diff options
| author | Koji Nakamaru <koji.nakamaru@gree.net> | 2024-05-15 19:21:07 +0000 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2024-05-15 14:02:45 -0700 |
| commit | e1ab45b2dab51f94db9548666dfd7af626d2aa7e (patch) | |
| tree | 1498c8e94e6a8732dbdba6349b515c1ac7f6f216 | |
| parent | fcf5b74e59c1c0d18a8e8e939475007b3b5f83ad (diff) | |
osxkeychain: state to skip unnecessary store operations
git passes a credential that has been used successfully to the helpers
to record. If a credential is already stored,
"git-credential-osxkeychain store" just records the credential returned
by "git-credential-osxkeychain get", and unnecessary (sometimes
problematic) SecItemAdd() and/or SecItemUpdate() are performed.
We can skip such unnecessary operations by marking a credential returned
by "git-credential-osxkeychain get". This marking can be done by
utilizing the "state[]" feature:
- The "get" command sets the field "state[]=osxkeychain:seen=1".
- The "store" command skips its actual operation if the field
"state[]=osxkeychain:seen=1" exists.
Introduce a new state "state[]=osxkeychain:seen=1".
Suggested-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Koji Nakamaru <koji.nakamaru@gree.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| -rw-r--r-- | contrib/credential/osxkeychain/git-credential-osxkeychain.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/contrib/credential/osxkeychain/git-credential-osxkeychain.c b/contrib/credential/osxkeychain/git-credential-osxkeychain.c index 0884db48d0..6ce22a28ed 100644 --- a/contrib/credential/osxkeychain/git-credential-osxkeychain.c +++ b/contrib/credential/osxkeychain/git-credential-osxkeychain.c @@ -12,6 +12,7 @@ static CFStringRef username; static CFDataRef password; static CFDataRef password_expiry_utc; static CFDataRef oauth_refresh_token; +static int state_seen; static void clear_credential(void) { @@ -171,6 +172,9 @@ static OSStatus find_internet_password(void) CFRelease(item); + write_item("capability[]", "state", strlen("state")); + write_item("state[]", "osxkeychain:seen=1", strlen("osxkeychain:seen=1")); + out: CFRelease(attrs); @@ -284,6 +288,9 @@ static OSStatus add_internet_password(void) CFDictionaryRef attrs; OSStatus result; + if (state_seen) + return errSecSuccess; + /* Only store complete credentials */ if (!protocol || !host || !username || !password) return -1; @@ -395,6 +402,10 @@ static void read_credential(void) oauth_refresh_token = CFDataCreate(kCFAllocatorDefault, (UInt8 *)v, strlen(v)); + else if (!strcmp(buf, "state[]")) { + if (!strcmp(v, "osxkeychain:seen=1")) + state_seen = 1; + } /* * Ignore other lines; we don't know what they mean, but * this future-proofs us when later versions of git do |