Nelson Benitez Leon <nelsonjesus.benitez@xxxxxxxxxxxxxx> writes:
> If http_proactive_auth flag is set and there is a username
> but no password in the proxy url, then interactively ask for
> the password.
>
> This makes possible to not have the password written down in
> http_proxy env var or in http.proxy config option.
>
> Also take care that CURLOPT_PROXY don't include username or
> password, as we now set them in the new set_proxy_auth() function
> where we use their specific cURL options.
>
> Signed-off-by: Nelson Benitez Leon <nbenitezl@xxxxxxxxx>
> ---
> http.c | 27 ++++++++++++++++++++++++++-
> 1 files changed, 26 insertions(+), 1 deletions(-)
Just a minor style nit first so that we do not have to go ping-pong
on the trivialities.
> @@ -303,8 +318,18 @@ static CURL *get_curl_handle(void)
> }
> }
> if (curl_http_proxy) {
> - curl_easy_setopt(result, CURLOPT_PROXY, curl_http_proxy);
> + if (!proxy_auth.host) { // check to parse only once
No C99 // comments.
> + credential_from_url(&proxy_auth, curl_http_proxy);
> + }
> + if (http_proactive_auth && proxy_auth.username && !proxy_auth.password) {
> + /* proxy string has username but no password, ask for password */
> + credential_fill(&proxy_auth);
> + }
No {} around single statement block (this comment applies also to
the previous "if (!proxy_auth.host)").
> + char proxyhost[100];
No decl-after-statement.
> + snprintf(proxyhost, 100, "%s://%s", proxy_auth.protocol, proxy_auth.host);
Wouldn't it be far more pleasant if you used strbuf_addf() for
things like this? That way you do not have to wonder if a 100-byte
buffer is too small.
> + curl_easy_setopt(result, CURLOPT_PROXY, proxyhost);
> curl_easy_setopt(result, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
> + set_proxy_auth(result);
> }
>
> return result;
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html