mirror of
https://git.proxmox.com/git/libgit2
synced 2025-05-06 12:49:25 +00:00
Merge pull request #2274 from libgit2/cmn/ssh-expect-username
cred: tighten username rules
This commit is contained in:
Vicent Marti
commit
3c69bebc1c
@ -11,31 +11,10 @@
|
||||
|
||||
int git_cred_has_username(git_cred *cred)
|
||||
{
|
||||
int ret = 0;
|
||||
if (cred->credtype == GIT_CREDTYPE_DEFAULT)
|
||||
return 0;
|
||||
|
||||
switch (cred->credtype) {
|
||||
case GIT_CREDTYPE_USERPASS_PLAINTEXT: {
|
||||
git_cred_userpass_plaintext *c = (git_cred_userpass_plaintext *)cred;
|
||||
ret = !!c->username;
|
||||
break;
|
||||
}
|
||||
case GIT_CREDTYPE_SSH_KEY: {
|
||||
git_cred_ssh_key *c = (git_cred_ssh_key *)cred;
|
||||
ret = !!c->username;
|
||||
break;
|
||||
}
|
||||
case GIT_CREDTYPE_SSH_CUSTOM: {
|
||||
git_cred_ssh_custom *c = (git_cred_ssh_custom *)cred;
|
||||
ret = !!c->username;
|
||||
break;
|
||||
}
|
||||
case GIT_CREDTYPE_DEFAULT: {
|
||||
ret = 0;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return ret;
|
||||
return 1;
|
||||
}
|
||||
|
||||
static void plaintext_free(struct git_cred *cred)
|
||||
@ -135,7 +114,7 @@ int git_cred_ssh_key_new(
|
||||
{
|
||||
git_cred_ssh_key *c;
|
||||
|
||||
assert(cred && privatekey);
|
||||
assert(username && cred && privatekey);
|
||||
|
||||
c = git__calloc(1, sizeof(git_cred_ssh_key));
|
||||
GITERR_CHECK_ALLOC(c);
|
||||
@ -143,10 +122,8 @@ int git_cred_ssh_key_new(
|
||||
c->parent.credtype = GIT_CREDTYPE_SSH_KEY;
|
||||
c->parent.free = ssh_key_free;
|
||||
|
||||
if (username) {
|
||||
c->username = git__strdup(username);
|
||||
GITERR_CHECK_ALLOC(c->username);
|
||||
}
|
||||
c->username = git__strdup(username);
|
||||
GITERR_CHECK_ALLOC(c->username);
|
||||
|
||||
c->privatekey = git__strdup(privatekey);
|
||||
GITERR_CHECK_ALLOC(c->privatekey);
|
||||
@ -168,7 +145,7 @@ int git_cred_ssh_key_new(
|
||||
int git_cred_ssh_key_from_agent(git_cred **cred, const char *username) {
|
||||
git_cred_ssh_key *c;
|
||||
|
||||
assert(cred);
|
||||
assert(username && cred);
|
||||
|
||||
c = git__calloc(1, sizeof(git_cred_ssh_key));
|
||||
GITERR_CHECK_ALLOC(c);
|
||||
@ -176,10 +153,8 @@ int git_cred_ssh_key_from_agent(git_cred **cred, const char *username) {
|
||||
c->parent.credtype = GIT_CREDTYPE_SSH_KEY;
|
||||
c->parent.free = ssh_key_free;
|
||||
|
||||
if (username) {
|
||||
c->username = git__strdup(username);
|
||||
GITERR_CHECK_ALLOC(c->username);
|
||||
}
|
||||
c->username = git__strdup(username);
|
||||
GITERR_CHECK_ALLOC(c->username);
|
||||
|
||||
c->privatekey = NULL;
|
||||
|
||||
@ -197,7 +172,7 @@ int git_cred_ssh_custom_new(
|
||||
{
|
||||
git_cred_ssh_custom *c;
|
||||
|
||||
assert(cred);
|
||||
assert(username && cred);
|
||||
|
||||
c = git__calloc(1, sizeof(git_cred_ssh_custom));
|
||||
GITERR_CHECK_ALLOC(c);
|
||||
@ -205,10 +180,8 @@ int git_cred_ssh_custom_new(
|
||||
c->parent.credtype = GIT_CREDTYPE_SSH_CUSTOM;
|
||||
c->parent.free = ssh_custom_free;
|
||||
|
||||
if (username) {
|
||||
c->username = git__strdup(username);
|
||||
GITERR_CHECK_ALLOC(c->username);
|
||||
}
|
||||
c->username = git__strdup(username);
|
||||
GITERR_CHECK_ALLOC(c->username);
|
||||
|
||||
if (publickey_len > 0) {
|
||||
c->publickey = git__malloc(publickey_len);
|
||||
|
||||
@ -282,7 +282,6 @@ shutdown:
|
||||
|
||||
static int _git_ssh_authenticate_session(
|
||||
LIBSSH2_SESSION* session,
|
||||
const char *user,
|
||||
git_cred* cred)
|
||||
{
|
||||
int rc;
|
||||
@ -291,13 +290,11 @@ static int _git_ssh_authenticate_session(
|
||||
switch (cred->credtype) {
|
||||
case GIT_CREDTYPE_USERPASS_PLAINTEXT: {
|
||||
git_cred_userpass_plaintext *c = (git_cred_userpass_plaintext *)cred;
|
||||
user = c->username ? c->username : user;
|
||||
rc = libssh2_userauth_password(session, user, c->password);
|
||||
rc = libssh2_userauth_password(session, c->username, c->password);
|
||||
break;
|
||||
}
|
||||
case GIT_CREDTYPE_SSH_KEY: {
|
||||
git_cred_ssh_key *c = (git_cred_ssh_key *)cred;
|
||||
user = c->username ? c->username : user;
|
||||
|
||||
if (c->privatekey)
|
||||
rc = libssh2_userauth_publickey_fromfile(
|
||||
@ -311,7 +308,6 @@ static int _git_ssh_authenticate_session(
|
||||
case GIT_CREDTYPE_SSH_CUSTOM: {
|
||||
git_cred_ssh_custom *c = (git_cred_ssh_custom *)cred;
|
||||
|
||||
user = c->username ? c->username : user;
|
||||
rc = libssh2_userauth_publickey(
|
||||
session, c->username, (const unsigned char *)c->publickey,
|
||||
c->publickey_len, c->sign_callback, &c->sign_data);
|
||||
@ -415,15 +411,10 @@ static int _git_ssh_setup_conn(
|
||||
}
|
||||
assert(t->cred);
|
||||
|
||||
if (!user && !git_cred_has_username(t->cred)) {
|
||||
giterr_set_str(GITERR_NET, "Cannot authenticate without a username");
|
||||
goto on_error;
|
||||
}
|
||||
|
||||
if (_git_ssh_session_create(&session, s->socket) < 0)
|
||||
goto on_error;
|
||||
|
||||
if (_git_ssh_authenticate_session(session, user, t->cred) < 0)
|
||||
if (_git_ssh_authenticate_session(session, t->cred) < 0)
|
||||
goto on_error;
|
||||
|
||||
channel = libssh2_channel_open_session(session);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user