diff options
Diffstat (limited to 'builtin/credential-cache--daemon.c')
| -rw-r--r-- | builtin/credential-cache--daemon.c | 54 |
1 files changed, 41 insertions, 13 deletions
diff --git a/builtin/credential-cache--daemon.c b/builtin/credential-cache--daemon.c index 4c6c89ab0d..4952b22547 100644 --- a/builtin/credential-cache--daemon.c +++ b/builtin/credential-cache--daemon.c @@ -1,4 +1,7 @@ #include "builtin.h" +#include "abspath.h" +#include "gettext.h" +#include "object-file.h" #include "parse-options.h" #ifndef NO_UNIX_SOCKETS @@ -34,19 +37,22 @@ static struct credential_cache_entry *lookup_credential(const struct credential int i; for (i = 0; i < entries_nr; i++) { struct credential *e = &entries[i].item; - if (credential_match(c, e)) + if (credential_match(c, e, 0)) return &entries[i]; } return NULL; } -static void remove_credential(const struct credential *c) +static void remove_credential(const struct credential *c, int match_password) { struct credential_cache_entry *e; - e = lookup_credential(c); - if (e) - e->expiration = 0; + int i; + for (i = 0; i < entries_nr; i++) { + e = &entries[i]; + if (credential_match(c, &e->item, match_password)) + e->expiration = 0; + } } static timestamp_t check_expirations(void) @@ -109,7 +115,9 @@ static int read_request(FILE *fh, struct credential *c, return error("client sent bogus timeout line: %s", item.buf); *timeout = atoi(p); - if (credential_read(c, fh) < 0) + credential_set_all_capabilities(c, CREDENTIAL_OP_INITIAL); + + if (credential_read(c, fh, CREDENTIAL_OP_HELPER) < 0) return -1; return 0; } @@ -125,8 +133,24 @@ static void serve_one_client(FILE *in, FILE *out) else if (!strcmp(action.buf, "get")) { struct credential_cache_entry *e = lookup_credential(&c); if (e) { - fprintf(out, "username=%s\n", e->item.username); - fprintf(out, "password=%s\n", e->item.password); + e->item.capa_authtype.request_initial = 1; + e->item.capa_authtype.request_helper = 1; + + fprintf(out, "capability[]=authtype\n"); + if (e->item.username) + fprintf(out, "username=%s\n", e->item.username); + if (e->item.password) + fprintf(out, "password=%s\n", e->item.password); + if (credential_has_capability(&c.capa_authtype, CREDENTIAL_OP_HELPER) && e->item.authtype) + fprintf(out, "authtype=%s\n", e->item.authtype); + if (credential_has_capability(&c.capa_authtype, CREDENTIAL_OP_HELPER) && e->item.credential) + fprintf(out, "credential=%s\n", e->item.credential); + if (e->item.password_expiry_utc != TIME_MAX) + fprintf(out, "password_expiry_utc=%"PRItime"\n", + e->item.password_expiry_utc); + if (e->item.oauth_refresh_token) + fprintf(out, "oauth_refresh_token=%s\n", + e->item.oauth_refresh_token); } } else if (!strcmp(action.buf, "exit")) { @@ -141,14 +165,16 @@ static void serve_one_client(FILE *in, FILE *out) exit(0); } else if (!strcmp(action.buf, "erase")) - remove_credential(&c); + remove_credential(&c, 1); else if (!strcmp(action.buf, "store")) { if (timeout < 0) warning("cache client didn't specify a timeout"); - else if (!c.username || !c.password) + else if ((!c.username || !c.password) && (!c.authtype && !c.credential)) warning("cache client gave us a partial credential"); + else if (c.ephemeral) + warning("not storing ephemeral credential"); else { - remove_credential(&c); + remove_credential(&c, 0); cache_credential(&c, timeout); } } @@ -267,7 +293,7 @@ int cmd_credential_cache_daemon(int argc, const char **argv, const char *prefix) const char *socket_path; int ignore_sighup = 0; static const char *usage[] = { - "git-credential-cache--daemon [opts] <socket_path>", + "git credential-cache--daemon [--debug] <socket-path>", NULL }; int debug = 0; @@ -282,6 +308,8 @@ int cmd_credential_cache_daemon(int argc, const char **argv, const char *prefix) argc = parse_options(argc, argv, prefix, options, usage, 0); socket_path = argv[0]; + if (!have_unix_sockets()) + die(_("credential-cache--daemon unavailable; no unix socket support")); if (!socket_path) usage_with_options(usage, options); @@ -305,7 +333,7 @@ int cmd_credential_cache_daemon(int argc, const char **argv, const char *prefix) int cmd_credential_cache_daemon(int argc, const char **argv, const char *prefix) { const char * const usage[] = { - "git credential-cache--daemon [options] <action>", + "git credential-cache--daemon [--debug] <socket-path>", "", "credential-cache--daemon is disabled in this build of Git", NULL |