path: root/Documentation/config.txt
diff options
authorKnut Franke <>2016-01-26 13:02:47 (GMT)
committerJunio C Hamano <>2016-01-26 18:53:09 (GMT)
commitef976395e26a25fb6d048d859a1c8cddb2640b9a (patch)
tree7630031feb3f75f6657d5a320d62b1692f53aa22 /Documentation/config.txt
parent754884255bb580df159e58defa81cdd30b5c430c (diff)
http: allow selection of proxy authentication method
CURLAUTH_ANY does not work with proxies which answer unauthenticated requests with a 307 redirect to an error page instead of a 407 listing supported authentication methods. Therefore, allow the authentication method to be set using the environment variable GIT_HTTP_PROXY_AUTHMETHOD or configuration variables http.proxyAuthmethod and remote.<name>.proxyAuthmethod (in analogy to http.proxy and remote.<name>.proxy). The following values are supported: * anyauth (default) * basic * digest * negotiate * ntlm Signed-off-by: Knut Franke <> Signed-off-by: Elia Pinto <> Helped-by: Junio C Hamano <> Helped-by: Eric Sunshine <> Helped-by: Elia Pinto <> Signed-off-by: Junio C Hamano <>
Diffstat (limited to 'Documentation/config.txt')
1 files changed, 26 insertions, 0 deletions
diff --git a/Documentation/config.txt b/Documentation/config.txt
index f617886..a6c3d0f 100644
--- a/Documentation/config.txt
+++ b/Documentation/config.txt
@@ -1600,6 +1600,27 @@ http.proxy::
`curl(1)`). This can be overridden on a per-remote basis; see
+ Set the method with which to authenticate against the HTTP proxy. This
+ only takes effect if the configured proxy string contains a user name part
+ (i.e. is of the form 'user@host' or 'user@host:port'). This can be
+ overridden on a per-remote basis; see `remote.<name>.proxyAuthMethod`.
+ Both can be overridden by the 'GIT_HTTP_PROXY_AUTHMETHOD' environment
+ variable. Possible values are:
+* `anyauth` - Automatically pick a suitable authentication method. It is
+ assumed that the proxy answers an unauthenticated request with a 407
+ status code and one or more Proxy-authenticate headers with supported
+ authentication methods. This is the default.
+* `basic` - HTTP Basic authentication
+* `digest` - HTTP Digest authentication; this prevents the password from being
+ transmitted to the proxy in clear text
+* `negotiate` - GSS-Negotiate authentication (compare the --negotiate option
+ of `curl(1)`)
+* `ntlm` - NTLM authentication (compare the --ntlm option of `curl(1)`)
File containing previously stored cookie lines which should be used
in the Git http session, if they match the server. The file format
@@ -2407,6 +2428,11 @@ remote.<name>.proxy::
the proxy to use for that remote. Set to the empty string to
disable proxying for that remote.
+ For remotes that require curl (http, https and ftp), the method to use for
+ authenticating against the proxy in use (probably set in
+ `remote.<name>.proxy`). See `http.proxyAuthMethod`.
The default set of "refspec" for linkgit:git-fetch[1]. See