Commit 74c6e08e1d5a42a601985b8f42dded685537c59a

Edward Thomson 2018-10-22T14:56:53

http transport: provide proxy credentials

diff --git a/src/transports/auth.c b/src/transports/auth.c
index c8e6adb..dcc3e09 100644
--- a/src/transports/auth.c
+++ b/src/transports/auth.c
@@ -11,7 +11,10 @@
 #include "buffer.h"
 
 static int basic_next_token(
-	git_buf *out, git_http_auth_context *ctx, git_cred *c)
+	git_buf *out,
+	git_http_auth_context *ctx,
+	const char *header_name,
+	git_cred *c)
 {
 	git_cred_userpass_plaintext *cred;
 	git_buf raw = GIT_BUF_INIT;
@@ -29,7 +32,7 @@ static int basic_next_token(
 	git_buf_printf(&raw, "%s:%s", cred->username, cred->password);
 
 	if (git_buf_oom(&raw) ||
-		git_buf_puts(out, "Authorization: Basic ") < 0 ||
+		git_buf_printf(out, "%s: Basic ", header_name) < 0 ||
 		git_buf_encode_base64(out, git_buf_cstr(&raw), raw.size) < 0 ||
 		git_buf_puts(out, "\r\n") < 0)
 		goto on_error;
diff --git a/src/transports/auth.h b/src/transports/auth.h
index 3b8b29e..e5cf7ef 100644
--- a/src/transports/auth.h
+++ b/src/transports/auth.h
@@ -31,7 +31,7 @@ struct git_http_auth_context {
 	int (*set_challenge)(git_http_auth_context *ctx, const char *challenge);
 
 	/** Gets the next authentication token from the context */
-	int (*next_token)(git_buf *out, git_http_auth_context *ctx, git_cred *cred);
+	int (*next_token)(git_buf *out, git_http_auth_context *ctx, const char *header_name, git_cred *cred);
 
 	/** Frees the authentication context */
 	void (*free)(git_http_auth_context *ctx);
diff --git a/src/transports/auth_negotiate.c b/src/transports/auth_negotiate.c
index eeabe8a..173ae99 100644
--- a/src/transports/auth_negotiate.c
+++ b/src/transports/auth_negotiate.c
@@ -73,6 +73,7 @@ static int negotiate_set_challenge(
 static int negotiate_next_token(
 	git_buf *buf,
 	git_http_auth_context *c,
+	const char *header_name,
 	git_cred *cred)
 {
 	http_auth_negotiate_context *ctx = (http_auth_negotiate_context *)c;
@@ -155,7 +156,7 @@ static int negotiate_next_token(
 		goto done;
 	}
 
-	git_buf_puts(buf, "Authorization: Negotiate ");
+	git_buf_printf(buf, "%s: Negotiate ", header_name);
 	git_buf_encode_base64(buf, output_token.value, output_token.length);
 	git_buf_puts(buf, "\r\n");
 
diff --git a/src/transports/http.c b/src/transports/http.c
index 44b03d7..5619f7a 100644
--- a/src/transports/http.c
+++ b/src/transports/http.c
@@ -37,6 +37,9 @@ static const char *receive_pack_service_url = "/git-receive-pack";
 static const char *get_verb = "GET";
 static const char *post_verb = "POST";
 
+#define AUTH_HEADER_SERVER "Authorization"
+#define AUTH_HEADER_PROXY  "Proxy-Authorization"
+
 #define SERVER_TYPE_REMOTE "remote"
 #define SERVER_TYPE_PROXY  "proxy"
 
@@ -179,7 +182,10 @@ static int auth_context_match(
 	return 0;
 }
 
-static int apply_credentials(git_buf *buf, http_server *server)
+static int apply_credentials(
+	git_buf *buf,
+	http_server *server,
+	const char *header_name)
 {
 	git_cred *cred = server->cred;
 	git_http_auth_context *context;
@@ -205,7 +211,7 @@ static int apply_credentials(git_buf *buf, http_server *server)
 	if (!context)
 		return 0;
 
-	return context->next_token(buf, context, cred);
+	return context->next_token(buf, context, header_name, cred);
 }
 
 static int gen_request(
@@ -253,8 +259,9 @@ static int gen_request(
 			git_buf_printf(buf, "%s\r\n", t->owner->custom_headers.strings[i]);
 	}
 
-	/* Apply credentials to the request */
-	if (apply_credentials(buf, &t->server) < 0)
+	/* Apply proxy and server credentials to the request */
+	if (apply_credentials(buf, &t->proxy, AUTH_HEADER_PROXY) < 0 ||
+	    apply_credentials(buf, &t->server, AUTH_HEADER_SERVER) < 0)
 		return -1;
 
 	git_buf_puts(buf, "\r\n");