Hello, As I need to access some of my git repositories behind a corporate company firewall, I use the http access method. And, as I don't want my passwords to be sent in clear text over the network, I have configured my web server to use « Digest » authentication instead of the old « Basic » authentication. This authentication method is now well handled by modern software. Unfortunately, current git version only handles « Basic » authentication. When attempting to access my repository, I get the following error message: error: The requested URL returned error: 401 while accessing http://XXX@xxxxxx/test.git/info/refs The web server, on its side, has refused the transaction because of the wrong authentication method used: Digest: client used wrong authentication scheme `Basic': /test.git/info/refs The attached patch makes git configure libcurl to negotiate the most suitable HTTP authentication method. Thanks to that patch, I manage to clone and fetch my git repository hosted on my web server requesting an authentication through the « Digest » method. Lénaïc.
From 2acab3ae894c3ea835279a864e654e1c5e956e80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?L=C3=A9na=C3=AFc=20Huard?= <lenaic@xxxxxxxxxxxxxxxx> Date: Mon, 28 Dec 2009 10:52:35 +0100 Subject: [PATCH] Allow git to use any HTTP authentication method. By default, libcurl performs "Basic" HTTP authentication. This method transmits passwords in clear text. libcurl needs some settings in order to use a safest HTTP authentication method like "Digest" for example. --- http.c | 4 ++++ 1 files changed, 4 insertions(+), 0 deletions(-) diff --git a/http.c b/http.c index ed6414a..2d9df76 100644 --- a/http.c +++ b/http.c @@ -233,6 +233,10 @@ static CURL *get_curl_handle(void) init_curl_http_auth(result); +#if LIBCURL_VERSION_NUM >= 0x070a06 + curl_easy_setopt(result, CURLOPT_HTTPAUTH, CURLAUTH_ANY); +#endif + if (ssl_cert != NULL) curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert); if (has_cert_password()) -- 1.6.5.7