From c0b4560f9576ea61d86ed4712af30a44946b4a18 Mon Sep 17 00:00:00 2001
From: Dmitry Vilkov <dmitry.a.vilkov@gmail.com>
Date: Tue, 2 Feb 2016 12:11:24 +0300
Subject: remote-curl: don't fall back to Basic auth if we haven't tried
 Negotiate

This is fix of bug introduced by 4dbe66464 commit.
The problem is that when username/password combination was not set,
the first HTTP(S) request will fail and user will be asked for
credentials. As a side effect of first HTTP(S) request, libcurl auth
method GSS-Negotiate will be disabled unconditionally. Although, we
haven't tried yet provided credentials for this auth method.

Signed-off-by: Dmitry Vilkov <dmitry.a.vilkov@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
---
 http.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/http.c b/http.c
index 44b130c54a..4db8b496f9 100644
--- a/http.c
+++ b/http.c
@@ -873,12 +873,15 @@ int handle_curl_result(struct slot_results *results)
 		return HTTP_MISSING_TARGET;
 	else if (results->http_code == 401) {
 		if (http_auth.username && http_auth.password) {
+#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
+			if (http_auth_methods & CURLAUTH_GSSNEGOTIATE) {
+				http_auth_methods &= ~CURLAUTH_GSSNEGOTIATE;
+				return HTTP_REAUTH;
+			}
+#endif
 			credential_reject(&http_auth);
 			return HTTP_NOAUTH;
 		} else {
-#ifdef LIBCURL_CAN_HANDLE_AUTH_ANY
-			http_auth_methods &= ~CURLAUTH_GSSNEGOTIATE;
-#endif
 			return HTTP_REAUTH;
 		}
 	} else {
-- 
cgit v1.2.1