From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mike Hommey Subject: Re: FW: git via http protocol _and_ a proxy using NTLM authentication -- git 1.5.4.2 & curl 7.18.0 Date: Wed, 27 Feb 2008 08:20:12 +0100 Organization: glandium.org Message-ID: <20080227072012.GA23423@glandium.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: git@vger.kernel.org To: Ken.Fuchs@bench.com X-From: git-owner@vger.kernel.org Wed Feb 27 08:17:57 2008 Return-path: Envelope-to: gcvg-git-2@gmane.org Received: from vger.kernel.org ([209.132.176.167]) by lo.gmane.org with esmtp (Exim 4.50) id 1JUGY4-0007ur-QS for gcvg-git-2@gmane.org; Wed, 27 Feb 2008 08:17:53 +0100 Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754652AbYB0HRP (ORCPT ); Wed, 27 Feb 2008 02:17:15 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1753632AbYB0HRP (ORCPT ); Wed, 27 Feb 2008 02:17:15 -0500 Received: from vuizook.err.no ([85.19.215.103]:43635 "EHLO vuizook.err.no" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751841AbYB0HRO (ORCPT ); Wed, 27 Feb 2008 02:17:14 -0500 Received: from cha92-13-88-165-248-19.fbx.proxad.net ([88.165.248.19] helo=jigen) by vuizook.err.no with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.67) (envelope-from ) id 1JUGXK-0006VT-5w; Wed, 27 Feb 2008 08:17:12 +0100 Received: from mh by jigen with local (Exim 4.69) (envelope-from ) id 1JUGaK-00071o-Aq; Wed, 27 Feb 2008 08:20:12 +0100 Content-Disposition: inline In-Reply-To: X-GPG-Fingerprint: A479 A824 265C B2A5 FC54 8D1E DE4B DA2C 54FD 2A58 User-Agent: Mutt/1.5.17+20080114 (2008-01-14) X-Spam-Status: (score 0.1): No, score=0.1 required=5.0 tests=RDNS_DYNAMIC autolearn=disabled version=3.2.3 Sender: git-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org Archived-At: On Tue, Feb 26, 2008 at 05:46:21PM -0600, Ken.Fuchs@bench.com wrote: > > Well, the CURLOPT_PROXY is set in transport.c as well which > > your patch didn't address. > > Thanks, I just did a similar patch to transport.c: > > $ diff -u ../git-1.5.4.2/transport.c.orig \ > ../git-1.5.4.2/transport.c > @@ -456,7 +456,8 @@ > if (transport->remote->http_proxy) > curl_easy_setopt(slot->curl, CURLOPT_PROXY, > transport->remote->http_proxy); > - > + curl_easy_setopt(slot->curl, CURLOPT_PROXYAUTH, > (long)CURLAUTH_NTLM); > + curl_easy_setopt(slot->curl, CURLOPT_PROXYUSERPWD, > ":"); > if (start_active_slot(slot)) { > run_active_slot(slot); > if (results.curl_result != CURLE_OK) { > $ Starting with curl 7.14.1, you're supposed to be able to use the http://user:pass@proxy/ syntax, though I'm not sure it deals well with NTLM domains. You can probably leave CURLOPT_PROXYUSERPWD out if you set your proxy url correctly. As for CURLOPT_PROXYAUTH, it would be better to set it from another config. Note that remote..proxy config doesn't work as expected, you should use http.proxy which just work (and the change in transport.c is useless, then). I have, as part of by http-refactoring topic, a patch for remote..proxy to work better, though it doesn't support changing the proxy authentication method. > > If that's the case, I figure the verbose output > > should've shown some auth failures with the proxy? > > No, actually the last 2 lines of debug output (unchanged) is: > > * Connection #0 to host left intact > fatal: Couldn't find remote ref HEAD > > So, the proxy communication via NTLM authentication seems to be working. > The patch to transport.c did not change anything as far as I can see. > > The fatal error is from remote.c. Perhaps, it also requires some > changes. Does your remote have a HEAD ref ? Mike