From: Eric Wong <e@80x24.org>
To: meta@public-inbox.org
Subject: [PATCH] net_reader: don't approve/reject credentials w/o "fill"
Date: Mon, 6 Sep 2021 07:11:53 +0000 [thread overview]
Message-ID: <20210906071153.11534-1-e@80x24.org> (raw)
Credentials sourced via ~/.netrc should not be written to
git-credential.
---
lib/PublicInbox/GitCredential.pm | 1 +
lib/PublicInbox/NetReader.pm | 12 ++++++------
2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/lib/PublicInbox/GitCredential.pm b/lib/PublicInbox/GitCredential.pm
index b29780d6..c83fed43 100644
--- a/lib/PublicInbox/GitCredential.pm
+++ b/lib/PublicInbox/GitCredential.pm
@@ -56,6 +56,7 @@ sub fill {
$self->{$1} = $2;
}
close $out_r or die "git credential fill failed: \$!=$! \$?=$?\n";
+ $self->{filled} = 1;
}
1;
diff --git a/lib/PublicInbox/NetReader.pm b/lib/PublicInbox/NetReader.pm
index c050c60f..08166415 100644
--- a/lib/PublicInbox/NetReader.pm
+++ b/lib/PublicInbox/NetReader.pm
@@ -96,8 +96,8 @@ sub mic_for ($$$$) { # mic = Mail::IMAPClient
$cred = undef;
}
if ($cred) {
- $cred->check_netrc unless defined $cred->{password};
- $cred->fill($lei); # may prompt user here
+ my $p = $cred->{password} // $cred->check_netrc;
+ $cred->fill($lei) unless defined($p); # may prompt user here
$mic->User($mic_arg->{User} = $cred->{username});
$mic->Password($mic_arg->{Password} = $cred->{password});
} else { # AUTH=ANONYMOUS
@@ -121,7 +121,7 @@ sub mic_for ($$$$) { # mic = Mail::IMAPClient
}
$mic = undef;
}
- $cred->run($mic ? 'approve' : 'reject') if $cred;
+ $cred->run($mic ? 'approve' : 'reject') if $cred && $cred->{filled};
if ($err) {
$lei ? $lei->fail($err) : warn($err);
}
@@ -191,7 +191,7 @@ sub nn_for ($$$$) { # nn = Net::NNTP
}, 'PublicInbox::GitCredential';
($u, $p) = split(/:/, $ui, 2);
($cred->{username}, $cred->{password}) = ($u, $p);
- $cred->check_netrc unless defined $p;
+ $p //= $cred->check_netrc;
}
my $common = $nn_args->{$sec} // {};
my $nn_arg = {
@@ -204,7 +204,7 @@ sub nn_for ($$$$) { # nn = Net::NNTP
%$nn_arg = (%$nn_arg, %$sa) if $sa;
my $nn = nn_new($nn_arg, $nntp_opt, $uri);
if ($cred) {
- $cred->fill($lei); # may prompt user here
+ $cred->fill($lei) unless defined($p); # may prompt user here
if ($nn->authinfo($u, $p)) {
push @{$nntp_opt->{-postconn}}, [ 'authinfo', $u, $p ];
} else {
@@ -231,7 +231,7 @@ W: see https://rt.cpan.org/Ticket/Display.html?id=129967 for updates
}
$self->{nn_arg}->{$sec} = $nn_arg;
- $cred->run($nn ? 'approve' : 'reject') if $cred;
+ $cred->run($nn ? 'approve' : 'reject') if $cred && $cred->{filled};
$nn;
}
reply other threads:[~2021-09-06 7:11 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://public-inbox.org/README
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210906071153.11534-1-e@80x24.org \
--to=e@80x24.org \
--cc=meta@public-inbox.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).