summaryrefslogtreecommitdiff
path: root/credential.h
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2011-12-10 05:31:11 -0500
committerJunio C Hamano <gitster@pobox.com>2011-12-11 23:16:24 -0800
commitabca927dbef2c310056b8a1a8be5561212b3243a (patch)
tree97ca8e6995555078ba560db471d9b6a31f591f2e /credential.h
parent89650285d8ef98173190a80f1d070a33092c9314 (diff)
downloadgit-abca927dbef2c310056b8a1a8be5561212b3243a.tar.gz
introduce credentials API
There are a few places in git that need to get a username and password credential from the user; the most notable one is HTTP authentication for smart-http pushing. Right now the only choices for providing credentials are to put them plaintext into your ~/.netrc, or to have git prompt you (either on the terminal or via an askpass program). The former is not very secure, and the latter is not very convenient. Unfortunately, there is no "always best" solution for password management. The details will depend on the tradeoff you want between security and convenience, as well as how git can integrate with other security systems (e.g., many operating systems provide a keychain or password wallet for single sign-on). This patch provides an abstract notion of credentials as a data item, and provides three basic operations: - fill (i.e., acquire from external storage or from the user) - approve (mark a credential as "working" for further storage) - reject (mark a credential as "not working", so it can be removed from storage) These operations can be backed by external helper processes that interact with system- or user-specific secure storage. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'credential.h')
-rw-r--r--credential.h28
1 files changed, 28 insertions, 0 deletions
diff --git a/credential.h b/credential.h
new file mode 100644
index 0000000000..2ea7d495d6
--- /dev/null
+++ b/credential.h
@@ -0,0 +1,28 @@
+#ifndef CREDENTIAL_H
+#define CREDENTIAL_H
+
+#include "string-list.h"
+
+struct credential {
+ struct string_list helpers;
+ unsigned approved:1;
+
+ char *username;
+ char *password;
+ char *protocol;
+ char *host;
+ char *path;
+};
+
+#define CREDENTIAL_INIT { STRING_LIST_INIT_DUP }
+
+void credential_init(struct credential *);
+void credential_clear(struct credential *);
+
+void credential_fill(struct credential *);
+void credential_approve(struct credential *);
+void credential_reject(struct credential *);
+
+int credential_read(struct credential *, FILE *);
+
+#endif /* CREDENTIAL_H */