mirror of
https://github.com/git/git.git
synced 2024-05-25 12:26:12 +02:00
Merge branch 'js/http-pki-credential-store' into next
The http codepath learned to let the credential layer to cache the password used to unlock a certificate that has successfully been used. * js/http-pki-credential-store: http: drop the check for an empty proxy password before approving http: store credential when PKI auth is used
This commit is contained in:
commit
0df16bc9b3
13
http.c
13
http.c
|
@ -1635,9 +1635,18 @@ static int handle_curl_result(struct slot_results *results)
|
||||||
|
|
||||||
if (results->curl_result == CURLE_OK) {
|
if (results->curl_result == CURLE_OK) {
|
||||||
credential_approve(&http_auth);
|
credential_approve(&http_auth);
|
||||||
if (proxy_auth.password)
|
credential_approve(&proxy_auth);
|
||||||
credential_approve(&proxy_auth);
|
credential_approve(&cert_auth);
|
||||||
return HTTP_OK;
|
return HTTP_OK;
|
||||||
|
} else if (results->curl_result == CURLE_SSL_CERTPROBLEM) {
|
||||||
|
/*
|
||||||
|
* We can't tell from here whether it's a bad path, bad
|
||||||
|
* certificate, bad password, or something else wrong
|
||||||
|
* with the certificate. So we reject the credential to
|
||||||
|
* avoid caching or saving a bad password.
|
||||||
|
*/
|
||||||
|
credential_reject(&cert_auth);
|
||||||
|
return HTTP_NOAUTH;
|
||||||
} else if (missing_target(results))
|
} else if (missing_target(results))
|
||||||
return HTTP_MISSING_TARGET;
|
return HTTP_MISSING_TARGET;
|
||||||
else if (results->http_code == 401) {
|
else if (results->http_code == 401) {
|
||||||
|
|
Loading…
Reference in New Issue