http transport: provide proxy credentials
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
diff --git a/src/transports/auth.c b/src/transports/auth.c
index c8e6adb..dcc3e09 100644
--- a/src/transports/auth.c
+++ b/src/transports/auth.c
@@ -11,7 +11,10 @@
#include "buffer.h"
static int basic_next_token(
- git_buf *out, git_http_auth_context *ctx, git_cred *c)
+ git_buf *out,
+ git_http_auth_context *ctx,
+ const char *header_name,
+ git_cred *c)
{
git_cred_userpass_plaintext *cred;
git_buf raw = GIT_BUF_INIT;
@@ -29,7 +32,7 @@ static int basic_next_token(
git_buf_printf(&raw, "%s:%s", cred->username, cred->password);
if (git_buf_oom(&raw) ||
- git_buf_puts(out, "Authorization: Basic ") < 0 ||
+ git_buf_printf(out, "%s: Basic ", header_name) < 0 ||
git_buf_encode_base64(out, git_buf_cstr(&raw), raw.size) < 0 ||
git_buf_puts(out, "\r\n") < 0)
goto on_error;
diff --git a/src/transports/auth.h b/src/transports/auth.h
index 3b8b29e..e5cf7ef 100644
--- a/src/transports/auth.h
+++ b/src/transports/auth.h
@@ -31,7 +31,7 @@ struct git_http_auth_context {
int (*set_challenge)(git_http_auth_context *ctx, const char *challenge);
/** Gets the next authentication token from the context */
- int (*next_token)(git_buf *out, git_http_auth_context *ctx, git_cred *cred);
+ int (*next_token)(git_buf *out, git_http_auth_context *ctx, const char *header_name, git_cred *cred);
/** Frees the authentication context */
void (*free)(git_http_auth_context *ctx);
diff --git a/src/transports/auth_negotiate.c b/src/transports/auth_negotiate.c
index eeabe8a..173ae99 100644
--- a/src/transports/auth_negotiate.c
+++ b/src/transports/auth_negotiate.c
@@ -73,6 +73,7 @@ static int negotiate_set_challenge(
static int negotiate_next_token(
git_buf *buf,
git_http_auth_context *c,
+ const char *header_name,
git_cred *cred)
{
http_auth_negotiate_context *ctx = (http_auth_negotiate_context *)c;
@@ -155,7 +156,7 @@ static int negotiate_next_token(
goto done;
}
- git_buf_puts(buf, "Authorization: Negotiate ");
+ git_buf_printf(buf, "%s: Negotiate ", header_name);
git_buf_encode_base64(buf, output_token.value, output_token.length);
git_buf_puts(buf, "\r\n");
diff --git a/src/transports/http.c b/src/transports/http.c
index 44b03d7..5619f7a 100644
--- a/src/transports/http.c
+++ b/src/transports/http.c
@@ -37,6 +37,9 @@ static const char *receive_pack_service_url = "/git-receive-pack";
static const char *get_verb = "GET";
static const char *post_verb = "POST";
+#define AUTH_HEADER_SERVER "Authorization"
+#define AUTH_HEADER_PROXY "Proxy-Authorization"
+
#define SERVER_TYPE_REMOTE "remote"
#define SERVER_TYPE_PROXY "proxy"
@@ -179,7 +182,10 @@ static int auth_context_match(
return 0;
}
-static int apply_credentials(git_buf *buf, http_server *server)
+static int apply_credentials(
+ git_buf *buf,
+ http_server *server,
+ const char *header_name)
{
git_cred *cred = server->cred;
git_http_auth_context *context;
@@ -205,7 +211,7 @@ static int apply_credentials(git_buf *buf, http_server *server)
if (!context)
return 0;
- return context->next_token(buf, context, cred);
+ return context->next_token(buf, context, header_name, cred);
}
static int gen_request(
@@ -253,8 +259,9 @@ static int gen_request(
git_buf_printf(buf, "%s\r\n", t->owner->custom_headers.strings[i]);
}
- /* Apply credentials to the request */
- if (apply_credentials(buf, &t->server) < 0)
+ /* Apply proxy and server credentials to the request */
+ if (apply_credentials(buf, &t->proxy, AUTH_HEADER_PROXY) < 0 ||
+ apply_credentials(buf, &t->server, AUTH_HEADER_SERVER) < 0)
return -1;
git_buf_puts(buf, "\r\n");