Re: [RFC] Deal with HTTP 401 by requesting credentials.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/01/2012 03:35 AM, Jeff King wrote:
> On Thu, May 31, 2012 at 05:24:55PM -0500, Kevin Stange wrote:
> 
>> Request credentials from the user if none are already defined when a
>> HTTP 401 is received on a restricted repository.  Then, resubmit the
>> request and return the final result.
>>
>> This allows all webdav transactions to obtain credentials without having
>> to individually handle the case in each request.  Having push working
>> with HTTP auth is needed for a use case I have where storing the
>> credentials in .netrc or using SSH keys is inappropriate.
> 
> We already do this at a higher level in http_request, which in turns
> calls into finish_active_slot. So if we were going to go this route,
> wouldn't we also want to remove the 401 handling in http_request?

I did see the work being done there, and considered removing it.  In fact, I
used it as a reference for working out what was going on in the authentication
process.  I decided not to do anything there until soliciting feedback and
deciding whether my approach was reasonable.

> The dumb-http push code is the only thing that does not go through
> http_request these days. So another option would be to refactor it to go
> through that central point. I took a brief look at this when I was
> updating the credential code a few months ago, but didn't consider it a
> priority, as most people should be using smart http these days. Is there
> a reason you can't use smart-http? It's significantly more efficient.

Smart HTTP didn't come up in any of my Google searches.  With that as an
option, I might just drop this work now.  I'd rather see incomplete methods
that aren't recommended go away than further facilitate their use, personally.

> You also don't necessarily need to handle 401 in every code path of
> http-push; once we see the credential once, we will use it everywhere,
> so you really only need to handle it on the initial request (assuming
> that all requests will have the same authorization requirements).

I made the change where I did because I wasn't sure if the push code was
avoiding using http_request intentionally, and wasn't sure whether new code
would be written that avoid it as well.

If that's not the case, then I gather http-push would be better rewritten to
just use http_request, if anything.

>> Apologies for anything wrong I might have done here.  I'm not used to
>> procedures for this sort of patch submission, or terribly familiar with
>> the code base.  I'm seeking advice on whether this approach is sane or
>> completely crazy, and I'm willing to adjust it to make it suitable for
>> inclusion.
>>
>> Signed-off-by: Kevin <kevin@xxxxxxxxxxxxx>
>> ---
> 
> Cover letter material (i.e., anything that would not go into the commit
> message of the final commit) should go below the "---".

Thanks, will remember this for future reference.

> Is it safe to just run start_active_slot again without reinitializing
> the request? The 401-handling code in http_request actually restarts a
> new request. I don't immediately see any state that would need to be
> reset; we might have written some data to the output file if curl gave
> us any body data, but presumably it would not have done so for a 401.

In my tests, this particular code flow never returns anything to the original
request call because I interrupt it and start the request over.  Now that I
look at it again, there's a chance it leaks the curl response, but it doesn't
return that response and the new request works fine, replacing the original.

> In the "else" clause you add, I don't think there's any point in
> printing an error. The 401 should get propagated back to the caller, who
> will produce an error. However, you _should_ call credential_reject,
> since you know that the credential you have doesn't work.
> 
> Similarly, you would want to call credential_accept after a successful
> request, so that helpers can store it.

If I decide to continue working on this, I will keep these in mind.  I'm
pretty sure that if I can get smart HTTP working, there's no reason to even
bother with this from my perspective, unless you think there's substantial
value in it.

Thanks for the detailed feedback on the proposed change and suggestions on
alternative options.

-- 
Kevin Stange
Chief Technology Officer
Steadfast Networks
http://steadfast.net
Phone: 312-602-2689 ext. 203 | Fax: 312-602-2688 | Cell: 312-320-5867

Attachment: signature.asc
Description: OpenPGP digital signature


[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]