From: Paul J R <me@pjr.cc>
To: Jeff King <peff@peff.net>
Cc: git@vger.kernel.org
Subject: Re: git clone over http with basic auth bug?
Date: Sun, 23 Sep 2012 06:43:24 +1000 [thread overview]
Message-ID: <505E22EC.1060208@pjr.cc> (raw)
In-Reply-To: <20120922050935.GA4542@sigill.intra.peff.net>
Indeed, thats correct, i should have tried a newer version really before
i posted cause i do pull the main git repo and it would have been
relatively easy.
Newer version did indeed fix the problem.
It hadnt occured to me that git-http-backend behaves differently to the
"dumb" http protocol on read (though that was from reading the git
source so i obviously missed what was going on there). Ultimately im
writing a little webapp that wraps around git-http-backend for some git
repository management and on reads i've been just "acting like
webserver" but on writes i throw off to git-http-backend. But seeing it
do authenticated reads properly via git-http-backend im going to change
how it functions, cause that does work with older clients.
Thanks!
On 22/09/12 15:09, Jeff King wrote:
> On Sat, Sep 22, 2012 at 09:37:38AM +1000, Paul J R wrote:
>
>> Im not sure if this is a bug, or just "as implemented". But when
>> cloning from a repo sitting on a web site that uses basic auth, the
>> git client appears to forget its authentication info and ignores the
>> 401's the server is sending back. It appears to initially login and
>> get refs and HEAD ok, but after that it never authenticates again.
>> Using a .netrc file this will work (or a url of the form
>> http://user:pass@host though http://user@host wont), but i'm curious
>> if theres a way of doing this without having to expose the password
>> in some way?
>>
>> Im using git 1.7.9.5 and when i clone i get the following:
>> [...]
> From your logs, it looks like you are using the "dumb" http protocol
> (wherein the server does not have to understand git at all). In this
> protocol, we end up making multiple simultaneous requests for objects
> with different curl handles. We had a bug where not all handles are told
> about the credential (but it doesn't always happen; it depends on the
> exact pattern of requests).
>
> This was fixed by dfa1725 (fix http auth with multiple curl handles,
> 2012-04-10), which is in git v1.7.10.2 and higher.
>
> Can you try upgrading to see if that fixes your problem?
>
> -Peff
>
next prev parent reply other threads:[~2012-09-22 20:43 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-21 23:37 git clone over http with basic auth bug? Paul J R
2012-09-22 5:09 ` Jeff King
2012-09-22 20:43 ` Paul J R [this message]
2012-09-23 17:21 ` Shawn Pearce
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=505E22EC.1060208@pjr.cc \
--to=me@pjr.cc \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.