From: Nelson Benitez Leon <nelsonjesus.benitez@seap.minhap.es>
To: git@vger.kernel.org
Cc: Jeff King <peff@peff.net>
Subject: [PATCH 2/6] http: handle proxy proactive authentication
Date: Thu, 03 May 2012 18:39:54 +0200 [thread overview]
Message-ID: <4FA2B4DA.60908@seap.minhap.es> (raw)
If http_proactive_auth flag is set and there is a username
but no password in the proxy url, then interactively ask for
the password.
This makes possible to not have the password written down in
http_proxy env var or in http.proxy config option.
Also take care that CURLOPT_PROXY don't include username or
password, as we now set them in the new set_proxy_auth() function
where we use their specific cURL options.
Signed-off-by: Nelson Benitez Leon <nbenitezl@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
http.c | 28 +++++++++++++++++++++++++++-
1 files changed, 27 insertions(+), 1 deletions(-)
diff --git a/http.c b/http.c
index 64df7b1..02f9fcd 100644
--- a/http.c
+++ b/http.c
@@ -43,6 +43,7 @@ static int curl_ftp_no_epsv;
static const char *curl_http_proxy;
static const char *curl_cookie_file;
static struct credential http_auth = CREDENTIAL_INIT;
+static struct credential proxy_auth = CREDENTIAL_INIT;
static int http_proactive_auth;
static const char *user_agent;
@@ -272,6 +273,20 @@ static int has_cert_password(void)
return 1;
}
+static void set_proxy_auth(CURL *result)
+{
+ if (proxy_auth.username && proxy_auth.password) {
+#if LIBCURL_VERSION_NUM >= 0x071301
+ curl_easy_setopt(result, CURLOPT_PROXYUSERNAME, proxy_auth.username);
+ curl_easy_setopt(result, CURLOPT_PROXYPASSWORD, proxy_auth.password);
+#else
+ struct strbuf userpwd = STRBUF_INIT;
+ strbuf_addf(&userpwd, "%s:%s", proxy_auth.username, proxy_auth.password);
+ curl_easy_setopt(result, CURLOPT_PROXYUSERPWD, strbuf_detach(&userpwd, NULL));
+#endif
+ }
+}
+
static CURL *get_curl_handle(const char *url)
{
CURL *result = curl_easy_init();
@@ -351,8 +366,19 @@ static CURL *get_curl_handle(const char *url)
}
if (curl_http_proxy) {
- curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
+ struct strbuf proxyhost = STRBUF_INIT;
+
+ if (!proxy_auth.host) /* check to parse only once */
+ credential_from_url(&proxy_auth, curl_http_proxy);
+
+ if (http_proactive_auth && proxy_auth.username && !proxy_auth.password)
+ /* proxy string has username but no password, ask for password */
+ credential_fill(&proxy_auth);
+
+ strbuf_addf(&proxyhost, "%s://%s", proxy_auth.protocol, proxy_auth.host);
+ curl_easy_setopt(result, CURLOPT_PROXY, strbuf_detach(&proxyhost, NULL));
curl_easy_setopt(result, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
+ set_proxy_auth(result);
}
return result;
--
1.7.7.6
next reply other threads:[~2012-05-03 15:42 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-03 16:39 Nelson Benitez Leon [this message]
2012-05-04 7:16 ` [PATCH 2/6] http: handle proxy proactive authentication Jeff King
2012-05-04 11:10 ` Nelson Benitez Leon
2012-05-04 10:51 ` Jeff King
2012-05-04 13:55 ` Nelson Benitez Leon
2012-05-04 13:55 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4FA2B4DA.60908@seap.minhap.es \
--to=nelsonjesus.benitez@seap.minhap.es \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).