Address feedback

src/transports/cred_helpers.c

@@ -23,7 +23,9 @@ int git_cred_userpass(
 	if (!userpass || !userpass->password) return -1;
 
 	/* Username resolution: a username can be passed with the URL, the
-	 * credentials payload, or both. Here's what we do.
+	 * credentials payload, or both. Here's what we do.  Note that if we get
+	 * this far, we know that any password the url may contain has already
+	 * failed at least once, so we ignore it.
 	 *
 	 * |  Payload    |   URL    |   Used    |
 	 * +-------------+----------+-----------+
@@ -32,10 +34,12 @@ int git_cred_userpass(
 	 * |    no       |   yes    |  url      |
 	 * |    no       |   no     |  FAIL     |
 	 */
+	if (userpass->username)
 		effective_username = userpass->username;
-	if (!userpass->username && user_from_url)
+	else if (user_from_url)
 		effective_username = user_from_url;
-	if (!effective_username) return -1;
+	else
+		return -1;
 
 	if ((GIT_CREDTYPE_USERPASS_PLAINTEXT & allowed_types) == 0 ||
 			git_cred_userpass_plaintext_new(cred, effective_username, userpass->password) < 0)

src/transports/git.c

@@ -201,8 +201,8 @@ static int _git_uploadpack_ls(
 	t->current_stream = s;
 	git__free(host);
 	git__free(port);
-	if (user) git__free(user);
-	if (pass) git__free(pass);
+	git__free(user);
+	git__free(pass);
 	return 0;
 
 on_error:
@@ -257,8 +257,8 @@ static int _git_receivepack_ls(
 	t->current_stream = s;
 	git__free(host);
 	git__free(port);
-	if (user) git__free(user);
-	if (pass) git__free(pass);
+	git__free(user);
+	git__free(pass);
 	return 0;
 
 on_error: