From: Nelson Benitez Leon <nelsonjesus.benitez@seap.minhap.es>
To: git@vger.kernel.org
Cc: Jeff King <peff@peff.net>
Subject: [PATCH 2/6] http: handle proxy proactive authentication
Date: Thu, 03 May 2012 18:39:54 +0200 [thread overview]
Message-ID: <4FA2B4DA.60908@seap.minhap.es> (raw)
If http_proactive_auth flag is set and there is a username
but no password in the proxy url, then interactively ask for
the password.
This makes possible to not have the password written down in
http_proxy env var or in http.proxy config option.
Also take care that CURLOPT_PROXY don't include username or
password, as we now set them in the new set_proxy_auth() function
where we use their specific cURL options.
Signed-off-by: Nelson Benitez Leon <nbenitezl@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
http.c | 28 +++++++++++++++++++++++++++-
1 files changed, 27 insertions(+), 1 deletions(-)
diff --git a/http.c b/http.c
index 64df7b1..02f9fcd 100644
--- a/http.c
+++ b/http.c
@@ -43,6 +43,7 @@ static int curl_ftp_no_epsv;
static const char *curl_http_proxy;
static const char *curl_cookie_file;
static struct credential http_auth = CREDENTIAL_INIT;
+static struct credential proxy_auth = CREDENTIAL_INIT;
static int http_proactive_auth;
static const char *user_agent;
@@ -272,6 +273,20 @@ static int has_cert_password(void)
return 1;
}
+static void set_proxy_auth(CURL *result)
+{
+ if (proxy_auth.username && proxy_auth.password) {
+#if LIBCURL_VERSION_NUM >= 0x071301
+ curl_easy_setopt(result, CURLOPT_PROXYUSERNAME, proxy_auth.username);
+ curl_easy_setopt(result, CURLOPT_PROXYPASSWORD, proxy_auth.password);
+#else
+ struct strbuf userpwd = STRBUF_INIT;
+ strbuf_addf(&userpwd, "%s:%s", proxy_auth.username, proxy_auth.password);
+ curl_easy_setopt(result, CURLOPT_PROXYUSERPWD, strbuf_detach(&userpwd, NULL));
+#endif
+ }
+}
+
static CURL *get_curl_handle(const char *url)
{
CURL *result = curl_easy_init();
@@ -351,8 +366,19 @@ static CURL *get_curl_handle(const char *url)
}
if (curl_http_proxy) {
- curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
+ struct strbuf proxyhost = STRBUF_INIT;
+
+ if (!proxy_auth.host) /* check to parse only once */
+ credential_from_url(&proxy_auth, curl_http_proxy);
+
+ if (http_proactive_auth && proxy_auth.username && !proxy_auth.password)
+ /* proxy string has username but no password, ask for password */
+ credential_fill(&proxy_auth);
+
+ strbuf_addf(&proxyhost, "%s://%s", proxy_auth.protocol, proxy_auth.host);
+ curl_easy_setopt(result, CURLOPT_PROXY, strbuf_detach(&proxyhost, NULL));
curl_easy_setopt(result, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
+ set_proxy_auth(result);
}
return result;
--
1.7.7.6
next reply other threads:[~2012-05-03 15:42 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-03 16:39 Nelson Benitez Leon [this message]
2012-05-04 7:16 ` [PATCH 2/6] http: handle proxy proactive authentication Jeff King
2012-05-04 11:10 ` Nelson Benitez Leon
2012-05-04 10:51 ` Jeff King
2012-05-04 13:55 ` Nelson Benitez Leon
2012-05-04 13:55 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4FA2B4DA.60908@seap.minhap.es \
--to=nelsonjesus.benitez@seap.minhap.es \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.