osxkeychain: avoid incorrectly skipping store operation - user/sven/git.git

diff options

author	Koji Nakamaru <koji.nakamaru@gree.net>	2025-11-14 06:04:30 +0000
committer	Junio C Hamano <gitster@pobox.com>	2025-11-14 08:47:54 -0800
commit	4580bcd2354aab9369164d936f7ccaa21fc98c98 (patch)
tree	ad2f4efb41eb47597029ccf0a57e8dca1cce07dc /diff.c
parent	fd372d9b1a69a01a676398882bbe3840bf51fe72 (diff)

osxkeychain: avoid incorrectly skipping store operation

git-credential-osxkeychain skips storing a credential if its "get" action sets "state[]=osxkeychain:seen=1". This behavior was introduced in e1ab45b2 (osxkeychain: state to skip unnecessary store operations, 2024-05-15), which appeared in v2.46. However, this state[] persists even if a credential returned by "git-credential-osxkeychain get" is invalid and a subsequent helper's "get" operation returns a valid credential. Another subsequent helper (such as [1]) may expect git-credential-osxkeychain to store the valid credential, but the "store" operation is incorrectly skipped because it only checks "state[]=osxkeychain:seen=1". To solve this issue, "state[]=osxkeychain:seen" needs to contain enough information to identify whether the current "store" input matches the output from the previous "get" operation (and not a credential from another helper). Set "state[]=osxkeychain:seen" to a value encoding the credential output by "get", and compare it with a value encoding the credential input by "store". [1]: https://github.com/hickford/git-credential-oauth Reported-by: Petter Sælen <petter@saelen.eu> Helped-by: Junio C Hamano <gitster@pobox.com> Helped-by: brian m. carlson <sandals@crustytoothpaste.net> Signed-off-by: Koji Nakamaru <koji.nakamaru@gree.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>

Diffstat (limited to 'diff.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: