Skip to content

G
git2
Commit 2d6a61bd by Edward Thomson
Options

gssapi: validate that we were requested Negotiate

parent e761df5c
Showing with 5 additions and 3 deletions
src/transports/auth_negotiate.c
...@@ -128,11 +128,13 @@ static int negotiate_next_token( ...@@ -128,11 +128,13 @@ static int negotiate_next_token(
challenge_len = ctx->challenge ? strlen(ctx->challenge) : 0; challenge_len = ctx->challenge ? strlen(ctx->challenge) : 0;
if (challenge_len < 9) { if (challenge_len < 9 || memcmp(ctx->challenge, "Negotiate", 9) != 0) {
git_error_set(GIT_ERROR_NET, "no negotiate challenge sent from server"); git_error_set(GIT_ERROR_NET, "server did not request negotiate");
error = -1; error = -1;
goto done; goto done;
} else if (challenge_len > 9) { }
if (challenge_len > 9) {
if (git_buf_decode_base64(&input_buf, if (git_buf_decode_base64(&input_buf,
ctx->challenge + 10, challenge_len - 10) < 0) { ctx->challenge + 10, challenge_len - 10) < 0) {
git_error_set(GIT_ERROR_NET, "invalid negotiate challenge from server"); git_error_set(GIT_ERROR_NET, "invalid negotiate challenge from server");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment