From 3dab8b5b79bdd799127cfa2a15d6f4c9e5971bc3 Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Fri, 9 Dec 2016 16:37:49 +0100 Subject: [PATCH] http(s): automatically try NTLM authentication first It is common in corporate setups to have permissions managed via a domain account. That means that the user does not really have to log in when accessing a central repository via https://, but that the login credentials are used to authenticate with that repository. The common way to do that used to require empty credentials, i.e. hitting Enter twice when being asked for user name and password, or by using the very funny notation https://:@server/repository A recent commit (5275c3081c (http: http.emptyauth should allow empty (not just NULL) usernames, 2016-10-04)) broke that usage, though, all of a sudden requiring users to set http.emptyAuth = true. Which brings us to the bigger question why http.emptyAuth defaults to false, to begin with. It would be one thing if cURL would not let the user specify credentials interactively after attempting NTLM authentication (i.e. login credentials), but that is not the case. It would be another thing if attempting NTLM authentication was not usually what users need to do when trying to authenticate via https://. But that is also not the case. So let's just go ahead and change the default, and unbreak the NTLM authentication. As a bonus, this also makes the "you need to hit Enter twice" (which is hard to explain: why enter empty credentials when you want to authenticate with your login credentials?) and the ":@" hack (which is also pretty, pretty hard to explain to users) obsolete. This fixes https://github.com/git-for-windows/git/issues/987 Signed-off-by: Johannes Schindelin --- http.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/http.c b/http.c index 90a1c0f1131c4a..943e630ea6737a 100644 --- a/http.c +++ b/http.c @@ -109,7 +109,7 @@ static int curl_save_cookies; struct credential http_auth = CREDENTIAL_INIT; static int http_proactive_auth; static const char *user_agent; -static int curl_empty_auth; +static int curl_empty_auth = 1; enum http_follow_config http_follow_config = HTTP_FOLLOW_INITIAL;