From: Jeff King <peff@peff.net>
To: Junio C Hamano <gitster@pobox.com>
Cc: Stefan Naewe <stefan.naewe@gmail.com>,
Michael J Gruber <git@drmicha.warpmail.net>,
git@vger.kernel.org
Subject: Re: [ANNOUNCE] Git 1.7.8.rc0
Date: Wed, 2 Nov 2011 16:09:47 -0400 [thread overview]
Message-ID: <20111102200947.GA5628@sigill.intra.peff.net> (raw)
In-Reply-To: <7vwrbiibgz.fsf@alter.siamese.dyndns.org>
On Wed, Nov 02, 2011 at 12:13:48PM -0700, Junio C Hamano wrote:
> > The simplest thing is to just drop the behavior in (2), and let it drop
> > to a 401. The extra round trip probably isn't that big a deal.
>
> That is essentially what Stefan's fix is about.
Right. I think it may be the sanest thing to do.
> The cases we have "extra" roundtrip are:
>
> - when you have username@ in URL but no password is stored in .netrc;
> - when you have username@ in URL and no $HOME/.netrc file.
>
> and in such a case using URL without username@ in it as a workaround would
> save the roundtrip but forces you to type your username@ over and over
> again, which is _not_ a real workaround.
Yeah. There's no way for us to know before we hand off to curl what you
have in netrc. So these netrc cases will always be at odds with the
no-netrc case.
Normally I would say to implement in favor of the no-netrc case, as it
is probably more common (and will hopefully be more so after the auth
helpers are finished). But the problem is that the penalties are
different. On the one hand, we have the extra http round-trip. Which is
annoying, but mostly invisible to the user. But on the other, we have
git prompting the user unnecessarily, which is just awful.
> > The other option is to start parsing netrc ourselves, or do the extra
> > round trip if we detect ~/.netrc or something. But that last one is
> > getting pretty hackish.
>
> I tend to agree that we wouldn't want to parse netrc ourselves (that is
> what library support e.g. CURLOPT_NETRC is for). The latter is hackish but
> on the other hand it is a cheap, simple and useful hack.
Note that it's not always right, of course. You might have a .netrc but
no entry for that host. But at least it lets the common case people
(i.e., people who never heard of or touched netrc) to avoid the round
trip.
> How would the upcoming keystore support fit in this picture, by the way?
Any time we would call getpass(), we ask the helper for the credential.
So for user@host, we would call out to the helper for the password
proactively, and otherwise wait for a 401.
We _could_ be proactive and actually ask the helpers for a username and
password even for "https://host/repo", which would save a round-trip to
get the 401 in some cases. But that assumes that asking the helper is
cheap. It might actually require the user inputting a password to unlock
the keystore, which would be annoying if the remote doesn't require
auth at all.
We could try to be clever and use a heuristic that fetch probably
doesn't need auth, but push does. Then fetch gets the extra round-trip
but push doesn't. But that just seems needlessly complex to save one
http round-trip on push.
-Peff
next prev parent reply other threads:[~2011-11-02 20:09 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-10-31 5:00 [ANNOUNCE] Git 1.7.8.rc0 Junio C Hamano
2011-10-31 14:17 ` Stefan Näwe
2011-10-31 17:19 ` Junio C Hamano
2011-11-01 9:53 ` Stefan Näwe
2011-11-01 18:12 ` Junio C Hamano
2011-11-01 18:19 ` Jeff King
2011-11-01 20:06 ` Stefan Naewe
2011-11-01 20:18 ` Stefan Naewe
2011-11-02 10:27 ` Michael J Gruber
2011-11-02 18:03 ` Jeff King
2011-11-02 18:10 ` Jeff King
2011-11-02 19:13 ` Junio C Hamano
2011-11-02 20:09 ` Jeff King [this message]
2011-11-03 23:02 ` Junio C Hamano
2011-11-01 21:53 ` Stefan Naewe
2011-11-02 8:52 ` [RFC/PATCH] http-push: don't always prompt for password (Was Re: [ANNOUNCE] Git 1.7.8.rc0) Stefan Näwe
2011-11-02 14:08 ` Michael J Gruber
2011-11-02 17:13 ` [RFC/PATCH] http-push: don't always prompt for password Junio C Hamano
2011-11-02 17:23 ` Jeff King
2011-11-02 17:40 ` Junio C Hamano
2011-11-04 7:03 ` [PATCH] " Stefan Naewe
2011-11-04 16:48 ` Junio C Hamano
2011-11-04 17:43 ` Jeff King
2011-11-04 19:06 ` Junio C Hamano
2011-11-04 18:34 ` Stefan Naewe
2011-11-05 6:45 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111102200947.GA5628@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=git@drmicha.warpmail.net \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=stefan.naewe@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).