From: "brian m. carlson" <sandals@crustytoothpaste•net>
To: Koji Nakamaru via GitGitGadget <gitgitgadget@gmail•com>
Cc: git@vger•kernel.org, Koji Nakamaru <koji.nakamaru@gree•net>
Subject: Re: [PATCH] Revert "osxkeychain: state to skip unnecessary store operations"
Date: Thu, 13 Nov 2025 23:30:54 +0000 [thread overview]
Message-ID: <aRZqLp__WdA4hbuD@fruit.crustytoothpaste.net> (raw)
In-Reply-To: <pull.1998.git.1762930881599.gitgitgadget@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1534 bytes --]
On 2025-11-12 at 07:01:21, Koji Nakamaru via GitGitGadget wrote:
> From: Koji Nakamaru <koji.nakamaru@gree•net>
>
> This reverts commit e1ab45b2dab51f94db9548666dfd7af626d2aa7e.
>
> That commit was trying to skip to store a credential returned by
> "git-credential-osxkeychain get" by setting
> "state[]=osxkeychain:seen=1". However, this state[] is kept even if a
> credential returned by "git-credential-osxkeychain get" is invalid and
> another subsequent helper's "get" returns a valid credential. Another
> subsequent helper (such as [1]) may expect git-credential-osxkeychain to
> store the valid credential so that "store" cannot be skipped by just
> checking "state[]=osxkeychain:seen=1".
I believe the intended approach here is that if we do a get and the
credential is invalid, we return the same state[] header to erase, but
we should not send it to subsequent gets for a new credential. However,
we do need to send it to subsequent gets (which will not have an
intervening erase) if this is a multistage request because otherwise
multistage requests will not be able to keep state, which NTLM and
Kerberos require. Does that make sense?
My guess is that the problem here is that we reuse the credential
structure without resetting it somewhere in the HTTP code rather than a
problem in this particular helper. That is probably my fault, but in my
defence I would not say that the structure of the HTTP code is very easy
to follow.
--
brian m. carlson (they/them)
Toronto, Ontario, CA
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 262 bytes --]
next prev parent reply other threads:[~2025-11-13 23:30 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-12 7:01 [PATCH] Revert "osxkeychain: state to skip unnecessary store operations" Koji Nakamaru via GitGitGadget
2025-11-12 16:47 ` Junio C Hamano
2025-11-13 8:17 ` Koji Nakamaru
2025-11-13 23:30 ` brian m. carlson [this message]
2025-11-14 3:37 ` Koji Nakamaru
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aRZqLp__WdA4hbuD@fruit.crustytoothpaste.net \
--to=sandals@crustytoothpaste$(echo .)net \
--cc=git@vger$(echo .)kernel.org \
--cc=gitgitgadget@gmail$(echo .)com \
--cc=koji.nakamaru@gree$(echo .)net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox