Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid credentials result in infinite loop #592

Closed
cschlack opened this issue Apr 22, 2016 · 2 comments
Closed

Invalid credentials result in infinite loop #592

cschlack opened this issue Apr 22, 2016 · 2 comments

Comments

@cschlack
Copy link 

credentials = Rugged::Credentials::UserPassword.new({ username: 'user', password: 'abcd' })
repository = Rugged::Repository.clone_at('https://github.com/libgit2/private_repository',
                                         'repository_clone/',
                                         { credentials: credentials })

results in an infinite loop.

According to libgit2/libgit2#3358 and https://libgit2.github.com/libgit2/#HEAD/group/callback/git_cred_acquire_cb

git_cred_acquire_cb() is supposed to return GIT_EAUTH in case of invalid credentials, otherwise the callback will be called indefinitely.

Since username and password are static in this example, the callback returns GIT_OK (

rugged/ext/rugged/rugged_remote.c

Line 155 in 884f367

return payload->exception ? GIT_ERROR : GIT_OK;
) and we're caught in the callback loop.
@cschlack cschlack mentioned this issue Apr 27, 2016
Closed
@scotje scotje mentioned this issue May 16, 2016
Merged
@cschlack
Copy link
Author

cschlack commented Jan 12, 2017
edited
Loading

fixed with #596

@cschlack cschlack reopened this Jan 12, 2017
@mkanoor
Copy link
Contributor

mkanoor commented Apr 21, 2017

@cschlack
I think rugged uses the callback paradigm for credentials, so that you can hook it into a UI and keep asking the user for userid/password in case he enters an invalid one. From a UI perspective if the user hits cancel after several attempts it can raise its own error which rugged will propagate back to you.

I have a small script that I used with callbacks that sets the password once via a callback and on the next call it raises an exception. This sample uses a global variable but you could use an instance variable and achieve the same thing.

require 'rugged'

def self_signed(valid, host) 
  true
end

$credentials_set = false
def credentials(url, username, allowed_types)
  raise "Invalid credentials" if $credentials_set
  $credentials_set = true
  Rugged::Credentials::UserPassword.new(:username => "root", :password => "secret")
end

options = {:remote             => 'origin',
           :credentials        => method(:credentials),
           :certificate_check  => method(:self_signed)}
begin
  Rugged::Repository.clone_at("https://a.b.c", "/tmp/dir", options)
rescue Rugged => e
  puts e.message
end

@mkanoor mkanoor mentioned this issue Apr 25, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cschlack @mkanoor