Google Git
Sign in
code / git / abca927dbef2c310056b8a1a8be5561212b3243a
commitabca927dbef2c310056b8a1a8be5561212b3243a[log] [tgz]
authorJeff King <peff@peff.net>Sat Dec 10 05:31:11 2011 -0500
committerJunio C Hamano <gitster@pobox.com>Sun Dec 11 23:16:24 2011 -0800
tree97ca8e6995555078ba560db471d9b6a31f591f2e
parent89650285d8ef98173190a80f1d070a33092c9314 [diff]
introduce credentials API

There are a few places in git that need to get a username
and password credential from the user; the most notable one
is HTTP authentication for smart-http pushing.

Right now the only choices for providing credentials are to
put them plaintext into your ~/.netrc, or to have git prompt
you (either on the terminal or via an askpass program). The
former is not very secure, and the latter is not very
convenient.

Unfortunately, there is no "always best" solution for
password management. The details will depend on the tradeoff
you want between security and convenience, as well as how
git can integrate with other security systems (e.g., many
operating systems provide a keychain or password wallet for
single sign-on).

This patch provides an abstract notion of credentials as a
data item, and provides three basic operations:

  - fill (i.e., acquire from external storage or from the
    user)

  - approve (mark a credential as "working" for further
    storage)

  - reject (mark a credential as "not working", so it can
    be removed from storage)

