diff options
| author | Edward Thomson <ethomson@edwardthomson.com> | 2015-03-03 17:59:44 -0500 |
|---|---|---|
| committer | Edward Thomson <ethomson@edwardthomson.com> | 2015-03-03 17:59:44 -0500 |
| commit | 9ce97782b412edb55b4bf8cb63e863d49745e09d (patch) | |
| tree | 1e8703609edb37f307cb8cd875bfc4968b9d964d | |
| parent | f438dbe1910fcb39d8d883543663274f58405bca (diff) | |
| parent | e892b6a92772742e2f30f855e36762b679383fb0 (diff) | |
| download | libgit2-9ce97782b412edb55b4bf8cb63e863d49745e09d.tar.gz | |
Merge pull request #2941 from libgit2/cmn/http-enforce-cred
http: enforce the credential types
| -rw-r--r-- | src/transports/http.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/transports/http.c b/src/transports/http.c index 807e08044..0907afa6d 100644 --- a/src/transports/http.c +++ b/src/transports/http.c @@ -350,6 +350,11 @@ static int on_headers_complete(http_parser *parser) } else { assert(t->cred); + if (!(t->cred->credtype & allowed_auth_types)) { + giterr_set(GITERR_NET, "credentials callback returned an invalid cred type"); + return t->parse_error = PARSE_ERROR_GENERIC; + } + /* Successfully acquired a credential. */ t->parse_error = PARSE_ERROR_REPLAY; return 0; |