From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: Johannes Schindelin <Johannes.Schindelin@gmx.de>,
David Turner <David.Turner@twosigma.com>,
"git\@vger.kernel.org" <git@vger.kernel.org>,
"sandals\@crustytoothpaste.net" <sandals@crustytoothpaste.net>,
Eric Sunshine <sunshine@sunshineco.com>
Subject: Re: [PATCH] http(s): automatically try NTLM authentication first
Date: Thu, 23 Feb 2017 12:37:25 -0800 [thread overview]
Message-ID: <xmqqlgsw7iey.fsf@gitster.mtv.corp.google.com> (raw)
In-Reply-To: <20170223194237.eckkpiqv7inuz7un@sigill.intra.peff.net> (Jeff King's message of "Thu, 23 Feb 2017 14:42:37 -0500")
Jeff King <peff@peff.net> writes:
> I suspect it isn't enough to help without 2/2. This will tell curl that
> the server does not do Negotiate, so it will skip the probe request. But
> Git will still feed curl the bogus empty credential.
>
> That's what 2/2 tries to fix: only kick in the emptyAuth hack when there
> is something besides Basic[1] to try. The way it is written adds an
In your [1] you wanted to mention that Digest would have the same
property as Basic, or something like that?
> extra "auto" mode to emptyAuth, as I wanted to leave "emptyauth=true" as
> a workaround in case the "auto" behavior does not work. And then I
> turned on "auto" by default, since that was what the discussion was
> shooting for.
>
> But if we are worried about turning on emptyAuth everywhere, the auto
> behavior could be tied to emptyauth=true (and have something like
> "emptyauth=always" to _really_ force it). I don't have an opinion there.
I do not have a strong opinion, either, but it sounds like that even
the "disable emptyAuth hack if the server is Basic only" variant
would be much better than setting emptyAuth on by default. At least
the user whose issue was reported in Dscho's message would be fixed
by such a variant, I would think (i.e. talking to a server with no
Negotiate and emptyAuth set to true results in no attempt to give
the user a chance to tell who s/he is --- your 2/2 will turn
emptyAuth off in that case).
next prev parent reply other threads:[~2017-02-23 20:37 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-22 17:39 [PATCH] http(s): automatically try NTLM authentication first David Turner
2017-02-22 20:19 ` Junio C Hamano
2017-02-22 21:04 ` David Turner
2017-02-22 21:16 ` Junio C Hamano
2017-02-22 21:34 ` Jeff King
2017-02-23 17:08 ` Johannes Schindelin
2017-02-23 19:06 ` Junio C Hamano
2017-02-23 19:42 ` Jeff King
2017-02-23 20:37 ` Junio C Hamano [this message]
2017-02-23 20:48 ` Jeff King
2017-02-25 11:51 ` Johannes Schindelin
2017-02-22 23:34 ` brian m. carlson
2017-02-22 23:42 ` Jeff King
2017-02-23 2:15 ` Junio C Hamano
2017-02-23 19:11 ` Junio C Hamano
2017-02-23 19:35 ` Jeff King
2017-02-23 1:03 ` David Turner
2017-02-23 4:19 ` brian m. carlson
2017-02-23 9:13 ` Mantas Mikulėnas
2017-02-22 21:06 ` Jeff King
2017-02-22 21:25 ` Junio C Hamano
2017-02-22 21:35 ` Jeff King
2017-02-22 21:57 ` Junio C Hamano
2017-02-22 21:58 ` Jeff King
2017-02-22 22:35 ` Junio C Hamano
2017-02-22 23:33 ` Jeff King
2017-02-22 23:34 ` [PATCH 1/2] http: restrict auth methods to what the server advertises Jeff King
2017-02-22 23:40 ` [PATCH 2/2] http: add an "auto" mode for http.emptyauth Jeff King
2017-02-23 1:16 ` David Turner
2017-02-23 1:37 ` Jeff King
2017-02-23 16:31 ` David Turner
2017-02-23 19:44 ` Jeff King
2017-02-23 20:05 ` David Turner
2017-02-25 11:48 ` Johannes Schindelin
2017-02-25 19:15 ` Jeff King
2017-02-25 19:18 ` [PATCH] " Jeff King
2017-02-27 18:35 ` Junio C Hamano
2017-02-28 10:18 ` Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqlgsw7iey.fsf@gitster.mtv.corp.google.com \
--to=gitster@pobox.com \
--cc=David.Turner@twosigma.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
--cc=sandals@crustytoothpaste.net \
--cc=sunshine@sunshineco.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).