From: Lars Schneider <larsxschneider@xxxxxxxxx> If a Git HTTP server responds with 401 or 407, then Git tells the credential helper to reject and delete the credentials. In general this is good. However, in certain automation environments it is not desired to remove credentials automatically. This is in particular the case if credentials are only invalid temporarily (e.g. because of problems in the server's authentication backend). Therefore, add the config "http.keepRejectedCredentials" which tells Git to keep invalid credentials if set to "true". It was considered to disable the credential deletion in credential.c directly. This approach was not chosen as it could be confusing to other callers of credential_reject() if the function does not do what its name says (e.g. in imap-send.c). The Git-Credential-Manager-for-Windows already implements a similar mechanism [1]. This solution aims to enable that feature for all credential helper implementations. [1] https://github.com/Microsoft/Git-Credential-Manager-for-Windows/blob/0c1af463b33b0a0142f36f99c49ca8f83e86ee43/Shared/Cli/Functions/Common.cs#L484-L504 Signed-off-by: Lars Schneider <larsxschneider@xxxxxxxxx> --- Notes: Base Ref: master Web-Diff: https://github.com/larsxschneider/git/commit/51993c2ff9 Checkout: git fetch https://github.com/larsxschneider/git keepcreds-v1 && git checkout 51993c2ff9 Documentation/config.txt | 6 ++++++ http.c | 12 ++++++++++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/Documentation/config.txt b/Documentation/config.txt index ab641bf5a9..184aee8dbc 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -1997,6 +1997,12 @@ http.emptyAuth:: a username in the URL, as libcurl normally requires a username for authentication. +http.keepRejectedCredentials:: + Keep credentials in the credential helper that a Git server responded + to with 401 (unauthorized) or 407 (proxy authentication required). + This can be useful in automation environments where credentials might + become temporarily invalid. The default is `false`. + http.delegation:: Control GSSAPI credential delegation. The delegation is disabled by default in libcurl since version 7.21.7. Set parameter to tell diff --git a/http.c b/http.c index b4bfbceaeb..ff6932813f 100644 --- a/http.c +++ b/http.c @@ -138,6 +138,7 @@ static int ssl_cert_password_required; #ifdef LIBCURL_CAN_HANDLE_AUTH_ANY static unsigned long http_auth_methods = CURLAUTH_ANY; static int http_auth_methods_restricted; +static int keep_rejected_credentials = 0; /* Modes for which empty_auth cannot actually help us. */ static unsigned long empty_auth_useless = CURLAUTH_BASIC @@ -403,6 +404,11 @@ static int http_options(const char *var, const char *value, void *cb) return 0; } + if (!strcmp("http.keeprejectedcredentials", var)) { + keep_rejected_credentials = git_config_bool(var, value); + return 0; + } + /* Fall back on the default ones */ return git_default_config(var, value, cb); } @@ -1471,7 +1477,8 @@ static int handle_curl_result(struct slot_results *results) return HTTP_MISSING_TARGET; else if (results->http_code == 401) { if (http_auth.username && http_auth.password) { - credential_reject(&http_auth); + if (!keep_rejected_credentials) + credential_reject(&http_auth); return HTTP_NOAUTH; } else { #ifdef LIBCURL_CAN_HANDLE_AUTH_ANY @@ -1485,7 +1492,8 @@ static int handle_curl_result(struct slot_results *results) } } else { if (results->http_connectcode == 407) - credential_reject(&proxy_auth); + if (!keep_rejected_credentials) + credential_reject(&proxy_auth); #if LIBCURL_VERSION_NUM >= 0x070c00 if (!curl_errorstr[0]) strlcpy(curl_errorstr, base-commit: c2c7d17b030646b40e6764ba34a5ebf66aee77af -- 2.17.1
