Merge pull request #1903 from ethomson/ssh

Allowed credential types should be a bitfield

include/git2/transport.h

@@ -28,11 +28,16 @@ GIT_BEGIN_DECL
  *** Begin interface for credentials acquisition ***
  */
 
+/** Authentication type requested */
 typedef enum {
 	/* git_cred_userpass_plaintext */
-	GIT_CREDTYPE_USERPASS_PLAINTEXT = 1,
+	GIT_CREDTYPE_USERPASS_PLAINTEXT =     (1u << 0),
-	GIT_CREDTYPE_SSH_KEYFILE_PASSPHRASE = 2,
+
-	GIT_CREDTYPE_SSH_PUBLICKEY = 3,
+	/* git_cred_ssh_keyfile_passphrase */
+	GIT_CREDTYPE_SSH_KEYFILE_PASSPHRASE = (1u << 1),
+
+	/* git_cred_ssh_publickey */
+	GIT_CREDTYPE_SSH_PUBLICKEY =          (1u << 2),
 } git_credtype_t;
 
 /* The base structure for all credential types */
@@ -56,7 +61,7 @@ typedef LIBSSH2_USERAUTH_PUBLICKEY_SIGN_FUNC((*git_cred_sign_callback));
 typedef int (*git_cred_sign_callback)(void *, ...);
 #endif
 
-/* A ssh key file and passphrase */
+/* An ssh key file and passphrase */
 typedef struct git_cred_ssh_keyfile_passphrase {
 	git_cred parent;
 	char *username;
@@ -65,7 +70,7 @@ typedef struct git_cred_ssh_keyfile_passphrase {
 	char *passphrase;
 } git_cred_ssh_keyfile_passphrase;
 
-/* A ssh public key and authentication callback */
+/* An ssh public key and authentication callback */
 typedef struct git_cred_ssh_publickey {
 	git_cred parent;
 	char *username;
@@ -123,8 +128,8 @@ GIT_EXTERN(int) git_cred_ssh_keyfile_passphrase_new(
  * @param username username to use to authenticate
  * @param publickey The bytes of the public key.
  * @param publickey_len The length of the public key in bytes.
- * @param sign_fn The callback method for authenticating.
+ * @param sign_fn The callback method to sign the data during the challenge.
- * @param sign_data The abstract data sent to the sign_callback method.
+ * @param sign_data The data to pass to the sign function.
  * @return 0 for success or an error code for failure
  */
 GIT_EXTERN(int) git_cred_ssh_publickey_new(

src/transports/cred.c

@@ -58,7 +58,7 @@ int git_cred_userpass_plaintext_new(
 {
 	git_cred_userpass_plaintext *c;
 
-	assert(cred);
+	assert(cred && username && password);
 
 	c = git__malloc(sizeof(git_cred_userpass_plaintext));
 	GITERR_CHECK_ALLOC(c);

src/transports/ssh.c

@@ -349,7 +349,8 @@ static int _git_ssh_setup_conn(
 		if (t->owner->cred_acquire_cb(
 				&t->cred, t->owner->url, user,
 				GIT_CREDTYPE_USERPASS_PLAINTEXT |
-				GIT_CREDTYPE_SSH_KEYFILE_PASSPHRASE,
+				GIT_CREDTYPE_SSH_KEYFILE_PASSPHRASE |
+				GIT_CREDTYPE_SSH_PUBLICKEY,
 				t->owner->cred_acquire_payload) < 0)
 			goto on_error;
 

tests-clar/online/push.c

@@ -45,15 +45,26 @@ static int cred_acquire_cb(
 {
 	GIT_UNUSED(url);
 	GIT_UNUSED(user_from_url);
+	GIT_UNUSED(payload);
 
-	if (GIT_CREDTYPE_SSH_PUBLICKEY & allowed_types)
+	if (GIT_CREDTYPE_SSH_KEYFILE_PASSPHRASE & allowed_types) {
-		return git_cred_ssh_keyfile_passphrase_new(cred, _remote_user, _remote_ssh_pubkey, _remote_ssh_key, _remote_ssh_passphrase);
+		if (!_remote_user || !_remote_ssh_pubkey || !_remote_ssh_key || !_remote_ssh_passphrase) {
-
+			printf("GITTEST_REMOTE_USER, GITTEST_REMOTE_SSH_PUBKEY, GITTEST_REMOTE_SSH_KEY and GITTEST_REMOTE_SSH_PASSPHRASE must be set\n");
-	if ((GIT_CREDTYPE_USERPASS_PLAINTEXT & allowed_types) == 0 ||
-		git_cred_userpass_plaintext_new(cred, _remote_user, _remote_pass) < 0)
 			return -1;
+		}
+		return git_cred_ssh_keyfile_passphrase_new(cred, _remote_user, _remote_ssh_pubkey, _remote_ssh_key, _remote_ssh_passphrase);
+	}
 
-	return 0;
+	if (GIT_CREDTYPE_USERPASS_PLAINTEXT & allowed_types) {
+		if (!_remote_user || !_remote_pass) {
+			printf("GITTEST_REMOTE_USER and GITTEST_REMOTE_PASS must be set\n");
+			return -1;
+		}
+
+		return git_cred_userpass_plaintext_new(cred, _remote_user, _remote_pass);
+	}
+
+	return -1;
 }
 
 typedef struct {