From: "Carlo Marcelo Arenas Belón" <carenas@gmail.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: git@vger.kernel.org, dirk@ed4u.de, sunshine@sunshineco.com,
peff@peff.net, jrnieder@gmail.com, Johannes.Schindelin@gmx.de
Subject: Re: [PATCH v9] credential-store: warn instead of fatal for bogus lines from store
Date: Thu, 30 Apr 2020 17:30:41 -0700 [thread overview]
Message-ID: <20200501003041.GD33264@Carlos-MBP> (raw)
In-Reply-To: <xmqq1ro4sp1p.fsf@gitster.c.googlers.com>
On Thu, Apr 30, 2020 at 01:21:06PM -0700, Junio C Hamano wrote:
> Carlo Marcelo Arenas Belón <carenas@gmail.com> writes:
> > @@ -23,17 +34,24 @@ static int parse_credential_file(const char *fn,
> > return found_credential;
> > }
> >
> > - while (strbuf_getline_lf(&line, fh) != EOF) {
> > - credential_from_url(&entry, line.buf);
> > - if (entry.username && entry.password &&
> > - credential_match(c, &entry)) {
> > + while (strbuf_getline(&line, fh) != EOF) {
>
> Hmph, I probably have missed some discussion that happened in the
> last few days, but from the use of _lf() in the original, I sense
> that it is very much deliberate that the file format is designed to
> be LF delimited records, *not* a text file in which each line is
> terminated with some end-of-line marker that is platform dependent.
> IOW, an explicit use of _lf() shouts, at least to me, that we want a
> sequence of LF terminated records even on Windows and Macs.
apologize for the confusion, the only discussion was the one I had
with myself late at night when I realized that specific corruption
was not being detected, and might be related to issues that seemed
to be common[1]
the problem is that practically speaking, if users in Windows and Macs
edited the file they "might" had saved lines with the wrong line ending (*)
(part of the reason I added a warning about "encoding" to the documentation),
and those are difficult to "see" as invalid.
using the non _lf() version ensures any trailing '\r' character would
get removed from the credential and allow us to use them, instead of
silently failing.
originally I added a explicit check for it, which I assume you would prefer
but ..
> So, I am not sure why this change is desirable.
to give users immediate relief from what seems to be a commonly seen issue.
IMHO after we get this released out and they see the updated documentation
explaining the risks, and some learn how to fix their credential files (
and hopefully use an editor that lets them see the problem); we could then
add also a detection for this edge case and go back to _lf()
I also had to admit I might had overreacted, as I was testing before v8 with
a very corrupted file and was seeing warnings twice on each operation and
somehow even got myself into the original fatal, which I had to admit I can't
replicate now after some needed rest.
Carlo
[1] https://github.com/desktop/desktop/issues/9597
(*) textedit, which comes with macOS doesn't even write an EOF record when
creating files, for example, and that behaviour seems to be common for
most other native editors but a credential line WITHOUT line ending works
next prev parent reply other threads:[~2020-05-01 0:30 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-26 23:47 [PATCH] git-credential-store: skip empty lines and comments from store Carlo Marcelo Arenas Belón
2020-04-27 0:19 ` Eric Sunshine
2020-04-27 0:46 ` Carlo Marcelo Arenas Belón
2020-04-27 8:42 ` [PATCH v2] " Carlo Marcelo Arenas Belón
2020-04-27 11:52 ` Jeff King
2020-04-27 12:25 ` Carlo Marcelo Arenas Belón
2020-04-27 14:43 ` Eric Sunshine
2020-04-27 17:47 ` Junio C Hamano
2020-04-27 19:09 ` Jeff King
2020-04-27 12:59 ` [PATCH v3] " Carlo Marcelo Arenas Belón
2020-04-27 13:48 ` Philip Oakley
2020-04-28 1:49 ` Carlo Marcelo Arenas Belón
2020-04-29 10:09 ` Philip Oakley
2020-04-27 15:39 ` Dirk
2020-04-27 18:09 ` Junio C Hamano
2020-04-27 19:18 ` Jeff King
2020-04-27 20:43 ` Junio C Hamano
2020-04-27 21:10 ` Jeff King
