summaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
authorGravatar Miika Turkia <miika.turkia@gmail.com>2016-04-25 19:56:16 +0300
committerGravatar Dirk Hohndel <dirk@hohndel.org>2016-04-25 09:58:57 -0700
commit90db7d3a50a802d6299e7c55b0798bb300915570 (patch)
tree241e80a8b97ba42e37133de8011d480d9040d3a6 /core
parentd3867a09f3fce5d45baf16da1e8dabb14fa648c0 (diff)
downloadsubsurface-90db7d3a50a802d6299e7c55b0798bb300915570.tar.gz
Abort git authentication attempt
If we have incorrect cloud credentials, we need to return an error on git authentication call back in order to avoid endless authentication loop. This might well happen e.g. when changing the password on desktop and then on laptop Subsurface still thinks the credentials are validated and ends up in the authentication loop. The authentication call back on libgit is intended to be used to ask for user credentials, and as we handle credentials elsewhere, we just need to fail the authentication attempts. (The threshold for bail out could have been 1 attempt...) Signed-off-by: Miika Turkia <miika.turkia@gmail.com> Signed-off-by: Dirk Hohndel <dirk@hohndel.org>
Diffstat (limited to 'core')
-rw-r--r--core/git-access.c21
1 files changed, 21 insertions, 0 deletions
diff --git a/core/git-access.c b/core/git-access.c
index 2b7fa0ca2..dba9cbec5 100644
--- a/core/git-access.c
+++ b/core/git-access.c
@@ -194,9 +194,20 @@ int credential_ssh_cb(git_cred **out,
(void) url;
(void) allowed_types;
(void) payload;
+ static int attempt = 0;
const char *priv_key = format_string("%s/%s", system_default_directory(), "ssrf_remote.key");
const char *passphrase = prefs.cloud_storage_password ? strdup(prefs.cloud_storage_password) : strdup("");
+
+ /* Bail out from libgit authentication loop when credentials are
+ * incorrect */
+
+ if (attempt++ > 2) {
+ report_error("Authentication to cloud storage failed.");
+ attempt = 0;
+ return GIT_EUSER;
+ }
+
return git_cred_ssh_key_new(out, username_from_url, NULL, priv_key, passphrase);
}
@@ -210,8 +221,18 @@ int credential_https_cb(git_cred **out,
(void) username_from_url;
(void) payload;
(void) allowed_types;
+ static int attempt = 0;
const char *username = prefs.cloud_storage_email_encoded;
const char *password = prefs.cloud_storage_password ? strdup(prefs.cloud_storage_password) : strdup("");
+
+ /* Bail out from libgit authentication loop when credentials are
+ * incorrect */
+
+ if (attempt++ > 2) {
+ report_error("Authentication to cloud storage failed.");
+ attempt = 0;
+ return GIT_EUSER;
+ }
return git_cred_userpass_plaintext_new(out, username, password);
}