Prompt for public key when invalid

Previously if the public key file exists and the private key was correct we could get into a scenario where we would never prompt for the public key to be changed.
JuliaLang · Sep 21, 2017 · d6e0c5b · d6e0c5b
1 parent 335c5aa
commit d6e0c5b
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 7 deletions.
diff --git a/base/libgit2/callbacks.jl b/base/libgit2/callbacks.jl
@@ -108,11 +108,11 @@ function authenticate_ssh(libgit2credptr::Ptr{Ptr{Void}}, p::CredentialPayload,
         prompt_url = git_url(scheme=p.scheme, host=p.host, username=cred.user)
 
         # For SSH we need a private key location
+        last_private_key = cred.prvkey
         if !isfile(cred.prvkey) || !revised
             response = Base.prompt("Private key location for '$prompt_url'",
                 default=cred.prvkey)
             isnull(response) && return user_abort()
-            last_private_key = cred.prvkey
             cred.prvkey = unsafe_get(response)
 
             # Only update the public key if the private key changed
@@ -123,13 +123,15 @@ function authenticate_ssh(libgit2credptr::Ptr{Ptr{Void}}, p::CredentialPayload,
 
         # For SSH we need a public key location. Avoid asking about the public key as
         # typically this will just annoy users.
-        if !isfile(cred.pubkey) && isfile(cred.prvkey)
+        stale = !p.first_pass && cred.prvkey == last_private_key && cred.pubkey != cred.prvkey * ".pub"
+        if isfile(cred.prvkey) && (stale || !isfile(cred.pubkey))
             response = Base.prompt("Public key location for '$prompt_url'",
                 default=cred.pubkey)
             isnull(response) && return user_abort()
             cred.pubkey = unsafe_get(response)
         end
 
+        # Ask for a passphrase when the private key exists and requires a passphrase
         if isempty(cred.pass) && is_passphrase_required(cred.prvkey)
             if Sys.iswindows()
                 response = Base.winprompt(

diff --git a/test/libgit2.jl b/test/libgit2.jl
@@ -1886,9 +1886,6 @@ mktempdir() do dir
                 @test auth_attempts == 1
             end
 
-            # TODO: Tests are currently broken. Credential callback currently infinite loops
-            # and never prompts user to change private keys.
-            #=
             # Explicitly set the public key ENV variable to a public key that doesn't match
             # the private key.
             withenv("SSH_KEY_PATH" => valid_key,
@@ -1901,9 +1898,8 @@ mktempdir() do dir
                 ]
                 err, auth_attempts = challenge_prompt(ssh_ex, challenges)
                 @test err == git_ok
-                @test auth_attempts == 1
+                @test auth_attempts == 2
             end
-            =#
         end
 
         @testset "HTTPS credential prompt" begin