Hello,
I've been trying to use git with a http/webdav repository with an
username containing a '@' character (foobar@host). The git FAQ [1]
suggests escaping the '@' character with percent encoding. However, the
username and password of the URI are not unescaped and the username
foobar%400host is sent to the web server.
$ #Launch a dummy web server
$ webfsd -4 -r ~/bidouilles/temp/empty/ -L- -F -bfoobar@host:secret
-p8000 -i 127.0.0.1 &
$ git clone http://foobar%40host:secret@xxxxxxxxx:8000/
Cloning into 8000...
fatal: Authentication failed
Compare with:
$ git clone http://127.0.0.1:8000/
Cloning into 8000...
Username: foobar@host
Password: secret
fatal: http://127.0.0.1:8000/info/refs not found: did you run git
update-server-info on the server?
[1]
https://git.wiki.kernel.org/index.php/GitFaq#My_username_contains_a_.27.40.27.2C_I_can.27t_clone_through_HTTP.2FHTTPS
diff --git a/http.c b/http.c
index 0a5011f..c4d18a9 100644
--- a/http.c
+++ b/http.c
@@ -297,7 +297,7 @@ static CURL *get_curl_handle(void)
static void http_auth_init(const char *url)
{
- char *at, *colon, *cp, *slash;
+ char *at, *colon, *cp, *slash, *temp;
int len;
cp = strstr(url, "://");
@@ -322,16 +322,25 @@ static void http_auth_init(const char *url)
user_name = xmalloc(len + 1);
memcpy(user_name, cp, len);
user_name[len] = '\0';
+ temp = url_decode(user_name);
+ free(user_name);
+ user_name = temp;
user_pass = NULL;
} else {
len = colon - cp;
user_name = xmalloc(len + 1);
memcpy(user_name, cp, len);
user_name[len] = '\0';
+ temp = url_decode(user_name);
+ free(user_name);
+ user_name = temp;
len = at - (colon + 1);
user_pass = xmalloc(len + 1);
memcpy(user_pass, colon + 1, len);
user_pass[len] = '\0';
+ temp = url_decode(user_pass);
+ free(user_pass);
+ user_pass = temp;
}
}
--
Gabriel
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html