diff options
author | Ian Hattendorf <ianh@axosoft.com> | 2019-08-23 16:05:28 -0400 |
---|---|---|
committer | Edward Thomson <ethomson@edwardthomson.com> | 2019-08-23 16:05:28 -0400 |
commit | 4de51f9e65cb97812429f3d5a34666645a9991dc (patch) | |
tree | 7940977c1bb7b16f55eac2f2e9640740d5842971 | |
parent | 1c847169db1c68864c43e95cf96380cec71ba72a (diff) | |
download | libgit2-4de51f9e65cb97812429f3d5a34666645a9991dc.tar.gz |
http: ensure the scheme supports the credentialsethomson/creds_for_scheme
When a server responds with multiple scheme support - for example,
Negotiate and NTLM are commonly used together - we need to ensure that
we choose a scheme that supports the credentials.
-rw-r--r-- | src/transports/http.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/src/transports/http.c b/src/transports/http.c index 7ec681c41..a5b40ce95 100644 --- a/src/transports/http.c +++ b/src/transports/http.c @@ -129,17 +129,22 @@ typedef struct { size_t *bytes_read; } parser_context; -static git_http_auth_scheme *scheme_for_challenge(const char *challenge) +static git_http_auth_scheme *scheme_for_challenge( + const char *challenge, + git_cred *cred) { git_http_auth_scheme *scheme = NULL; size_t i; for (i = 0; i < ARRAY_SIZE(auth_schemes); i++) { const char *scheme_name = auth_schemes[i].name; + const git_credtype_t scheme_types = auth_schemes[i].credtypes; size_t scheme_len; scheme_len = strlen(scheme_name); - if (strncasecmp(challenge, scheme_name, scheme_len) == 0 && + + if ((!cred || (cred->credtype & scheme_types)) && + strncasecmp(challenge, scheme_name, scheme_len) == 0 && (challenge[scheme_len] == '\0' || challenge[scheme_len] == ' ')) { scheme = &auth_schemes[i]; break; @@ -256,7 +261,7 @@ static int set_authentication_types(http_server *server) size_t i; git_vector_foreach(&server->auth_challenges, i, challenge) { - if ((scheme = scheme_for_challenge(challenge)) != NULL) { + if ((scheme = scheme_for_challenge(challenge, NULL)) != NULL) { server->authtypes |= scheme->type; server->credtypes |= scheme->credtypes; } @@ -433,7 +438,7 @@ static int init_auth(http_server *server) int error; git_vector_foreach(&server->auth_challenges, i, c) { - s = scheme_for_challenge(c); + s = scheme_for_challenge(c, server->cred); if (s && !!(s->credtypes & server->credtypes)) { scheme = s; |