Skip to content

G
git2
Commit 2648dc1a by Edward Thomson
Options

Allowed credential types should be a bitfield

parent 901c34f2
Showing with 39 additions and 22 deletions
include/git2/transport.h
...@@ -28,11 +28,16 @@ GIT_BEGIN_DECL ...@@ -28,11 +28,16 @@ GIT_BEGIN_DECL
*** Begin interface for credentials acquisition *** *** Begin interface for credentials acquisition ***
*/ */
/** Authentication type requested */
typedef enum { typedef enum {
/* git_cred_userpass_plaintext */ /* git_cred_userpass_plaintext */
GIT_CREDTYPE_USERPASS_PLAINTEXT = 1, GIT_CREDTYPE_USERPASS_PLAINTEXT = (1u << 0),
GIT_CREDTYPE_SSH_KEYFILE_PASSPHRASE = 2,
GIT_CREDTYPE_SSH_PUBLICKEY = 3, /* git_cred_ssh_keyfile_passphrase */
GIT_CREDTYPE_SSH_KEYFILE_PASSPHRASE = (1u << 1),
/* git_cred_ssh_publickey */
GIT_CREDTYPE_SSH_PUBLICKEY = (1u << 2),
} git_credtype_t; } git_credtype_t;
/* The base structure for all credential types */ /* The base structure for all credential types */
...@@ -56,7 +61,7 @@ typedef LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC((*git_cred_sign_callback)); ...@@ -56,7 +61,7 @@ typedef LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC((*git_cred_sign_callback));
typedef int (*git_cred_sign_callback)(void *, ...); typedef int (*git_cred_sign_callback)(void *, ...);
#endif #endif
/* A ssh key file and passphrase */ /* An ssh key file and passphrase */
typedef struct git_cred_ssh_keyfile_passphrase { typedef struct git_cred_ssh_keyfile_passphrase {
git_cred parent; git_cred parent;
char *username; char *username;
...@@ -65,7 +70,7 @@ typedef struct git_cred_ssh_keyfile_passphrase { ...@@ -65,7 +70,7 @@ typedef struct git_cred_ssh_keyfile_passphrase {
char *passphrase; char *passphrase;
} git_cred_ssh_keyfile_passphrase; } git_cred_ssh_keyfile_passphrase;
/* A ssh public key and authentication callback */ /* An ssh public key and authentication callback */
typedef struct git_cred_ssh_publickey { typedef struct git_cred_ssh_publickey {
git_cred parent; git_cred parent;
char *username; char *username;
...@@ -123,17 +128,17 @@ GIT_EXTERN(int) git_cred_ssh_keyfile_passphrase_new( ...@@ -123,17 +128,17 @@ GIT_EXTERN(int) git_cred_ssh_keyfile_passphrase_new(
* @param username username to use to authenticate * @param username username to use to authenticate
* @param publickey The bytes of the public key. * @param publickey The bytes of the public key.
* @param publickey_len The length of the public key in bytes. * @param publickey_len The length of the public key in bytes.
* @param sign_fn The callback method for authenticating. * @param sign_fn The callback method to sign the data during the challenge.
* @param sign_data The abstract data sent to the sign_callback method. * @param sign_data The data to pass to the sign function.
* @return 0 for success or an error code for failure * @return 0 for success or an error code for failure
*/ */
GIT_EXTERN(int) git_cred_ssh_publickey_new( GIT_EXTERN(int) git_cred_ssh_publickey_new(
git_cred **out, git_cred **out,
const char *username, const char *username,
const char *publickey, const char *publickey,
size_t publickey_len, size_t publickey_len,
git_cred_sign_callback sign_fn, git_cred_sign_callback sign_fn,
void *sign_data); void *sign_data);
/** /**
* Signature of a function which acquires a credential object. * Signature of a function which acquires a credential object.
......
src/transports/cred.c
...@@ -58,7 +58,7 @@ int git_cred_userpass_plaintext_new( ...@@ -58,7 +58,7 @@ int git_cred_userpass_plaintext_new(
{ {
git_cred_userpass_plaintext *c; git_cred_userpass_plaintext *c;
assert(cred); assert(cred && username && password);
c = git__malloc(sizeof(git_cred_userpass_plaintext)); c = git__malloc(sizeof(git_cred_userpass_plaintext));
GITERR_CHECK_ALLOC(c); GITERR_CHECK_ALLOC(c);
......
src/transports/ssh.c
...@@ -349,7 +349,8 @@ static int _git_ssh_setup_conn( ...@@ -349,7 +349,8 @@ static int _git_ssh_setup_conn(
if (t->owner->cred_acquire_cb( if (t->owner->cred_acquire_cb(
&t->cred, t->owner->url, user, &t->cred, t->owner->url, user,
GIT_CREDTYPE_USERPASS_PLAINTEXT | GIT_CREDTYPE_USERPASS_PLAINTEXT |
GIT_CREDTYPE_SSH_KEYFILE_PASSPHRASE, GIT_CREDTYPE_SSH_KEYFILE_PASSPHRASE |
GIT_CREDTYPE_SSH_PUBLICKEY,
t->owner->cred_acquire_payload) < 0) t->owner->cred_acquire_payload) < 0)
goto on_error; goto on_error;
......
tests-clar/online/push.c
...@@ -37,23 +37,34 @@ static git_oid _tag_lightweight; ...@@ -37,23 +37,34 @@ static git_oid _tag_lightweight;
static git_oid _tag_tag; static git_oid _tag_tag;
static int cred_acquire_cb( static int cred_acquire_cb(
git_cred **cred, git_cred **cred,
const char *url, const char *url,
const char *user_from_url, const char *user_from_url,
unsigned int allowed_types, unsigned int allowed_types,
void *payload) void *payload)
{ {
GIT_UNUSED(url); GIT_UNUSED(url);
GIT_UNUSED(user_from_url); GIT_UNUSED(user_from_url);
GIT_UNUSED(payload);
if (GIT_CREDTYPE_SSH_PUBLICKEY & allowed_types) if (GIT_CREDTYPE_SSH_KEYFILE_PASSPHRASE & allowed_types) {
if (!_remote_user || !_remote_ssh_pubkey || !_remote_ssh_key || !_remote_ssh_passphrase) {
printf("GITTEST_REMOTE_USER, GITTEST_REMOTE_SSH_PUBKEY, GITTEST_REMOTE_SSH_KEY and GITTEST_REMOTE_SSH_PASSPHRASE must be set\n");
return -1;
}
return git_cred_ssh_keyfile_passphrase_new(cred, _remote_user, _remote_ssh_pubkey, _remote_ssh_key, _remote_ssh_passphrase); return git_cred_ssh_keyfile_passphrase_new(cred, _remote_user, _remote_ssh_pubkey, _remote_ssh_key, _remote_ssh_passphrase);
}
if (GIT_CREDTYPE_USERPASS_PLAINTEXT & allowed_types) {
if (!_remote_user || !_remote_pass) {
printf("GITTEST_REMOTE_USER and GITTEST_REMOTE_PASS must be set\n");
return -1;
}
if ((GIT_CREDTYPE_USERPASS_PLAINTEXT & allowed_types) == 0 || return git_cred_userpass_plaintext_new(cred, _remote_user, _remote_pass);
git_cred_userpass_plaintext_new(cred, _remote_user, _remote_pass) < 0) }
return -1;
return 0; return -1;
} }
typedef struct { typedef struct {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment