GitLab

Created by: dermoth

Hi,

In latest Gitlab (6.3, although I'm confident the issue still exists in master) some versions of Git cannot use HTTP push to public repositories. The problem is that the first git-receive-pack request does not force the client to use authentication as no update is being made. After the first request, Git (as of 1.7.x, people reported it's fixed on 1.8) assumes the next requests won't require auth either and the push fails.

I've written a simple fix in pull request #5760 which forces every git-receive-pack requests to provide a username. This check is made after the permission checks, just before the default allow, so as long as Gitlab doesn't allow unauthenticated push this will patch work.

The merge request is against master but was developed on the 6.3 branch.