diff options
Diffstat (limited to 'contrib/credential')
| -rw-r--r-- | contrib/credential/gnome-keyring/git-credential-gnome-keyring.c | 3 | ||||
| -rw-r--r-- | contrib/credential/libsecret/Makefile | 25 | ||||
| -rw-r--r-- | contrib/credential/libsecret/git-credential-libsecret.c | 369 | ||||
| -rw-r--r-- | contrib/credential/netrc/Makefile | 7 | ||||
| -rwxr-xr-x | contrib/credential/netrc/git-credential-netrc | 57 | ||||
| -rwxr-xr-x | contrib/credential/netrc/t-git-credential-netrc.sh | 32 | ||||
| -rwxr-xr-x | contrib/credential/netrc/test.command-option-gpg | 2 | ||||
| -rwxr-xr-x | contrib/credential/netrc/test.git-config-gpg | 2 | ||||
| -rw-r--r-- | contrib/credential/netrc/test.netrc.gpg | 0 | ||||
| -rwxr-xr-x | contrib/credential/netrc/test.pl | 89 | ||||
| -rw-r--r-- | contrib/credential/wincred/git-credential-wincred.c | 10 |
11 files changed, 542 insertions, 54 deletions
diff --git a/contrib/credential/gnome-keyring/git-credential-gnome-keyring.c b/contrib/credential/gnome-keyring/git-credential-gnome-keyring.c index 2a317fc..d389bfa 100644 --- a/contrib/credential/gnome-keyring/git-credential-gnome-keyring.c +++ b/contrib/credential/gnome-keyring/git-credential-gnome-keyring.c @@ -13,8 +13,7 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * along with this program; if not, see <http://www.gnu.org/licenses/>. */ /* diff --git a/contrib/credential/libsecret/Makefile b/contrib/credential/libsecret/Makefile new file mode 100644 index 0000000..3e67552 --- /dev/null +++ b/contrib/credential/libsecret/Makefile @@ -0,0 +1,25 @@ +MAIN:=git-credential-libsecret +all:: $(MAIN) + +CC = gcc +RM = rm -f +CFLAGS = -g -O2 -Wall +PKG_CONFIG = pkg-config + +-include ../../../config.mak.autogen +-include ../../../config.mak + +INCS:=$(shell $(PKG_CONFIG) --cflags libsecret-1 glib-2.0) +LIBS:=$(shell $(PKG_CONFIG) --libs libsecret-1 glib-2.0) + +SRCS:=$(MAIN).c +OBJS:=$(SRCS:.c=.o) + +%.o: %.c + $(CC) $(CFLAGS) $(CPPFLAGS) $(INCS) -o $@ -c $< + +$(MAIN): $(OBJS) + $(CC) -o $@ $(LDFLAGS) $^ $(LIBS) + +clean: + @$(RM) $(MAIN) $(OBJS) diff --git a/contrib/credential/libsecret/git-credential-libsecret.c b/contrib/credential/libsecret/git-credential-libsecret.c new file mode 100644 index 0000000..e6598b6 --- /dev/null +++ b/contrib/credential/libsecret/git-credential-libsecret.c @@ -0,0 +1,369 @@ +/* + * Copyright (C) 2011 John Szakmeister <john@szakmeister.net> + * 2012 Philipp A. Hartmann <pah@qo.cx> + * 2016 Mantas Mikulėnas <grawity@gmail.com> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + */ + +/* + * Credits: + * - GNOME Keyring API handling originally written by John Szakmeister + * - ported to credential helper API by Philipp A. Hartmann + */ + +#include <stdio.h> +#include <string.h> +#include <stdlib.h> +#include <glib.h> +#include <libsecret/secret.h> + +/* + * This credential struct and API is simplified from git's credential.{h,c} + */ +struct credential { + char *protocol; + char *host; + unsigned short port; + char *path; + char *username; + char *password; +}; + +#define CREDENTIAL_INIT { NULL, NULL, 0, NULL, NULL, NULL } + +typedef int (*credential_op_cb)(struct credential *); + +struct credential_operation { + char *name; + credential_op_cb op; +}; + +#define CREDENTIAL_OP_END { NULL, NULL } + +/* ----------------- Secret Service functions ----------------- */ + +static char *make_label(struct credential *c) +{ + if (c->port) + return g_strdup_printf("Git: %s://%s:%hu/%s", + c->protocol, c->host, c->port, c->path ? c->path : ""); + else + return g_strdup_printf("Git: %s://%s/%s", + c->protocol, c->host, c->path ? c->path : ""); +} + +static GHashTable *make_attr_list(struct credential *c) +{ + GHashTable *al = g_hash_table_new_full(g_str_hash, g_str_equal, NULL, g_free); + + if (c->username) + g_hash_table_insert(al, "user", g_strdup(c->username)); + if (c->protocol) + g_hash_table_insert(al, "protocol", g_strdup(c->protocol)); + if (c->host) + g_hash_table_insert(al, "server", g_strdup(c->host)); + if (c->port) + g_hash_table_insert(al, "port", g_strdup_printf("%hu", c->port)); + if (c->path) + g_hash_table_insert(al, "object", g_strdup(c->path)); + + return al; +} + +static int keyring_get(struct credential *c) +{ + SecretService *service = NULL; + GHashTable *attributes = NULL; + GError *error = NULL; + GList *items = NULL; + + if (!c->protocol || !(c->host || c->path)) + return EXIT_FAILURE; + + service = secret_service_get_sync(0, NULL, &error); + if (error != NULL) { + g_critical("could not connect to Secret Service: %s", error->message); + g_error_free(error); + return EXIT_FAILURE; + } + + attributes = make_attr_list(c); + items = secret_service_search_sync(service, + SECRET_SCHEMA_COMPAT_NETWORK, + attributes, + SECRET_SEARCH_LOAD_SECRETS | SECRET_SEARCH_UNLOCK, + NULL, + &error); + g_hash_table_unref(attributes); + if (error != NULL) { + g_critical("lookup failed: %s", error->message); + g_error_free(error); + return EXIT_FAILURE; + } + + if (items != NULL) { + SecretItem *item; + SecretValue *secret; + const char *s; + + item = items->data; + secret = secret_item_get_secret(item); + attributes = secret_item_get_attributes(item); + + s = g_hash_table_lookup(attributes, "user"); + if (s) { + g_free(c->username); + c->username = g_strdup(s); + } + + s = secret_value_get_text(secret); + if (s) { + g_free(c->password); + c->password = g_strdup(s); + } + + g_hash_table_unref(attributes); + secret_value_unref(secret); + g_list_free_full(items, g_object_unref); + } + + return EXIT_SUCCESS; +} + + +static int keyring_store(struct credential *c) +{ + char *label = NULL; + GHashTable *attributes = NULL; + GError *error = NULL; + + /* + * Sanity check that what we are storing is actually sensible. + * In particular, we can't make a URL without a protocol field. + * Without either a host or pathname (depending on the scheme), + * we have no primary key. And without a username and password, + * we are not actually storing a credential. + */ + if (!c->protocol || !(c->host || c->path) || + !c->username || !c->password) + return EXIT_FAILURE; + + label = make_label(c); + attributes = make_attr_list(c); + secret_password_storev_sync(SECRET_SCHEMA_COMPAT_NETWORK, + attributes, + NULL, + label, + c->password, + NULL, + &error); + g_free(label); + g_hash_table_unref(attributes); + + if (error != NULL) { + g_critical("store failed: %s", error->message); + g_error_free(error); + return EXIT_FAILURE; + } + + return EXIT_SUCCESS; +} + +static int keyring_erase(struct credential *c) +{ + GHashTable *attributes = NULL; + GError *error = NULL; + + /* + * Sanity check that we actually have something to match + * against. The input we get is a restrictive pattern, + * so technically a blank credential means "erase everything". + * But it is too easy to accidentally send this, since it is equivalent + * to empty input. So explicitly disallow it, and require that the + * pattern have some actual content to match. + */ + if (!c->protocol && !c->host && !c->path && !c->username) + return EXIT_FAILURE; + + attributes = make_attr_list(c); + secret_password_clearv_sync(SECRET_SCHEMA_COMPAT_NETWORK, + attributes, + NULL, + &error); + g_hash_table_unref(attributes); + + if (error != NULL) { + g_critical("erase failed: %s", error->message); + g_error_free(error); + return EXIT_FAILURE; + } + + return EXIT_SUCCESS; +} + +/* + * Table with helper operation callbacks, used by generic + * credential helper main function. + */ +static struct credential_operation const credential_helper_ops[] = { + { "get", keyring_get }, + { "store", keyring_store }, + { "erase", keyring_erase }, + CREDENTIAL_OP_END +}; + +/* ------------------ credential functions ------------------ */ + +static void credential_init(struct credential *c) +{ + memset(c, 0, sizeof(*c)); +} + +static void credential_clear(struct credential *c) +{ + g_free(c->protocol); + g_free(c->host); + g_free(c->path); + g_free(c->username); + g_free(c->password); + + credential_init(c); +} + +static int credential_read(struct credential *c) +{ + char *buf; + size_t line_len; + char *key; + char *value; + + key = buf = g_malloc(1024); + + while (fgets(buf, 1024, stdin)) { + line_len = strlen(buf); + + if (line_len && buf[line_len-1] == '\n') + buf[--line_len] = '\0'; + + if (!line_len) + break; + + value = strchr(buf, '='); + if (!value) { + g_warning("invalid credential line: %s", key); + g_free(buf); + return -1; + } + *value++ = '\0'; + + if (!strcmp(key, "protocol")) { + g_free(c->protocol); + c->protocol = g_strdup(value); + } else if (!strcmp(key, "host")) { + g_free(c->host); + c->host = g_strdup(value); + value = strrchr(c->host, ':'); + if (value) { + *value++ = '\0'; + c->port = atoi(value); + } + } else if (!strcmp(key, "path")) { + g_free(c->path); + c->path = g_strdup(value); + } else if (!strcmp(key, "username")) { + g_free(c->username); + c->username = g_strdup(value); + } else if (!strcmp(key, "password")) { + g_free(c->password); + c->password = g_strdup(value); + while (*value) + *value++ = '\0'; + } + /* + * Ignore other lines; we don't know what they mean, but + * this future-proofs us when later versions of git do + * learn new lines, and the helpers are updated to match. + */ + } + + g_free(buf); + + return 0; +} + +static void credential_write_item(FILE *fp, const char *key, const char *value) +{ + if (!value) + return; + fprintf(fp, "%s=%s\n", key, value); +} + +static void credential_write(const struct credential *c) +{ + /* only write username/password, if set */ + credential_write_item(stdout, "username", c->username); + credential_write_item(stdout, "password", c->password); +} + +static void usage(const char *name) +{ + struct credential_operation const *try_op = credential_helper_ops; + const char *basename = strrchr(name, '/'); + + basename = (basename) ? basename + 1 : name; + fprintf(stderr, "usage: %s <", basename); + while (try_op->name) { + fprintf(stderr, "%s", (try_op++)->name); + if (try_op->name) + fprintf(stderr, "%s", "|"); + } + fprintf(stderr, "%s", ">\n"); +} + +int main(int argc, char *argv[]) +{ + int ret = EXIT_SUCCESS; + + struct credential_operation const *try_op = credential_helper_ops; + struct credential cred = CREDENTIAL_INIT; + + if (!argv[1]) { + usage(argv[0]); + exit(EXIT_FAILURE); + } + + g_set_application_name("Git Credential Helper"); + + /* lookup operation callback */ + while (try_op->name && strcmp(argv[1], try_op->name)) + try_op++; + + /* unsupported operation given -- ignore silently */ + if (!try_op->name || !try_op->op) + goto out; + + ret = credential_read(&cred); + if (ret) + goto out; + + /* perform credential operation */ + ret = (*try_op->op)(&cred); + + credential_write(&cred); + +out: + credential_clear(&cred); + return ret; +} diff --git a/contrib/credential/netrc/Makefile b/contrib/credential/netrc/Makefile index 51b7613..6174e3b 100644 --- a/contrib/credential/netrc/Makefile +++ b/contrib/credential/netrc/Makefile @@ -1,5 +1,8 @@ +# The default target of this Makefile is... +all:: + test: - ./test.pl + ./t-git-credential-netrc.sh testverbose: - ./test.pl -d -v + ./t-git-credential-netrc.sh -d -v diff --git a/contrib/credential/netrc/git-credential-netrc b/contrib/credential/netrc/git-credential-netrc index 1571a7b..ebfc123 100755 --- a/contrib/credential/netrc/git-credential-netrc +++ b/contrib/credential/netrc/git-credential-netrc @@ -5,8 +5,9 @@ use warnings; use Getopt::Long; use File::Basename; +use Git; -my $VERSION = "0.1"; +my $VERSION = "0.2"; my %options = ( help => 0, @@ -54,6 +55,7 @@ GetOptions(\%options, "insecure|k", "verbose|v", "file|f=s@", + 'gpg|g:s', ); if ($options{help}) { @@ -62,27 +64,31 @@ if ($options{help}) { print <<EOHIPPUS; -$0 [-f AUTHFILE1] [-f AUTHFILEN] [-d] [-v] [-k] get +$0 [(-f <authfile>)...] [-g <program>] [-d] [-v] [-k] get Version $VERSION by tzz\@lifelogs.com. License: BSD. Options: - -f|--file AUTHFILE : specify netrc-style files. Files with the .gpg extension - will be decrypted by GPG before parsing. Multiple -f - arguments are OK. They are processed in order, and the - first matching entry found is returned via the credential - helper protocol (see below). + -f|--file <authfile>: specify netrc-style files. Files with the .gpg + extension will be decrypted by GPG before parsing. + Multiple -f arguments are OK. They are processed in + order, and the first matching entry found is returned + via the credential helper protocol (see below). - When no -f option is given, .authinfo.gpg, .netrc.gpg, - .authinfo, and .netrc files in your home directory are used - in this order. + When no -f option is given, .authinfo.gpg, .netrc.gpg, + .authinfo, and .netrc files in your home directory are + used in this order. - -k|--insecure : ignore bad file ownership or permissions + -g|--gpg <program> : specify the program for GPG. By default, this is the + value of gpg.program in the git repository or global + option or gpg. - -d|--debug : turn on debugging (developer info) + -k|--insecure : ignore bad file ownership or permissions - -v|--verbose : be more verbose (show files and information found) + -d|--debug : turn on debugging (developer info) + + -v|--verbose : be more verbose (show files and information found) To enable this credential helper: @@ -99,8 +105,9 @@ in the path.) git config credential.helper '$shortname -f AUTHFILE -v' -Only "get" mode is supported by this credential helper. It opens every AUTHFILE -and looks for the first entry that matches the requested search criteria: +Only "get" mode is supported by this credential helper. It opens every +<authfile> and looks for the first entry that matches the requested search +criteria: 'port|protocol': The protocol that will be used (e.g., https). (protocol=X) @@ -120,7 +127,7 @@ host=github.com protocol=https username=tzz -this credential helper will look for the first entry in every AUTHFILE that +this credential helper