From: Johannes Schindelin <johannes.schindelin@xxxxxx> In the patches for CVE-2020-11008, the ability to specify credential settings in the config for partial URLs got lost. For example, it used to be possible to specify a credential helper for a specific protocol: [credential "https://";] helper = my-https-helper Likewise, it used to be possible to configure settings for a specific host, e.g.: [credential "dev.azure.com"] useHTTPPath = true Let's reinstate this behavior. Original-test-case-by: Jeff King <peff@xxxxxxxx> Signed-off-by: Johannes Schindelin <johannes.schindelin@xxxxxx> --- credential.c | 7 ++++++- t/t0300-credentials.sh | 13 +++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/credential.c b/credential.c index c73260ac40f..b9e8daa5406 100644 --- a/credential.c +++ b/credential.c @@ -53,7 +53,12 @@ static int credential_config_callback(const char *var, const char *value, char *url = xmemdupz(key, dot - key); int matched; - credential_from_url(&want, url); + if (credential_from_url_gently(&want, url, 0, 0) < 0) { + warning(_("skipping credential lookup for url: %s"), url); + credential_clear(c); + free(url); + return 0; + } matched = credential_match(&want, c); credential_clear(&want); diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh index efed3ea2955..9dcba6a7ad9 100755 --- a/t/t0300-credentials.sh +++ b/t/t0300-credentials.sh @@ -448,4 +448,17 @@ test_expect_success 'credential system refuses to work with missing protocol' ' test_i18ncmp expect stderr ' +test_expect_success 'credential config accepts partial URLs' ' + echo url=https://example.com | + git -c credential.example.com.username=boo \ + credential fill >actual && + cat >expect <<-EOF && + protocol=https + host=example.com + username=boo + password=askpass-password + EOF + test_cmp expect actual +' + test_done -- gitgitgadget
