Re: Git over HTTP; have flexible SASL authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jan 27, 2023 at 09:06:36AM -0800, Junio C Hamano wrote:

> Rick van Rein <rick@xxxxxxxxxxxxxxx> writes:
> 
> > Git providers are inventing proprietary extensions to HTTP authentication
> > for Git.  It seems smarter to use SASL for this purpose, possibly allowing
> > the client a choice and authentication ringback to the client's own domain.
> 
> To adopt things like this, the work to extend how to make extensible
> what is on WWW-Authenticate in the thread that contains this recent
> message https://lore.kernel.org/git/Y9LvFMzriAWUsS58@xxxxxxxxxxxxxxxxxxxxxxx/
> may be relevant, perhaps?

It's relevant, but I think there's a ways to go. That is just about
passing WWW-Authenticate headers to helpers, which can then try to make
sense of them. But Git would still only understand getting back a
username/password from the helper, and passing it along to curl. And
hopefully we'd do it all through curl's SASL support, and not invent our
own handling.

I'm not sure what all that might might look like. I'm sure Matthew has
probably thought about it, so I'll let him say something more
intelligent. :)

-Peff



[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux