![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7059cd9)
raw | patch | inline | side by side (parent: 7059cd9)
| author | Junio C Hamano <gitster@pobox.com> | |
| Tue, 10 Mar 2009 06:34:25 +0000 (23:34 -0700) | ||
| committer | Junio C Hamano <gitster@pobox.com> | |
| Wed, 11 Mar 2009 05:35:31 +0000 (22:35 -0700) |
Curl is designed not to ask for password when only username is given in
the URL, but has a way for application to feed a (username, password) pair
to it. With this patch, you do not have to keep your password in
plaintext in your $HOME/.netrc file when talking with a password protected
URL with http://<username>@<host>/path/to/repository.git/ syntax.
The code handles only the http-walker side, not the push side. At least,
not yet. But interested parties can add support for it.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
the URL, but has a way for application to feed a (username, password) pair
to it. With this patch, you do not have to keep your password in
plaintext in your $HOME/.netrc file when talking with a password protected
URL with http://<username>@<host>/path/to/repository.git/ syntax.
The code handles only the http-walker side, not the push side. At least,
not yet. But interested parties can add support for it.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
| http.c | patch | blob | history |
index 4c4614c92fcff0cb1ec90e22d6335797f3cba8c5..b8f947e405fa95cdd422e67637b4f816354cf808 100644 (file)
--- a/http.c
+++ b/http.c
static long curl_low_speed_time = -1;
static int curl_ftp_no_epsv;
static const char *curl_http_proxy;
+static char *user_name, *user_pass;
static struct curl_slist *pragma_header;
return git_default_config(var, value, cb);
}
+static void init_curl_http_auth(CURL *result)
+{
+ if (!user_name)
+ curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
+ else {
+ struct strbuf up = STRBUF_INIT;
+ if (!user_pass)
+ user_pass = xstrdup(getpass("Password: "));
+ strbuf_addf(&up, "%s:%s", user_name, user_pass);
+ curl_easy_setopt(result, CURLOPT_USERPWD,
+ strbuf_detach(&up, NULL));
+ }
+}
+
static CURL *get_curl_handle(void)
{
CURL *result = curl_easy_init();
curl_easy_setopt(result, CURLOPT_NETRC, CURL_NETRC_OPTIONAL);
#endif
+ init_curl_http_auth(result);
+
if (ssl_cert != NULL)
curl_easy_setopt(result, CURLOPT_SSLCERT, ssl_cert);
#if LIBCURL_VERSION_NUM >= 0x070902
return result;
}
+static void http_auth_init(const char *url)
+{
+ char *at, *colon, *cp, *slash;
+ int len;
+
+ cp = strstr(url, "://");
+ if (!cp)
+ return;
+
+ /*
+ * Ok, the URL looks like "proto://something". Which one?
+ * "proto://<user>:<pass>@<host>/...",
+ * "proto://<user>@<host>/...", or just
+ * "proto://<host>/..."?
+ */
+ cp += 3;
+ at = strchr(cp, '@');
+ colon = strchr(cp, ':');
+ slash = strchrnul(cp, '/');
+ if (!at || slash <= at)
+ return; /* No credentials */
+ if (!colon || at <= colon) {
+ /* Only username */
+ len = at - cp;
+ user_name = xmalloc(len + 1);
+ memcpy(user_name, cp, len);
+ user_name[len] = '\0';
+ user_pass = NULL;
+ } else {
+ len = colon - cp;
+ user_name = xmalloc(len + 1);
+ memcpy(user_name, cp, len);
+ user_name[len] = '\0';
+ len = at - (colon + 1);
+ user_pass = xmalloc(len + 1);
+ memcpy(user_pass, colon + 1, len);
+ user_pass[len] = '\0';
+ }
+}
+
static void set_from_env(const char **var, const char *envname)
{
const char *val = getenv(envname);
if (getenv("GIT_CURL_FTP_NO_EPSV"))
curl_ftp_no_epsv = 1;
+ if (remote && remote->url && remote->url[0])
+ http_auth_init(remote->url[0]);
+
#ifndef NO_CURL_EASY_DUPHANDLE
curl_default = get_curl_handle();
#endif