git.ipfire.org Git - thirdparty/git.git/commit

author	Martin Storsjö <martin@martin.st>
	Fri, 27 Nov 2009 15:43:08 +0000 (23:43 +0800)
committer	Junio C Hamano <gitster@pobox.com>
	Sat, 28 Nov 2009 06:46:33 +0000 (22:46 -0800)
commit	b8ac923010484908d8426cb8ded5ad7e8c21a7f6
tree	e74eff9c15440748a2125447cd1443d884002a9f	tree \| snapshot
parent	ad75ebe5b3f10e77f1150d2d8111e6a60cb9039a	commit \| diff

Add an option for using any HTTP authentication scheme, not only basic

This adds the configuration option http.authAny (overridable with
the environment variable GIT_HTTP_AUTH_ANY), for instructing curl
to allow any HTTP authentication scheme, not only basic (which
sends the password in plaintext).

When this is enabled, curl has to do double requests most of the time,
in order to discover which HTTP authentication method to use, which
lowers the performance slightly. Therefore this isn't enabled by default.

One example of another authentication scheme to use is digest, which
doesn't send the password in plaintext, but uses a challenge-response
mechanism instead. Using digest authentication in practice requires
at least curl 7.18.1, due to bugs in the digest handling in earlier
versions of curl.

Signed-off-by: Martin Storsjö <martin@martin.st>
Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

Documentation/config.txt		diff \| blob \| blame \| history
http.c		diff \| blob \| blame \| history