Andrew's git / gitweb.git / diff
?
Merge branch 'dt/http-empty-auth'
authorJunio C Hamano <gitster@pobox.com>
Mon, 17 Oct 2016 20:25:18 +0000 (13:25 -0700)
committerJunio C Hamano <gitster@pobox.com>
Mon, 17 Oct 2016 20:25:18 +0000 (13:25 -0700)
http.emptyauth configuration is a way to allow an empty username to
pass when attempting to authenticate using mechanisms like
Kerberos. We took an unspecified (NULL) username and sent ":"
(i.e. no username, no password) to CURLOPT_USERPWD, but did not do
the same when the username is explicitly set to an empty string.

* dt/http-empty-auth:
http: http.emptyauth should allow empty (not just NULL) usernames

1  2 
http.c patch | diff1 | diff2 | blob | history
diff --combined http.c
index 0c65639881c6572c6fb9c6038580f9d915daef05,bd0dba23a037bfff48ea88b916c8f5a650c08176..4c4a812fcc39509e32fbcae3db21871b97a1a5eb
--- 1/http.c
--- 2/http.c
+++ b/http.c
@@@ -90,18 -90,6 +90,18 @@@ static struct 
         * here, too
         */
  };
 +#if LIBCURL_VERSION_NUM >= 0x071600
 +static const char *curl_deleg;
 +static struct {
 +      const char *name;
 +      long curl_deleg_param;
 +} curl_deleg_levels[] = {
 +      { "none", CURLGSSAPI_DELEGATION_NONE },
 +      { "policy", CURLGSSAPI_DELEGATION_POLICY_FLAG },
 +      { "always", CURLGSSAPI_DELEGATION_FLAG },
 +};
 +#endif
 +
  static struct credential proxy_auth = CREDENTIAL_INIT;
  static const char *curl_proxyuserpwd;
  static const char *curl_cookie_file;
@@@ -335,15 -323,6 +335,15 @@@ static int http_options(const char *var
                return 0;
        }
  
 +      if (!strcmp("http.delegation", var)) {
 +#if LIBCURL_VERSION_NUM >= 0x071600
 +              return git_config_string(&curl_deleg, var, value);
 +#else
 +              warning(_("Delegation control is not supported with cURL < 7.22.0"));
 +              return 0;
 +#endif
 +      }
 +
        if (!strcmp("http.pinnedpubkey", var)) {
  #if LIBCURL_VERSION_NUM >= 0x072c00
                return git_config_pathname(&ssl_pinnedkey, var, value);
@@@ -372,7 -351,7 +372,7 @@@
  
  static void init_curl_http_auth(CURL *result)
  {
-       if (!http_auth.username) {
+       if (!http_auth.username || !*http_auth.username) {
                if (curl_empty_auth)
                        curl_easy_setopt(result, CURLOPT_USERPWD, ":");
                return;
@@@ -650,22 -629,6 +650,22 @@@ static CURL *get_curl_handle(void
        curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
  #endif
  
 +#if LIBCURL_VERSION_NUM >= 0x071600
 +      if (curl_deleg) {
 +              int i;
 +              for (i = 0; i < ARRAY_SIZE(curl_deleg_levels); i++) {
 +                      if (!strcmp(curl_deleg, curl_deleg_levels[i].name)) {
 +                              curl_easy_setopt(result, CURLOPT_GSSAPI_DELEGATION,
 +                                              curl_deleg_levels[i].curl_deleg_param);
 +                              break;
 +                      }
 +              }
 +              if (i == ARRAY_SIZE(curl_deleg_levels))
 +                      warning("Unknown delegation method '%s': using default",
 +                              curl_deleg);
 +      }
 +#endif
 +
        if (http_proactive_auth)
                init_curl_http_auth(result);