Re: [PATCH 2/3] Add config option/env var to limit HTTP auth methods

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Simon.Richter@xxxxxxxxxx writes:

> +http.authMethod::
> +	Set the method with which to authenticate to the HTTP server, if
> +	required. This can be overridden on a per-remote basis; see
> +	`remote.<name>.authMethod`. Both can be overridden by the
> +	`GIT_HTTP_AUTHMETHOD` environment variable.  Possible values are:
> ++
> +--
> +* `anyauth` - Automatically pick a suitable authentication method. It is
> +  assumed that the server answers an unauthenticated request with a 401
> +  status code and one or more WWW-Authenticate headers with supported
> +  authentication methods. This is the default.
> +* `basic` - HTTP Basic authentication
> +* `digest` - HTTP Digest authentication; this prevents the password from being
> +  transmitted to the server in clear text
> +* `negotiate` - GSS-Negotiate authentication (compare the --negotiate option
> +  of `curl(1)`)
> +* `ntlm` - NTLM authentication (compare the --ntlm option of `curl(1)`)
> +--

The above makes sense.

Configuring this variable per URL, just like all other variables in
"http.*" namespace, we should be able to use the "http.<url>.*"
mechanism that the users are already familiar with.

> diff --git a/Documentation/config/remote.txt b/Documentation/config/remote.txt
> index 0678b4bcfe..0f87234427 100644
> --- a/Documentation/config/remote.txt
> +++ b/Documentation/config/remote.txt
> @@ -10,6 +10,10 @@ remote.<name>.url::
>  remote.<name>.pushurl::
>  	The push URL of a remote repository.  See linkgit:git-push[1].
>  
> +remote.<name>.authMethod::
> +	For http and https remotes, the method to use for
> +	authenticating against the server. See `http.authMethod`.

IOW, this looks out of place.



[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux