From: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
To: Jeff King <peff@peff.net>
Cc: Patrick Steinhardt <ps@pks.im>,
git@vger.kernel.org, Junio C Hamano <gitster@pobox.com>,
"brian m. carlson" <sandals@crustytoothpaste.net>,
Philip Oakley <philipoakley@iee.email>
Subject: Re: [PATCH 3/3] config: store "git -c" variables using more robust format
Date: Thu, 10 Dec 2020 21:55:18 +0100 [thread overview]
Message-ID: <87pn3hwfd5.fsf@evledraar.gmail.com> (raw)
In-Reply-To: <X9D5SnXca2rGnJFl@coredump.intra.peff.net>
On Wed, Dec 09 2020, Jeff King wrote:
> The previous commit added a new format for $GIT_CONFIG_PARAMETERS which
> is able to robustly handle subsections with "=" in them. Let's start
> writing the new format. Unfortunately, this does much less than you'd
> hope, because "git -c" itself has the same ambiguity problem! But it's
> still worth doing:
>
> - we've now pushed the problem from the inter-process communication
> into the "-c" command-line parser. This would free us up to later
> add an unambiguous format there (e.g., separate arguments like "git
> --config key value", etc).
>
> - for --config-env, the parser already disallows "=" in the
> environment variable name. So:
>
> git --config-env section.with=equals.key=ENVVAR
>
> will robustly set section.with=equals.key to the contents of
> $ENVVAR.
>
> The new test shows the improvement for --config-env.
>
> Signed-off-by: Jeff King <peff@peff.net>
> ---
> One other side effect I just noticed is that we're very aggressive about
> trimming leading and trailing whitespace in the old-style format, but
> the new one will store values verbatim. IMHO that's better overall, but
> we might consider a preparatory patch to remove that trimming
> explicitly.
>
> config.c | 52 ++++++++++++++++++++++++++++++++++++++++-------
> t/t1300-config.sh | 8 ++++++++
> 2 files changed, 53 insertions(+), 7 deletions(-)
>
> diff --git a/config.c b/config.c
> index fb160c33d2..04029e45dc 100644
> --- a/config.c
> +++ b/config.c
> @@ -333,38 +333,76 @@ int git_config_include(const char *var, const char *value, void *data)
> return ret;
> }
>
> -void git_config_push_parameter(const char *text)
> +static void git_config_push_split_parameter(const char *key, const char *value)
> {
> struct strbuf env = STRBUF_INIT;
> const char *old = getenv(CONFIG_DATA_ENVIRONMENT);
> if (old && *old) {
> strbuf_addstr(&env, old);
> strbuf_addch(&env, ' ');
> }
> - sq_quote_buf(&env, text);
> + sq_quote_buf(&env, key);
> + strbuf_addch(&env, '=');
> + if (value)
> + sq_quote_buf(&env, value);
> setenv(CONFIG_DATA_ENVIRONMENT, env.buf, 1);
> strbuf_release(&env);
> }
>
> +void git_config_push_parameter(const char *text)
> +{
> + const char *value;
> +
> + /*
> + * When we see:
> + *
> + * section.subsection=with=equals.key=value
> + *
> + * we cannot tell if it means:
> + *
> + * [section "subsection=with=equals"]
> + * key = value
> + *
> + * or:
> + *
> + * [section]
> + * subsection = with=equals.key=value
> + *
> + * We parse left-to-right for the first "=", meaning we'll prefer to
> + * keep the value intact over the subsection. This is historical, but
> + * also sensible since values are more likely to contain odd or
> + * untrusted input than a section name.
> + *
> + * A missing equals is explicitly allowed (as a bool-only entry).
