credential: stop using the_repository

Stop using `the_repository` in the "credential" subsystem by passing in
a repository when filling, approving or rejecting credentials.

Adjust callers accordingly by using `the_repository`. While there may be
some callers that have a repository available in their context, this
trivial conversion allows for easier verification and bubbles up the use
of `the_repository` by one level.

Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

builtin/credential.c

@@ -32,15 +32,15 @@ int cmd_credential(int argc,
 		die("unable to read credential from stdin");
 
 	if (!strcmp(op, "fill")) {
-		credential_fill(&c, 0);
+		credential_fill(the_repository, &c, 0);
 		credential_next_state(&c);
 		credential_write(&c, stdout, CREDENTIAL_OP_RESPONSE);
 	} else if (!strcmp(op, "approve")) {
 		credential_set_all_capabilities(&c, CREDENTIAL_OP_HELPER);
-		credential_approve(&c);
+		credential_approve(the_repository, &c);
 	} else if (!strcmp(op, "reject")) {
 		credential_set_all_capabilities(&c, CREDENTIAL_OP_HELPER);
-		credential_reject(&c);
+		credential_reject(the_repository, &c);
 	} else {
 		usage(usage_msg);
 	}

credential.c

@@ -1,4 +1,3 @@
-#define USE_THE_REPOSITORY_VARIABLE
 #define DISABLE_SIGN_COMPARE_WARNINGS
 
 #include "git-compat-util.h"
@@ -166,7 +165,7 @@ static int match_partial_url(const char *url, void *cb)
 	return matches;
 }
 
-static void credential_apply_config(struct credential *c)
+static void credential_apply_config(struct repository *r, struct credential *c)
 {
 	char *normalized_url;
 	struct urlmatch_config config = URLMATCH_CONFIG_INIT;
@@ -191,7 +190,7 @@ static void credential_apply_config(struct credential *c)
 	credential_format(c, &url);
 	normalized_url = url_normalize(url.buf, &config.url);
 
-	git_config(urlmatch_config_entry, &config);
+	repo_config(r, urlmatch_config_entry, &config);
 	string_list_clear(&config.vars, 1);
 	free(normalized_url);
 	urlmatch_config_release(&config);
@@ -254,34 +253,34 @@ static char *credential_ask_one(const char *what, struct credential *c,
 	return xstrdup(r);
 }
 
-static int credential_getpass(struct credential *c)
+static int credential_getpass(struct repository *r, struct credential *c)
 {
 	int interactive;
 	char *value;
-	if (!git_config_get_maybe_bool("credential.interactive", &interactive) &&
+	if (!repo_config_get_maybe_bool(r, "credential.interactive", &interactive) &&
 	    !interactive) {
-		trace2_data_intmax("credential", the_repository,
+		trace2_data_intmax("credential", r,
 				   "interactive/skipped", 1);
 		return -1;
 	}
-	if (!git_config_get_string("credential.interactive", &value)) {
+	if (!repo_config_get_string(r, "credential.interactive", &value)) {
 		int same = !strcmp(value, "never");
 		free(value);
 		if (same) {
-			trace2_data_intmax("credential", the_repository,
+			trace2_data_intmax("credential", r,
 					   "interactive/skipped", 1);
 			return -1;
 		}
 	}
 
-	trace2_region_enter("credential", "interactive", the_repository);
+	trace2_region_enter("credential", "interactive", r);
 	if (!c->username)
 		c->username = credential_ask_one("Username", c,
 						 PROMPT_ASKPASS|PROMPT_ECHO);
 	if (!c->password)
 		c->password = credential_ask_one("Password", c,
 						 PROMPT_ASKPASS);
-	trace2_region_leave("credential", "interactive", the_repository);
+	trace2_region_leave("credential", "interactive", r);
 
 	return 0;
 }
@@ -489,7 +488,8 @@ static int credential_do(struct credential *c, const char *helper,
 	return r;
 }
 
-void credential_fill(struct credential *c, int all_capabilities)
+void credential_fill(struct repository *r,
+		     struct credential *c, int all_capabilities)
 {
 	int i;
 
@@ -499,7 +499,7 @@ void credential_fill(struct credential *c, int all_capabilities)
 	credential_next_state(c);
 	c->multistage = 0;
 
-	credential_apply_config(c);
+	credential_apply_config(r, c);
 	if (all_capabilities)
 		credential_set_all_capabilities(c, CREDENTIAL_OP_INITIAL);
 
@@ -526,12 +526,12 @@ void credential_fill(struct credential *c, int all_capabilities)
 			    c->helpers.items[i].string);
 	}
 
