Re: [PATCH v2 1/1] http: allow authenticating proactively

[Junio C Hamano <gitster@pobox.com>]

"brian m. carlson" <sandals@crustytoothpaste.net> writes:

> If we're in auto mode and we got a username and password, set the
> authentication scheme to Basic.  libcurl will not send authentication
> proactively unless there's a single choice of allowed authentication,
> and we know in this case we didn't get an authtype entry telling us what
> scheme to use, or we would have taken a different codepath and written
> the header ourselves.  In any event, of the other schemes that libcurl
> supports, Digest and NTLM require a nonce or challenge, which means that
> they cannot work with proactive auth, and GSSAPI does not use a username
> and password at all, so Basic is the only logical choice among the
> built-in options.

Nice explanation.

> +http.proactiveAuth::
> +	Attempt authentication without first making an unauthenticated attempt and
> +	receiving a 401 response. This can be used to ensure that all requests are
> +	authenticated. If `http.emptyAuth` is set to true, this value has no effect.
> ++
> +If the credential helper used specifies an authentication scheme (i.e., via the
> +`authtype` field), that value will be used; if a username and password is
> +provided without a scheme, then Basic authentication is used.  The value of the
> +option determines the scheme requested from the helper. Possible values are:
> ++
> +--
> +* `basic` - Request Basic authentication from the helper.
> +* `auto` - Allow the helper to pick an appropriate scheme.
> +* `none` - Disable proactive authentication.
> +--
> ++
> +Note that TLS should always be used with this configuration, since otherwise it
> +is easy to accidentally expose plaintext credentials if Basic authentication
> +is selected.

OK.

> @@ -539,6 +552,18 @@ static int http_options(const char *var, const char *value,
>  		return 0;
>  	}
>  
> +	if (!strcmp("http.proactiveauth", var)) {

If we choose to make

	[http] proactiveauth ; nothing else on the line

an error, we could do

		if (!value)
                	return config_error_nonbool(var);

and lose all the "we have to make sure value is not NULL before
feeding it to strcmp()" checks below.

Or 

		if (!value) {
			warning(_("http.proactiveauth set to true???"));
                        return 0;
		}

if we wanted to be more lenient (which is more in line with how we
treat unknown string value below).

> +		if (value && !strcmp(value, "auto"))
> +			http_proactive_auth = PROACTIVE_AUTH_AUTO;
> +		else if (value && !strcmp(value, "basic"))
> +			http_proactive_auth = PROACTIVE_AUTH_BASIC;
> +		else if (value && !strcmp(value, "none"))
> +			http_proactive_auth = PROACTIVE_AUTH_NONE;
> +		else
> +			warning(_("Unknown value for http.proactiveauth"));
> +		return 0;
> +	}
> +

Other than that I saw nothing puzzling or curious.  Looking very
good.

Thanks.  Will queue.