Secret Service functions ----------------- */
static char *make_label(struct credential *c)
@@ -185,6 +187,7 @@ static int keyring_erase(struct credential *c)
{
GHashTable *attributes = NULL;
GError *error = NULL;
+ struct credential existing = CREDENTIAL_INIT;
/*
* Sanity check that we actually have something to match
@@ -197,6 +200,20 @@ static int keyring_erase(struct credential *c)
if (!c->protocol && !c->host && !c->path && !c->username)
return EXIT_FAILURE;
+ if (c->password) {
+ existing.host = g_strdup(c->host);
+ existing.path = g_strdup(c->path);
+ existing.port = c->port;
+ existing.protocol = g_strdup(c->protocol);
+ existing.username = g_strdup(c->username);
+ keyring_get(&existing);
+ if (existing.password && strcmp(c->password, existing.password)) {
+ credential_clear(&existing);
+ return EXIT_SUCCESS;
+ }
+ credential_clear(&existing);
+ }
+
attributes = make_attr_list(c);
secret_password_clearv_sync(SECRET_SCHEMA_COMPAT_NETWORK,
attributes,
base-commit: a80be152923a46f04a06bade7bcc72870e46ca09
--
gitgitgadget
next prev parent reply other threads:[~2023-07-26 16:06 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-24 7:21 [PATCH] credential/libsecret: erase matching creds only M Hickford via GitGitGadget
2023-07-26 16:06 ` M Hickford via GitGitGadget [this message]
2023-07-26 17:15 ` [PATCH v2] " Junio C Hamano
2023-07-26 19:44 ` M Hickford
2023-07-26 19:46 ` [PATCH v3] " M Hickford via GitGitGadget
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=pull.1527.v2.git.git.1690387585634.gitgitgadget@gmail.com \
--to=gitgitgadget@gmail.com \
--cc=chooglen@google.com \
--cc=git@vger.kernel.org \
--cc=me@ttaylorr.com \
--cc=mirth.hickford@gmail.com \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).