From: Jeff King <peff@peff.net>
To: Nelson Benitez Leon <nelsonjesus.benitez@seap.minhap.es>
Cc: Sam Vilain <sam@vilain.net>, git@vger.kernel.org
Subject: Re: [PATCH v2 3/3] http: when proxy url has username but no password, ask for password
Date: Fri, 2 Mar 2012 07:45:39 -0500 [thread overview]
Message-ID: <20120302124538.GA10637@sigill.intra.peff.net> (raw)
In-Reply-To: <4F50CC41.5020307@seap.minhap.es>
On Fri, Mar 02, 2012 at 02:33:53PM +0100, Nelson Benitez Leon wrote:
> > So there's the history lesson. What should proxy auth do?
> >
> > 1. Definitely respond to HTTP 407 by prompting on the fly; this code
> > should go along-side the HTTP 401 code in http.c.
> >
> > 2. Definitely do the pre-prompt thing when http_proactive_auth is set
> > (which is used only by http-push). Unless somebody really feels
> > like re-writing http-push to handle retries for authentication.
> >
> > 3. Consider doing the pre-prompt thing when http_proactive_auth is not
> > set. This can save a round-trip, but we should not do it if there
> > is a good reason not to. The two possible reasons I can think of
> > are:
> >
> > a. Like http auth, if curl will read the proxy credentials from
> > .netrc, then we should not do it for the same reasons
> > mentioned in 986bbc0.
> >
> > b. If people realistically have proxy URLs with usernames but do
> > _not_ want to ask for a password, then the prompt will be
> > annoying. I'm not sure that anybody expects that.
>
> So, trying to sum up, I will try to redo patch-set as follows:
> - Ignore PATCH 2/3 , that is, we won't read any env var.
> - Let cURL try to connect and if that fails with 407 , then do a credential_fill
> and try to reconnect.
>
> Is that ok? or do I need to do something more?
I think you'll still need to read the env var, because you'll need to
know the proxy URL when getting the password (to ask credential helpers
properly, and to prompt the user).
Also, I think you'll need to call credential_fill() when
http_proactive_auth is set. Otherwise http-push will not be able to do
proxy auth.
-Peff
next prev parent reply other threads:[~2012-03-02 12:45 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-01 18:22 [PATCH v2 3/3] http: when proxy url has username but no password, ask for password Nelson Benitez Leon
2012-03-01 17:49 ` Sam Vilain
2012-03-01 21:58 ` Jeff King
2012-03-02 13:33 ` Nelson Benitez Leon
2012-03-02 12:45 ` Jeff King [this message]
2012-03-02 14:05 ` Nelson Benitez Leon
2012-03-02 13:52 ` Jeff King
2012-03-01 19:16 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120302124538.GA10637@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=git@vger.kernel.org \
--cc=nelsonjesus.benitez@seap.minhap.es \
--cc=sam@vilain.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).