diff options
| author |  Junio C Hamano <gitster@pobox.com> | 2016-10-06 14:53:11 -0700 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2016-10-06 14:53:11 -0700 |
| commit | fbfe878f9777d4d52e1eaef1fca5170b9efee99a (patch) | |
| tree | 089c638e4d1f5ef1130838007cf8cf39929a3269 /Documentation/config.txt | |
| parent | Merge branch 'jk/graph-padding-fix' (diff) | |
| parent | http: control GSSAPI credential delegation (diff) | |
| download | tgif-fbfe878f9777d4d52e1eaef1fca5170b9efee99a.tar.xz | |
Merge branch 'ps/http-gssapi-cred-delegation'
In recent versions of cURL, GSSAPI credential delegation is
disabled by default due to CVE-2011-2192; introduce a configuration
to selectively allow enabling this.
* ps/http-gssapi-cred-delegation:
http: control GSSAPI credential delegation
Diffstat (limited to 'Documentation/config.txt')
| -rw-r--r-- | Documentation/config.txt | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/Documentation/config.txt b/Documentation/config.txt index e78293b6db..a17947462a 100644 --- a/Documentation/config.txt +++ b/Documentation/config.txt @@ -1736,6 +1736,20 @@ http.emptyAuth:: a username in the URL, as libcurl normally requires a username for authentication. +http.delegation:: + Control GSSAPI credential delegation. The delegation is disabled + by default in libcurl since version 7.21.7. Set parameter to tell + the server what it is allowed to delegate when it comes to user + credentials. Used with GSS/kerberos. Possible values are: ++ +-- +* `none` - Don't allow any delegation. +* `policy` - Delegates if and only if the OK-AS-DELEGATE flag is set in the + Kerberos service ticket, which is a matter of realm policy. +* `always` - Unconditionally allow the server to delegate. +-- + + http.extraHeader:: Pass an additional HTTP header when communicating with a server. If more than one such entry exists, all of them are added as extra |