will look for the first entry in every <authfile> that matches machine github.com port https login tzz @@ -137,8 +144,8 @@ Then, the helper will print out whatever tokens it got from the entry, including back to "protocol". Any redundant entry tokens (part of the original query) are skipped. -Again, note that only the first matching entry from all the AUTHFILEs, processed -in the sequence given on the command line, is used. +Again, note that only the first matching entry from all the <authfile>s, +processed in the sequence given on the command line, is used. Netrc/authinfo tokens can be quoted as 'STRING' or "STRING". @@ -152,7 +159,7 @@ EOHIPPUS my $mode = shift @ARGV; # Credentials must get a parameter, so die if it's missing. -die "Syntax: $0 [-f AUTHFILE1] [-f AUTHFILEN] [-d] get" unless defined $mode; +die "Syntax: $0 [(-f <authfile>)...] [-d] get" unless defined $mode; # Only support 'get' mode; with any other unsupported ones we just exit. exit 0 unless $mode eq 'get'; @@ -172,6 +179,8 @@ unless (scalar @$files) { $files = $options{file} = [ map { glob $_ } @candidates ]; } +load_config(\%options); + my $query = read_credential_data_from_stdin(); FILE: @@ -233,7 +242,7 @@ sub load_netrc { my $io; if ($gpgmode) { - my @cmd = (qw(gpg --decrypt), $file); + my @cmd = ($options{'gpg'}, qw(--decrypt), $file); log_verbose("Using GPG to open $file: [@cmd]"); open $io, "-|", @cmd; } else { @@ -410,6 +419,14 @@ sub print_credential_data { printf "%s=%s\n", $git_token, $entry->{$git_token}; } } +sub load_config { + # load settings from git config + my $options = shift; + # set from command argument, gpg.program option, or default to gpg + $options->{'gpg'} //= Git->repository()->config('gpg.program') + // 'gpg'; + log_verbose("using $options{'gpg'} for GPG operations"); +} sub log_verbose { return unless $options{verbose}; printf STDERR @_; diff --git a/contrib/credential/netrc/t-git-credential-netrc.sh b/contrib/credential/netrc/t-git-credential-netrc.sh new file mode 100755 index 0000000..07227d0 --- /dev/null +++ b/contrib/credential/netrc/t-git-credential-netrc.sh @@ -0,0 +1,32 @@ +#!/bin/sh +( + cd ../../../t + test_description='git-credential-netrc' + . ./test-lib.sh + + if ! test_have_prereq PERL; then + skip_all='skipping perl interface tests, perl not available' + test_done + fi + + perl -MTest::More -e 0 2>/dev/null || { + skip_all="Perl Test::More unavailable, skipping test" + test_done + } + + # set up test repository + + test_expect_success \ + 'set up test repository' \ + 'git config --add gpg.program test.git-config-gpg' + + # The external test will outputs its own plan + test_external_has_tap=1 + + export PERL5LIB="$GITPERLLIB" + test_external \ + 'git-credential-netrc' \ + perl "$GIT_BUILD_DIR"/contrib/credential/netrc/test.pl + + test_done +) diff --git a/contrib/credential/netrc/test.command-option-gpg b/contrib/credential/netrc/test.command-option-gpg new file mode 100755 index 0000000..d8f1285 --- /dev/null +++ b/contrib/credential/netrc/test.command-option-gpg @@ -0,0 +1,2 @@ +#!/bin/sh +echo machine command-option-gpg login username password password diff --git a/contrib/credential/netrc/test.git-config-gpg b/contrib/credential/netrc/test.git-config-gpg new file mode 100755 index 0000000..65cf594 --- /dev/null +++ b/contrib/credential/netrc/test.git-config-gpg @@ -0,0 +1,2 @@ +#!