Skip to content
Snippets Groups Projects
Commit 372370f1 authored by Knut Franke's avatar Knut Franke Committed by Junio C Hamano
Browse files

http: use credential API to handle proxy authentication


Currently, the only way to pass proxy credentials to curl is by including them
in the proxy URL. Usually, this means they will end up on disk unencrypted, one
way or another (by inclusion in ~/.gitconfig, shell profile or history). Since
proxy authentication often uses a domain user, credentials can be security
sensitive; therefore, a safer way of passing credentials is desirable.

If the configured proxy contains a username but not a password, query the
credential API for one. Also, make sure we approve/reject proxy credentials
properly.

For consistency reasons, add parsing of http_proxy/https_proxy/all_proxy
environment variables, which would otherwise be evaluated as a fallback by curl.
Without this, we would have different semantics for git configuration and
environment variables.

Helped-by: default avatarJunio C Hamano <gitster@pobox.com>
Helped-by: default avatarEric Sunshine <sunshine@sunshineco.com>
Helped-by: default avatarElia Pinto <gitter.spiros@gmail.com>
Signed-off-by: default avatarKnut Franke <k.franke@science-computing.de>
Signed-off-by: default avatarElia Pinto <gitter.spiros@gmail.com>
Signed-off-by: default avatarJunio C Hamano <gitster@pobox.com>
parent ef976395
No related branches found
No related tags found
No related merge requests found
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment