Fix HTTP push to public repos

When doing an HTTP push, git (as of v1.7.9) first do an info/refs request, and only if this request requires authentication it asks the user for its password and authenticates further requests. The initial request normally clears without auth on public repos as it doesn't update any ref. This patch forces every git-receive-pack requests to provide authentication.

Fix HTTP push to public repos
When doing an HTTP push, git (as of v1.7.9) first do an info/refs request, and only if this request requires authentication it asks the user for its password and authenticates further requests. The initial request normally clears without auth on public repos as it doesn't update any ref. This patch forces every git-receive-pack requests to provide authentication.
Thomas Guyot-Sionnest
1 parent 23d180f5
Showing 1 changed file with 3 additions and 0 deletions Show diff stats
lib/gitlab/backend/grack_auth.rb
@@ -92,6 +92,9 @@ module Grack
           return false unless can?(user, action, project)
         end
  
+        # Never let git-receive-pack trough unauthenticated; it's
+        # harmless but git < 1.8 doesn't like it
+        return false if user.nil?
         true
       else
         false
...	...	@@ -92,6 +92,9 @@ module Grack
92	92	return false unless can?(user, action, project)
93	93	end
94	94
	95	+ # Never let git-receive-pack trough unauthenticated; it's
	96	+ # harmless but git < 1.8 doesn't like it
	97	+ return false if user.nil?
95	98	true
96	99	else
97	100	false
...	...