/bin/sh +echo machine git-config-gpg login username password password diff --git a/contrib/credential/netrc/test.netrc.gpg b/contrib/credential/netrc/test.netrc.gpg new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/contrib/credential/netrc/test.netrc.gpg diff --git a/contrib/credential/netrc/test.pl b/contrib/credential/netrc/test.pl index 169b646..c0fb371 100755 --- a/contrib/credential/netrc/test.pl +++ b/contrib/credential/netrc/test.pl @@ -2,82 +2,115 @@ use warnings; use strict; -use Test; +use Test::More qw(no_plan); +use File::Basename; +use File::Spec::Functions qw(:DEFAULT rel2abs); use IPC::Open2; -BEGIN { plan tests => 15 } +BEGIN { + # t-git-credential-netrc.sh kicks off our testing, so we have to go + # from there. + Test::More->builder->current_test(1); +} my @global_credential_args = @ARGV; -my $netrc = './test.netrc'; -print "# Testing insecure file, nothing should be found\n"; +my $scriptDir = dirname rel2abs $0; +my ($netrc, $netrcGpg, $gcNetrc) = map { catfile $scriptDir, $_; } + qw(test.netrc + test.netrc.gpg + git-credential-netrc); +local $ENV{PATH} = join ':' + , $scriptDir + , $ENV{PATH} + ? $ENV{PATH} + : (); + +diag "Testing insecure file, nothing should be found\n"; chmod 0644, $netrc; my $cred = run_credential(['-f', $netrc, 'get'], { host => 'github.com' }); -ok(scalar keys %$cred, 0, "Got 0 keys from insecure file"); +ok(scalar keys %$cred == 0, "Got 0 keys from insecure file"); -print "# Testing missing file, nothing should be found\n"; +diag "Testing missing file, nothing should be found\n"; chmod 0644, $netrc; $cred = run_credential(['-f', '///nosuchfile///', 'get'], { host => 'github.com' }); -ok(scalar keys %$cred, 0, "Got 0 keys from missing file"); +ok(scalar keys %$cred == 0, "Got 0 keys from missing file"); chmod 0600, $netrc; -print "# Testing with invalid data\n"; +diag "Testing with invalid data\n"; $cred = run_credential(['-f', $netrc, 'get'], "bad data"); -ok(scalar keys %$cred, 4, "Got first found keys with bad data"); +ok(scalar keys %$cred == 4, "Got first found keys with bad data"); -print "# Testing netrc file for a missing corovamilkbar entry\n"; +diag "Testing netrc file for a missing corovamilkbar entry\n"; $cred = run_credential(['-f', $netrc, 'get'], { host => 'corovamilkbar' }); -ok(scalar keys %$cred, 0, "Got no corovamilkbar keys"); +ok(scalar keys %$cred == 0, "Got no corovamilkbar keys"); -print "# Testing netrc file for a github.com entry\n"; +diag "Testing netrc file for a github.com entry\n"; $cred = run_credential(['-f', $netrc, 'get'], { host => 'github.com' }); -ok(scalar keys %$cred, 2, "Got 2 Github keys"); +ok(scalar keys %$cred == 2, "Got 2 Github keys"); -ok($cred->{password}, 'carolknows', "Got correct Github password"); -ok($cred->{username}, 'carol', "Got correct Github username"); +is($cred->{password}, 'carolknows', "Got correct Github password"); +is($cred->{username}, 'carol', "Got correct Github username"); -print "# Testing netrc file for a username-specific entry\n"; +diag "Testing netrc file for a username-specific entry\n"; $cred = run_credential(['-f', $netrc, 'get'], { host => 'imap', username => 'bob' }); -ok(scalar keys %$cred, 2, "Got 2 username-specific keys"); +ok(scalar keys %$cred == 2, "Got 2 username-specific keys"); -ok($cred->{password}, 'bobwillknow', "Got correct user-specific password"); -ok($cred->{protocol}, 'imaps', "Got correct user-specific protocol"); +is($cred->{password}, 'bobwillknow', "Got correct user-specific password"); +is($cred->{protocol}, 'imaps', "Got correct user-specific protocol"); -print "# Testing netrc file for a host:port-specific entry\n"; +diag "Testing netrc file for a host:port-specific entry\n"; $cred = run_credential(['-f', $netrc, 'get'], { host => 'imap2:1099' }); -ok(scalar keys %$cred, 2, "Got 2 host:port-specific keys"); +ok(scalar keys %$cred == 2, "Got 2 host:port-specific keys"); -ok($cred->{password}, 'tzzknow', "Got correct host:port-specific password"); -ok($cred->{username}, 'tzz', "Got correct host:port-specific username"); +is($cred->{password}, 'tzzknow', "Got correct host:port-specific password"); +is($cred->{username}, 'tzz', "Got correct host:port-specific username"); -print "# Testing netrc file that 'host:port kills host' entry\n"; +diag "Testing netrc file that 'host:port kills host' entry\n"; $cred = run_credential(['-f', $netrc, 'get'], { host => 'imap2' }); -ok(scalar keys %$cred, 2, "Got 2 'host:port kills host' keys"); +ok(scalar keys %$cred == 2, "Got 2 'host:port kills host' keys"); + +is($cred->{password}, 'bobwillknow', "Got correct 'host:port kills host' password"); +is($cred->{username}, 'bob', "Got correct 'host:port kills host' username"); + +diag 'Testing netrc file decryption by git config gpg.program setting\n'; +$cred = run_credential( ['-f', $netrcGpg, 'get'] + , { host => 'git-config-gpg' } + ); + +ok(scalar keys %$cred == 2, 'Got keys decrypted by git config option'); + +diag 'Testing netrc file decryption by gpg option\n'; +$cred = run_credential( ['-f', $netrcGpg, '-g', 'test.command-option-gpg', 'get'] + , { host => 'command-option-gpg' } + ); + +ok(scalar keys %$cred == 2, 'Got keys decrypted by command option'); -ok($cred->{password}, 'bobwillknow', "Got correct 'host:port kills host' password"); -ok($cred->{username}, 'bob', "Got correct 'host:port kills host' username"); +my $is_passing = eval { Test::More->is_passing }; +exit($is_passing ? 0 : 1) unless $@ =~ /Can't locate object method/; sub run_credential { my $args = shift @_; my $data = shift @_; my $pid = open2(my $chld_out, my $chld_in, - './git-credential-netrc', @global_credential_args, + $gcNetrc, @global_credential_args, @$args); die "Couldn't open pipe to netrc credential helper: $!" unless $pid; diff --git a/contrib/credential/wincred/git-credential-wincred.c b/contrib/credential/wincred/git-credential-wincred.c index 0061340..86518cd 100644 --- a/contrib/credential/wincred/git-credential-wincred.c +++ b/contrib/credential/wincred/git-credential-wincred.c @@ -94,6 +94,12 @@ static WCHAR *wusername, *password, *protocol, *host, *path, target[1024]; static void write_item(const char *what, LPCWSTR wbuf, int wlen) { char *buf; + + if (!wbuf || !wlen) { + printf("%s=\n", what); + return; + } + int len = WideCharToMultiByte(CP_UTF8, 0, wbuf, wlen, NULL, 0, NULL, FALSE); buf = xmalloc(len); @@ -160,7 +166,7 @@ static int match_part_last(LPCWSTR *ptarget, LPCWSTR want, LPCWSTR delim) static int match_cred(const CREDENTIALW *cred) { LPCWSTR target = cred->TargetName; - if (wusername && wcscmp(wusername, cred->UserName)) + if (wusername && wcscmp(wusername, cred->UserName ? cred->UserName : L"")) return 0; return match_part(&target, L"git", L":") && @@ -183,7 +189,7 @@ static void get_credential(void) for (i = 0; i < num_creds; ++i) if (match_cred(creds[i])) { write_item("username", creds[i]->UserName, - wcslen(creds[i]->UserName)); + creds[i]->UserName ? wcslen(creds[i]->UserName) : 0); write_item("password", (LPCWSTR)creds[i]->CredentialBlob, creds[i]->CredentialBlobSize / sizeof(WCHAR)); |