On 2021-03-12 at 00:48:41, John Szakmeister wrote:
> We already looked for the PKI credentials in the credential store, but
> failed to approve it on success. Meaning, the PKI certificate password
> was never stored and git would request it on every connection to the
> remote. Let's complete the chain by storing the certificate password on
> success.
>
> Likewise, we also need to reject the credential when there is a failure.
> Curl appears to report client-related certificate issues are reported
> with the CURLE_SSL_CERTPROBLEM error. This includes not only a bad
> password, but potentially other client certificate related problems.
> Since we cannot get more information from curl, we'll go ahead and
> reject the credential upon receiving that error, just to be safe and
> avoid caching or saving a bad password.
>
> Signed-off-by: John Szakmeister <john@xxxxxxxxxxxxxxx>
> ---
> http.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
> diff --git a/http.c b/http.c
> index f8ea28bb2e..12a8aaba48 100644
> --- a/http.c
> +++ b/http.c
> @@ -1637,7 +1637,17 @@ static int handle_curl_result(struct slot_results *results)
> credential_approve(&http_auth);
> if (proxy_auth.password)
> credential_approve(&proxy_auth);
> + credential_approve(&cert_auth);
> return HTTP_OK;
> + } else if (results->curl_result == CURLE_SSL_CERTPROBLEM) {
> + /*
> + * We can't tell from here whether it's a bad path, bad
> + * certificate, bad password, or something else wrong
> + * with the certificate. So we reject the credential to
> + * avoid caching or saving a bad password.
> + */
> + credential_reject(&http_auth);
Is this supposed to be &cert_auth here? I'm not sure how a bad HTTP
password would even have been tested in this case.
--
brian m. carlson (he/him or they/them)
Houston, Texas, US
Attachment:
signature.asc
Description: PGP signature
