diff mbox series

[v2] git-send-email: die if sendmail.* config is set

Message ID 20200718202142.111015-1-sir@cmpwn.com (mailing list archive)
State New, archived
Headers show
Series [v2] git-send-email: die if sendmail.* config is set | expand

Commit Message

Drew DeVault July 18, 2020, 8:21 p.m. UTC
I've seen several people mis-configure git send-email on their first
attempt because they set the sendmail.* config options - not
sendemail.*. This patch detects this mistake and bails out with a
friendly warning.

Signed-off-by: Drew DeVault <sir@cmpwn.com>
---
 Documentation/config/sendemail.txt |  5 +++++
 git-send-email.perl                |  8 ++++++++
 perl/Git.pm                        | 26 ++++++++++++++++++++++++++
 3 files changed, 39 insertions(+)

Comments

Junio C Hamano July 18, 2020, 8:38 p.m. UTC | #1
Drew DeVault <sir@cmpwn.com> writes:

> I've seen several people mis-configure git send-email on their first
> attempt because they set the sendmail.* config options - not
> sendemail.*. This patch detects this mistake and bails out with a
> friendly warning.
>
> Signed-off-by: Drew DeVault <sir@cmpwn.com>
> ---
>  Documentation/config/sendemail.txt |  5 +++++
>  git-send-email.perl                |  8 ++++++++
>  perl/Git.pm                        | 26 ++++++++++++++++++++++++++
>  3 files changed, 39 insertions(+)
>
> diff --git a/Documentation/config/sendemail.txt b/Documentation/config/sendemail.txt
> index 0006faf800..1726d5f85e 100644
> --- a/Documentation/config/sendemail.txt
> +++ b/Documentation/config/sendemail.txt
> @@ -61,3 +61,8 @@ sendemail.smtpBatchSize::
>  sendemail.smtpReloginDelay::
>  	Seconds wait before reconnecting to smtp server.
>  	See also the `--relogin-delay` option of linkgit:git-send-email[1].
> +
> +sendemail.forceSendmailVariables::
> +	To avoid common misconfiguration mistakes, linkgit:git-send-email[1]
> +	will abort with a warning if any configuration options for "sendmail"
> +	exist. Set this variable to bypass the check.

I am not sure if it is clear to readers what kind of forcing this
refers to.  At least it is not clear to me.

> diff --git a/git-send-email.perl b/git-send-email.perl
> index 36c47bae1d..1b186bc058 100755
> --- a/git-send-email.perl
> +++ b/git-send-email.perl
> @@ -250,6 +250,7 @@ sub do_edit {
>  my $use_xmailer = 1;
>  my $validate = 1;
>  my $target_xfer_encoding = 'auto';
> +my $forbid_sendmail_variables = 1;

Ah, probably s/force/forbid/ in the documentation above?  OK, then
it makes sense.

>  
>  my %config_bool_settings = (
>      "thread" => \$thread,
> @@ -263,6 +264,7 @@ sub do_edit {
>      "multiedit" => \$multiedit,
>      "annotate" => \$annotate,
>      "xmailer" => \$use_xmailer,
> +    "forbidsendmailvariables" => \$forbid_sendmail_variables,
>  );
>  
>  my %config_settings = (
> @@ -478,6 +480,12 @@ sub read_config {
>      usage();
>  }
>  
> +if ($forbid_sendmail_variables && (scalar Git::config_regexp("sendmail.*")) != 0) {

Judging from the way you wrote the "config_regexp" helper function,
the above regexp matches "sendmailer.foo", "sendmailed.bar", etc., I
would think, which probably is not what you intended.  

I guess we can write "sendmail[.].*" or "sendmail\\..*" to ensure
that we are talking about (literally) "sendmail." followed by
anything?

> +	die __("fatal: found configuration options for 'sendmail'\n" .
> +		"git-send-email is configured with the sendemail.* options - note the 'e'.\n" .
> +		"Set sendemail.forbidSendmailVariables to false to disable this check.\n");
> +}

OK.

Other than the two minor nits, looking quite good.

Thanks.

