http transport: provide proxy credentials

74c6e08e · Edward Thomson · 496da38c · 74c6e08e · 74c6e08e · 74c6e08e
Commit 74c6e08e authored Oct 22, 2018 by Edward Thomson
Hide whitespace changes
Inline Side-by-side

Showing with 19 additions and 8 deletions

src/transports/auth.c
+5 -2

src/transports/auth.h
+1 -1

src/transports/auth_negotiate.c
+2 -1

src/transports/http.c
+11 -4

No files found.
--- a/src/transports/auth.c
+++ b/src/transports/auth.c
@@ -11,7 +11,10 @@
 #include "buffer.h"

 static int basic_next_token(
-	git_buf *out, git_http_auth_context *ctx, git_cred *c)
+	git_buf *out,
+	git_http_auth_context *ctx,
+	const char *header_name,
+	git_cred *c)
 {
 	git_cred_userpass_plaintext *cred;
 	git_buf raw = GIT_BUF_INIT;
@@ -29,7 +32,7 @@ static int basic_next_token(
 	git_buf_printf(&raw, "%s:%s", cred->username, cred->password);

 	if (git_buf_oom(&raw) ||
-		git_buf_puts(out, "Authorization: Basic ") < 0 ||
+		git_buf_printf(out, "%s: Basic ", header_name) < 0 ||
 		git_buf_encode_base64(out, git_buf_cstr(&raw), raw.size) < 0 ||
 		git_buf_puts(out, "\r\n") < 0)
 		goto on_error;

--- a/src/transports/auth.h
+++ b/src/transports/auth.h
@@ -31,7 +31,7 @@ struct git_http_auth_context {
 	int (*set_challenge)(git_http_auth_context *ctx, const char *challenge);

 	/** Gets the next authentication token from the context */
-	int (*next_token)(git_buf *out, git_http_auth_context *ctx, git_cred *cred);
+	int (*next_token)(git_buf *out, git_http_auth_context *ctx, const char *header_name, git_cred *cred);

 	/** Frees the authentication context */
 	void (*free)(git_http_auth_context *ctx);

--- a/src/transports/auth_negotiate.c
+++ b/src/transports/auth_negotiate.c
@@ -73,6 +73,7 @@ static int negotiate_set_challenge(
 static int negotiate_next_token(
 	git_buf *buf,
 	git_http_auth_context *c,
+	const char *header_name,
 	git_cred *cred)
 {
 	http_auth_negotiate_context *ctx = (http_auth_negotiate_context *)c;
@@ -155,7 +156,7 @@ static int negotiate_next_token(
 		goto done;
 	}

-	git_buf_puts(buf, "Authorization: Negotiate ");
+	git_buf_printf(buf, "%s: Negotiate ", header_name);
 	git_buf_encode_base64(buf, output_token.value, output_token.length);
 	git_buf_puts(buf, "\r\n");


--- a/src/transports/http.c
+++ b/src/transports/http.c
@@ -37,6 +37,9 @@ static const char *receive_pack_service_url = "/git-receive-pack";
 static const char *get_verb = "GET";
 static const char *post_verb = "POST";

+#define AUTH_HEADER_SERVER "Authorization"
+#define AUTH_HEADER_PROXY  "Proxy-Authorization"
+
 #define SERVER_TYPE_REMOTE "remote"
 #define SERVER_TYPE_PROXY  "proxy"

@@ -179,7 +182,10 @@ static int auth_context_match(
 	return 0;
 }

-static int apply_credentials(git_buf *buf, http_server *server)
+static int apply_credentials(
+	git_buf *buf,
+	http_server *server,
+	const char *header_name)
 {
 	git_cred *cred = server->cred;
 	git_http_auth_context *context;
@@ -205,7 +211,7 @@ static int apply_credentials(git_buf *buf, http_server *server)
 	if (!context)
 		return 0;

-	return context->next_token(buf, context, cred);
+	return context->next_token(buf, context, header_name, cred);
 }

 static int gen_request(
@@ -253,8 +259,9 @@ static int gen_request(
 			git_buf_printf(buf, "%s\r\n", t->owner->custom_headers.strings[i]);
 	}

-	/* Apply credentials to the request */
-	if (apply_credentials(buf, &t->server) < 0)
+	/* Apply proxy and server credentials to the request */
+	if (apply_credentials(buf, &t->proxy, AUTH_HEADER_PROXY) < 0 ||
+	    apply_credentials(buf, &t->server, AUTH_HEADER_SERVER) < 0)
 		return -1;

 	git_buf_puts(buf, "\r\n");