From: Paul J R <me@pjr.cc>
To: Jeff King <peff@peff.net>
Cc: git@vger.kernel.org
Subject: Re: git clone over http with basic auth bug?
Date: Sun, 23 Sep 2012 06:43:24 +1000 [thread overview]
Message-ID: <505E22EC.1060208@pjr.cc> (raw)
In-Reply-To: <20120922050935.GA4542@sigill.intra.peff.net>
Indeed, thats correct, i should have tried a newer version really before
i posted cause i do pull the main git repo and it would have been
relatively easy.
Newer version did indeed fix the problem.
It hadnt occured to me that git-http-backend behaves differently to the
"dumb" http protocol on read (though that was from reading the git
source so i obviously missed what was going on there). Ultimately im
writing a little webapp that wraps around git-http-backend for some git
repository management and on reads i've been just "acting like
webserver" but on writes i throw off to git-http-backend. But seeing it
do authenticated reads properly via git-http-backend im going to change
how it functions, cause that does work with older clients.
Thanks!
On 22/09/12 15:09, Jeff King wrote:
> On Sat, Sep 22, 2012 at 09:37:38AM +1000, Paul J R wrote:
>
>> Im not sure if this is a bug, or just "as implemented". But when
>> cloning from a repo sitting on a web site that uses basic auth, the
>> git client appears to forget its authentication info and ignores the
>> 401's the server is sending back. It appears to initially login and
>> get refs and HEAD ok, but after that it never authenticates again.
>> Using a .netrc file this will work (or a url of the form
>> http://user:pass@host though http://user@host wont), but i'm curious
>> if theres a way of doing this without having to expose the password
>> in some way?
>>
>> Im using git 1.7.9.5 and when i clone i get the following:
>> [...]
> From your logs, it looks like you are using the "dumb" http protocol
> (wherein the server does not have to understand git at all). In this
> protocol, we end up making multiple simultaneous requests for objects
> with different curl handles. We had a bug where not all handles are told
> about the credential (but it doesn't always happen; it depends on the
> exact pattern of requests).
>
> This was fixed by dfa1725 (fix http auth with multiple curl handles,
> 2012-04-10), which is in git v1.7.10.2 and higher.
>
> Can you try upgrading to see if that fixes your problem?
>
> -Peff
>
next prev parent reply other threads:[~2012-09-22 20:43 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-21 23:37 git clone over http with basic auth bug? Paul J R
2012-09-22 5:09 ` Jeff King
2012-09-22 20:43 ` Paul J R [this message]
2012-09-23 17:21 ` Shawn Pearce
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=505E22EC.1060208@pjr.cc \
--to=me@pjr.cc \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).