Git Mailing List Archive on lore.kernel.org
 help / color / Atom feed
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: Jeff King <peff@peff.net>
Cc: git@vger.kernel.org
Subject: Re: [PATCH 3/3] credential: allow wildcard patterns when matching config
Date: Sun, 16 Feb 2020 20:53:29 +0000
Message-ID: <20200216205329.GD6134@camp.crustytoothpaste.net> (raw)
In-Reply-To: <20200216061323.GA2397568@coredump.intra.peff.net>

[-- Attachment #1: Type: text/plain, Size: 3526 bytes --]

On 2020-02-16 at 06:13:23, Jeff King wrote:
>    So I think we're OK here, unless you can come up with any more
>    obscure case.

Yeah, I made this implicit in my patch, but I couldn't think of a
situation where we'd hit this case.  I'll update the commit message to
reflect that we don't intend for this behavior to change.

>    Some options are:
> 
>      - teach urlmatch to pass matching config keys to our callback even
>        if they're "worse" than a previously-seen key, so that we can
>        then record all helpers in the order they appear in the config
>        (retaining the existing behavior)
> 
>      - use urlmatch's cmp_matches() to order the list of helper. This
>        would be a change in behavior, but I wonder if it might be what
>        people prefer. I suspect it would make some happy (if the
>        host-specific helper can answer the query above, you'd just as
>        soon not run the cache helper at all) and others not (if the
>        host-specific one is expensive or requires user interaction, you
>        may want to try the cache first). So I'm not sure if it would be
>        a good idea or not.

I think it should be reasonably simple to adjust the logic to do the
former.  I'd like to avoid making non-backwards compatible changes in
this series.  I'll add some tests for this case as well, since I think
it's going to be important to get right.  Thanks for the sanity check.

> A few comments on the patch itself:
> 
> > --- a/Documentation/gitcredentials.txt
> > +++ b/Documentation/gitcredentials.txt
> > @@ -131,7 +131,9 @@ context would not match:
> >  because the hostnames differ. Nor would it match `foo.example.com`; Git
> >  compares hostnames exactly, without considering whether two hosts are part of
> >  the same domain. Likewise, a config entry for `http://example.com` would not
> > -match: Git compares the protocols exactly.
> > +match: Git compares the protocols exactly.  However, you may use wildcards in
> > +the domain name and other pattern matching techniques as with the `http.<url>.*`
> > +options.
> 
> You'd probably want to review the documentation to accommodate any of
> the behavior changes discussed above that we end up with.

As mentioned, my hope is to not need to do this.

> > +	config.section = "credential";
> > +	config.key = NULL;
> > +	config.collect_fn = credential_config_callback;
> > +	config.cascade_fn = git_default_config;
> > +	config.cb = c;
> 
> I don't think the old code would ever call git_default_config (we _just_
> want to load values for this specific URL). So I think you'd want to
> leave the cascade_fn NULL here?

Okay, can do.

> > +	credential_describe(c, &url);
> > +	normalized_url = url_normalize(url.buf, &config.url);
> 
> The purpose of credential_describe() so far has been to show the URL to
> the user. It won't do any %-encoding that would be required for more
> exotic URLs. But I assume we'd want that in whatever we feed to
> url_normalize. So for example:
> 
>   echo url=https://example.com/%2566 |
>   GIT_TERMINAL_PROMPT=0 git \
>     -c credential.https://example.com/%2566.helper='!echo >&2 run helper'
>     credential fill
> 
> matches in the current code, but not after your patch (we decode %25
> into just "%", and then feed "%66" to the url normalizer, which decodes
> it to "f".

Good point.  I'll fix this and add a test.
-- 
brian m. carlson: Houston, Texas, US
OpenPGP: https://keybase.io/bk2204

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 868 bytes --]

  reply index

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-02-14 22:59 [PATCH 0/3] Wildcard matching for credentials brian m. carlson
2020-02-14 22:59 ` [PATCH 1/3] mailmap: add an additional email address for brian m. carlson brian m. carlson
2020-02-14 22:59 ` [PATCH 2/3] t1300: add test for urlmatch with multiple wildcards brian m. carlson
2020-02-14 22:59 ` [PATCH 3/3] credential: allow wildcard patterns when matching config brian m. carlson
2020-02-16  6:13   ` Jeff King
2020-02-16 20:53     ` brian m. carlson [this message]
2020-02-14 23:58 ` [PATCH 0/3] Wildcard matching for credentials Taylor Blau
2020-02-15  0:13   ` brian m. carlson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200216205329.GD6134@camp.crustytoothpaste.net \
    --to=sandals@crustytoothpaste.net \
    --cc=git@vger.kernel.org \
    --cc=peff@peff.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Git Mailing List Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/git/0 git/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 git git/ https://lore.kernel.org/git \
		git@vger.kernel.org
	public-inbox-index git

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.git


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git