http-push: enable "proactive auth"

Before commit 986bbc08, git was proactive about asking for
http passwords. It assumed that if you had a username in
your URL, you would also want a password, and asked for it
before making any http requests.

However, this could interfere with the use of .netrc (see
986bbc08 for details). And it was also unnecessary, since
the http fetching code had learned to recognize an HTTP 401
and prompt the user then. Furthermore, the proactive prompt
could interfere with the usage of .netrc (see 986bbc08 for
details).

Unfortunately, the http push-over-DAV code never learned to
recognize HTTP 401, and so was broken by this change. This
patch does a quick fix of re-enabling the "proactive auth"
strategy only for http-push, leaving the dumb http fetch and
smart-http as-is.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/http-fetch.c b/http-fetch.c
index 69299b7bd2a956266bf581df9c23589a97fca805..94d47cbb287f7d3ea76b71f3ef39ddeea3b9202c 100644 (file)
--- a/http-fetch.c
+++ b/http-fetch.c
@@ -67,7 +67,7 @@ int main(int argc, const char **argv)
 
        git_config(git_default_config, NULL);
 
-       http_init(NULL, url);
+       http_init(NULL, url, 0);
        walker = get_http_walker(url);
        walker->get_tree = get_tree;
        walker->get_history = get_history;

diff --git a/http-push.c b/http-push.c
index edd553b7f69ed92fde301966e605e7562703718a..cdfdd4f79199261b2a62012381728d676484e424 100644 (file)
--- a/http-push.c
+++ b/http-push.c
@@ -1820,7 +1820,7 @@ int main(int argc, char **argv)
 
        memset(remote_dir_exists, -1, 256);
 
-       http_init(NULL, repo->url);
+       http_init(NULL, repo->url, 1);
 
 #ifdef USE_CURL_MULTI
        is_running_queue = 0;

diff --git a/http.c b/http.c
index e6c75976e8886321732ef2b0b686b08e04a0c200..7e454f7787b8b9ca3b023be7e5c37cbf7367fc20 100644 (file)
--- a/http.c
+++ b/http.c
@@ -43,6 +43,7 @@ static int curl_ftp_no_epsv;
 static const char *curl_http_proxy;
 static const char *curl_cookie_file;
 static char *user_name, *user_pass, *description;
+static int http_proactive_auth;
 static const char *user_agent;
 
 #if LIBCURL_VERSION_NUM >= 0x071700
@@ -279,6 +280,9 @@ static CURL *get_curl_handle(void)
        curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
 #endif
 
+       if (http_proactive_auth)
+               init_curl_http_auth(result);
+
        if (ssl_cert != NULL)
                curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
        if (has_cert_password())
@@ -367,7 +371,7 @@ static void set_from_env(const char **var, const char *envname)
                *var = val;
 }
 
-void http_init(struct remote *remote, const char *url)
+void http_init(struct remote *remote, const char *url, int proactive_auth)
 {
        char *low_speed_limit;
        char *low_speed_time;
@@ -378,6 +382,8 @@ void http_init(struct remote *remote, const char *url)
 
        curl_global_init(CURL_GLOBAL_ALL);
 
+       http_proactive_auth = proactive_auth;
+
        if (remote && remote->http_proxy)
                curl_http_proxy = xstrdup(remote->http_proxy);
 

diff --git a/http.h b/http.h
index 3c332a98e9358a296b937453351018ac1042120e..51f6ba73bafca0c1939b3e74e39bf15308d03f7a 100644 (file)
--- a/http.h
+++ b/http.h
@@ -86,7 +86,8 @@ extern void add_fill_function(void *data, int (*fill)(void *));
 extern void step_active_slots(void);
 #endif
 
-extern void http_init(struct remote *remote, const char *url);
+extern void http_init(struct remote *remote, const char *url,
+                     int proactive_auth);
 extern void http_cleanup(void);
 
 extern int data_received;

diff --git a/remote-curl.c b/remote-curl.c
index 0e720ee8bbf4cbc6a50336a1f1c93bfc63842fe3..0757b19a805ff129c19069d677cb5e5bd683a0fc 100644 (file)
--- a/remote-curl.c
+++ b/remote-curl.c
@@ -859,7 +859,7 @@ int main(int argc, const char **argv)
 
        url = strbuf_detach(&buf, NULL);
 
-       http_init(remote, url);
+       http_init(remote, url, 0);
 
        do {
                if (strbuf_getline(&buf, stdin, '\n') == EOF) {

diff --git a/t/t5540-http-push.sh b/t/t5540-http-push.sh
index 3300227796e37b403fd687abec1c59b8a8629f3b..1eea64765608dc4a2e4b19eec4155890306e5d59 100755 (executable)
--- a/t/t5540-http-push.sh
+++ b/t/t5540-http-push.sh
@@ -160,7 +160,7 @@ test_expect_success 'PUT and MOVE sends object to URLs with SHA-1 hash suffix' '
 test_http_push_nonff "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo.git \
        "$ROOT_PATH"/test_repo_clone master
 
-test_expect_failure 'push to password-protected repository (user in URL)' '
+test_expect_success 'push to password-protected repository (user in URL)' '
        test_commit pw-user &&
        git push "$HTTPD_URL_USER/auth/dumb/test_repo.git" HEAD &&
        git rev-parse --verify HEAD >expect &&