remote-curl: fall back to basic auth if Negotiate fails

When the username and password are supplied in a url like this
https://myuser:secret@git.exampe/myrepo.git and the server supports the
negotiate authenticaten method, git does not fall back to basic auth and
libcurl hardly tries to authenticate with the negotiate method.

Stop using the Negotiate authentication method after the first failure
because if it fails on the first try it will never succeed.

Signed-off-by: Christopher Schenk <christopher@cschenk.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/http.c b/http.c
index 0e31fc21bc9cc7e135cb5b3e884a373391ea4018..19c203d0ca34432fb4b654e8a621116037cbb83c 100644 (file)
--- a/http.c
+++ b/http.c
@@ -1641,17 +1641,18 @@ static int handle_curl_result(struct slot_results *results)
        } else if (missing_target(results))
                return HTTP_MISSING_TARGET;
        else if (results->http_code == 401) {
+#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
+               http_auth_methods &= ~CURLAUTH_GSSNEGOTIATE;
+               if (results->auth_avail) {
+                       http_auth_methods &= results->auth_avail;
+                       http_auth_methods_restricted = 1;
+                       return HTTP_REAUTH;
+               }
+#endif
                if (http_auth.username && http_auth.password) {
                        credential_reject(&http_auth);
                        return HTTP_NOAUTH;
                } else {
-#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
-                       http_auth_methods &= ~CURLAUTH_GSSNEGOTIATE;
-                       if (results->auth_avail) {
-                               http_auth_methods &= results->auth_avail;
-                               http_auth_methods_restricted = 1;
-                       }
-#endif
                        return HTTP_REAUTH;
                }
        } else {