freshlybakedca.ke
Git fork
Merge branch 'mh/credential-cache-authtype-request-fix'
The "cache" credential back-end did not handle authtype correctly,
which has been corrected.
* mh/credential-cache-authtype-request-fix:
credential-cache: respect authtype capability
+17
-2
+2
-2
builtin/credential-cache--daemon.c
+2
-2
builtin/credential-cache--daemon.c
···
142
142
fprintf(out, "username=%s\n", e->item.username);
143
143
if (e->item.password)
144
144
fprintf(out, "password=%s\n", e->item.password);
145
-
if (credential_has_capability(&c.capa_authtype, CREDENTIAL_OP_HELPER) && e->item.authtype)
145
+
if (credential_has_capability(&c.capa_authtype, CREDENTIAL_OP_RESPONSE) && e->item.authtype)
146
146
fprintf(out, "authtype=%s\n", e->item.authtype);
147
-
if (credential_has_capability(&c.capa_authtype, CREDENTIAL_OP_HELPER) && e->item.credential)
147
+
if (credential_has_capability(&c.capa_authtype, CREDENTIAL_OP_RESPONSE) && e->item.credential)
148
148
fprintf(out, "credential=%s\n", e->item.credential);
149
149
if (e->item.password_expiry_utc != TIME_MAX)
150
150
fprintf(out, "password_expiry_utc=%"PRItime"\n",
+15
t/lib-credential.sh
+15
t/lib-credential.sh
···
566
566
EOF
567
567
'
568
568
569
+
test_expect_success "helper ($HELPER) gets authtype and credential only if request has authtype capability" '
570
+
check fill $HELPER <<-\EOF
571
+
protocol=https
572
+
host=git.example.com
573
+
--
574
+
protocol=https
575
+
host=git.example.com
576
+
username=askpass-username
577
+
password=askpass-password
578
+
--
579
+
askpass: Username for '\''https://git.example.com'\'':
580
+
askpass: Password for '\''https://askpass-username@git.example.com'\'':
581
+
EOF
582
+
'
583
+
569
584
test_expect_success "helper ($HELPER) stores authtype and credential with username" '
570
585
check approve $HELPER <<-\EOF
571
586
capability[]=authtype