> + */
> + value = strchr(text, '=');
> + if (value) {
> + char *key = xmemdupz(text, value - text);
> + git_config_push_split_parameter(key, value + 1);
> + free(key);
> + } else {
> + git_config_push_split_parameter(text, NULL);
> + }
> +}
> +
> void git_config_push_env(const char *spec)
> {
> - struct strbuf buf = STRBUF_INIT;
> + char *key;
> const char *env_name;
> const char *env_value;
>
> env_name = strrchr(spec, '=');
> if (!env_name)
> die("invalid config format: %s", spec);
> + key = xmemdupz(spec, env_name - spec);
> env_name++;
>
> env_value = getenv(env_name);
> if (!env_value)
> die("config variable missing for '%s'", env_name);
>
> - strbuf_add(&buf, spec, env_name - spec);
> - strbuf_addstr(&buf, env_value);
> - git_config_push_parameter(buf.buf);
> - strbuf_release(&buf);
> + git_config_push_split_parameter(key, env_value);
> + free(key);
> }
>
> static inline int iskeychar(int c)
> diff --git a/t/t1300-config.sh b/t/t1300-config.sh
> index bd602e7720..e06961767f 100755
> --- a/t/t1300-config.sh
> +++ b/t/t1300-config.sh
> @@ -1413,6 +1413,14 @@ test_expect_success 'git -c and --config-env override each other' '
> test_cmp expect actual
> '
>
> +test_expect_success '--config-env handles keys with equals' '
> + echo value=with=equals >expect &&
> + ENVVAR=value=with=equals git \
> + --config-env=section.subsection=with=equals.key=ENVVAR \
> + config section.subsection=with=equals.key >actual &&
> + test_cmp expect actual
> +'
> +
Maybe worth adding a test for the strrchr() semantics here with:
perl -we '$ENV{"Y=Z"}="why and zed"; system "Z=zed git --config-env=X=Y=Z ..."'
Which would show that we can't look up "Y=Z", but will always get "Z".
I think that's fine b.t.w., 1/2 of the minor objection I had to
--config-env in
https://lore.kernel.org/git/87y2i7vvz4.fsf@evledraar.gmail.com/ was
mainly about being unable to e.g. support odd token usernames with the
"insteadOf" feature.
But aside from having a feature meant to improve security being able to
be combined with a config variable we have in a way that leaks the
password in ps(1) I think these improved semantics make sense.
I.e. I can't imagine someone wants an env var with "=" in it, even
though POSIX makes such a thing possible (you just can't do it in a
shellscript).
next prev parent reply other threads:[~2020-12-10 20:59 UTC|newest]
Thread overview: 116+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-24 10:50 [PATCH v2 0/2] config: allow specifying config entries via envvar pairs Patrick Steinhardt
2020-11-24 10:50 ` [PATCH v2 1/2] config: extract function to parse config pairs Patrick Steinhardt
2020-11-24 10:50 ` [PATCH v2 2/2] config: allow specifying config entries via envvar pairs Patrick Steinhardt
2020-11-25 3:39 ` Junio C Hamano
2020-11-25 7:06 ` Patrick Steinhardt
2020-11-25 7:41 ` Junio C Hamano
2020-11-25 7:57 ` Patrick Steinhardt
2020-11-25 8:47 ` Ævar Arnfjörð Bjarmason
2020-11-25 9:00 ` Ævar Arnfjörð Bjarmason
2020-11-25 19:50 ` Junio C Hamano
2020-11-25 10:41 ` [PATCH v2 0/2] " Jeff King
2020-11-25 13:16 ` Patrick Steinhardt
2020-11-26 0:36 ` Jeff King
2020-11-25 20:28 ` Junio C Hamano
2020-11-25 22:47 ` brian m. carlson
2020-11-26 6:31 ` Patrick Steinhardt
2020-12-01 9:47 ` Patrick Steinhardt
2020-12-01 11:30 ` Jeff King
2020-12-01 9:55 ` [PATCH v3 0/4] " Patrick Steinhardt
2020-12-01 9:55 ` [PATCH v3 1/4] environment: make `getenv_safe()` non-static Patrick Steinhardt
