|
|
|
|
#include "cache.h"
|
|
|
|
|
#include "credential.h"
|
|
|
|
|
#include "string-list.h"
|
|
|
|
|
#include "parse-options.h"
|
|
|
|
|
#include "unix-socket.h"
|
|
|
|
|
#include "run-command.h"
|
|
|
|
|
|
|
|
|
|
#define FLAG_SPAWN 0x1
|
|
|
|
|
#define FLAG_RELAY 0x2
|
|
|
|
|
|
|
|
|
|
static int send_request(const char *socket, const struct strbuf *out)
|
|
|
|
|
{
|
|
|
|
|
int got_data = 0;
|
|
|
|
|
int fd = unix_stream_connect(socket);
|
|
|
|
|
|
|
|
|
|
if (fd < 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
if (write_in_full(fd, out->buf, out->len) < 0)
|
|
|
|
|
die_errno("unable to write to cache daemon");
|
|
|
|
|
shutdown(fd, SHUT_WR);
|
|
|
|
|
|
|
|
|
|
while (1) {
|
|
|
|
|
char in[1024];
|
|
|
|
|
int r;
|
|
|
|
|
|
|
|
|
|
r = read_in_full(fd, in, sizeof(in));
|
credential-cache: interpret an ECONNRESET as an EOF
Since commit 612c49e94d ("credential-cache: add tests for XDG
functionality", 17-03-2017), the cygwin build has been failing all the
new tests added by that commit. In particular, the 'git credential-cache
exit' command, as part of the test cleanup code, has been die-ing with
the message:
fatal: read error from cache daemon: Connection reset by peer
As this git command is part of an && chain in a 'test_when_finished'
call, the remaining test cleanup is not happening, so practically all
remaining tests fail due to the unexpected presence of various socket
files and directories.
A simple means of getting the tests to pass, is to simply ignore the
failure of 'git credential-cache exit' command and make sure all test
cleanup is done. For example, the diff for test #12 would look like:
diff --git a/t/t0301-credential-cache.sh b/t/t0301-credential-cache.sh
index fd92533ac..87e5001bb 100755
--- a/t/t0301-credential-cache.sh
+++ b/t/t0301-credential-cache.sh
@@ -17,7 +17,7 @@ helper_test cache
test_expect_success 'socket defaults to ~/.cache/git/credential/socket' '
test_when_finished "
- git credential-cache exit &&
+ (git credential-cache exit || :) &&
rmdir -p .cache/git/credential/
" &&
test_path_is_missing "$HOME/.git-credential-cache" &&
... and so on for all remaining tests. While this does indeed make all
tests pass, it is not really a solution.
As an aside, while looking to debug this issue, I added the '--debug'
option to the invocation of the 'git-credential-cache--daemon' child
process (see the spawn_daemon() function). This not only fixed the tests,
but also stopped git-credential-cache exiting with a failure. Since the
only effect of passing '--debug' was to suppress the redirection of stderr
to the bit-bucket (/dev/null), I have no idea why this seems to fix the
protocol interaction between git and git-credential-cache--daemon. (I
did think that maybe it was a timing issue, so I tried sleeping before
reading from the daemon on Linux, but that only slowed down the tests!)
All descriptions of the "Connection reset by peer" error, that I could
find, say that the peer had destroyed the connection before the client
attempted to perform I/O on the connection. Since the daemon does not
respond to an "exit" message from the client, it just closes the socket
and deletes the socket file (via the atexit handler), it seems that the
expected result is for the client to receive an EOF. Indeed, this is
exactly what seems to be happening on Linux. Also a comment in
credential-cache--daemon.c reads:
else if (!strcmp(action.buf, "exit")) {
/*
* It's important that we clean up our socket first, and then
* signal the client only once we have finished the cleanup.
* Calling exit() directly does this, because we clean up in
* our atexit() handler, and then signal the client when our
* process actually ends, which closes the socket and gives
* them EOF.
*/
exit(0);
}
On cygwin this is not the case, at least when not passing --debug to the
daemon, and the read following the "exit" gets an error with errno set
to ECONNRESET.
In order to suppress the fatal exit in this case, check the read error
for an ECONNRESET and return as if no data was read from the daemon.
This effectively converts an ECONNRESET into an EOF.
