remote-curl: don't fall back to Basic auth if we haven't tried Negotiatedv/http-try-negotiate-at-least-once

This is fix of bug introduced by 4dbe66464 commit. The problem is that when username/password combination was not set, the first HTTP(S) request will fail and user will be asked for credentials. As a side effect of first HTTP(S) request, libcurl auth method GSS-Negotiate will be disabled unconditionally. Although, we haven't tried yet provided credentials for this auth method. Signed-off-by: Dmitry Vilkov <dmitry.a.vilkov@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Dmitry Vilkov <dmitry.a.vilkov@gmail.com> 2016-02-02 12:11:24 +0300
committer: Junio C Hamano <gitster@pobox.com> 2016-02-02 13:49:07 -0800
commit: c0b4560f9576ea61d86ed4712af30a44946b4a18 (patch)
tree: cd8e21d519ce1eb71a9d214fe66bc893c9c37e0b
parent: 4dbe66464b4fd695c5989cc272fa0edd6475037c (diff)
download: git-dv/http-try-negotiate-at-least-once.tar.gz
1 files changed, 6 insertions, 3 deletions
diff --git a/http.c b/http.c
index 44b130c54a..4db8b496f9 100644
--- a/http.c
+++ b/http.c
@@ -873,12 +873,15 @@ int handle_curl_result(struct slot_results *results)
 		return HTTP_MISSING_TARGET;
 	else if (results->http_code == 401) {
 		if (http_auth.username && http_auth.password) {
+#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
+			if (http_auth_methods & CURLAUTH_GSSNEGOTIATE) {
+				http_auth_methods &= ~CURLAUTH_GSSNEGOTIATE;
+				return HTTP_REAUTH;
+			}
+#endif
 			credential_reject(&http_auth);
 			return HTTP_NOAUTH;
 		} else {
-#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
-			http_auth_methods &= ~CURLAUTH_GSSNEGOTIATE;
-#endif
 			return HTTP_REAUTH;
 		}
 	} else {
author	Dmitry Vilkov <dmitry.a.vilkov@gmail.com>	2016-02-02 12:11:24 +0300
committer	Junio C Hamano <gitster@pobox.com>	2016-02-02 13:49:07 -0800
commit	c0b4560f9576ea61d86ed4712af30a44946b4a18 (patch)
tree	cd8e21d519ce1eb71a9d214fe66bc893c9c37e0b
parent	4dbe66464b4fd695c5989cc272fa0edd6475037c (diff)
download	git-dv/http-try-negotiate-at-least-once.tar.gz