http.proxy::
Override the HTTP proxy, normally configured using the 'http_proxy',
'https_proxy', and 'all_proxy' environment variables (see `curl(1)`). In
addition to the syntax understood by curl, it is possible to specify a
proxy string with a user name but no password, in which case git will
attempt to acquire one in the same way it does for other credentials. See
linkgit:gitcredentials[7] for more information. The syntax thus is
'[protocol://][user[:password]@]proxyhost[:port][/path]'. This can be
overridden on a per-remote basis; see remote.<name>.proxy
+
Any proxy, however configured, must be completely transparent and must not
modify, transform, or buffer the request or response in any way. Proxies which
are not completely transparent are known to cause various forms of breakage
with Git.
http.proxyAuthMethod::
Set the method with which to authenticate against the HTTP proxy. This
only takes effect if the configured proxy string contains a user name part
(i.e. is of the form 'user@host' or 'user@host:port'). This can be
overridden on a per-remote basis; see `remote.<name>.proxyAuthMethod`.
Both can be overridden by the `GIT_HTTP_PROXY_AUTHMETHOD` environment
variable. Possible values are:
+
--
* `anyauth` - Automatically pick a suitable authentication method. It is
assumed that the proxy answers an unauthenticated request with a 407
status code and one or more Proxy-authenticate headers with supported
authentication methods. This is the default.
* `basic` - HTTP Basic authentication
* `digest` - HTTP Digest authentication; this prevents the password from being
transmitted to the proxy in clear text
* `negotiate` - GSS-Negotiate authentication (compare the --negotiate option
of `curl(1)`)
* `ntlm` - NTLM authentication (compare the --ntlm option of `curl(1)`)
--
http.proxySSLCert::
The pathname of a file that stores a client certificate to use to authenticate
with an HTTPS proxy. Can be overridden by the `GIT_PROXY_SSL_CERT` environment
variable.
http.proxySSLKey::
The pathname of a file that stores a private key to use to authenticate with
an HTTPS proxy. Can be overridden by the `GIT_PROXY_SSL_KEY` environment
variable.
http.proxySSLCertPasswordProtected::
Enable Git's password prompt for the proxy SSL certificate. Otherwise OpenSSL
will prompt the user, possibly many times, if the certificate or private key
is encrypted. Can be overridden by the `GIT_PROXY_SSL_CERT_PASSWORD_PROTECTED`
environment variable.
http.proxySSLCAInfo::
Pathname to the file containing the certificate bundle that should be used to
verify the proxy with when using an HTTPS proxy. Can be overridden by the
`GIT_PROXY_SSL_CAINFO` environment variable.
http.emptyAuth::
Attempt authentication without seeking a username or password. This
can be used to attempt GSS-Negotiate authentication without specifying
a username in the URL, as libcurl normally requires a username for
authentication.
http.proactiveAuth::
Attempt authentication without first making an unauthenticated attempt and
receiving a 401 response. This can be used to ensure that all requests are
authenticated. If `http.emptyAuth` is set to true, this value has no effect.
+
If the credential helper used specifies an authentication scheme (i.e., via the
`authtype` field), that value will be used; if a username and password is
provided without a scheme, then Basic authentication is used. The value of the
option determines the scheme requested from the helper. Possible values are:
+
--
* `basic` - Request Basic authentication from the helper.
* `auto` - Allow the helper to pick an appropriate scheme.
* `none` - Disable proactive authentication.
--
+
Note that TLS should always be used with this configuration, since otherwise it
is easy to accidentally expose plaintext credentials if Basic authentication
is selected.
http.delegation::
Control GSSAPI credential delegation. The delegation is disabled
by default in libcurl since version 7.21.7.