Signed-off-by: Ramsay Jones <ramsay@ramsayjones.plus.com>
Reviewed-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
7 years ago
|
|
|
if (r == 0 || (r < 0 && errno == ECONNRESET))
|
|
|
|
|
break;
|
|
|
|
|
if (r < 0)
|
|
|
|
|
die_errno("read error from cache daemon");
|
|
|
|
|
write_or_die(1, in, r);
|
|
|
|
|
got_data = 1;
|
|
|
|
|
}
|
|
|
|
|
close(fd);
|
|
|
|
|
return got_data;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void spawn_daemon(const char *socket)
|
|
|
|
|
{
|
|
|
|
|
struct child_process daemon = CHILD_PROCESS_INIT;
|
|
|
|
|
const char *argv[] = { NULL, NULL, NULL };
|
|
|
|
|
char buf[128];
|
|
|
|
|
int r;
|
|
|
|
|
|
|
|
|
|
argv[0] = "git-credential-cache--daemon";
|
|
|
|
|
argv[1] = socket;
|
|
|
|
|
daemon.argv = argv;
|
|
|
|
|
daemon.no_stdin = 1;
|
|
|
|
|
daemon.out = -1;
|
|
|
|
|
|
|
|
|
|
if (start_command(&daemon))
|
|
|
|
|
die_errno("unable to start cache daemon");
|
|
|
|
|
r = read_in_full(daemon.out, buf, sizeof(buf));
|
|
|
|
|
if (r < 0)
|
|
|
|
|
die_errno("unable to read result code from cache daemon");
|
|
|
|
|
if (r != 3 || memcmp(buf, "ok\n", 3))
|
|
|
|
|
die("cache daemon did not start: %.*s", r, buf);
|
|
|
|
|
close(daemon.out);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void do_cache(const char *socket, const char *action, int timeout,
|
|
|
|
|
int flags)
|
|
|
|
|
{
|
|
|
|
|
struct strbuf buf = STRBUF_INIT;
|
|
|
|
|
|
|
|
|
|
strbuf_addf(&buf, "action=%s\n", action);
|
|
|
|
|
strbuf_addf(&buf, "timeout=%d\n", timeout);
|
|
|
|
|
if (flags & FLAG_RELAY) {
|
|
|
|
|
if (strbuf_read(&buf, 0, 0) < 0)
|
|
|
|
|
die_errno("unable to relay credential");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (send_request(socket, &buf) < 0) {
|
credential-cache: ignore "connection refused" errors
The credential-cache helper will try to connect to its
daemon over a unix socket. Originally, a failure to do so
was silently ignored, and we would either give up (if
performing a "get" or "erase" operation), or spawn a new
daemon (for a "store" operation).
But since 8ec6c8d, we try to report more errors. We detect a
missing daemon by checking for ENOENT on our connection
attempt. If the daemon is missing, we continue as before
(giving up or spawning a new daemon). For any other error,
we die and report the problem.
However, checking for ENOENT is not sufficient for a missing
daemon. We might also get ECONNREFUSED if a dead daemon
process left a stale socket. This generally shouldn't
happen, as the daemon cleans up after itself, but the daemon
may not always be given a chance to do so (e.g., power loss,
"kill -9").
The resulting state is annoying not just because the helper
outputs an extra useless message, but because it actually
blocks the helper from spawning a new daemon to replace the
stale socket.
Fix it by checking for ECONNREFUSED.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
13 years ago
|
|
|
if (errno != ENOENT && errno != ECONNREFUSED)
|
|
|
|
|
die_errno("unable to connect to cache daemon");
|
|
|
|
|
if (flags & FLAG_SPAWN) {
|
|
|
|
|
spawn_daemon(socket);
|
|
|
|
|
if (send_request(socket, &buf) < 0)
|
|
|
|
|
die_errno("unable to connect to cache daemon");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
strbuf_release(&buf);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static char *get_socket_path(void)
|
|
|
|
|
{
|
|
|
|
|
struct stat sb;
|
|
|
|
|
char *old_dir, *socket;
|
|
|
|
|
old_dir = expand_user_path("~/.git-credential-cache", 0);
|
|
|
|
|
if (old_dir && !stat(old_dir, &sb) && S_ISDIR(sb.st_mode))
|
|
|
|
|
socket = xstrfmt("%s/socket", old_dir);
|
|
|
|
|
else
|
|
|
|
|
socket = xdg_cache_home("credential/socket");
|
|
|
|
|
free(old_dir);
|
|
|
|
|
return socket;
|
|
|
|
|
}
|
|
|
|
|
|
add an extra level of indirection to main()
There are certain startup tasks that we expect every git
process to do. In some cases this is just to improve the
quality of the program (e.g., setting up gettext()). In
others it is a requirement for using certain functions in
libgit.a (e.g., system_path() expects that you have called
git_extract_argv0_path()).
