Re: GSS-Negotiate authentication requires that all data fit into postbuffer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Oct 06, 2013 at 05:50:00PM +0000, brian m. carlson wrote:

> On Sun, Oct 06, 2013 at 05:38:24PM +0200, Daniel Stenberg wrote:
> > On Sun, 6 Oct 2013, brian m. carlson wrote:
> > 
> > >If there's a way to make Apache with mod_auth_kerb do that with
> > >curl, then it doesn't require a change to git, and I'm happy to
> > >make it on my end. But using the curl command line client, I don't
> > >see an Expect: 100-continue anywhere during the connection using
> > >Debian's curl 7.32.0-1.  Do I need to send a certain amount of
> > >data to see that behavior?
> > 
> > Correct, curl will enable "Expect: 100-continue" if the post size is
> > > 1024 bytes.
> 
> I've been able to reproduce this behavior with the curl command line
> client, but it looks like we disable Expect: 100-continue in git since
> some proxy servers are too stupid to understand it, according to commit
> 959dfcf.

Yeah, instead we try to make two separate requests, and assume that the
first one clears the path for any further requests. Of course that
doesn't work for auth methods that actually negotiate for each request.

We should probably make the "Expect" suppression optional for people who
know they have working systems. It would be nice to trigger it
automatically when people are using something like GSS, but that
decision happens at the curl layer.

-Peff
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]