>  die __("Cannot run git format-patch from outside a repository\n")
>  	if $format_patch and not $repo;
>  
> diff --git a/perl/Git.pm b/perl/Git.pm
> index 54c9ed0dde..10df990959 100644
> --- a/perl/Git.pm
> +++ b/perl/Git.pm
> @@ -723,6 +723,32 @@ sub config_int {
>  	return scalar _config_common({'kind' => '--int'}, @_);
>  }
>  
> +=item config_regexp ( RE )
> +
> +Retrieve the list of configuration key names matching the regular
> +expression C<RE>. The return value is a list of strings matching
> +this regex.
> +
> +=cut
> +
> +sub config_regexp {
> +	my ($self, $regex) = _maybe_self(@_);
> +	try {
> +		my @cmd = ('config', '--name-only', '--get-regexp', $regex);
> +		unshift @cmd, $self if $self;
> +		my @matches = command(@cmd);
> +		return @matches;
> +	} catch Git::Error::Command with {
> +		my $E = shift;
> +		if ($E->value() == 1) {
> +			my @matches = ();
> +			return @matches;
> +		} else {
> +			throw $E;
> +		}
> +	};
> +}
> +
>  # Common subroutine to implement bulk of what the config* family of methods
>  # do. This currently wraps command('config') so it is not so fast.
>  sub _config_common {
Junio C Hamano July 19, 2020, 6:07 a.m. UTC | #2
Junio C Hamano <gitster@pobox.com> writes:

> Drew DeVault <sir@cmpwn.com> writes:
>
>> I've seen several people mis-configure git send-email on their first
>> attempt because they set the sendmail.* config options - not
>> sendemail.*. This patch detects this mistake and bails out with a
>> friendly warning.
>>
>> Signed-off-by: Drew DeVault <sir@cmpwn.com>
>> ---
>>  Documentation/config/sendemail.txt |  5 +++++
>>  git-send-email.perl                |  8 ++++++++
>>  perl/Git.pm                        | 26 ++++++++++++++++++++++++++
>>  3 files changed, 39 insertions(+)

One more thing.  This should be fairly easy to protect from future
breakages by adding three new tests in t/t9001-send-email.sh script.
One would do something like

	test_config sendmail.program sendmail &&
	test_must_fail git send-email ... >err &&
	test_i18ngrep "found configuration options for .sendmail" err

as a positive test, the second would do

	test_config sendmail.program sendmail &&
	test_config sendemail.forbidsendmailvariables false &&
	git send-email ...

to make sure that escape hatch actually works and then the third
would do something like

	test_config resendmail.program resendmail &&
	git send-email ...

to ensure that only variable whose name begins with "sendmail."
triggers the error.

>> +if ($forbid_sendmail_variables && (scalar Git::config_regexp("sendmail.*")) != 0) {
>
> Judging from the way you wrote the "config_regexp" helper function,
> the above regexp matches "sendmailer.foo", "sendmailed.bar", etc., I
> would think, which probably is not what you intended.  
>
> I guess we can write "sendmail[.].*" or "sendmail\\..*" to ensure
> that we are talking about (literally) "sendmail." followed by
> anything?

I didn't know "git config --get-regexp $regexp" did not anchor the
regular expression to the beginning or to the end.  In this case, we
do want to make sure the "sendmail." substring literally appears at
the very beginning of the variable name, and because "--get-regexp"
does not anchor the regular expression to the end, we do not need to
add an explicit "anything goes", i.e. ".*" after it.

IOW, "^sendmail[.]" is the minimal regexp we want to use.  We cannot
afford to lose the "^" to reject "resendmail.program", and we do not
have to add ".*" that would swallow the rest at the end.

Thanks.
Jeff King July 20, 2020, 5:33 p.m. UTC | #3
On Sat, Jul 18, 2020 at 04:21:42PM -0400, Drew DeVault wrote:

> I've seen several people mis-configure git send-email on their first
> attempt because they set the sendmail.* config options - not
> sendemail.*. This patch detects this mistake and bails out with a
> friendly warning.

This basically claims the "sendmail.*" namespace for send-email. Not
strictly, but if we're going to warn about anything set in it, it
effectively shuts out other uses.

I'm OK with that, but if we're going to do so, should we perhaps just
say "sendmail.* is an alias for sendemail.*"? Then rather than getting a
warning, this mistake would Just Work.

-Peff
Drew DeVault July 20, 2020, 5:40 p.m. UTC | #4
On Mon Jul 20, 2020 at 9:33 AM EDT, Jeff King wrote:
> This basically claims the "sendmail.*" namespace for send-email. Not
> strictly, but if we're going to warn about anything set in it, it
> effectively shuts out other uses.

