Commit 36efe0f5807e92c2a0b6ec71b828387e6684a9ab
Exists in
master
and in
4 other branches
Merge pull request #3634 from tsl0922/patch-grack-auth
fix http push 401 and 500 with some git clients
Showing
1 changed file
with
8 additions
and
4 deletions
Show diff stats
lib/gitlab/backend/grack_auth.rb
| ... | ... | @@ -76,13 +76,17 @@ module Grack |
| 76 | 76 | end |
| 77 | 77 | |
| 78 | 78 | def validate_get_request |
| 79 | - project.public || can?(user, :download_code, project) | |
| 79 | + validate_request(@request.params['service']) | |
| 80 | 80 | end |
| 81 | 81 | |
| 82 | 82 | def validate_post_request |
| 83 | - if @request.path_info.end_with?('git-upload-pack') | |
| 83 | + validate_request(File.basename(@request.path)) | |
| 84 | + end | |
| 85 | + | |
| 86 | + def validate_request(service) | |
| 87 | + if service == 'git-upload-pack' | |
| 84 | 88 | project.public || can?(user, :download_code, project) |
| 85 | - elsif @request.path_info.end_with?('git-receive-pack') | |
| 89 | + elsif service == 'git-receive-pack' | |
| 86 | 90 | action = if project.protected_branch?(current_ref) |
| 87 | 91 | :push_code_to_protected_branches |
| 88 | 92 | else |
| ... | ... | @@ -107,7 +111,7 @@ module Grack |
| 107 | 111 | end |
| 108 | 112 | # Need to reset seek point |
| 109 | 113 | @request.body.rewind |
| 110 | - /refs\/heads\/([\w\.-]+)/.match(input).to_a.last | |
| 114 | + /refs\/heads\/([\w\.-]+)/n.match(input.force_encoding('ascii-8bit')).to_a.last | |
| 111 | 115 | end |
| 112 | 116 | |
| 113 | 117 | def project | ... | ... |