diff options
| author | Matthew John Cheetham <mjcheetham@outlook.com> | 2023-02-27 18:20:19 +0100 |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2023-02-27 19:40:40 +0100 |
| commit | 6b8dda9a4fdec1638b047506a121df8e15872492 (patch) | |
| tree | 9ca464e2156957f53bab72b19caf244e243e3baa /credential.h | |
| parent | t5563: add tests for basic and anoymous HTTP access (diff) | |
| download | git-6b8dda9a4fdec1638b047506a121df8e15872492.tar.xz git-6b8dda9a4fdec1638b047506a121df8e15872492.zip | |
http: read HTTP WWW-Authenticate response headers
Read and store the HTTP WWW-Authenticate response headers made for
a particular request.
This will allow us to pass important authentication challenge
information to credential helpers or others that would otherwise have
been lost.
libcurl only provides us with the ability to read all headers recieved
for a particular request, including any intermediate redirect requests
or proxies. The lines returned by libcurl include HTTP status lines
delinating any intermediate requests such as "HTTP/1.1 200". We use
these lines to reset the strvec of WWW-Authenticate header values as
we encounter them in order to only capture the final response headers.
The collection of all header values matching the WWW-Authenticate
header is complicated by the fact that it is legal for header fields to
be continued over multiple lines, but libcurl only gives us each
physical line a time, not each logical header. This line folding feature
is deprecated in RFC 7230 [1] but older servers may still emit them, so
we need to handle them.
In the future [2] we may be able to leverage functions to read headers
from libcurl itself, but as of today we must do this ourselves.
[1] https://www.rfc-editor.org/rfc/rfc7230#section-3.2
[2] https://daniel.haxx.se/blog/2022/03/22/a-headers-api-for-libcurl/
Signed-off-by: Matthew John Cheetham <mjcheetham@outlook.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'credential.h')
| -rw-r--r-- | credential.h | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/credential.h b/credential.h index f430e77fea..3756a54c74 100644 --- a/credential.h +++ b/credential.h @@ -2,6 +2,7 @@ #define CREDENTIAL_H #include "string-list.h" +#include "strvec.h" /** * The credentials API provides an abstracted way of gathering username and @@ -115,6 +116,20 @@ struct credential { */ struct string_list helpers; + /** + * A `strvec` of WWW-Authenticate header values. Each string + * is the value of a WWW-Authenticate header in an HTTP response, + * in the order they were received in the response. + */ + struct strvec wwwauth_headers; + + /** + * Internal use only. Keeps track of if we previously matched against a + * WWW-Authenticate header line in order to re-fold future continuation + * lines into one value. + */ + unsigned header_is_last_match:1; + unsigned approved:1, configured:1, quit:1, @@ -130,6 +145,7 @@ struct credential { #define CREDENTIAL_INIT { \ .helpers = STRING_LIST_INIT_DUP, \ + .wwwauth_headers = STRVEC_INIT, \ } /* Initialize a credential structure, setting all fields to empty. */ |