From: Junio C Hamano <gitster@pobox.com>
To: Simon.Richter@hogyros.de
Cc: git@vger.kernel.org
Subject: Re: [PATCH 2/3] Add config option/env var to limit HTTP auth methods
Date: Fri, 13 May 2022 13:26:09 -0700 [thread overview]
Message-ID: <xmqqzgjl89i6.fsf@gitster.g> (raw)
In-Reply-To: <20220513070416.37235-3-Simon.Richter@hogyros.de> (Simon Richter's message of "Fri, 13 May 2022 09:04:15 +0200")
Simon.Richter@hogyros.de writes:
> +http.authMethod::
> + Set the method with which to authenticate to the HTTP server, if
> + required. This can be overridden on a per-remote basis; see
> + `remote.<name>.authMethod`. Both can be overridden by the
> + `GIT_HTTP_AUTHMETHOD` environment variable. Possible values are:
> ++
> +--
> +* `anyauth` - Automatically pick a suitable authentication method. It is
> + assumed that the server answers an unauthenticated request with a 401
> + status code and one or more WWW-Authenticate headers with supported
> + authentication methods. This is the default.
> +* `basic` - HTTP Basic authentication
> +* `digest` - HTTP Digest authentication; this prevents the password from being
> + transmitted to the server in clear text
> +* `negotiate` - GSS-Negotiate authentication (compare the --negotiate option
> + of `curl(1)`)
> +* `ntlm` - NTLM authentication (compare the --ntlm option of `curl(1)`)
> +--
The above makes sense.
Configuring this variable per URL, just like all other variables in
"http.*" namespace, we should be able to use the "http.<url>.*"
mechanism that the users are already familiar with.
> diff --git a/Documentation/config/remote.txt b/Documentation/config/remote.txt
> index 0678b4bcfe..0f87234427 100644
> --- a/Documentation/config/remote.txt
> +++ b/Documentation/config/remote.txt
> @@ -10,6 +10,10 @@ remote.<name>.url::
> remote.<name>.pushurl::
> The push URL of a remote repository. See linkgit:git-push[1].
>
> +remote.<name>.authMethod::
> + For http and https remotes, the method to use for
> + authenticating against the server. See `http.authMethod`.
IOW, this looks out of place.
next prev parent reply other threads:[~2022-05-13 20:26 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-13 7:04 [PATCH 0/3] Allow configuration of HTTP authentication method Simon.Richter
2022-05-13 7:04 ` [PATCH 1/3] Rename proxy_authmethods -> authmethods Simon.Richter
2022-05-13 19:50 ` Junio C Hamano
2022-05-13 7:04 ` [PATCH 2/3] Add config option/env var to limit HTTP auth methods Simon.Richter
2022-05-13 20:26 ` Junio C Hamano [this message]
2022-05-13 7:04 ` [RFC PATCH 3/3] Allow empty user name in HTTP authentication Simon.Richter
2022-05-13 23:51 ` brian m. carlson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqzgjl89i6.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=Simon.Richter@hogyros.de \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).