Skip to content

Commit e761df5

Browse files
ethomsonethomson
committed
gssapi: dispose after completion for retry
Disposal pattern; dispose on completion, allowing us to retry authentication, which may happen on web servers that close connection-based authenticated sessions (NTLM/SPNEGO) unexpectedly.
1 parent 89d1fc2 commit e761df5

File tree

1 file changed

+19
-13
lines changed

1 file changed

+19
-13
lines changed

src/transports/auth_negotiate.c

Lines changed: 19 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -75,6 +75,22 @@ static int negotiate_set_challenge(
7575
return 0;
7676
}
7777

78+
static void negotiate_context_dispose(http_auth_negotiate_context *ctx)
79+
{
80+
OM_uint32 status_minor;
81+
82+
if (ctx->gss_context != GSS_C_NO_CONTEXT) {
83+
gss_delete_sec_context(
84+
&status_minor, &ctx->gss_context, GSS_C_NO_BUFFER);
85+
ctx->gss_context = GSS_C_NO_CONTEXT;
86+
}
87+
88+
git_buf_dispose(&ctx->target);
89+
90+
git__free(ctx->challenge);
91+
ctx->challenge = NULL;
92+
}
93+
7894
static int negotiate_next_token(
7995
git_buf *buf,
8096
git_http_auth_context *c,
@@ -128,9 +144,7 @@ static int negotiate_next_token(
128144
input_token.length = input_buf.size;
129145
input_token_ptr = &input_token;
130146
} else if (ctx->gss_context != GSS_C_NO_CONTEXT) {
131-
/* If we're given a half-built security context, delete it so auth can continue. */
132-
gss_delete_sec_context(&status_minor, &ctx->gss_context, GSS_C_NO_BUFFER);
133-
ctx->gss_context = GSS_C_NO_CONTEXT;
147+
negotiate_context_dispose(ctx);
134148
}
135149

136150
mech = &negotiate_oid_spnego;
@@ -158,6 +172,7 @@ static int negotiate_next_token(
158172

159173
/* This message merely told us auth was complete; we do not respond. */
160174
if (status_major == GSS_S_COMPLETE) {
175+
negotiate_context_dispose(ctx);
161176
ctx->complete = 1;
162177
goto done;
163178
}
@@ -193,17 +208,8 @@ static int negotiate_is_complete(git_http_auth_context *c)
193208
static void negotiate_context_free(git_http_auth_context *c)
194209
{
195210
http_auth_negotiate_context *ctx = (http_auth_negotiate_context *)c;
196-
OM_uint32 status_minor;
197211

198-
if (ctx->gss_context != GSS_C_NO_CONTEXT) {
199-
gss_delete_sec_context(
200-
&status_minor, &ctx->gss_context, GSS_C_NO_BUFFER);
201-
ctx->gss_context = GSS_C_NO_CONTEXT;
202-
}
203-
204-
git_buf_dispose(&ctx->target);
205-
206-
git__free(ctx->challenge);
212+
negotiate_context_dispose(ctx);
207213

208214
ctx->configured = 0;
209215
ctx->complete = 0;

0 commit comments

Comments
 (0)