2020-04-28 1:37 ` Carlo Marcelo Arenas Belón
2020-04-27 23:49 ` Carlo Marcelo Arenas Belón
2020-04-28 5:25 ` Jonathan Nieder
2020-04-28 5:41 ` Jeff King
2020-04-28 7:18 ` Carlo Marcelo Arenas Belón
2020-04-28 8:16 ` Jeff King
2020-04-28 11:25 ` Carlo Marcelo Arenas Belón
2020-04-28 10:58 ` Stefan Tauner
2020-04-28 16:03 ` Junio C Hamano
2020-04-28 21:14 ` Carlo Marcelo Arenas Belón
2020-04-28 21:17 ` Junio C Hamano
2020-04-28 10:48 ` [PATCH v4 0/4] credential-store: prevent fatal errors Carlo Marcelo Arenas Belón
2020-04-28 10:52 ` [PATCH v4 1/4] credential-store: document the file format a bit more Carlo Marcelo Arenas Belón
2020-04-28 10:52 ` [PATCH v4 2/4] git-credential-store: skip empty lines and comments from store Carlo Marcelo Arenas Belón
2020-04-28 16:09 ` Eric Sunshine
2020-04-28 16:42 ` Carlo Marcelo Arenas Belón
2020-04-28 10:52 ` [PATCH v4 3/4] git-credential-store: fix (WIP) Carlo Marcelo Arenas Belón
2020-04-28 16:11 ` Eric Sunshine
2020-04-28 17:14 ` Carlo Marcelo Arenas Belón
2020-04-28 10:52 ` [PATCH v4 4/4] credential-store: make sure there is no regression with missing scheme Carlo Marcelo Arenas Belón
2020-04-28 16:06 ` [PATCH v4 1/4] credential-store: document the file format a bit more Eric Sunshine
2020-04-28 18:18 ` Junio C Hamano
2020-04-28 18:15 ` Junio C Hamano
2020-04-29 0:33 ` [PATCH v5] credential-store: warn instead of fatal for bogus lines from store Carlo Marcelo Arenas Belón
2020-04-29 4:36 ` Junio C Hamano
2020-04-29 7:31 ` Carlo Marcelo Arenas Belón
2020-04-29 16:46 ` Junio C Hamano
2020-04-29 20:35 ` [RFC PATCH v6 0/2] credential-store: prevent fatal errors Carlo Marcelo Arenas Belón
2020-04-29 20:35 ` [RFC PATCH v6 1/2] credential-store: warn instead of fatal for bogus lines from store Carlo Marcelo Arenas Belón
2020-04-29 21:05 ` Junio C Hamano
2020-04-29 21:17 ` Junio C Hamano
2020-04-29 20:35 ` [RFC PATCH v6 2/2] credential-store: warn for any incomplete credentials instead of using Carlo Marcelo Arenas Belón
2020-04-29 21:12 ` Junio C Hamano
2020-04-29 21:49 ` [RFC PATCH v6 2/2] credential-store: warn for any incomplete credentials instead of usingy Carlo Marcelo Arenas Belón
2020-04-29 22:04 ` Junio C Hamano
2020-04-29 23:23 ` [PATCH v6] credential-store: warn instead of fatal for bogus lines from store Carlo Marcelo Arenas Belón
2020-04-29 23:47 ` Junio C Hamano
2020-04-29 23:57 ` Junio C Hamano
2020-04-30 1:00 ` Carlo Marcelo Arenas Belón
2020-04-30 1:19 ` [PATCH v7] " Carlo Marcelo Arenas Belón
2020-04-30 9:29 ` [PATCH v8] " Carlo Marcelo Arenas Belón
2020-04-30 16:06 ` [PATCH v9] " Carlo Marcelo Arenas Belón
2020-04-30 20:21 ` Junio C Hamano
2020-04-30 21:14 ` Junio C Hamano
2020-05-01 0:30 ` Carlo Marcelo Arenas Belón [this message]
2020-05-01 1:40 ` Junio C Hamano
2020-05-01 2:24 ` Carlo Arenas
2020-05-01 5:27 ` Junio C Hamano
2020-05-01 13:57 ` Carlo Marcelo Arenas Belón
2020-05-01 18:59 ` Junio C Hamano
2020-05-01 3:21 ` [RFC PATCH v10] credential-store: warn/ignore for bogus lines from store file Carlo Marcelo Arenas Belón
2020-05-01 5:18 ` [RFC PATCH v10 2/1] credential-store: warn also for store and erase Carlo Marcelo Arenas Belón
2020-05-01 5:35 ` Junio C Hamano
2020-05-02 18:16 ` [PATCH v10] credential-store: ignore bogus lines from store file Carlo Marcelo Arenas Belón
2020-05-02 20:47 ` Junio C Hamano
2020-05-02 21:23 ` Carlo Marcelo Arenas Belón
2020-05-02 21:53 ` Carlo Marcelo Arenas Belón
2020-05-03 0:44 ` Junio C Hamano
2020-05-03 10:06 ` Jeff King
2020-05-02 21:05 ` Carlo Marcelo Arenas Belón
2020-05-02 22:34 ` [PATCH v11] " Carlo Marcelo Arenas Belón
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200501003041.GD33264@Carlos-MBP \
--to=carenas@gmail.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=dirk@ed4u.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jrnieder@gmail.com \
--cc=peff@peff.net \
--cc=sunshine@sunshineco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).