GIT_WINHTTP_AUTH_BASIC = 1,
GIT_WINHTTP_AUTH_NTLM = 2,
GIT_WINHTTP_AUTH_NEGOTIATE = 4,
+ GIT_WINHTTP_AUTH_DIGEST = 8,
} winhttp_authmechanism_t;
typedef struct {
return error;
}
-static int apply_userpass_credential_proxy(HINTERNET request, git_cred *cred)
+static int apply_userpass_credential_proxy(HINTERNET request, git_cred *cred, int mechanisms)
{
+ if (GIT_WINHTTP_AUTH_DIGEST & mechanisms) {
+ return _apply_userpass_credential(request, WINHTTP_AUTH_TARGET_PROXY,
+ WINHTTP_AUTH_SCHEME_DIGEST, cred);
+ }
+
return _apply_userpass_credential(request, WINHTTP_AUTH_TARGET_PROXY,
WINHTTP_AUTH_SCHEME_BASIC, cred);
}
if (t->proxy_cred) {
if (t->proxy_cred->credtype == GIT_CREDTYPE_USERPASS_PLAINTEXT) {
- if ((error = apply_userpass_credential_proxy(s->request, t->proxy_cred)) < 0)
+ if ((error = apply_userpass_credential_proxy(s->request, t->proxy_cred, t->auth_mechanisms)) < 0)
goto on_error;
}
}
*allowed_types = 0;
*allowed_mechanisms = 0;
- /* WinHttpQueryHeaders() must be called before WinHttpQueryAuthSchemes().
- * We can assume this was already done, since we know we are unauthorized.
+ /* WinHttpQueryHeaders() must be called before WinHttpQueryAuthSchemes().
+ * We can assume this was already done, since we know we are unauthorized.
*/
if (!WinHttpQueryAuthSchemes(request, &supported, &first, &target)) {
- giterr_set(GITERR_OS, "failed to parse supported auth schemes");
+ giterr_set(GITERR_OS, "failed to parse supported auth schemes");
return -1;
}
*allowed_mechanisms |= GIT_WINHTTP_AUTH_BASIC;
}
+ if (WINHTTP_AUTH_SCHEME_DIGEST & supported) {
+ *allowed_types |= GIT_CREDTYPE_USERPASS_PLAINTEXT;
+ *allowed_mechanisms |= GIT_WINHTTP_AUTH_DIGEST;
+ }
+
return 0;
}
goto on_error;
}
-
+
/* Establish connection */
t->connection = WinHttpConnect(
t->session,
return 0;
ignore_flags = no_check_cert_flags;
-
+
if (!WinHttpSetOption(s->request, WINHTTP_OPTION_SECURITY_FLAGS, &ignore_flags, sizeof(ignore_flags))) {
giterr_set(GITERR_OS, "failed to set security options");
return -1;