On Thu, Sep 16, 2010 at 09:00:16PM +0900, Miles Bader wrote: > "Andreas K. Foerster" <[email protected]> writes: > >> For commit access, I dislike granting Apache write access to all > >> repositories, because in that case any flaw in > >> Apache/Gitweb/CGit/etc. would allow the attacker to corrupt any > >> Savannah repositories. > > > > More importantly, the article suggests using Basic Authentification. > > That sends the password unencrypted over the line, just base64-encoded, > > but anybody can decode that. So, it's a very bad idea to use that for > > sensible data. > > Anyway, even just read-only mode would be a great improvement over the > old http protocol.
I'm not able to install it properly. For some reason the client does a GET on /repo.git/git-upload-pack, and git-http-backend expects a POST (and had me look in the source code to understand why the h... it returned a bare HTTP 405 error without so much of any clue in the error.log). - Client: $ git --version git version 1.7.1 $ git clone http://git.sv.gnu.org/r-tmp/freedink.git Initialized empty Git repository in /tmp/freedink/.git/ error: RPC failed; result=22, HTTP code = 405 <stalls> - Server: $ git --version git version 1.7.1 SetEnv GIT_PROJECT_ROOT /srv/git SetEnv GIT_HTTP_EXPORT_ALL ScriptAlias /r-tmp/ /usr/lib/git-core/git-http-backend/ 123.123.123.123 - - [16/Sep/2010:19:42:41 +0000] "GET /r-tmp/freedink.git/git-upload-pack HTTP/1.1" 405 - "-" "git/1.7.1" 234 319 git.savannah.gnu.org $ GIT_HTTP_EXPORT_ALL= GIT_PROJECT_ROOT=/srv/git PATH_INFO=/freedink.git/git-upload-pack REQUEST_METHOD=GET QUERY_STRING= SERVER_PROTOCOL=HTTP/1.1 CONTENT_TYPE=application/x-git-upload-pack-request /usr/lib/git-core/git-http-backend ;echo Status: 405 Method Not Allowed Expires: Fri, 01 Jan 1980 00:00:00 GMT Pragma: no-cache Cache-Control: no-cache, max-age=0, must-revalidate # GIT_HTTP_EXPORT_ALL= GIT_PROJECT_ROOT=/srv/git PATH_INFO=/freedink.git/git-upload-pack REQUEST_METHOD=POST QUERY_STRING= SERVER_PROTOCOL=HTTP/1.1 CONTENT_TYPE=application/x-git-upload-pack-request /usr/lib/git-core/git-http-backend ;echo Expires: Fri, 01 Jan 1980 00:00:00 GMT Pragma: no-cache Cache-Control: no-cache, max-age=0, must-revalidate Content-Type: application/x-git-upload-pack-result <waits> Do you succeed with other versions? -- Sylvain
