summaryrefslogtreecommitdiff
path: root/credential-cache.c
diff options
context:
space:
mode:
authorLibravatar Knut Franke <k.franke@science-computing.de>2016-01-26 13:02:48 +0000
committerLibravatar Junio C Hamano <gitster@pobox.com>2016-01-26 10:53:25 -0800
commit372370f1675c2b935fb703665358dd5567641107 (patch)
treeccd3d55be8f8d0be64f24cdb8f75a69da0f1e94c /credential-cache.c
parenthttp: allow selection of proxy authentication method (diff)
downloadtgif-372370f1675c2b935fb703665358dd5567641107.tar.xz
http: use credential API to handle proxy authentication
Currently, the only way to pass proxy credentials to curl is by including them in the proxy URL. Usually, this means they will end up on disk unencrypted, one way or another (by inclusion in ~/.gitconfig, shell profile or history). Since proxy authentication often uses a domain user, credentials can be security sensitive; therefore, a safer way of passing credentials is desirable. If the configured proxy contains a username but not a password, query the credential API for one. Also, make sure we approve/reject proxy credentials properly. For consistency reasons, add parsing of http_proxy/https_proxy/all_proxy environment variables, which would otherwise be evaluated as a fallback by curl. Without this, we would have different semantics for git configuration and environment variables. Helped-by: Junio C Hamano <gitster@pobox.com> Helped-by: Eric Sunshine <sunshine@sunshineco.com> Helped-by: Elia Pinto <gitter.spiros@gmail.com> Signed-off-by: Knut Franke <k.franke@science-computing.de> Signed-off-by: Elia Pinto <gitter.spiros@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'credential-cache.c')
0 files changed, 0 insertions, 0 deletions