Mercurial > hg
changeset 29639:6fd751fa58d3 stable
url: avoid re-issuing incorrect password (issue3210)
Some draconian IT setups lock accounts after a small number of incorrect
password attempts. Mercurial's implementation of the urllib2 authentication was
causing 5 retry attempts with the same credentials, without prompting the user.
The code was attempting to check whether the authorization token had changed,
but unfortunately was reading the misleading 'headers' member of the request
instead of using the 'get_header' accessor.
Modelled on fix for Python issue 8797:
https://bugs.python.org/issue8797
https://hg.python.org/cpython/rev/30e8a8f22a2a
author | Kim Randell <Kim.Randell@vicon.com> |
---|---|
date | Fri, 29 Jul 2016 12:46:07 +0100 |
parents | 491ee264b9f6 |
children | 17b3309bfdff 716c01161852 |
files | mercurial/url.py |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mercurial/url.py Wed Jul 27 15:22:36 2016 -0500 +++ b/mercurial/url.py Fri Jul 29 12:46:07 2016 +0100 @@ -451,7 +451,7 @@ if pw is not None: raw = "%s:%s" % (user, pw) auth = 'Basic %s' % base64.b64encode(raw).strip() - if req.headers.get(self.auth_header, None) == auth: + if req.get_header(self.auth_header, None) == auth: return None self.auth = auth req.add_unredirected_header(self.auth_header, auth)