]> rtime.felk.cvut.cz Git - git.git/commit
projects / git.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7ba4626) | patch
remote-curl: fall back to Basic auth if Negotiate fails
authorbrian m. carlson <sandals@crustytoothpaste.net>
Thu, 8 Jan 2015 00:29:20 +0000 (00:29 +0000)
committerJunio C Hamano <gitster@pobox.com>
Thu, 8 Jan 2015 03:48:19 +0000 (19:48 -0800)
commit4dbe66464b4fd695c5989cc272fa0edd6475037c
treea13458252b8ca2b9f40ceccd9f57eed2c2465c41tree | snapshot
parent7ba46269a04de20032bd2dd614be6290cd65caabcommit | diff
remote-curl: fall back to Basic auth if Negotiate fails

Apache servers using mod_auth_kerb can be configured to allow the user
to authenticate either using Negotiate (using the Kerberos ticket) or
Basic authentication (using the Kerberos password).  Often, one will
want to use Negotiate authentication if it is available, but fall back
to Basic authentication if the ticket is missing or expired.

However, libcurl will try very hard to use something other than Basic
auth, even over HTTPS.  If Basic and something else are offered, libcurl
will never attempt to use Basic, even if the other option fails.
Teach the HTTP client code to stop trying authentication mechanisms that
don't use a password (currently Negotiate) after the first failure,
since if they failed the first time, they will never succeed.

Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
http.c diff | blob | history
Git mirror and local development