dcfd29419e
Our NTLM support has been known to be broken in various situations for a while, specifically on Windows. The core team is unable to troubleshoot these problems, and nobody has stepped up to maintain the NTLM support. In addition, NTLM uses cryptography and security techniques that are known to be insecure, such as the algorithms DES, MD4, and MD5, as well as simple, unsalted hashes of passwords. Since we now support Kerberos, most users should be able to replace their use of NTLM with Kerberos instead. Users have reported this working on Windows and it is known to work well on at least Debian as well. Drop support for NTLM and remove it from the codebase.
16 lines
490 B
Go
16 lines
490 B
Go
package lfsapi
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/git-lfs/git-lfs/creds"
|
|
)
|
|
|
|
func (c *Client) doWithNegotiate(req *http.Request, credWrapper creds.CredentialHelperWrapper) (*http.Response, error) {
|
|
// There are two possibilities here if we're using Negotiate
|
|
// authentication. One is that we're using Kerberos, which we try
|
|
// first. The other is that we're using NTLM, which we no longer
|
|
// support. Fail in that case.
|
|
return c.doWithAccess(req, "", nil, creds.NegotiateAccess)
|
|
}
|