From: Nicholas Miell <nmiell@gmail.com>
To: gsky51@gmail.com
Cc: git@vger.kernel.org, Nicholas Miell <nmiell@gmail.com>
Subject: [PATCH] Use the best HTTP authentication method supported by the server
Date: Fri, 2 Oct 2009 12:04:46 -0700 [thread overview]
Message-ID: <1254510286-23155-1-git-send-email-nmiell@gmail.com> (raw)
In-Reply-To: <25718488.post@talk.nabble.com>
Currently, libcurl is limited to using HTTP Basic authentication if a
username and password are specified. HTTP Basic passes the username
and password to the server as plaintext, which is obviously
suboptimal. Furthermore, some servers are configured to require a more
secure authentication method (e.g. Digest or NTLM), which means that
git can't talk to them at all.
This is easily solved by telling libcurl to use any HTTP
authentication method it pleases. I leave the decision as to whether
HTTP Basic (i.e. completely insecure) should be allowed at all to
somebody else. This can be easily changed in the future by using
CURLAUTH_ANYSAFE instead of CURLAUTH_ANY.
Signed-off-by: Nicholas Miell <nmiell@gmail.com>
---
http.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
This passes make test; but I haven't actually tested it on a real
HTTP server.
diff --git a/http.c b/http.c
index 23b2a19..1937b45 100644
--- a/http.c
+++ b/http.c
@@ -185,6 +185,7 @@ static void init_curl_http_auth(CURL *result)
if (!user_pass)
user_pass = xstrdup(getpass("Password: "));
strbuf_addf(&up, "%s:%s", user_name, user_pass);
+ curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
curl_easy_setopt(result, CURLOPT_USERPWD,
strbuf_detach(&up, NULL));
}
--
1.6.2.5
next prev parent reply other threads:[~2009-10-02 19:05 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-10-02 17:28 HTTP NTLM Authentication gsky
2009-10-02 19:04 ` Nicholas Miell [this message]
2009-11-27 15:41 ` [PATCH 0/2] http: allow multi-pass authentication Tay Ray Chuan
2009-04-14 21:56 ` [PATCH v2] Add an option for using any HTTP authentication scheme, not only basic Martin Storsjö
2009-04-14 20:52 ` [PATCH] " Martin Storsjö
2009-04-14 21:08 ` Johannes Schindelin
2009-04-14 21:15 ` Martin Storsjö
2009-04-14 21:42 ` Johannes Schindelin
2009-12-01 10:28 ` [PATCH 0/2] http: allow multi-pass authentication Martin Storsjö
2009-12-01 10:33 ` [PATCH/RFC] Allow curl to rewind the RPC read buffer Martin Storsjö
2009-12-01 16:01 ` Shawn O. Pearce
2009-12-01 16:12 ` Tay Ray Chuan
2009-12-01 16:16 ` Shawn O. Pearce
2009-12-01 16:51 ` Martin Storsjö
2009-12-01 17:49 ` Junio C Hamano
2009-12-02 2:32 ` Tay Ray Chuan
2009-12-02 7:45 ` Martin Storsjö
2009-12-01 10:37 ` [PATCH/RFC] Allow curl to rewind the RPC read buffer at any time Martin Storsjö
2009-12-01 16:14 ` Shawn O. Pearce
2009-12-01 16:59 ` Martin Storsjö
2009-12-02 3:15 ` Tay Ray Chuan
2009-12-01 18:18 ` Daniel Stenberg
2009-12-02 2:03 ` Tay Ray Chuan
2009-12-02 9:19 ` Daniel Stenberg
2009-12-02 9:32 ` Martin Storsjö
2009-12-02 10:04 ` Daniel Stenberg
2009-11-27 15:42 ` [PATCH 1/2] http: maintain curl sessions Tay Ray Chuan
2009-11-27 15:43 ` [PATCH 2/2] Add an option for using any HTTP authentication scheme, not only basic Tay Ray Chuan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1254510286-23155-1-git-send-email-nmiell@gmail.com \
--to=nmiell@gmail.com \
--cc=git@vger.kernel.org \
--cc=gsky51@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).