diff mbox series

[v2] credential: fix matching URLs with multiple levels in path

Message ID 20200422195109.2224035-1-sandals@crustytoothpaste.net (mailing list archive)
State New, archived
Headers show
Series [v2] credential: fix matching URLs with multiple levels in path | expand

Commit Message

brian m. carlson April 22, 2020, 7:51 p.m. UTC 
46fd7b3900 ("credential: allow wildcard patterns when matching config",
2020-02-20) introduced support for matching credential helpers using
urlmatch.  In doing so, it introduced code to percent-encode the paths
we get from the credential helper so that they could be effectively
matched by the urlmatch code.

Unfortunately, that code had a bug: it percent-encoded the slashes in
the path, resulting in any URL path that contained multiple levels
(i.e., a directory component) not matching.

We are currently the only caller of the percent-encoding code and could
simply change it not to encode slashes.  However, we still want to
encode slashes in the username component, so we need to have both
behaviors available.

So instead, let's add a flag to skip encoding slashes, which is the
behavior we want here, and use it when calling the code in this case.
Add a test for credential helper URLs using multiple slashes in the
path, which our test suite previously lacked, as well as one ensuring
that we handle usernames with slashes gracefully.

Reported-by: Ilya Tretyakov <it@it3xl.ru>
Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
---
Changes from v1:
* Continue to encode slashes in usernames.
* Add a test for encoding slashes in usernames.
* Hoist existing tests near the other percent-encoding tests.
* Update commit message.
* Remove debugging information.

 credential.c           |  4 ++--
 strbuf.c               |  8 +++++---
 strbuf.h               |  6 +++++-
 t/t0300-credentials.sh | 30 ++++++++++++++++++++++++++++++
 4 files changed, 42 insertions(+), 6 deletions(-)

Comments

Jeff King April 22, 2020, 8:04 p.m. UTC | #1 
On Wed, Apr 22, 2020 at 07:51:09PM +0000, brian m. carlson wrote:

> Changes from v1:
> * Continue to encode slashes in usernames.
> * Add a test for encoding slashes in usernames.
> * Hoist existing tests near the other percent-encoding tests.
> * Update commit message.
> * Remove debugging information.

Thank for an easy-to-read explanation and patch (as usual). This version
looks good to me.

I think there's still an open question on:

  [credential "no-scheme.example.com"]

config sections. I feel like that's something we never really intended
to support and should discourage, but it seems as though it may be in
wide use. But it's definitely a separate patch, and it sounds like Dscho
is working on it.

-Peff
Carlo Marcelo Arenas Belón April 24, 2020, 4:50 a.m. UTC | #2 
On Wed, Apr 22, 2020 at 07:51:09PM +0000, brian m. carlson wrote:
> --- a/strbuf.h
> +++ b/strbuf.h
> @@ -378,11 +378,15 @@ size_t strbuf_expand_dict_cb(struct strbuf *sb,
>   */
>  void strbuf_addbuf_percentquote(struct strbuf *dst, const struct strbuf *src);
>  
> +#define STRBUF_PERCENTENCODE_PATH 1
> +
>  /**
>   * Append the contents of a string to a strbuf, percent-encoding any characters
>   * that are needed to be encoded for a URL.
> + *
> + * If STRBUF_PERCENTENCODE_PATH is set in flags, don't percent-encode slashes.
>   */

wouldn't it be better to call this STRBUF_PERCENTENCODE_SLASH instead?, since
it is actually not applied to path?

Carlo
Junio C Hamano April 24, 2020, 8:20 p.m. UTC | #3 
Carlo Marcelo Arenas Belón <carenas@gmail.com> writes:

> On Wed, Apr 22, 2020 at 07:51:09PM +0000, brian m. carlson wrote:
>> --- a/strbuf.h
>> +++ b/strbuf.h
>> @@ -378,11 +378,15 @@ size_t strbuf_expand_dict_cb(struct strbuf *sb,
>>   */
>>  void strbuf_addbuf_percentquote(struct strbuf *dst, const struct strbuf *src);
>>  
>> +#define STRBUF_PERCENTENCODE_PATH 1
>> +
>>  /**
>>   * Append the contents of a string to a strbuf, percent-encoding any characters
>>   * that are needed to be encoded for a URL.
>> + *
>> + * If STRBUF_PERCENTENCODE_PATH is set in flags, don't percent-encode slashes.
>>   */
>
> wouldn't it be better to call this STRBUF_PERCENTENCODE_SLASH instead?, since
> it is actually not applied to path?

