> -----Original Message----- > From: Jeff King [mailto:peff@xxxxxxxx] > Sent: Monday, October 03, 2016 5:59 PM > To: David Turner > Cc: git@xxxxxxxxxxxxxxx; sandals@xxxxxxxxxxxxxxxxxxxx > Subject: Re: [PATCH] http: http.emptyauth should allow empty (not just > NULL) usernames > > On Mon, Oct 03, 2016 at 09:54:19PM +0000, David Turner wrote: > > > > I dunno. The code path you are changing _only_ affects anything if > > > the http.emptyauth config is set. But I guess I just don't > > > understand why you would say "http://@gitserver"; in the first place. > Is that a common thing? > > > > I have no idea if it is common. I know that we do it. > > I guess my question is: _why_ do you do it? Or more specifically, does > http://gitserver.example.com"; with http.emptyauth not work, and why? > > From your response, I _think_ the answer is "no, it doesn't, and I have no > clue why". That was true historically. I just tried our old version of git 2.8 (that is, before this patch, and before the libcurl upgrade), and http://gitserver.example.com *does* seem to work with http.emptyauth (and does not work without). However, http://@gitserver.example.com does *not* work with http.emptyauth, and *does* work without. After the libcurl upgrade, but before this patch, http://@gitserver.example.com does *not* work with http.emptyauth, while http://gitserver.example.com does. And finally, after the upgrade and with this patch, both urls work. > So I dunno. It is annoying not to know what is actually going on, but I'm > OK with it if we don't think there's a high chance of regressing any other > workflows (which I guess not, because http.emptyauth seems to be a > Kerberos-specific hack in the first place). Yes, I think this is all Kerberos-only.