Fossil SCM
Detect authorization looping and exit fatally when limit exceeded.
Commit
08d487ed732e4dbb0b44e3c072a9d2efa56fc74c
Parent
fcaa8ea99afd55a…
1 file changed
+3
+3
| --- src/http.c | ||
| +++ src/http.c | ||
| @@ -202,10 +202,13 @@ | ||
| 202 | 202 | if( fossil_strnicmp(zLine, "http/1.", 7)==0 ){ |
| 203 | 203 | if( sscanf(zLine, "HTTP/1.%d %d", &iHttpVersion, &rc)!=2 ) goto write_err; |
| 204 | 204 | if( rc==401 ){ |
| 205 | 205 | g.fUseHttpAuth = 1; |
| 206 | 206 | transport_close(GLOBAL_URL()); |
| 207 | + if( --maxRedirect == 0 ){ | |
| 208 | + fossil_fatal("http authorization limit exceeded"); | |
| 209 | + } | |
| 207 | 210 | return http_exchange(pSend, pReply, useLogin, maxRedirect); |
| 208 | 211 | } |
| 209 | 212 | if( rc!=200 && rc!=302 ){ |
| 210 | 213 | int ii; |
| 211 | 214 | for(ii=7; zLine[ii] && zLine[ii]!=' '; ii++){} |
| 212 | 215 |
| --- src/http.c | |
| +++ src/http.c | |
| @@ -202,10 +202,13 @@ | |
| 202 | if( fossil_strnicmp(zLine, "http/1.", 7)==0 ){ |
| 203 | if( sscanf(zLine, "HTTP/1.%d %d", &iHttpVersion, &rc)!=2 ) goto write_err; |
| 204 | if( rc==401 ){ |
| 205 | g.fUseHttpAuth = 1; |
| 206 | transport_close(GLOBAL_URL()); |
| 207 | return http_exchange(pSend, pReply, useLogin, maxRedirect); |
| 208 | } |
| 209 | if( rc!=200 && rc!=302 ){ |
| 210 | int ii; |
| 211 | for(ii=7; zLine[ii] && zLine[ii]!=' '; ii++){} |
| 212 |
| --- src/http.c | |
| +++ src/http.c | |
| @@ -202,10 +202,13 @@ | |
| 202 | if( fossil_strnicmp(zLine, "http/1.", 7)==0 ){ |
| 203 | if( sscanf(zLine, "HTTP/1.%d %d", &iHttpVersion, &rc)!=2 ) goto write_err; |
| 204 | if( rc==401 ){ |
| 205 | g.fUseHttpAuth = 1; |
| 206 | transport_close(GLOBAL_URL()); |
| 207 | if( --maxRedirect == 0 ){ |
| 208 | fossil_fatal("http authorization limit exceeded"); |
| 209 | } |
| 210 | return http_exchange(pSend, pReply, useLogin, maxRedirect); |
| 211 | } |
| 212 | if( rc!=200 && rc!=302 ){ |
| 213 | int ii; |
| 214 | for(ii=7; zLine[ii] && zLine[ii]!=' '; ii++){} |
| 215 |