On Tue, 27 Aug 2013 16:05:51 -0400 Jeff King <peff@xxxxxxxx> wrote:
JK> On Mon, Aug 26, 2013 at 08:56:23PM -0700, Junio C Hamano wrote:
>> Antoine Pelisse <apelisse@xxxxxxxxx> writes:
>>
>> > I've tried to use the netrc credential with git-send-email
>> > (v1.8.4-rc2), and I've had the following log (running with -d -v):
>>
>> Peff what do you think? From credential layer's point of view, I
>> think we make it totally up to the helper to decide if a request
>> matches what it supports, and if a particular helper wants to make
>> sure it is asked for a specific protocol, that is an OK thing to do,
>> but it feels unnecessarily unfriendly and treating missing proto
>> specification as a wildcard to talk to the specified host over any
>> protocol may not hurt, I would think.
JK> Right. It is up to the credential helper to map git's request into
JK> whatever storage it has. So I think the right answer is whatever is
JK> normal and expected for netrc.
JK> Unfortunately that is not really a standardized format. The original
JK> netrc was ftp-only, and did not have a port or protocol field at all.
JK> Programs like curl extend it automatically to http, and just googling
JK> around seems to show other programs using it for imap and smtp. So I
JK> think there is some precedence in simply treating a missing "port" field
JK> as "match any port/protocol" on the machine.
JK> The upside is that it is convenient for the user. The downside is that
JK> we might accidentally send a password to a service that the user does
JK> not expect, which could compromise security. It would at least be on the
JK> matching host, but the protocol might not be as secure as the one the
JK> user intended (e.g., smtp without starttls, when the password was meant
JK> to only go over imap-over-ssl).
This gets tricky, certainly. I'd rather make it convenient because
users will, anyway.
JK> So I'm on the fence. It is very unlikely to be a bad thing, but if it
JK> is, it may expose user passwords in cleartext. If we are going to keep
JK> the current behavior, it probably needs to be documented
I'm OK with treating missing protocols as wildcards.
JK> and certainly:
>> > Use of uninitialized value $_[2] in printf at
>> > /home/antoine/code/git/contrib/credential/netrc/git-credential-netrc
>> > line 419.
>> > compare protocol [] to [smtp] (entry: password=secret,
>> > username=apelisse@xxxxxxxxx, host=smtp.gmail.com:587)
>> > Use of uninitialized value in string eq at
>> > /home/antoine/code/git/contrib/credential/netrc/git-credential-netrc
>> > line 378.
JK> ...these should more cleanly handle the missing field.
Yes, you're right. Something like the following (untested) could work
and does the wildcards, which I will make into a proper patch and test
if it looks OK to you.
Ted
diff --git a/contrib/credential/netrc/git-credential-netrc b/contrib/credential/netrc/git-credential-netrc
index 6c51c43..13e537b 100755
--- a/contrib/credential/netrc/git-credential-netrc
+++ b/contrib/credential/netrc/git-credential-netrc
@@ -369,7 +369,10 @@ sub find_netrc_entry {
{
my $entry_text = join ', ', map { "$_=$entry->{$_}" } keys %$entry;
foreach my $check (sort keys %$query) {
- if (defined $query->{$check}) {
+ if (!defined $entry->{$check}) {
+ log_debug("OK: entry has no $check token, so any value satisfies check $check");
+ }
+ elsif (defined $query->{$check}) {
log_debug("compare %s [%s] to [%s] (entry: %s)",
$check,
$entry->{$check},
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html