diff options
| author | Edward Thomson <ethomson@edwardthomson.com> | 2019-10-22 09:52:31 +0100 |
|---|---|---|
| committer | Edward Thomson <ethomson@edwardthomson.com> | 2020-01-24 09:54:29 -0600 |
| commit | 2d6a61bd82624ec556a8bbacdc11516986f2dc4c (patch) | |
| tree | c938ee82f2ef7821d587986c4a1cdecc07ad7bd4 | |
| parent | e761df5cf5efacb65d5df857813874180da314ea (diff) | |
| download | libgit2-2d6a61bd82624ec556a8bbacdc11516986f2dc4c.tar.gz | |
gssapi: validate that we were requested Negotiate
| -rw-r--r-- | src/transports/auth_negotiate.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/transports/auth_negotiate.c b/src/transports/auth_negotiate.c index 16af4fe45..8fa44cd72 100644 --- a/src/transports/auth_negotiate.c +++ b/src/transports/auth_negotiate.c @@ -128,11 +128,13 @@ static int negotiate_next_token( challenge_len = ctx->challenge ? strlen(ctx->challenge) : 0; - if (challenge_len < 9) { - git_error_set(GIT_ERROR_NET, "no negotiate challenge sent from server"); + if (challenge_len < 9 || memcmp(ctx->challenge, "Negotiate", 9) != 0) { + git_error_set(GIT_ERROR_NET, "server did not request negotiate"); error = -1; goto done; - } else if (challenge_len > 9) { + } + + if (challenge_len > 9) { if (git_buf_decode_base64(&input_buf, ctx->challenge + 10, challenge_len - 10) < 0) { git_error_set(GIT_ERROR_NET, "invalid negotiate challenge from server"); |