Web lists-archives.com

Re: [PATCH 1/4] imap-send: add wrapper to get server credentials if needed





Le 07/08/2017 à 21:42, Jeff King a écrit :
> On Mon, Aug 07, 2017 at 07:18:32PM +0200, Martin Ågren wrote:
>
>>>> "cred.username" is checked further down, but now it will always be NULL,
>>>> no?
>>> You're right I missed this.
>>> Not sure if this is needed though.
>>> From what I understand this means the username/password are store for the next access to credential. but in the current state, there is only one.
>>> Maybe the credential_approved can be dropped ?
>> I'm no credentials-expert, but api-credentials.txt says this:
>>
>> "Credential helpers are programs executed by Git to fetch or save
>> credentials from and to long-term storage (where "long-term" is simply
>> longer than a single Git process; e.g., credentials may be stored
>> in-memory for a few minutes, or indefinitely on disk)."
>>
>> So the calls to approve/reject probably do matter in some scenarios.
> Right, this is important. credential_fill() may actually prompt the
> user, and we'd want to then pass along that credential for storage. Or
> the user may have changed their password, and the credential_reject() is
> the only thing that prevents us from trying an out-dated password over
> and over.
>
>> The current code is a bit non-obvious as we just discovered since it
>> duplicates the strings (for good reasons, I believe) and then still
>> refers to the originals (also for good reasons, I believe). I suppose
>> your new function could be called like
>>
>> server_fill_credential(&cred, srvc);
>>
>> That should limit the impact of the change, but I'm not sure it's a
>> brilliant interface. Just my 2c.
> That would work. I'm also tempted to say that imap_server_conf could
> just store the "struct credential" inside it. We could even potentially
> drop its parallel user/pass fields to minimize confusion.
>
> Once upon a time imap-send was a fork of another program, which is why
> most of its code isn't well-integrated with Git. But I think at this
> point there's very little chance of merging changes back and forth
> between the two.
>
> On the other hand, if we're hoping to get rid of this code in favor of
> the curl-based approach, then it's not worth spending time on
> cosmetic refactoring, as long as it still behaves correctly in the
> interim.
>
> -Peff

Looking at the code, it seems the tunnel mode always uses the legacy imap approach.
This would have to be ported to curl and stabilized before dropping the legacy code.
In the meantime, it might be worth doing a bit of cleanup.
And as I said in patch 4, I have a current IMAP account where it works without curl but not with curl (for unknown reason yet).
Meaning legacy needs to stay for a while. But switching to curl as default to get out all the bugs (hence this slightly broken patch series)

I think it would make sense to get patch 1 (fixed), 2 and 4 in to really test out the curl implementation and take some time to prepare another serie with code cleanups: dropping imap_server_conf parameters, storing cred therem etc.)

Nicolas