[PATCH] Allow any HTTP authentication scheme, not only basic

[PATCH] Allow any HTTP authentication scheme, not only basic

[Martin Storsjo]

Signed-off-by: Martin Storsjo <martin@martin.st>
---
 http.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/http.c b/http.c
index 2fc55d6..7cb53e8 100644
--- a/http.c
+++ b/http.c
@@ -165,6 +165,7 @@ static CURL *get_curl_handle(void)
 #if LIBCURL_VERSION_NUM >= 0x070907
 	curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
 #endif
+	curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
 
 	init_curl_http_auth(result);
 
-- 
1.6.0.2

[PATCH] Allow any HTTP authentication scheme, not only basic

[Martin Storsjo]

Signed-off-by: Martin Storsjo <martin@martin.st>
---
Updated patch, enable only on libcurl versions new enough

 http.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/http.c b/http.c
index 2fc55d6..eae74aa 100644
--- a/http.c
+++ b/http.c
@@ -165,6 +165,9 @@ static CURL *get_curl_handle(void)
 #if LIBCURL_VERSION_NUM >= 0x070907
 	curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
 #endif
+#if LIBCURL_VERSION_NUM >= 0x070a06
+	curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
+#endif
 
 	init_curl_http_auth(result);
 
-- 
1.6.0.2

Re: [PATCH] Allow any HTTP authentication scheme, not only basic

[Johannes Schindelin]

Hi,

On Tue, 31 Mar 2009, Martin Storsjo wrote:

> Updated patch, enable only on libcurl versions new enough

Heh, you beat me to looking up from which version onward curl supports 
this...

Thanks!
Dscho

Re: [PATCH] Allow any HTTP authentication scheme, not only basic

[Martin Storsjö]

Hi,

My patch doesn't seem to come completely without troubles, though.

I still find this a potentially valuable scenario; e.g. for a public repo 
with push access only over HTTP, but using secure digest authentication 
instead of sending the credentials in plaintext.

One downside is that it causes a lot more HTTP requests, since libcurl 
initially tries without any authentication for (almost?) every request, 
doubling the number of requests made.


Fetching works just fine, but pushing may fail on auth problems in some 
cases where it wouldn't fail otherwise, if only basic authentication was 
used and libcurl automatically used that without probing what 
authentication scheme the server uses.

Things generally seem to work fine with Apache, but with Lighttpd, 
retrying with proper credentials may fail due to CURLE_SEND_FAIL_REWIND /* 
65 - Sending the data requires a rewind that failed */. This issue can be 
fixed by another patch (that I'll send soon).

Even after fixing that, there still seems to be some issues on some older 
curl versions; in particular, 7.16.3, shipped in OS X Leopard, returns 
error code CURLE_HTTP_RETURNED_ERROR instead of retrying properly with 
authentication.

// Martin