-	if (credential_getpass(c) ||
+	if (credential_getpass(r, c) ||
 	    (!c->username && !c->password && !c->credential))
 		die("unable to get password from user");
 }
 
-void credential_approve(struct credential *c)
+void credential_approve(struct repository *r, struct credential *c)
 {
 	int i;
 
@@ -542,20 +542,20 @@ void credential_approve(struct credential *c)
 
 	credential_next_state(c);
 
-	credential_apply_config(c);
+	credential_apply_config(r, c);
 
 	for (i = 0; i < c->helpers.nr; i++)
 		credential_do(c, c->helpers.items[i].string, "store");
 	c->approved = 1;
 }
 
-void credential_reject(struct credential *c)
+void credential_reject(struct repository *r, struct credential *c)
 {
 	int i;
 
 	credential_next_state(c);
 
-	credential_apply_config(c);
+	credential_apply_config(r, c);
 
 	for (i = 0; i < c->helpers.nr; i++)
 		credential_do(c, c->helpers.items[i].string, "erase");

credential.h

@@ -4,6 +4,8 @@
 #include "string-list.h"
 #include "strvec.h"
 
+struct repository;
+
 /**
  * The credentials API provides an abstracted way of gathering
  * authentication credentials from the user.
@@ -65,7 +67,7 @@
  * // Fill in the username and password fields by contacting
  * // helpers and/or asking the user. The function will die if it
  * // fails.
- * credential_fill(&c);
+ * credential_fill(repo, &c);
  *
  * // Otherwise, we have a username and password. Try to use it.
  *
@@ -218,7 +220,8 @@ void credential_clear(struct credential *);
  * If all_capabilities is set, this is an internal user that is prepared
  * to deal with all known capabilities, and we should advertise that fact.
  */
-void credential_fill(struct credential *, int all_capabilities);
+void credential_fill(struct repository *, struct credential *,
+		     int all_capabilities);
 
 /**
  * Inform the credential subsystem that the provided credentials
@@ -227,7 +230,7 @@ void credential_fill(struct credential *, int all_capabilities);
  * that they may store the result to be used again.  Any errors
  * from helpers are ignored.
  */
-void credential_approve(struct credential *);
+void credential_approve(struct repository *, struct credential *);
 
 /**
  * Inform the credential subsystem that the provided credentials
@@ -239,7 +242,7 @@ void credential_approve(struct credential *);
  * for another call to `credential_fill`). Any errors from helpers
  * are ignored.
  */
-void credential_reject(struct credential *);
+void credential_reject(struct repository *, struct credential *);
 
 /**
  * Enable all of the supported credential flags in this credential.

http.c

@@ -609,7 +609,7 @@ static void init_curl_http_auth(CURL *result)
 		}
 	}
 
-	credential_fill(&http_auth, 1);
+	credential_fill(the_repository, &http_auth, 1);
 
 	if (http_auth.password) {
 		if (always_auth_proactively()) {
@@ -652,7 +652,7 @@ static void init_curl_proxy_auth(CURL *result)
 {
 	if (proxy_auth.username) {
 		if (!proxy_auth.password && !proxy_auth.credential)
-			credential_fill(&proxy_auth, 1);
+			credential_fill(the_repository, &proxy_auth, 1);
 		set_proxyauth_name_password(result);
 	}
 
@@ -686,7 +686,7 @@ static int has_cert_password(void)
 		cert_auth.host = xstrdup("");
 		cert_auth.username = xstrdup("");
 		cert_auth.path = xstrdup(ssl_cert);
-		credential_fill(&cert_auth, 0);
+		credential_fill(the_repository, &cert_auth, 0);
 	}
 	return 1;
 }
@@ -700,7 +700,7 @@ static int has_proxy_cert_password(void)
 		proxy_cert_auth.host = xstrdup("");
 		proxy_cert_auth.username = xstrdup("");
 		proxy_cert_auth.path = xstrdup(http_proxy_ssl_cert);
-		credential_fill(&proxy_cert_auth, 0);
+		credential_fill(the_repository, &proxy_cert_auth, 0);
 	}
 	return 1;
 }
@@ -1784,9 +1784,9 @@ static int handle_curl_result(struct slot_results *results)
 			      curl_errorstr, sizeof(curl_errorstr));
 
