On Tue, 27 Aug 2013 16:05:51 -0400 Jeff King <p...@peff.net> wrote: 

JK> On Mon, Aug 26, 2013 at 08:56:23PM -0700, Junio C Hamano wrote:
>> Antoine Pelisse <apeli...@gmail.com> writes:
>> > I've tried to use the netrc credential with git-send-email
>> > (v1.8.4-rc2), and I've had the following log (running with -d -v):
>> Peff what do you think?  From credential layer's point of view, I
>> think we make it totally up to the helper to decide if a request
>> matches what it supports, and if a particular helper wants to make
>> sure it is asked for a specific protocol, that is an OK thing to do,
>> but it feels unnecessarily unfriendly and treating missing proto
>> specification as a wildcard to talk to the specified host over any
>> protocol may not hurt, I would think.

JK> Right. It is up to the credential helper to map git's request into
JK> whatever storage it has. So I think the right answer is whatever is
JK> normal and expected for netrc.

JK> Unfortunately that is not really a standardized format. The original
JK> netrc was ftp-only, and did not have a port or protocol field at all.
JK> Programs like curl extend it automatically to http, and just googling
JK> around seems to show other programs using it for imap and smtp. So I
JK> think there is some precedence in simply treating a missing "port" field
JK> as "match any port/protocol" on the machine.

JK> The upside is that it is convenient for the user. The downside is that
JK> we might accidentally send a password to a service that the user does
JK> not expect, which could compromise security. It would at least be on the
JK> matching host, but the protocol might not be as secure as the one the
JK> user intended (e.g., smtp without starttls, when the password was meant
JK> to only go over imap-over-ssl).

This gets tricky, certainly.  I'd rather make it convenient because
users will, anyway.

JK> So I'm on the fence. It is very unlikely to be a bad thing, but if it
JK> is, it may expose user passwords in cleartext. If we are going to keep
JK> the current behavior, it probably needs to be documented

I'm OK with treating missing protocols as wildcards.

JK> and certainly:

>> > Use of uninitialized value $_[2] in printf at
>> > /home/antoine/code/git/contrib/credential/netrc/git-credential-netrc
>> > line 419.
>> > compare protocol [] to [smtp] (entry: password=secret,
>> > username=apeli...@gmail.com, host=smtp.gmail.com:587)
>> > Use of uninitialized value in string eq at
>> > /home/antoine/code/git/contrib/credential/netrc/git-credential-netrc
>> > line 378.

JK> ...these should more cleanly handle the missing field.

Yes, you're right.  Something like the following (untested) could work
and does the wildcards, which I will make into a proper patch and test
if it looks OK to you.


diff --git a/contrib/credential/netrc/git-credential-netrc 
index 6c51c43..13e537b 100755
--- a/contrib/credential/netrc/git-credential-netrc
+++ b/contrib/credential/netrc/git-credential-netrc
@@ -369,7 +369,10 @@ sub find_netrc_entry {
                my $entry_text = join ', ', map { "$_=$entry->{$_}" } keys 
                foreach my $check (sort keys %$query) {
-                       if (defined $query->{$check}) {
+                       if (!defined $entry->{$check}) {
+                              log_debug("OK: entry has no $check token, so any 
value satisfies check $check");
+                       }
+                       elsif (defined $query->{$check}) {
                                log_debug("compare %s [%s] to [%s] (entry: %s)",

To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to