Most commands are builtins and are covered by the git.c
version of main(). However, there are still a few external
commands that use their own main(). Each of these has to
remember to include the correct startup sequence, and we are
not always consistent.
Rather than just fix the inconsistencies, let's make this
harder to get wrong by providing a common main() that can
run this standard startup.
We basically have two options to do this:
- the compat/mingw.h file already does something like this by
adding a #define that replaces the definition of main with a
wrapper that calls mingw_startup().
The upside is that the code in each program doesn't need
to be changed at all; it's rewritten on the fly by the
preprocessor.
The downside is that it may make debugging of the startup
sequence a bit more confusing, as the preprocessor is
quietly inserting new code.
- the builtin functions are all of the form cmd_foo(),
and git.c's main() calls them.
This is much more explicit, which may make things more
obvious to somebody reading the code. It's also more
flexible (because of course we have to figure out _which_
cmd_foo() to call).
The downside is that each of the builtins must define
cmd_foo(), instead of just main().
This patch chooses the latter option, preferring the more
explicit approach, even though it is more invasive. We
introduce a new file common-main.c, with the "real" main. It
expects to call cmd_main() from whatever other objects it is
linked against.
We link common-main.o against anything that links against
libgit.a, since we know that such programs will need to do
this setup. Note that common-main.o can't actually go inside
libgit.a, as the linker would not pick up its main()
function automatically (it has no callers).
The rest of the patch is just adjusting all of the various
external programs (mostly in t/helper) to use cmd_main().
I've provided a global declaration for cmd_main(), which
means that all of the programs also need to match its
signature. In particular, many functions need to switch to
"const char **" instead of "char **" for argv. This effect
ripples out to a few other variables and functions, as well.
This makes the patch even more invasive, but the end result
is much better. We should be treating argv strings as const
anyway, and now all programs conform to the same signature
(which also matches the way builtins are defined).
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
8 years ago
|
|
|
int cmd_main(int argc, const char **argv)
|
|
|
|
|
{
|
|
|
|
|
char *socket_path = NULL;
|
|
|
|
|
int timeout = 900;
|
|
|
|
|
const char *op;
|
|
|
|
|
const char * const usage[] = {
|
|
|
|
|
"git credential-cache [<options>] <action>",
|
|
|
|
|
NULL
|
|
|
|
|
};
|
|
|
|
|
struct option options[] = {
|
|
|
|
|
OPT_INTEGER(0, "timeout", &timeout,
|
|
|
|
|
"number of seconds to cache credentials"),
|
|
|
|
|
OPT_STRING(0, "socket", &socket_path, "path",
|
|
|
|
|
"path of cache-daemon socket"),
|
|
|
|
|
OPT_END()
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
argc = parse_options(argc, argv, NULL, options, usage, 0);
|
|
|
|
|
if (!argc)
|
|
|
|
|
usage_with_options(usage, options);
|
|
|
|
|
op = argv[0];
|
|
|
|
|
|
|
|
|
|
if (!socket_path)
|
|
|
|
|
socket_path = get_socket_path();
|
|
|
|
|
if (!socket_path)
|
|
|
|
|
die("unable to find a suitable socket path; use --socket");
|
|
|
|
|
|
|
|
|
|
if (!strcmp(op, "exit"))
|
|
|
|
|
do_cache(socket_path, op, timeout, 0);
|
|
|
|
|
else if (!strcmp(op, "get") || !strcmp(op, "erase"))
|
|
|
|
|
do_cache(socket_path, op, timeout, FLAG_RELAY);
|
|
|
|
|
else if (!strcmp(op, "store"))
|
|
|
|
|
do_cache(socket_path, op, timeout, FLAG_RELAY|FLAG_SPAWN);
|
|
|
|
|
else
|
|
|
|
|
; /* ignore unknown operation */
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
