Re: [PATCH v3] remote-curl: fall back to Basic auth if Negotiate fails

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> On Mar 10, 2015, at 6:29 PM, brian m. carlson <sandals@xxxxxxxxxxxxxxxxxxxx> wrote:
> 
> On Tue, Mar 10, 2015 at 06:05:46PM +0000, Dan Langille (dalangil) wrote:
>>> We have made progress I think.
>>> 
>>> With stock git:
>>> 
>>> tl;dr: 1 - with a ticket, you get prompted, but hitting ENTER succeeds.
>>>      2 - without a ticket, nothing works
>>> 
>>> 
>>> With patched git:
>>> 
>>> tl;dr: 1 - with a ticket,    entering credentials, SUCCEEDS; just hit enter, failure
>> 
>> If I have a valid ticket, why am I being prompted for credentials?
> 
> libcurl won't even attempt authentication if you don't have a username
> specified.  I know that the web server should be able to figure it out
> from your credentials, so it shouldn't matter what username you provide.
> This is an unfortuate quirk of lib curl.

I understand.

> Also, are you using 2.3.0, or one of the earlier patched versions?  That
> might affect how it works.

I am using git-2.3.0

>> It appears patched git always wants credentials entered and ignores the
>> valid ticket.
> 
> So what I think is happening is that you didn't specify a username, but
> git got a 401, so it prompted.  Now it actually attempts to use the
> password you provided, whereas before it did not.
> 
> Does it work with a ticket if you specify a username, as in the
> following URL?
> https://bmc@xxxxxxxxxxxxxxxxxxxxxxxx/git/bmc/homedir.git

Yes, that does work.  Our project is 98% of the way there now. 

I looked at both libcurl and git environment variables to see if there
was a way to specify the user without putting it in the URL.  I didn’t see one.

My next step is the git configuration, either server or client.  Do you know 
if I should stop looking now because it’s not there?

Thank you for your help in getting us this far.  This helps us tremendously.

— 
Dan Langille
Infrastructure & Operations
Talos Group
Sourcefire, Inc.
��.n��������+%������w��{.n��������n�r������&��z�ޗ�zf���h���~����������_��+v���)ߣ�
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]