John Szakmeister <john@xxxxxxxxxxxxxxx> writes:
> Likewise, we also need to reject the credential when there is a failure.
> Curl appears to report client-related certificate issues are reported
> with the CURLE_SSL_CERTPROBLEM error. This includes not only a bad
> password, but potentially other client certificate related problems.
>
> Since we cannot get more information from curl, we'll go ahead and
> reject the credential upon receiving that error, just to be safe and
> avoid caching or saving a bad password.
I think this is sensible enough. As long as a tentative network
failure to talk to the server, or an overloaded server that fails to
accept new connection, won't trigger rejection of a password, it is
OK, I would think.
> Signed-off-by: John Szakmeister <john@xxxxxxxxxxxxxxx>
> ---
> http.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/http.c b/http.c
> index f8ea28bb2e..12a8aaba48 100644
> --- a/http.c
> +++ b/http.c
> @@ -1637,7 +1637,17 @@ static int handle_curl_result(struct slot_results *results)
> credential_approve(&http_auth);
> if (proxy_auth.password)
> credential_approve(&proxy_auth);
> + credential_approve(&cert_auth);
> return HTTP_OK;
> + } else if (results->curl_result == CURLE_SSL_CERTPROBLEM) {
> + /*
> + * We can't tell from here whether it's a bad path, bad
> + * certificate, bad password, or something else wrong
> + * with the certificate. So we reject the credential to
> + * avoid caching or saving a bad password.
> + */
> + credential_reject(&http_auth);
> + return HTTP_NOAUTH;
> } else if (missing_target(results))
> return HTTP_MISSING_TARGET;
> else if (results->http_code == 401) {
