git-imap-send was directly prompting for a password rather than using
git-credential. git-send-email, on the other hand, supports git-credential.

This is a necessary improvement for users that use two factor authentication, as
they should not be expected to remember all of their app specific passwords.

Signed-off-by: Dan Albert <>

>> About imap vs. imaps: I actually had your exact line in before, but decided
>> that as long as its for the same host the user probably wants to use the
>> same credentials for both imap and imaps (if they for some reason had both
>> configured). Hard coding "imap" allows them to use either protocol with
>> only one keychain entry. The use case is a stretch, but it doesn't do any
>> harm to implement it this way.
> My concerns with conflating the two are:
>   1. The system helper might care about the distinction and prefer imaps
>      (e.g., it might already have the credential stored for your regular
>      mail client, which uses imaps). But osxkeychain is the only helper
>      that makes the distinction, and I don't really know how OS X's
>      keychain code handles the distinction.
>   2. With http and https, we are careful to make the distinction,
>      because we would not want to accidentally share a credential over http
>      that was stored via https. But it's pretty easy to use an http URL
>      rather than an https one. It's probably pretty rare to accidentally
>      turn off imap SSL.
> So I'd be OK with leaving it as "imap" for now, and waiting for somebody
> to actually come up with a real case where the distinction matters.

These are good points. I've made the change.

 imap-send.c | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/imap-send.c b/imap-send.c
index 0bc6f7f..112fc83 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -23,9 +23,9 @@
 #include "cache.h"
+#include "credential.h"
 #include "exec_cmd.h"
 #include "run-command.h"
-#include "prompt.h"
 #ifdef NO_OPENSSL
 typedef void *SSL;
@@ -946,6 +946,7 @@ static int auth_cram_md5(struct imap_store *ctx, struct 
imap_cmd *cmd, const cha
 static struct imap_store *imap_open_store(struct imap_server_conf *srvc)
+       struct credential cred = CREDENTIAL_INIT;
        struct imap_store *ctx;
        struct imap *imap;
        char *arg, *rsp;
@@ -1101,19 +1102,11 @@ static struct imap_store *imap_open_store(struct 
imap_server_conf *srvc)
                        goto bail;
                if (!srvc->pass) {
-                       struct strbuf prompt = STRBUF_INIT;
-                       strbuf_addf(&prompt, "Password (%s@%s): ", srvc->user, 
-                       arg = git_getpass(prompt.buf);
-                       strbuf_release(&prompt);
-                       if (!*arg) {
-                               fprintf(stderr, "Skipping account %s@%s, no 
password\n", srvc->user, srvc->host);
-                               goto bail;
-                       }
-                       /*
-                        * getpass() returns a pointer to a static buffer.  
make a copy
-                        * for long term storage.
-                        */
-                       srvc->pass = xstrdup(arg);
+                       cred.username = xstrdup(srvc->user);
+                       cred.protocol = xstrdup(srvc->use_ssl ? "imaps" : 
+              = xstrdup(srvc->host);
+                       credential_fill(&cred);
+                       srvc->pass = xstrdup(cred.password);
                if (CAP(NOLOGIN)) {
                        fprintf(stderr, "Skipping account %s@%s, server forbids 
LOGIN\n", srvc->user, srvc->host);
@@ -1153,10 +1146,18 @@ static struct imap_store *imap_open_store(struct 
imap_server_conf *srvc)
        } /* !preauth */
+       if (cred.username)
+               credential_approve(&cred);
+       credential_clear(&cred);
        ctx->prefix = "";
        return ctx;
+       if (cred.username)
+               credential_reject(&cred);
+       credential_clear(&cred);
        return NULL;

To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to
More majordomo info at

Reply via email to