> -----Original Message----- > From: Jeff King [mailto:p...@peff.net] > Sent: Wednesday, February 22, 2017 8:38 PM > To: David Turner <david.tur...@twosigma.com> > Cc: Junio C Hamano <gits...@pobox.com>; git@vger.kernel.org; > sand...@crustytoothpaste.net; Johannes Schindelin > <johannes.schinde...@gmx.de>; Eric Sunshine <sunsh...@sunshineco.com> > Subject: Re: [PATCH 2/2] http: add an "auto" mode for http.emptyauth > > On Thu, Feb 23, 2017 at 01:16:33AM +0000, David Turner wrote: > > > I don't know enough about how libcurl handles authentication to know > > whether these patches are a good idea, but I have a minor comment > anyway. > > As somebody who is using non-Basic auth, can you apply these patches and > show us the output of: > > GIT_TRACE_CURL=1 \ > git ls-remote https://your-server 2>&1 >/dev/null | > egrep '(Send|Recv) header: (GET|HTTP|Auth)' > > (without http.emptyauth turned on, obviously).
The results appear to be identical with and without the patch. With http.emptyauth turned off, 16:27:28.208924 http.c:524 => Send header: GET /info/refs?service=git-upload-pack HTTP/1.1 16:27:28.212872 http.c:524 <= Recv header: HTTP/1.1 401 Authorization Required Username for 'http://git': [I just pressed enter] Password for 'http://git': [ditto] 16:27:29.928872 http.c:524 => Send header: GET /info/refs?service=git-upload-pack HTTP/1.1 16:27:29.929787 http.c:524 <= Recv header: HTTP/1.1 401 Authorization Required (if someone else wants to replicate this, delete >/dev/null bit from Jeff's shell snippet)