2020-12-01 9:56 ` [PATCH v3 2/4] config: extract function to parse config pairs Patrick Steinhardt
2020-12-01 9:56 ` [PATCH v3 3/4] config: refactor parsing of GIT_CONFIG_PARAMETERS Patrick Steinhardt
2020-12-01 9:56 ` [PATCH v3 4/4] config: allow specifying config entries via envvar pairs Patrick Steinhardt
2020-12-09 11:52 ` [PATCH v4 0/6] config: allow specifying config entries via env Patrick Steinhardt
2020-12-09 11:52 ` [PATCH v4 1/6] git: add `--super-prefix` to usage string Patrick Steinhardt
2020-12-09 11:52 ` [PATCH v4 2/6] config: add new way to pass config via `--config-env` Patrick Steinhardt
2020-12-09 14:40 ` Ævar Arnfjörð Bjarmason
2020-12-09 16:24 ` Jeff King
2020-12-11 13:24 ` Patrick Steinhardt
2020-12-11 14:21 ` Jeff King
2020-12-11 14:54 ` Patrick Steinhardt
2020-12-11 16:10 ` Jeff King
2020-12-09 16:10 ` Jeff King
2020-12-09 16:12 ` [PATCH 1/3] quote: make sq_dequote_step() a public function Jeff King
2020-12-09 16:17 ` [PATCH 2/3] config: parse more robust format in GIT_CONFIG_PARAMETERS Jeff King
2020-12-09 16:20 ` [PATCH 3/3] config: store "git -c" variables using more robust format Jeff King
2020-12-09 16:34 ` Jeff King
2020-12-10 20:55 ` Ævar Arnfjörð Bjarmason [this message]
2020-12-10 21:49 ` Junio C Hamano
2020-12-11 13:21 ` Jeff King
2020-12-10 0:00 ` [PATCH v4 2/6] config: add new way to pass config via `--config-env` Junio C Hamano
2020-12-10 0:09 ` Jeff King
2020-12-10 0:57 ` Junio C Hamano
2020-12-11 13:24 ` Patrick Steinhardt
2020-12-11 14:20 ` Jeff King
2020-12-09 11:52 ` [PATCH v4 3/6] environment: make `getenv_safe()` non-static Patrick Steinhardt
2020-12-09 11:52 ` [PATCH v4 4/6] config: extract function to parse config pairs Patrick Steinhardt
2020-12-09 13:12 ` Ævar Arnfjörð Bjarmason
2020-12-09 11:52 ` [PATCH v4 5/6] config: refactor parsing of GIT_CONFIG_PARAMETERS Patrick Steinhardt
2020-12-09 11:52 ` [PATCH v4 6/6] config: allow specifying config entries via envvar pairs Patrick Steinhardt
2020-12-09 15:29 ` [PATCH v4 0/6] config: allow specifying config entries via env Ævar Arnfjörð Bjarmason
2020-12-11 13:35 ` Patrick Steinhardt
2020-12-11 14:27 ` Jeff King
2020-12-11 14:42 ` Jeff King
2020-12-11 14:58 ` Patrick Steinhardt
2020-12-11 14:47 ` Patrick Steinhardt
2020-12-11 15:21 ` Ævar Arnfjörð Bjarmason
2020-12-11 16:02 ` Jeff King
2020-12-16 7:52 ` [PATCH v5 0/8] " Patrick Steinhardt
2020-12-16 7:52 ` [PATCH v5 1/8] git: add `--super-prefix` to usage string Patrick Steinhardt
2020-12-16 7:52 ` [PATCH v5 2/8] config: add new way to pass config via `--config-env` Patrick Steinhardt
2020-12-23 21:35 ` Junio C Hamano
2020-12-16 7:54 ` [PATCH v5 4/8] config: extract function to parse config pairs Patrick Steinhardt
2020-12-16 7:54 ` [PATCH v5 7/8] environment: make `getenv_safe()` a public function Patrick Steinhardt
2020-12-16 7:54 ` [PATCH v5 8/8] config: allow specifying config entries via envvar pairs Patrick Steinhardt
2020-12-23 21:14 ` Junio C Hamano
2020-12-23 21:55 ` Junio C Hamano
2021-01-06 10:28 ` Patrick Steinhardt
2021-01-06 21:07 ` Junio C Hamano
2020-12-16 7:56 ` [PATCH v5 3/8] quote: make sq_dequote_step() a public function Patrick Steinhardt
2020-12-16 7:56 ` [PATCH v5 5/8] config: store "git -c" variables using more robust format Patrick Steinhardt
2020-12-16 7:57 ` [PATCH v5 6/8] config: parse more robust format in GIT_CONFIG_PARAMETERS Patrick Steinhardt
2020-12-16 20:01 ` Phillip Wood
2021-01-07 6:36 ` [PATCH v6 0/8] config: allow specifying config entries via env Patrick Steinhardt
