diff options
| author | Junio C Hamano <gitster@pobox.com> | 2024-05-28 11:17:11 -0700 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2024-05-28 11:17:11 -0700 |
| commit | 2a1a882890a3336f6f44d33793eedb70ff75d37a (patch) | |
| tree | 1b022bafa46d12c208a0b032169417ec1b975051 | |
| parent | b32f298264d9df8febc9942c196eaf7e82c86184 (diff) | |
| parent | e1ab45b2dab51f94db9548666dfd7af626d2aa7e (diff) | |
| download | git-2a1a882890a3336f6f44d33793eedb70ff75d37a.tar.gz | |
Merge branch 'kn/osxkeychain-skip-idempotent-store'
The credential helper that talks with osx keychain learned to avoid
storing back the authentication material it just got received from
the keychain.
* kn/osxkeychain-skip-idempotent-store:
osxkeychain: state to skip unnecessary store operations
osxkeychain: exclusive lock to serialize execution of operations
| -rw-r--r-- | contrib/credential/osxkeychain/git-credential-osxkeychain.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/contrib/credential/osxkeychain/git-credential-osxkeychain.c b/contrib/credential/osxkeychain/git-credential-osxkeychain.c index 6a40917b1e..6ce22a28ed 100644 --- a/contrib/credential/osxkeychain/git-credential-osxkeychain.c +++ b/contrib/credential/osxkeychain/git-credential-osxkeychain.c @@ -12,6 +12,7 @@ static CFStringRef username; static CFDataRef password; static CFDataRef password_expiry_utc; static CFDataRef oauth_refresh_token; +static int state_seen; static void clear_credential(void) { @@ -171,6 +172,9 @@ static OSStatus find_internet_password(void) CFRelease(item); + write_item("capability[]", "state", strlen("state")); + write_item("state[]", "osxkeychain:seen=1", strlen("osxkeychain:seen=1")); + out: CFRelease(attrs); @@ -284,6 +288,9 @@ static OSStatus add_internet_password(void) CFDictionaryRef attrs; OSStatus result; + if (state_seen) + return errSecSuccess; + /* Only store complete credentials */ if (!protocol || !host || !username || !password) return -1; @@ -395,6 +402,10 @@ static void read_credential(void) oauth_refresh_token = CFDataCreate(kCFAllocatorDefault, (UInt8 *)v, strlen(v)); + else if (!strcmp(buf, "state[]")) { + if (!strcmp(v, "osxkeychain:seen=1")) + state_seen = 1; + } /* * Ignore other lines; we don't know what they mean, but * this future-proofs us when later versions of git do @@ -414,6 +425,9 @@ int main(int argc, const char **argv) if (!argv[1]) die("%s", usage); + if (open(argv[0], O_RDONLY | O_EXLOCK) == -1) + die("failed to lock %s", argv[0]); + read_credential(); if (!strcmp(argv[1], "get")) |