The revised patch (v3 now) is less strict and offers an escape hatch via
sendmail.forbidSendmailVariables. I'd prefer that over making sendmail.*
just werk.
Junio C Hamano July 24, 2020, 12:42 a.m. UTC | #5
"Drew DeVault" <sir@cmpwn.com> writes:

> On Mon Jul 20, 2020 at 9:33 AM EDT, Jeff King wrote:
>> This basically claims the "sendmail.*" namespace for send-email. Not
>> strictly, but if we're going to warn about anything set in it, it
>> effectively shuts out other uses.
>
> The revised patch (v3 now) is less strict and offers an escape hatch via
> sendmail.forbidSendmailVariables. I'd prefer that over making sendmail.*
> just werk.

We are not in a hurry until the next cycle starts, but please send
the updated version out to the list before everybody forgets.

Thanks.
Drew DeVault July 24, 2020, 12:43 a.m. UTC | #6
Oh, I'm sorry, I thought I had already sent it out.
Junio C Hamano July 24, 2020, 12:59 a.m. UTC | #7
"Drew DeVault" <sir@cmpwn.com> writes:

> Oh, I'm sorry, I thought I had already sent it out.

Thanks.  As long as nobody has dropped the ball, we are OK, and
again, we are not in a hurry right now.
diff mbox series

Patch

diff --git a/Documentation/config/sendemail.txt b/Documentation/config/sendemail.txt
index 0006faf800..1726d5f85e 100644
--- a/Documentation/config/sendemail.txt
+++ b/Documentation/config/sendemail.txt
@@ -61,3 +61,8 @@  sendemail.smtpBatchSize::
 sendemail.smtpReloginDelay::
 	Seconds wait before reconnecting to smtp server.
 	See also the `--relogin-delay` option of linkgit:git-send-email[1].
+
+sendemail.forceSendmailVariables::
+	To avoid common misconfiguration mistakes, linkgit:git-send-email[1]
+	will abort with a warning if any configuration options for "sendmail"
+	exist. Set this variable to bypass the check.
diff --git a/git-send-email.perl b/git-send-email.perl
index 36c47bae1d..1b186bc058 100755
--- a/git-send-email.perl
+++ b/git-send-email.perl
@@ -250,6 +250,7 @@  sub do_edit {
 my $use_xmailer = 1;
 my $validate = 1;
 my $target_xfer_encoding = 'auto';
+my $forbid_sendmail_variables = 1;
 
 my %config_bool_settings = (
     "thread" => \$thread,
@@ -263,6 +264,7 @@  sub do_edit {
     "multiedit" => \$multiedit,
     "annotate" => \$annotate,
     "xmailer" => \$use_xmailer,
+    "forbidsendmailvariables" => \$forbid_sendmail_variables,
 );
 
 my %config_settings = (
@@ -478,6 +480,12 @@  sub read_config {
     usage();
 }
 
+if ($forbid_sendmail_variables && (scalar Git::config_regexp("sendmail.*")) != 0) {
+	die __("fatal: found configuration options for 'sendmail'\n" .
+		"git-send-email is configured with the sendemail.* options - note the 'e'.\n" .
+		"Set sendemail.forbidSendmailVariables to false to disable this check.\n");
+}
+
 die __("Cannot run git format-patch from outside a repository\n")
 	if $format_patch and not $repo;
 
diff --git a/perl/Git.pm b/perl/Git.pm
index 54c9ed0dde..10df990959 100644
--- a/perl/Git.pm
+++ b/perl/Git.pm
@@ -723,6 +723,32 @@  sub config_int {
 	return scalar _config_common({'kind' => '--int'}, @_);
 }
 
+=item config_regexp ( RE )
+
+Retrieve the list of configuration key names matching the regular
+expression C<RE>. The return value is a list of strings matching
+this regex.
+
+=cut
+
+sub config_regexp {
+	my ($self, $regex) = _maybe_self(@_);
+	try {
+		my @cmd = ('config', '--name-only', '--get-regexp', $regex);
+		unshift @cmd, $self if $self;
+		my @matches = command(@cmd);
+		return @matches;
+	} catch Git::Error::Command with {
+		my $E = shift;
+		if ($E->value() == 1) {
+			my @matches = ();
+			return @matches;
+		} else {
+			throw $E;
+		}
+	};
+}
+
 # Common subroutine to implement bulk of what the config* family of methods
 # do. This currently wraps command('config') so it is not so fast.
 sub _config_common {