git@vger.kernel.org list mirror (unofficial, one of many)
 help / color / mirror / code / Atom feed
From: Junio C Hamano <gitster@pobox.com>
To: Simon.Richter@hogyros.de
Cc: git@vger.kernel.org
Subject: Re: [PATCH 2/3] Add config option/env var to limit HTTP auth methods
Date: Fri, 13 May 2022 13:26:09 -0700	[thread overview]
Message-ID: <xmqqzgjl89i6.fsf@gitster.g> (raw)
In-Reply-To: <20220513070416.37235-3-Simon.Richter@hogyros.de> (Simon Richter's message of "Fri, 13 May 2022 09:04:15 +0200")

Simon.Richter@hogyros.de writes:

> +http.authMethod::
> +	Set the method with which to authenticate to the HTTP server, if
> +	required. This can be overridden on a per-remote basis; see
> +	`remote.<name>.authMethod`. Both can be overridden by the
> +	`GIT_HTTP_AUTHMETHOD` environment variable.  Possible values are:
> ++
> +--
> +* `anyauth` - Automatically pick a suitable authentication method. It is
> +  assumed that the server answers an unauthenticated request with a 401
> +  status code and one or more WWW-Authenticate headers with supported
> +  authentication methods. This is the default.
> +* `basic` - HTTP Basic authentication
> +* `digest` - HTTP Digest authentication; this prevents the password from being
> +  transmitted to the server in clear text
> +* `negotiate` - GSS-Negotiate authentication (compare the --negotiate option
> +  of `curl(1)`)
> +* `ntlm` - NTLM authentication (compare the --ntlm option of `curl(1)`)
> +--

The above makes sense.

Configuring this variable per URL, just like all other variables in
"http.*" namespace, we should be able to use the "http.<url>.*"
mechanism that the users are already familiar with.

> diff --git a/Documentation/config/remote.txt b/Documentation/config/remote.txt
> index 0678b4bcfe..0f87234427 100644
> --- a/Documentation/config/remote.txt
> +++ b/Documentation/config/remote.txt
> @@ -10,6 +10,10 @@ remote.<name>.url::
>  remote.<name>.pushurl::
>  	The push URL of a remote repository.  See linkgit:git-push[1].
>  
> +remote.<name>.authMethod::
> +	For http and https remotes, the method to use for
> +	authenticating against the server. See `http.authMethod`.

IOW, this looks out of place.

  reply	other threads:[~2022-05-13 20:26 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-05-13  7:04 [PATCH 0/3] Allow configuration of HTTP authentication method Simon.Richter
2022-05-13  7:04 ` [PATCH 1/3] Rename proxy_authmethods -> authmethods Simon.Richter
2022-05-13 19:50   ` Junio C Hamano
2022-05-13  7:04 ` [PATCH 2/3] Add config option/env var to limit HTTP auth methods Simon.Richter
2022-05-13 20:26   ` Junio C Hamano [this message]
2022-05-13  7:04 ` [RFC PATCH 3/3] Allow empty user name in HTTP authentication Simon.Richter
2022-05-13 23:51   ` brian m. carlson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: http://vger.kernel.org/majordomo-info.html

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=xmqqzgjl89i6.fsf@gitster.g \
    --to=gitster@pobox.com \
    --cc=Simon.Richter@hogyros.de \
    --cc=git@vger.kernel.org \
    --subject='Re: [PATCH 2/3] Add config option/env var to limit HTTP auth methods' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Code repositories for project(s) associated with this inbox:

	https://80x24.org/mirrors/git.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).