public CommandContext() { Streams = new StandardStreams(); Trace = new Trace(); Git = new LibGit2(Trace); if (PlatformUtils.IsWindows()) { FileSystem = new WindowsFileSystem(); Environment = new WindowsEnvironment(FileSystem); Terminal = new WindowsTerminal(Trace); CredentialStore = WindowsCredentialManager.Open(); } else if (PlatformUtils.IsPosix()) { if (PlatformUtils.IsMacOS()) { FileSystem = new MacOSFileSystem(); CredentialStore = MacOSKeychain.Open(); } else if (PlatformUtils.IsLinux()) { throw new NotImplementedException(); } Environment = new PosixEnvironment(FileSystem); Terminal = new PosixTerminal(Trace); } string repoPath = Git.GetRepositoryPath(FileSystem.GetCurrentDirectory()); Settings = new Settings(Environment, Git, repoPath); HttpClientFactory = new HttpClientFactory(Trace, Settings, Streams); }
public CommandContext() { Streams = new StandardStreams(); Trace = new Trace(); FileSystem = new FileSystem(); var git = new LibGit2(); var envars = new EnvironmentVariables(Environment.GetEnvironmentVariables()); Settings = new Settings(envars, git) { RepositoryPath = git.GetRepositoryPath(FileSystem.GetCurrentDirectory()) }; HttpClientFactory = new HttpClientFactory(Trace, Settings, Streams); if (PlatformUtils.IsWindows()) { Terminal = new WindowsTerminal(Trace); CredentialStore = WindowsCredentialManager.Open(); } else if (PlatformUtils.IsPosix()) { Terminal = new PosixTerminal(Trace); if (PlatformUtils.IsMacOS()) { CredentialStore = MacOSKeychain.Open(); } else if (PlatformUtils.IsLinux()) { throw new NotImplementedException(); } } }
private static void AppendAvailableStoreList(StringBuilder sb) { if (PlatformUtils.IsWindows()) { sb.AppendFormat(" {1,-13} : Windows Credential Manager (not available over network/SSH sessions){0}", Environment.NewLine, StoreNames.WindowsCredentialManager); sb.AppendFormat(" {1,-13} : DPAPI protected files{0}", Environment.NewLine, StoreNames.Dpapi); } if (PlatformUtils.IsMacOS()) { sb.AppendFormat(" {1,-13} : macOS Keychain{0}", Environment.NewLine, StoreNames.MacOSKeychain); } if (PlatformUtils.IsLinux()) { sb.AppendFormat(" {1,-13} : freedesktop.org Secret Service (requires graphical interface){0}", Environment.NewLine, StoreNames.SecretService); } if (PlatformUtils.IsPosix()) { sb.AppendFormat(" {1,-13} : GNU `pass` compatible credential storage (requires GPG and `pass`){0}", Environment.NewLine, StoreNames.Gpg); } sb.AppendFormat(" {1,-13} : Git's in-memory credential cache{0}", Environment.NewLine, StoreNames.Cache); sb.AppendFormat(" {1,-13} : store credentials in plain-text files (UNSECURE){0}", Environment.NewLine, StoreNames.Plaintext); }
private void ValidateGpgPass(out string storeRoot, out string execPath) { if (!PlatformUtils.IsPosix()) { throw new Exception( $"Can only use the '{StoreNames.Gpg}' credential store on POSIX systems." + Environment.NewLine + $"See {Constants.HelpUrls.GcmCredentialStores} for more information." ); } execPath = GetGpgPath(); // If we are in a headless environment, and don't have the GPG_TTY or SSH_TTY // variables set, then error - we need a TTY device path for pin-entry to work headless. if (!_context.SessionManager.IsDesktopSession && !_context.Environment.Variables.ContainsKey("GPG_TTY") && !_context.Environment.Variables.ContainsKey("SSH_TTY")) { throw new Exception( "GPG_TTY is not set; add `export GPG_TTY=$(tty)` to your profile." + Environment.NewLine + $"See {Constants.HelpUrls.GcmCredentialStores} for more information." ); } // Check for a redirected pass store location if (!_context.Settings.TryGetSetting( GpgPassCredentialStore.PasswordStoreDirEnvar, null, null, out storeRoot)) { // Use default store root at ~/.password-store storeRoot = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.UserProfile), ".password-store"); } // Check we have a GPG ID to sign credential files with string gpgIdFile = Path.Combine(storeRoot, ".gpg-id"); if (!_context.FileSystem.FileExists(gpgIdFile)) { throw new Exception( $"Password store has not been initialized at '{storeRoot}'; run `pass init <gpg-id>` to initialize the store." + Environment.NewLine + $"See {Constants.HelpUrls.GcmCredentialStores} for more information." ); } }
/// <summary> /// Ensure the store root directory exists. If it does not, create a new directory with /// permissions that only permit the owner to read/write/execute. Permissions on an existing /// directory are not modified. /// </summary> private void EnsureStoreRoot() { if (FileSystem.DirectoryExists(StoreRoot)) { // Don't touch the permissions on the existing directory return; } FileSystem.CreateDirectory(StoreRoot); // We only set file system permissions on POSIX platforms if (!PlatformUtils.IsPosix()) { return; } // Set store root permissions such that only the owner can read/write/execute var mode = Interop.Posix.Native.NativeFileMode.S_IRUSR | Interop.Posix.Native.NativeFileMode.S_IWUSR | Interop.Posix.Native.NativeFileMode.S_IXUSR; // Ignore the return code.. this is a best effort only Interop.Posix.Native.Stat.chmod(StoreRoot, mode); }