From 843548cc7681e600b1180a91a407385b35c7f23c Mon Sep 17 00:00:00 2001
From: Thomas Guyot-Sionnest <Thomas.Guyot-Sionnest@nuance.com>
Date: Wed, 4 Dec 2013 18:07:14 -0500
Subject: Fix HTTP push to public repos

When doing an HTTP push, git (as of v1.7.9) first do an info/refs
request, and only if this request requires authentication it asks the
user for its password and authenticates further requests.

The initial request normally clears without auth on public repos as it
doesn't update any ref. This patch forces every git-receive-pack
requests to provide authentication.
---
 lib/gitlab/backend/grack_auth.rb | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'lib')

diff --git a/lib/gitlab/backend/grack_auth.rb b/lib/gitlab/backend/grack_auth.rb
index c629144118c..60c03ce1c04 100644
--- a/lib/gitlab/backend/grack_auth.rb
+++ b/lib/gitlab/backend/grack_auth.rb
@@ -92,6 +92,9 @@ module Grack
           return false unless can?(user, action, project)
         end
 
+        # Never let git-receive-pack trough unauthenticated; it's
+        # harmless but git < 1.8 doesn't like it
+        return false if user.nil?
         true
       else
         false
-- 
cgit v1.2.1