2021-01-07 6:36 ` [PATCH v6 1/8] git: add `--super-prefix` to usage string Patrick Steinhardt
2021-01-07 6:36 ` [PATCH v6 2/8] config: add new way to pass config via `--config-env` Patrick Steinhardt
2021-01-10 20:29 ` Simon Ruderich
2021-01-11 0:29 ` Junio C Hamano
2021-01-11 8:24 ` Patrick Steinhardt
2021-01-07 6:36 ` [PATCH v6 3/8] quote: make sq_dequote_step() a public function Patrick Steinhardt
2021-01-07 6:37 ` [PATCH v6 4/8] config: extract function to parse config pairs Patrick Steinhardt
2021-01-07 6:37 ` [PATCH v6 5/8] config: store "git -c" variables using more robust format Patrick Steinhardt
2021-01-07 6:37 ` [PATCH v6 6/8] config: parse more robust format in GIT_CONFIG_PARAMETERS Patrick Steinhardt
2021-01-07 6:37 ` [PATCH v6 7/8] environment: make `getenv_safe()` a public function Patrick Steinhardt
2021-01-07 6:37 ` [PATCH v6 8/8] config: allow specifying config entries via envvar pairs Patrick Steinhardt
2021-01-11 8:36 ` [PATCH v7 0/8] " Patrick Steinhardt
2021-01-11 8:36 ` [PATCH v7 1/8] git: add `--super-prefix` to usage string Patrick Steinhardt
2021-01-11 8:36 ` [PATCH v7 2/8] config: add new way to pass config via `--config-env` Patrick Steinhardt
2021-01-11 22:34 ` Junio C Hamano
2021-01-11 8:36 ` [PATCH v7 3/8] quote: make sq_dequote_step() a public function Patrick Steinhardt
2021-01-11 8:36 ` [PATCH v7 4/8] config: extract function to parse config pairs Patrick Steinhardt
2021-01-11 8:37 ` [PATCH v7 5/8] config: store "git -c" variables using more robust format Patrick Steinhardt
2021-01-11 8:37 ` [PATCH v7 6/8] config: parse more robust format in GIT_CONFIG_PARAMETERS Patrick Steinhardt
2021-01-11 8:37 ` [PATCH v7 7/8] environment: make `getenv_safe()` a public function Patrick Steinhardt
2021-01-11 8:37 ` [PATCH v7 8/8] config: allow specifying config entries via envvar pairs Patrick Steinhardt
2021-01-12 12:26 ` [PATCH v8 0/8] " Patrick Steinhardt
2021-01-12 12:26 ` [PATCH v8 1/8] git: add `--super-prefix` to usage string Patrick Steinhardt
2021-01-12 12:26 ` [PATCH v8 2/8] config: add new way to pass config via `--config-env` Patrick Steinhardt
2021-04-16 15:40 ` Ævar Arnfjörð Bjarmason
2021-04-17 8:38 ` Jeff King
2021-04-19 15:28 ` Patrick Steinhardt
2021-04-20 11:01 ` Ævar Arnfjörð Bjarmason
2021-04-20 10:59 ` Ævar Arnfjörð Bjarmason
2021-04-23 10:05 ` Jeff King
2021-05-19 11:36 ` Ævar Arnfjörð Bjarmason
2021-01-12 12:26 ` [PATCH v8 3/8] quote: make sq_dequote_step() a public function Patrick Steinhardt
2021-01-12 12:26 ` [PATCH v8 4/8] config: extract function to parse config pairs Patrick Steinhardt
2021-01-12 12:27 ` [PATCH v8 5/8] config: store "git -c" variables using more robust format Patrick Steinhardt
2021-01-15 19:16 ` Jeff King
2021-01-20 6:29 ` Patrick Steinhardt
2021-01-20 6:55 ` Junio C Hamano
2021-01-20 7:42 ` Patrick Steinhardt
2021-01-20 22:28 ` Junio C Hamano
2021-01-12 12:27 ` [PATCH v8 6/8] config: parse more robust format in GIT_CONFIG_PARAMETERS Patrick Steinhardt
2021-01-12 12:27 ` [PATCH v8 7/8] environment: make `getenv_safe()` a public function Patrick Steinhardt
2021-01-12 12:27 ` [PATCH v8 8/8] config: allow specifying config entries via envvar pairs Patrick Steinhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87pn3hwfd5.fsf@evledraar.gmail.com \
--to=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
--cc=philipoakley@iee.email \
--cc=ps@pks.im \
--cc=sandals@crustytoothpaste.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).