global/git

Fork 0

mirror of https://github.com/git/git.git synced 2026-03-14 18:59:04 +01:00

Commit Graph

Author	SHA1	Message	Date
Jeff King	00b1daa2c1	allow the user to configure credential helpers The functionality for helpers is already there; we just need to give the users a way to turn it on. The new functionality is enabled whenever a caller of the credentials API passes a NULL method list. This will enable it for all current callers (i.e., the http code). Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>	2011-08-03 15:25:12 -07:00
Jeff King	20a93d32fa	look for credentials in config before prompting When an http request receives a 401, we ask the user for both a username and password. While it's generally not a good idea for us to store the password in plaintext, having to input the username each time is annoying, and can be easily solved with a config variable. This patch teaches the credential subsystem to look up items in the git config file before prompting. Items are indexed by the "unique" token passed to the credential system. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>	2011-08-03 15:25:12 -07:00
Jeff King	59f5226028	introduce credentials API There are a few places in git that need to get a username and password credential from the user; the most notable one is HTTP authentication for smart-http pushing. Right now the only choices for providing credentials are to put them plaintext into your ~/.netrc, or to have git prompt you (either on the terminal or via an askpass program). The former is not very secure, and the latter is not very convenient. Unfortunately, there is no "always best" solution for password management. The details will depend on the tradeoff you want between security and convenience, as well as how git can integrate with other security systems (e.g., many operating systems provide a keychain or password wallet for single sign-on). This patch abstracts the notion of gathering user credentials into a few simple functions. These functions can be backed by our internal git_getpass implementation (which just prompts the user), or by external helpers which are free to consult system-specific password wallets, make custom policy decisions on password caching and storage, or prompt the user in a non-traditional manner. The helper protocol aims for simplicity of helper implementation; see the newly added documentation for details. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>	2011-08-03 15:25:11 -07:00

Author

SHA1

Message

Date

Jeff King

00b1daa2c1

allow the user to configure credential helpers

The functionality for helpers is already there; we just need
to give the users a way to turn it on.

The new functionality is enabled whenever a caller of the
credentials API passes a NULL method list. This will enable
it for all current callers (i.e., the http code).

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

2011-08-03 15:25:12 -07:00

Jeff King

20a93d32fa

look for credentials in config before prompting

When an http request receives a 401, we ask the user for
both a username and password. While it's generally not a
good idea for us to store the password in plaintext, having
to input the username each time is annoying, and can be
easily solved with a config variable.

This patch teaches the credential subsystem to look up items
in the git config file before prompting. Items are indexed
by the "unique" token passed to the credential system.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

2011-08-03 15:25:12 -07:00

Jeff King

59f5226028

introduce credentials API

There are a few places in git that need to get a username
and password credential from the user; the most notable one
is HTTP authentication for smart-http pushing.

Right now the only choices for providing credentials are to
put them plaintext into your ~/.netrc, or to have git prompt
you (either on the terminal or via an askpass program). The
former is not very secure, and the latter is not very
convenient.

Unfortunately, there is no "always best" solution for
password management. The details will depend on the tradeoff
you want between security and convenience, as well as how
git can integrate with other security systems (e.g., many
operating systems provide a keychain or password wallet for
single sign-on).

This patch abstracts the notion of gathering user
credentials into a few simple functions. These functions can
be backed by our internal git_getpass implementation (which
just prompts the user), or by external helpers which are
free to consult system-specific password wallets, make
custom policy decisions on password caching and storage, or
prompt the user in a non-traditional manner.

The helper protocol aims for simplicity of helper
implementation; see the newly added documentation for
details.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

2011-08-03 15:25:11 -07:00

3 Commits