diff options
| author | Xiaodong Xu <stid.smth@gmail.com> | 2012-01-31 11:10:09 +0800 |
|---|---|---|
| committer | Shawn O. Pearce <sop@google.com> | 2012-03-14 15:01:34 -0700 |
| commit | ae0a36c9a59e7f872578b17b3b7fa8f72df3cb59 (patch) | |
| tree | 2cfb4182ad08064d001463aa5aa9079ab638f78a /main.py | |
| parent | 76abcc1d1ea2da6cf0ce381486e2f9bf4ca55c36 (diff) | |
| download | git-repo-ae0a36c9a59e7f872578b17b3b7fa8f72df3cb59.tar.gz | |
Add support for Apache Digest authentication for repo init.
repo tool supports only Basic authentication for now. For those
who want to use this tool to manage their own projects, in case
the administrator has configured the Apache server with Digest
authentication method, users will fail to be authenticated when
they run the command 'repo init'.
Add the digest authentication password manager to the handler
list will fix this issue.
Since Git HTTP protocol will require the user be authenticated
for fetch operation first before pushing commits to the remote,
it is unlikely for the administrator to implement anonymous
read (aka pull) access and write access (aka push) for
authenticated user. Both read and write have to be authenticated.
Be aware that the user may have to add an extra line in his
~/.netrc file:
-------------------
account example.com
-------------------
where 'example.com' is the realm for Apache Digest authentication.
Change-Id: I76eb27b205554426d9ce1965deaaf727b87916cd
Signed-off-by: Xiaodong Xu <stid.smth@gmail.com>
Diffstat (limited to 'main.py')
| -rwxr-xr-x | main.py | 23 |
1 files changed, 21 insertions, 2 deletions
| @@ -295,6 +295,24 @@ class _BasicAuthHandler(urllib2.HTTPBasicAuthHandler): | |||
| 295 | self.retried = 0 | 295 | self.retried = 0 |
| 296 | raise | 296 | raise |
| 297 | 297 | ||
| 298 | class _DigestAuthHandler(urllib2.HTTPDigestAuthHandler): | ||
| 299 | def http_error_auth_reqed(self, auth_header, host, req, headers): | ||
| 300 | try: | ||
| 301 | old_add_header = req.add_header | ||
| 302 | def _add_header(name, val): | ||
| 303 | val = val.replace('\n', '') | ||
| 304 | old_add_header(name, val) | ||
| 305 | req.add_header = _add_header | ||
| 306 | return urllib2.AbstractDigestAuthHandler.http_error_auth_reqed( | ||
| 307 | self, auth_header, host, req, headers) | ||
| 308 | except: | ||
| 309 | reset = getattr(self, 'reset_retry_count', None) | ||
| 310 | if reset is not None: | ||
| 311 | reset() | ||
| 312 | elif getattr(self, 'retried', None): | ||
| 313 | self.retried = 0 | ||
| 314 | raise | ||
| 315 | |||
| 298 | def init_http(): | 316 | def init_http(): |
| 299 | handlers = [_UserAgentHandler()] | 317 | handlers = [_UserAgentHandler()] |
| 300 | 318 | ||
| @@ -303,13 +321,14 @@ def init_http(): | |||
| 303 | n = netrc.netrc() | 321 | n = netrc.netrc() |
| 304 | for host in n.hosts: | 322 | for host in n.hosts: |
| 305 | p = n.hosts[host] | 323 | p = n.hosts[host] |
| 306 | mgr.add_password(None, 'http://%s/' % host, p[0], p[2]) | 324 | mgr.add_password(p[1], 'http://%s/' % host, p[0], p[2]) |
| 307 | mgr.add_password(None, 'https://%s/' % host, p[0], p[2]) | 325 | mgr.add_password(p[1], 'https://%s/' % host, p[0], p[2]) |
| 308 | except netrc.NetrcParseError: | 326 | except netrc.NetrcParseError: |
| 309 | pass | 327 | pass |
| 310 | except IOError: | 328 | except IOError: |
| 311 | pass | 329 | pass |
| 312 | handlers.append(_BasicAuthHandler(mgr)) | 330 | handlers.append(_BasicAuthHandler(mgr)) |
| 331 | handlers.append(_DigestAuthHandler(mgr)) | ||
| 313 | 332 | ||
| 314 | if 'http_proxy' in os.environ: | 333 | if 'http_proxy' in os.environ: |
| 315 | url = os.environ['http_proxy'] | 334 | url = os.environ['http_proxy'] |