 	if (results->curl_result == CURLE_OK) {
-		credential_approve(&http_auth);
-		credential_approve(&proxy_auth);
-		credential_approve(&cert_auth);
+		credential_approve(the_repository, &http_auth);
+		credential_approve(the_repository, &proxy_auth);
+		credential_approve(the_repository, &cert_auth);
 		return HTTP_OK;
 	} else if (results->curl_result == CURLE_SSL_CERTPROBLEM) {
 		/*
@@ -1795,7 +1795,7 @@ static int handle_curl_result(struct slot_results *results)
 		 * with the certificate.  So we reject the credential to
 		 * avoid caching or saving a bad password.
 		 */
-		credential_reject(&cert_auth);
+		credential_reject(the_repository, &cert_auth);
 		return HTTP_NOAUTH;
 	} else if (results->curl_result == CURLE_SSL_PINNEDPUBKEYNOTMATCH) {
 		return HTTP_NOMATCHPUBLICKEY;
@@ -1808,7 +1808,7 @@ static int handle_curl_result(struct slot_results *results)
 				credential_clear_secrets(&http_auth);
 				return HTTP_REAUTH;
 			}
-			credential_reject(&http_auth);
+			credential_reject(the_repository, &http_auth);
 			if (always_auth_proactively())
 				http_proactive_auth = PROACTIVE_AUTH_NONE;
 			return HTTP_NOAUTH;
@@ -1822,7 +1822,7 @@ static int handle_curl_result(struct slot_results *results)
 		}
 	} else {
 		if (results->http_connectcode == 407)
-			credential_reject(&proxy_auth);
+			credential_reject(the_repository, &proxy_auth);
 		if (!curl_errorstr[0])
 			strlcpy(curl_errorstr,
 				curl_easy_strerror(results->curl_result),
@@ -2210,7 +2210,7 @@ static int http_request_reauth(const char *url,
 	int ret;
 
 	if (always_auth_proactively())
-		credential_fill(&http_auth, 1);
+		credential_fill(the_repository, &http_auth, 1);
 
 	ret = http_request(url, result, target, options);
 
@@ -2251,7 +2251,7 @@ static int http_request_reauth(const char *url,
 			BUG("Unknown http_request target");
 		}
 
-		credential_fill(&http_auth, 1);
+		credential_fill(the_repository, &http_auth, 1);
 
 		ret = http_request(url, result, target, options);
 	}

imap-send.c

@@ -922,7 +922,7 @@ static void server_fill_credential(struct imap_server_conf *srvc, struct credent
 	cred->username = xstrdup_or_null(srvc->user);
 	cred->password = xstrdup_or_null(srvc->pass);
 
-	credential_fill(cred, 1);
+	credential_fill(the_repository, cred, 1);
 
 	if (!srvc->user)
 		srvc->user = xstrdup(cred->username);
@@ -1123,7 +1123,7 @@ static struct imap_store *imap_open_store(struct imap_server_conf *srvc, const c
 	} /* !preauth */
 
 	if (cred.username)
-		credential_approve(&cred);
+		credential_approve(the_repository, &cred);
 	credential_clear(&cred);
 
 	/* check the target mailbox exists */
@@ -1150,7 +1150,7 @@ static struct imap_store *imap_open_store(struct imap_server_conf *srvc, const c
 
 bail:
 	if (cred.username)
-		credential_reject(&cred);
+		credential_reject(the_repository, &cred);
 	credential_clear(&cred);
 
  out:
@@ -1492,9 +1492,9 @@ static int curl_append_msgs_to_imap(struct imap_server_conf *server,
 
 	if (cred.username) {
 		if (res == CURLE_OK)
-			credential_approve(&cred);
+			credential_approve(the_repository, &cred);
 		else if (res == CURLE_LOGIN_DENIED)
-			credential_reject(&cred);
+			credential_reject(the_repository, &cred);
 	}
 
 	credential_clear(&cred);

remote-curl.c

@@ -942,7 +942,7 @@ static int post_rpc(struct rpc_state *rpc, int stateless_connect, int flush_rece
 		do {
 			err = probe_rpc(rpc, &results);
 			if (err == HTTP_REAUTH)
-				credential_fill(&http_auth, 0);
+				credential_fill(the_repository, &http_auth, 0);
 		} while (err == HTTP_REAUTH);
 		if (err != HTTP_OK)
 			return -1;
@@ -1064,7 +1064,7 @@ retry:
 	rpc->any_written = 0;
 	err = run_slot(slot, NULL);
 	if (err == HTTP_REAUTH && !large_request) {
-		credential_fill(&http_auth, 0);
+		credential_fill(the_repository, &http_auth, 0);
 		curl_slist_free_all(headers);
 		goto retry;
 	}