These operations can be backed by external helper processes
that interact with system- or user-specific secure storage.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
8 files changed
tree: 97ca8e6995555078ba560db471d9b6a31f591f2e
  1. block-sha1/
  2. builtin/
  3. compat/
  4. contrib/
  5. Documentation/
  6. git-gui/
  7. git_remote_helpers/
  8. gitk-git/
  9. gitweb/
  10. mergetools/
  11. perl/
  12. po/
  13. ppc/
  14. t/
  15. templates/
  16. vcs-svn/
  17. xdiff/
  18. RelNotesDocumentation/RelNotes/1.7.8.txt
  19. .gitattributes
  20. .gitignore
  21. .mailmap
  22. abspath.c
  23. aclocal.m4
  24. advice.c
  25. advice.h
  26. alias.c
  27. alloc.c
  28. archive-tar.c
  29. archive-zip.c
  30. archive.c
  31. archive.h
  32. argv-array.c
  33. argv-array.h
  34. attr.c
  35. attr.h
  36. base85.c
  37. bisect.c
  38. bisect.h
  39. blob.c
  40. blob.h
  41. branch.c
  42. branch.h
  43. builtin.h
  44. bundle.c
  45. bundle.h
  46. cache-tree.c
  47. cache-tree.h
  48. cache.h
  49. check-builtins.sh
  50. check-racy.c
  51. check_bindir
  52. color.c
  53. color.h
  54. combine-diff.c
  55. command-list.txt
  56. commit.c
  57. commit.h
  58. config.c
  59. config.mak.in
  60. configure.ac
  61. connect.c
  62. connected.c
  63. connected.h
  64. convert.c
  65. convert.h
  66. copy.c
  67. COPYING
  68. credential.c
  69. credential.h
  70. csum-file.c
  71. csum-file.h
  72. ctype.c
  73. daemon.c
  74. date.c
  75. decorate.c
  76. decorate.h
  77. delta.h
  78. diff-delta.c
  79. diff-lib.c
  80. diff-no-index.c
  81. diff.c
  82. diff.h
  83. diffcore-break.c
  84. diffcore-delta.c
  85. diffcore-order.c
  86. diffcore-pickaxe.c
  87. diffcore-rename.c
  88. diffcore.h
  89. dir.c
  90. dir.h
  91. editor.c
  92. entry.c
  93. environment.c
  94. exec_cmd.c
  95. exec_cmd.h
  96. fast-import.c
  97. fetch-pack.h
  98. fixup-builtins
  99. fsck.c
  100. fsck.h
  101. generate-cmdlist.sh
  102. gettext.c
  103. gettext.h
  104. git-add--interactive.perl
  105. git-am.sh
  106. git-archimport.perl
  107. git-bisect.sh
  108. git-compat-util.h
  109. git-cvsexportcommit.perl
  110. git-cvsimport.perl
  111. git-cvsserver.perl
  112. git-difftool--helper.sh
  113. git-difftool.perl
  114. git-filter-branch.sh
  115. git-instaweb.sh
  116. git-lost-found.sh
  117. git-merge-octopus.sh
  118. git-merge-one-file.sh
  119. git-merge-resolve.sh
  120. git-mergetool--lib.sh
  121. git-mergetool.sh
  122. git-parse-remote.sh
  123. git-pull.sh
  124. git-quiltimport.sh
  125. git-rebase--am.sh
  126. git-rebase--interactive.sh
  127. git-rebase--merge.sh
  128. git-rebase.sh
  129. git-relink.perl
  130. git-remote-testgit.py
  131. git-repack.sh
  132. git-request-pull.sh
  133. git-send-email.perl
  134. git-sh-i18n.sh
  135. git-sh-setup.sh
  136. git-stash.sh
  137. git-submodule.sh
  138. git-svn.perl
  139. GIT-VERSION-GEN
  140. git-web--browse.sh
  141. git.c
  142. git.spec.in
  143. graph.c
  144. graph.h
  145. grep.c
  146. grep.h
  147. hash.c
  148. hash.h
  149. help.c
  150. help.h
  151. hex.c
  152. http-backend.c
  153. http-fetch.c
  154. http-push.c
  155. http-walker.c
  156. http.c
  157. http.h
  158. ident.c
  159. imap-send.c
  160. INSTALL
  161. kwset.c
  162. kwset.h
  163. levenshtein.c
  164. levenshtein.h
  165. LGPL-2.1
  166. list-objects.c
  167. list-objects.h
  168. ll-merge.c
  169. ll-merge.h
  170. lockfile.c
  171. log-tree.c
  172. log-tree.h
  173. mailmap.c
  174. mailmap.h
  175. Makefile
  176. match-trees.c
  177. merge-file.c
  178. merge-file.h
  179. merge-recursive.c
  180. merge-recursive.h
  181. name-hash.c
  182. notes-cache.c
  183. notes-cache.h
  184. notes-merge.c
  185. notes-merge.h
  186. notes.c
  187. notes.h
  188. object.c
  189. object.h
  190. pack-check.c
  191. pack-refs.c
  192. pack-refs.h
  193. pack-revindex.c
  194. pack-revindex.h
  195. pack-write.c
  196. pack.h
  197. pager.c
  198. parse-options-cb.c
  199. parse-options.c
  200. parse-options.h
  201. patch-delta.c
  202. patch-ids.c
  203. patch-ids.h
  204. path.c
  205. pkt-line.c
  206. pkt-line.h
  207. preload-index.c
  208. pretty.c
  209. progress.c
  210. progress.h
  211. quote.c
  212. quote.h
  213. reachable.c
  214. reachable.h
  215. read-cache.c
  216. README
  217. reflog-walk.c
  218. reflog-walk.h
  219. refs.c
  220. refs.h
  221. remote-curl.c
  222. remote.c
  223. remote.h
  224. replace_object.c
  225. rerere.c
  226. rerere.h
  227. resolve-undo.c
  228. resolve-undo.h
  229. revision.c
  230. revision.h
  231. run-command.c
  232. run-command.h
  233. send-pack.h
  234. sequencer.c
  235. sequencer.h
  236. server-info.c
  237. setup.c
  238. sh-i18n--envsubst.c
  239. sha1-array.c
  240. sha1-array.h
  241. sha1-lookup.c
  242. sha1-lookup.h
  243. sha1_file.c
  244. sha1_name.c
  245. shallow.c
  246. shell.c
  247. shortlog.h
  248. show-index.c
  249. sideband.c
  250. sideband.h
  251. sigchain.c
  252. sigchain.h
  253. strbuf.c
  254. strbuf.h
  255. streaming.c
  256. streaming.h
  257. string-list.c
  258. string-list.h
  259. submodule.c
  260. submodule.h
  261. symlinks.c
  262. tag.c
  263. tag.h
  264. tar.h
  265. test-chmtime.c
  266. test-credential.c
  267. test-ctype.c
  268. test-date.c
  269. test-delta.c
  270. test-dump-cache-tree.c
  271. test-genrandom.c
  272. test-index-version.c
  273. test-line-buffer.c
  274. test-match-trees.c
  275. test-mktemp.c
  276. test-obj-pool.c
  277. test-parse-options.c
  278. test-path-utils.c
  279. test-run-command.c
  280. test-sha1.c
  281. test-sha1.sh
  282. test-sigchain.c
  283. test-string-pool.c
  284. test-subprocess.c
  285. test-svn-fe.c
  286. test-treap.c
  287. thread-utils.c
  288. thread-utils.h
  289. trace.c
  290. transport-helper.c
  291. transport.c
  292. transport.h
  293. tree-diff.c
  294. tree-walk.c
  295. tree-walk.h
  296. tree.c
  297. tree.h
  298. unimplemented.sh
  299. unpack-trees.c
  300. unpack-trees.h
  301. upload-pack.c
  302. url.c
  303. url.h
  304. usage.c
  305. userdiff.c
  306. userdiff.h
  307. utf8.c
  308. utf8.h
  309. walker.c
  310. walker.h
  311. wrap-for-bin.sh
  312. wrapper.c
  313. write_or_die.c
  314. ws.c
  315. wt-status.c
  316. wt-status.h
  317. xdiff-interface.c
  318. xdiff-interface.h
  319. zlib.c