Commit 6af8572c by Edward Thomson

http transport: cap number of authentication replays

Put a limit on the number of authentication replays in the HTTP
transport.  Standardize on 7 replays for authentication or redirects,
which matches the behavior of the WinHTTP transport.
parent 22654812
...@@ -66,7 +66,7 @@ typedef struct { ...@@ -66,7 +66,7 @@ typedef struct {
unsigned sent_request : 1, unsigned sent_request : 1,
received_response : 1, received_response : 1,
chunked : 1, chunked : 1,
redirect_count : 3; replay_count : 3;
} http_stream; } http_stream;
typedef struct { typedef struct {
...@@ -424,6 +424,12 @@ static int on_headers_complete(http_parser *parser) ...@@ -424,6 +424,12 @@ static int on_headers_complete(http_parser *parser)
git_buf buf = GIT_BUF_INIT; git_buf buf = GIT_BUF_INIT;
int allowed_proxy_auth_types = 0, allowed_www_auth_types = 0; int allowed_proxy_auth_types = 0, allowed_www_auth_types = 0;
/* Enforce a reasonable cap on the number of replays */
if (s->replay_count++ >= GIT_HTTP_REPLAY_MAX) {
giterr_set(GITERR_NET, "too many redirects or authentication replays");
return t->parse_error = PARSE_ERROR_GENERIC;
}
/* Both parse_header_name and parse_header_value are populated /* Both parse_header_name and parse_header_value are populated
* and ready for consumption. */ * and ready for consumption. */
if (VALUE == t->last_cb) if (VALUE == t->last_cb)
...@@ -472,11 +478,6 @@ static int on_headers_complete(http_parser *parser) ...@@ -472,11 +478,6 @@ static int on_headers_complete(http_parser *parser)
parser->status_code == 308) && parser->status_code == 308) &&
t->location) { t->location) {
if (s->redirect_count >= 7) {
giterr_set(GITERR_NET, "too many redirects");
return t->parse_error = PARSE_ERROR_GENERIC;
}
if (gitno_connection_data_from_url(&t->gitserver_data, t->location, s->service_url) < 0) if (gitno_connection_data_from_url(&t->gitserver_data, t->location, s->service_url) < 0)
return t->parse_error = PARSE_ERROR_GENERIC; return t->parse_error = PARSE_ERROR_GENERIC;
...@@ -489,8 +490,6 @@ static int on_headers_complete(http_parser *parser) ...@@ -489,8 +490,6 @@ static int on_headers_complete(http_parser *parser)
t->location = NULL; t->location = NULL;
t->connected = 0; t->connected = 0;
s->redirect_count++;
t->parse_error = PARSE_ERROR_REPLAY; t->parse_error = PARSE_ERROR_REPLAY;
return 0; return 0;
} }
......
...@@ -10,6 +10,8 @@ ...@@ -10,6 +10,8 @@
#include "buffer.h" #include "buffer.h"
#define GIT_HTTP_REPLAY_MAX 7
GIT_INLINE(int) git_http__user_agent(git_buf *buf) GIT_INLINE(int) git_http__user_agent(git_buf *buf)
{ {
const char *ua = git_libgit2__user_agent(); const char *ua = git_libgit2__user_agent();
......
...@@ -932,7 +932,7 @@ static int winhttp_stream_read( ...@@ -932,7 +932,7 @@ static int winhttp_stream_read(
replay: replay:
/* Enforce a reasonable cap on the number of replays */ /* Enforce a reasonable cap on the number of replays */
if (++replay_count >= 7) { if (replay_count++ >= GIT_HTTP_REPLAY_MAX) {
giterr_set(GITERR_NET, "too many redirects or authentication replays"); giterr_set(GITERR_NET, "too many redirects or authentication replays");
return -1; return -1;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment