From b379a5b0a5d0a129f52f1060e0800225c1b70f7f Mon Sep 17 00:00:00 2001 From: Nelson Elhage Date: Sat, 16 Jul 2016 15:33:58 -0700 Subject: [PATCH] git: only attempt ssh-agent authentication once This prevents infinite looping if ssh-agent authentication fails. closes #2845 --- src/cargo/sources/git/utils.rs | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/cargo/sources/git/utils.rs b/src/cargo/sources/git/utils.rs index 068dc3cf0..7ffdddade 100644 --- a/src/cargo/sources/git/utils.rs +++ b/src/cargo/sources/git/utils.rs @@ -398,6 +398,7 @@ fn with_authentication(url: &str, cfg: &git2::Config, mut f: F) let mut cred_helper_bad = None; let mut ssh_agent_attempts = Vec::new(); let mut any_attempts = false; + let mut tried_sshkey = false; let mut res = f(&mut |url, username, allowed| { any_attempts = true; @@ -433,7 +434,12 @@ fn with_authentication(url: &str, cfg: &git2::Config, mut f: F) // If we get called with this then the only way that should be possible // is if a username is specified in the URL itself (e.g. `username` is // Some), hence the unwrap() here. We try custom usernames down below. - if allowed.contains(git2::SSH_KEY) { + if allowed.contains(git2::SSH_KEY) && !tried_sshkey { + // If ssh-agent authentication fails, libgit2 will keep + // calling this callback asking for other authentication + // methods to try. Make sure we only try ssh-agent once, + // to avoid looping forever. + tried_sshkey = true; let username = username.unwrap(); debug_assert!(!ssh_username_requested); ssh_agent_attempts.push(username.to_string()); -- 2.30.2