* fetch credentials for server with matching hostname if scheme, path, or port are not provided
* if the credential request includes specific scheme, path, or port that does not match entry, don't return
* extract url helpers into a package
Signed-off-by: Emily Casey <ecasey@pivotal.io>
Signed-off-by: Danny Joyce <djoyce@pivotal.io>
This also fixes the following issues:
1. Safe for concurrent initialization still (it was before in 'init',
but the alternative to this PR is not)
2. Uses the same password directory during init as it does during
runtime (the change to getPassDir in initialization logic.
3. Prints significantly better errors if initialization fails
4. Has slightly cleaner abstractions by hiding the initialization check
in 'runPass'
The 4th item there does mean there are a few cases where more work is
done before erroring, but that amount of work is trivial and my manual
audit didn't reveal anything that seemed worrying.
Fixes#96, alternative to #106
Signed-off-by: Euan Kemp <euank@euank.com>
As of 8446a40, pass show will include a newline when showing a password.
This causes the pass helper here to reliably fail to initialize since a
password doesn't round-trip.
Before making this change, the pass test would fail if the installed
password-store version was v1.7.1+, and after this change it passes
again.
Fixes#107
Signed-off-by: Euan Kemp <euank@euank.com>
The exec.Command code and os.Getenv implementation were both needlessly
verbose. This replaces them with simpler variations.
Signed-off-by: Euan Kemp <euank@euank.com>
It turns out the cred helpers protocol is to return "" and not an error
when a credential isn't present, so let's do that.
Signed-off-by: Tycho Andersen <tycho@docker.com>
Note that this single source package produces two binary packages: one for
-pass, and one for -secretservice, so that users can install whichever
password backend (and thus deps) that they want.
Signed-off-by: Tycho Andersen <tycho@docker.com>
* Fix storing URLs without scheme
If secrets are stored without specifying a scheme
(https://), the keychain-helper would interpret the
hostname as _path_, causing lookup of secrets to fail.
This patch makes sure that a scheme is added (if missing).
If no scheme is specified, https:// is used as a default.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Have pre go1.8 compiler able to compile
Signed-off-by: Tibor Vass <teabee89@gmail.com>
* Fix URL parsing with port and no scheme
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
* Improve parseURL comment
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
The changelog wasn't updated for each release.
This patch updates the changelog, with changes
taken from the releases page
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Emily Casey