I was about to say the same thing.  Can we phrase it a bit shorter
than PERCENTENCODE, by the way?
diff mbox series

Patch

diff --git a/credential.c b/credential.c
index 108d9e183a..6658cd0860 100644
--- a/credential.c
+++ b/credential.c
@@ -136,14 +136,14 @@  static void credential_format(struct credential *c, struct strbuf *out)
 		return;
 	strbuf_addf(out, "%s://", c->protocol);
 	if (c->username && *c->username) {
-		strbuf_add_percentencode(out, c->username);
+		strbuf_add_percentencode(out, c->username, 0);
 		strbuf_addch(out, '@');
 	}
 	if (c->host)
 		strbuf_addstr(out, c->host);
 	if (c->path) {
 		strbuf_addch(out, '/');
-		strbuf_add_percentencode(out, c->path);
+		strbuf_add_percentencode(out, c->path, STRBUF_PERCENTENCODE_PATH);
 	}
 }
 
diff --git a/strbuf.c b/strbuf.c
index bb0065ccaf..da5a1c9ca4 100644
--- a/strbuf.c
+++ b/strbuf.c
@@ -479,15 +479,17 @@  void strbuf_addbuf_percentquote(struct strbuf *dst, const struct strbuf *src)
 	}
 }
 
-#define URL_UNSAFE_CHARS " <>\"%{}|\\^`:/?#[]@!$&'()*+,;="
+#define URL_UNSAFE_CHARS " <>\"%{}|\\^`:?#[]@!$&'()*+,;="
 
-void strbuf_add_percentencode(struct strbuf *dst, const char *src)
+void strbuf_add_percentencode(struct strbuf *dst, const char *src, int flags)
 {
 	size_t i, len = strlen(src);
 
 	for (i = 0; i < len; i++) {
 		unsigned char ch = src[i];
-		if (ch <= 0x1F || ch >= 0x7F || strchr(URL_UNSAFE_CHARS, ch))
+		if (ch <= 0x1F || ch >= 0x7F ||
+		    (ch == '/' && !(flags & STRBUF_PERCENTENCODE_PATH)) ||
+		    strchr(URL_UNSAFE_CHARS, ch))
 			strbuf_addf(dst, "%%%02X", (unsigned char)ch);
 		else
 			strbuf_addch(dst, ch);
diff --git a/strbuf.h b/strbuf.h
index ce8e49c0b2..651aedff57 100644
--- a/strbuf.h
+++ b/strbuf.h
@@ -378,11 +378,15 @@  size_t strbuf_expand_dict_cb(struct strbuf *sb,
  */
 void strbuf_addbuf_percentquote(struct strbuf *dst, const struct strbuf *src);
 
+#define STRBUF_PERCENTENCODE_PATH 1
+
 /**
  * Append the contents of a string to a strbuf, percent-encoding any characters
  * that are needed to be encoded for a URL.
+ *
+ * If STRBUF_PERCENTENCODE_PATH is set in flags, don't percent-encode slashes.
  */
-void strbuf_add_percentencode(struct strbuf *dst, const char *src);
+void strbuf_add_percentencode(struct strbuf *dst, const char *src, int flags);
 
 /**
  * Append the given byte size as a human-readable string (i.e. 12.23 KiB,
diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
index 5555a1524f..87267a7aac 100755
--- a/t/t0300-credentials.sh
+++ b/t/t0300-credentials.sh
@@ -366,6 +366,36 @@  test_expect_success 'match percent-encoded values' '
 	EOF
 '
 
+test_expect_success 'match percent-encoded values in username' '
+	test_config credential.https://user%2fname@example.com/foo/bar.git.helper "$HELPER" &&
+	check fill <<-\EOF
+	url=https://user%2fname@example.com/foo/bar.git
+	--
+	protocol=https
+	host=example.com
+	username=foo
+	password=bar
+	--
+	EOF
+'
+
+test_expect_success 'fetch with multiple path components' '
+	test_unconfig credential.helper &&
+	test_config credential.https://example.com/foo/repo.git.helper "verbatim foo bar" &&
+	check fill <<-\EOF
+	url=https://example.com/foo/repo.git
+	--
+	protocol=https
+	host=example.com
+	username=foo
+	password=bar
+	--
+	verbatim: get
+	verbatim: protocol=https
+	verbatim: host=example.com
+	EOF
+'
+
 test_expect_success 'pull username from config' '
 	test_config credential.https://example.com.username foo &&
 	check fill <<-\EOF