> -----Original Message----- > From: Jeff King [mailto:peff@xxxxxxxx] > Sent: Wednesday, February 22, 2017 8:38 PM > To: David Turner <David.Turner@xxxxxxxxxxxx> > Cc: Junio C Hamano <gitster@xxxxxxxxx>; git@xxxxxxxxxxxxxxx; > sandals@xxxxxxxxxxxxxxxxxxxx; Johannes Schindelin > <johannes.schindelin@xxxxxx>; Eric Sunshine <sunshine@xxxxxxxxxxxxxx> > Subject: Re: [PATCH 2/2] http: add an "auto" mode for http.emptyauth > > On Thu, Feb 23, 2017 at 01:16:33AM +0000, David Turner wrote: > > > I don't know enough about how libcurl handles authentication to know > > whether these patches are a good idea, but I have a minor comment > anyway. > > As somebody who is using non-Basic auth, can you apply these patches and > show us the output of: > > GIT_TRACE_CURL=1 \ > git ls-remote https://your-server 2>&1 >/dev/null | > egrep '(Send|Recv) header: (GET|HTTP|Auth)' > > (without http.emptyauth turned on, obviously). The results appear to be identical with and without the patch. With http.emptyauth turned off, 16:27:28.208924 http.c:524 => Send header: GET /info/refs?service=git-upload-pack HTTP/1.1 16:27:28.212872 http.c:524 <= Recv header: HTTP/1.1 401 Authorization Required Username for 'http://git': [I just pressed enter] Password for 'http://git': [ditto] 16:27:29.928872 http.c:524 => Send header: GET /info/refs?service=git-upload-pack HTTP/1.1 16:27:29.929787 http.c:524 <= Recv header: HTTP/1.1 401 Authorization Required (if someone else wants to replicate this, delete >/dev/null bit from Jeff's shell snippet)