Mercurial > public > mercurial-scm > hg
comparison mercurial/url.py @ 45759:ff48eea4a926 stable
url: do not continue HTTP authentication with user=None (issue6425)
I initially thought this is a py3-compat bug of passwordmgr._writedebug(),
but actually returning (None, str) pair is wrong at all. HTTP authentication
would continue with user="None" in that case.
Since registering a password of user=None should also be wrong, this patch
simply adds early return.
| author | Yuya Nishihara <yuya@tcha.org> |
|---|---|
| date | Fri, 23 Oct 2020 20:33:36 +0900 |
| parents | a50f33f1ff24 |
| children | 89a2afe31e82 |
comparison
equal
deleted
inserted
replaced
| 45758:14ac6a74e7e7 | 45759:ff48eea4a926 |
|---|---|
| 93 else: | 93 else: |
| 94 user = self.ui.prompt(_(b"user:"), default=None) | 94 user = self.ui.prompt(_(b"user:"), default=None) |
| 95 | 95 |
| 96 if not passwd: | 96 if not passwd: |
| 97 passwd = self.ui.getpass() | 97 passwd = self.ui.getpass() |
| 98 | |
| 99 # As of Python 3.8, the default implementation of | |
| 100 # AbstractBasicAuthHandler.retry_http_basic_auth() assumes the user | |
| 101 # is set if pw is not None. This means (None, str) is not a valid | |
| 102 # return type of find_user_password(). | |
| 103 if user is None: | |
| 104 return None, None | |
| 98 | 105 |
| 99 self.passwddb.add_password(realm, authuri, user, passwd) | 106 self.passwddb.add_password(realm, authuri, user, passwd) |
| 100 self._writedebug(user, passwd) | 107 self._writedebug(user, passwd) |
| 101 return (pycompat.strurl(user), pycompat.strurl(passwd)) | 108 return (pycompat.strurl(user), pycompat.strurl(passwd)) |
| 102 | 109 |