On Fri, 27 Nov 2009, Tay Ray Chuan wrote: > This patch series applies on top of master. It enables fetching and > pushing over http with the most suitable authentication scheme chosen > by curl when the http.authAny or GIT_HTTP_AUTH_ANY is set. I also tested this, and things generally seem to work fine. Thanks to the "maintain curl sessions" patch, only the first request needs to be redone after getting the 401 error containing the authentication challenge, the later ones work fine on the first try. However, theoretically, I guess we can't be certain that the curl session really is initialized for the later requests (we could be given a new fresh curl session for some reason), or the first request could perhaps be a large, (currently) non-rewindable POST. Avoiding redoing large POST requests is generally accomplished by adding a Expect: 100-continue header, and then waiting for a reply (either 100 continue or 401 unauthorized) to that header before actually sending the POST body data. If the server doesn't support the Expect header (e.g. Lighttpd doesn't support it), the client starts sending the POST body after a timeout (1 second in libcurl). (As a side note, chunked POST requests without a content-length header isn't supported by lighttpd at all at the moment, neither in the stable 1.4 version nor in the new upcoming 1.5 branch.) Normally, libcurl should add the Expect: 100-continue header automatically, but for some reason (http://article.gmane.org/gmane.comp.web.curl.library/25992) it doesn't, so that's probably why we're manually adding that header in remote-curl.c:371 at the moment. libcurl doesn't detect this at the moment (http://article.gmane.org/gmane.comp.web.curl.library/25991) so it won't wait for the 100 continue response before starting to send the body data. So, with a server supporting Expect, the 401 error response may come after sending a few KB of POST data (corresponding to the roundtrip delay for the server to respond to the header) - if the server doesn't support Expect at all, the whole request will be sent and may need to be rewound. To clarify - this only happens if the curl authentication isn't initialized yet, for the first request of every curl session. The "maintain curl sessions" patch makes sure this isn't needed in the normal case. I've experimented with two solutions to this, which add partial and full rewind solutions to the chunked POST requests - I'll send them as follow-ups to this mail. // Martin -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html