Skip to content

Commit e1ab45b

Browse files
KojiNakamarugitster
KojiNakamaru
authored and
gitster
committed
osxkeychain: state to skip unnecessary store operations
git passes a credential that has been used successfully to the helpers to record. If a credential is already stored, "git-credential-osxkeychain store" just records the credential returned by "git-credential-osxkeychain get", and unnecessary (sometimes problematic) SecItemAdd() and/or SecItemUpdate() are performed. We can skip such unnecessary operations by marking a credential returned by "git-credential-osxkeychain get". This marking can be done by utilizing the "state[]" feature: - The "get" command sets the field "state[]=osxkeychain:seen=1". - The "store" command skips its actual operation if the field "state[]=osxkeychain:seen=1" exists. Introduce a new state "state[]=osxkeychain:seen=1". Suggested-by: brian m. carlson <[email protected]> Signed-off-by: Koji Nakamaru <[email protected]> Signed-off-by: Junio C Hamano <[email protected]>
1 parent fcf5b74 commit e1ab45b

File tree

1 file changed

+11
-0
lines changed

1 file changed

+11
-0
lines changed

contrib/credential/osxkeychain/git-credential-osxkeychain.c

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ static CFStringRef username;
1212
static CFDataRef password;
1313
static CFDataRef password_expiry_utc;
1414
static CFDataRef oauth_refresh_token;
15+
static int state_seen;
1516

1617
static void clear_credential(void)
1718
{
@@ -171,6 +172,9 @@ static OSStatus find_internet_password(void)
171172

172173
CFRelease(item);
173174

175+
write_item("capability[]", "state", strlen("state"));
176+
write_item("state[]", "osxkeychain:seen=1", strlen("osxkeychain:seen=1"));
177+
174178
out:
175179
CFRelease(attrs);
176180

@@ -284,6 +288,9 @@ static OSStatus add_internet_password(void)
284288
CFDictionaryRef attrs;
285289
OSStatus result;
286290

291+
if (state_seen)
292+
return errSecSuccess;
293+
287294
/* Only store complete credentials */
288295
if (!protocol || !host || !username || !password)
289296
return -1;
@@ -395,6 +402,10 @@ static void read_credential(void)
395402
oauth_refresh_token = CFDataCreate(kCFAllocatorDefault,
396403
(UInt8 *)v,
397404
strlen(v));
405+
else if (!strcmp(buf, "state[]")) {
406+
if (!strcmp(v, "osxkeychain:seen=1"))
407+
state_seen = 1;
408+
}
398409
/*
399410
* Ignore other lines; we don't know what they mean, but
400411
* this future-proofs us when later versions of git do

0 commit comments

Comments
 (0)