mifr/subsurface
1
0
Fork 0
mirror of https://github.com/subsurface/subsurface.git synced 2025-02-19 22:16:15 +00:00
Code Issues Projects Releases Packages Wiki Activity

Abort git authentication attempt

Browse source 
If we have incorrect cloud credentials, we need to return an error on
git authentication call back in order to avoid endless authentication
loop. This might well happen e.g. when changing the password on desktop
and then on laptop Subsurface still thinks the credentials are validated
and ends up in the authentication loop.

The authentication call back on libgit is intended to be used to ask for
user credentials, and as we handle credentials elsewhere, we just need
to fail the authentication attempts. (The threshold for bail out could
have been 1 attempt...)

Signed-off-by: Miika Turkia <miika.turkia@gmail.com>
Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
This commit is contained in:
Miika Turkia 2016-04-25 19:56:16 +03:00 committed by Dirk Hohndel
parent 4ef2ef1540
commit 21ad9ac62c
1 changed files with 29 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

29
git-access.c
View file

@ -188,8 +188,23 @@ int credential_ssh_cb(git_cred **out,
unsigned int allowed_types, unsigned int allowed_types,
void *payload) void *payload)
{ {
(void) url;
(void) allowed_types;
(void) payload;
static int attempt = 0;
const char *priv_key = format_string("%s/%s", system_default_directory(), "ssrf_remote.key"); const char *priv_key = format_string("%s/%s", system_default_directory(), "ssrf_remote.key");
const char *passphrase = prefs.cloud_storage_password ? strdup(prefs.cloud_storage_password) : strdup(""); const char *passphrase = prefs.cloud_storage_password ? strdup(prefs.cloud_storage_password) : strdup("");
/* Bail out from libgit authentication loop when credentials are
* incorrect */
if (attempt++ > 2) {
report_error("Authentication to cloud storage failed.");
attempt = 0;
return GIT_EUSER;
}
return git_cred_ssh_key_new(out, username_from_url, NULL, priv_key, passphrase); return git_cred_ssh_key_new(out, username_from_url, NULL, priv_key, passphrase);
} }
@ -199,8 +214,22 @@ int credential_https_cb(git_cred **out,
unsigned int allowed_types, unsigned int allowed_types,
void *payload) void *payload)
{ {
(void) url;
(void) username_from_url;
(void) payload;
(void) allowed_types;
static int attempt = 0;
const char *username = prefs.cloud_storage_email_encoded; const char *username = prefs.cloud_storage_email_encoded;
const char *password = prefs.cloud_storage_password ? strdup(prefs.cloud_storage_password) : strdup(""); const char *password = prefs.cloud_storage_password ? strdup(prefs.cloud_storage_password) : strdup("");
/* Bail out from libgit authentication loop when credentials are
* incorrect */
if (attempt++ > 2) {
report_error("Authentication to cloud storage failed.");
attempt = 0;
return GIT_EUSER;
}
return git_cred_userpass_plaintext_new(out, username, password); return git_cred_userpass_plaintext_new(out, username, password);
} }