git/credential.c, branch v2.37.2

urlmatch.c: add and use a *_release() function

2022-03-04T21:24:18Z

Plug a memory leak in credential_apply_config() by adding and using a new urlmatch_config_release() function. This just does a string_list_clear() on the "vars" member. This finished up work on normalizing the init/free pattern in this API, started in 73ee449bbf2 (urlmatch.[ch]: add and use URLMATCH_CONFIG_INIT, 2021-10-01). Signed-off-by: Ævar Arnfjörð Bjarmason Signed-off-by: Junio C Hamano

urlmatch.[ch]: add and use URLMATCH_CONFIG_INIT

2021-10-01T21:22:51Z

Change the initialization pattern of "struct urlmatch_config" to use an *_INIT macro and designated initializers. Right now there's no other "struct" member of "struct urlmatch_config" which would require its own *_INIT, but it's good practice not to assume that. Let's also change this to a designated initializer while we're at it. Signed-off-by: Ævar Arnfjörð Bjarmason Signed-off-by: Junio C Hamano

credential: fix leak in credential_apply_config()

2021-08-25T18:41:30Z

Signed-off-by: Mike Hommey Signed-off-by: Junio C Hamano

.c _init(): define in terms of corresponding *_INIT macro

2021-07-01T19:32:22Z

Change the common patter in the codebase of duplicating the initialization logic between an *_INIT macro and a corresponding *_init() function to use the macro as the canonical source of truth. Now we no longer need to keep the function up-to-date with the macro version. This implements a suggestion by Jeff King who found that under -O2 [1] modern compilers will init new version in place without the extra copy[1]. The performance of a single *_init() won't matter in most cases, but even if it does we're going to be producing efficient machine code to perform these operations. 1. https://lore.kernel.org/git/YNyrDxUO1PlGJvCn@coredump.intra.peff.net/ Signed-off-by: Ævar Arnfjörð Bjarmason Signed-off-by: Junio C Hamano

credential: treat CR/LF as line endings in the credential protocol

2020-10-03T17:41:03Z

This fix makes using Git credentials more friendly to Windows users: it allows a credential helper to communicate using CR/LF line endings ("DOS line endings" commonly found on Windows) instead of LF-only line endings ("Unix line endings"). Note that this changes the behavior a bit: if a credential helper produces, say, a password with a trailing Carriage Return character, that will now be culled even when the rest of the lines end only in Line Feed characters, indicating that the Carriage Return was not meant to be part of the line ending. In practice, it seems _very_ unlikely that something like this happens. Passwords usually need to consist of non-control characters, URLs need to have special characters URL-encoded, and user names, well, are names. However, it _does_ help on Windows, where CR/LF line endings are common: as unrecognized commands are simply ignored by the credential machinery, even a command like `quit\r` (which is clearly intended to abort) would simply be ignored (silently) by Git. So let's change the credential machinery to accept both CR/LF and LF line endings. While we do this for the credential helper protocol, we do _not_ adjust `git credential-cache--daemon` (which won't work on Windows, anyway, because it requires Unix sockets) nor `git credential-store` (which writes the file `~/.git-credentials` which we consider an implementation detail that should be opaque to the user, read: we do expect users _not_ to edit this file manually). Signed-off-by: Nikita Leonov Signed-off-by: Johannes Schindelin Signed-off-by: Junio C Hamano

run_command: teach API users to use embedded 'args' more

2020-08-26T22:32:37Z

The child_process structure has an embedded strvec for formulating the command line argument list these days, but code that predates the wide use of it prepared a separate char *argv[] array and manually set the child_process.argv pointer point at it. Teach these old-style code to lose the separate argv[] array. Signed-off-by: Junio C Hamano

Merge branch 'js/partial-urlmatch'

2020-05-05T21:54:30Z

The same as js/partial-urlmatch-2.17, built on more recent codebase to avoid unnecessary merge conflicts. * js/partial-urlmatch: credential: handle `credential..` again credential: optionally allow partial URLs in credential_from_url_gently()

Merge branch 'js/partial-urlmatch-2.17'

2020-05-05T21:54:29Z

Recent updates broke parsing of "credential.." where is not a full URL (e.g. [credential "https://"] helper = ...) stopped working, which has been corrected. * js/partial-urlmatch-2.17: credential: handle `credential..` again credential: optionally allow partial URLs in credential_from_url_gently() credential: fix grammar

Merge branch 'bc/wildcard-credential'

2020-05-05T21:54:26Z

Update the parser used for credential.. configuration, to handle s with '/' in them correctly. * bc/wildcard-credential: credential: fix matching URLs with multiple levels in path

credential: handle `credential..` again

2020-04-29T15:37:36Z

In the patches for CVE-2020-11008, the ability to specify credential settings in the config for partial URLs got lost. For example, it used to be possible to specify a credential helper for a specific protocol: [credential "https://"] helper = my-https-helper Likewise, it used to be possible to configure settings for a specific host, e.g.: [credential "dev.azure.com"] useHTTPPath = true Let's reinstate this behavior. While at it, increase the test coverage to document and verify the behavior with a couple other categories of partial URLs. Signed-off-by: Johannes Schindelin Reviewed-by: Carlo Marcelo Arenas Belón Signed-off-by: Junio C Hamano