From owner-freebsd-ports@freebsd.org Sun Mar 28 11:08:24 2021 Return-Path: Delivered-To: freebsd-ports@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 47A715BD4BC for ; Sun, 28 Mar 2021 11:08:24 +0000 (UTC) (envelope-from ohartmann@walstatt.org) Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4F7Xxz1Y64z4TZw for ; Sun, 28 Mar 2021 11:08:22 +0000 (UTC) (envelope-from ohartmann@walstatt.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1616929700; bh=5ASBAoQ5NnH2a5iWpNLkiY/CvUcHaafpfz8EHKikHck=; h=X-UI-Sender-Class:Date:From:To:Subject; b=hQLTl31Cl2apnkrPCYPKQ9S7pEtkHPdUjv0x0yPTu8ZAD2HMpU8zyyAnWgafMKiTj ocdmavliSTlT5urdZ0kgba9GqF+ULnPW4jQiTAoRZbY0k9gCKNHeEOIlUxQI7i6NU4 19QNHO9jY6DiJokfJrO3A294Gv+5DZm60V/vUUbY= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from hermann.fritz.box ([77.191.191.234]) by mail.gmx.net (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MCKFk-1lIBXS16nq-009SZO for ; Sun, 28 Mar 2021 13:08:20 +0200 Date: Sun, 28 Mar 2021 13:08:19 +0200 From: "Hartmann, O." To: FreeBSD Ports Subject: devel/git: Git via Apache 2.4 HTTPS - info/refs not valid: could not determine hash algorithm Message-ID: <20210328130819.01a1d7e6@hermann.fritz.box> Organization: walstatt.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/H6Ky4VLoQd4SWgRliyFP5yp"; protocol="application/pgp-signature"; micalg=pgp-sha256 X-Provags-ID: V03:K1:eb2a8v2M518JC+hSx2uyDhisDfimYLOg+xbqFUqppzEuGWnMaQ7 8YJpyG1IHS06Yn7Or30IzsSBGvD9u5dmTidh1q/KcIfwsS1snTG2GcPdoy3q0oppQOxoid3 s2OzF26u6hzMcVcQx1MLGKaIY11UKE0CNetuQY/ndGFE7vTsBjq5D690g8Va7nqJhM8xEq4 ilkbDPx0qTbt/Iks7dtGg== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:GJ8m/ckct9U=:jvQzgjej9rIQpkwEte3xkF jAQc7jNNq17wVPoNQZmvPTDp86Ay44WvXT4QJ+67vygfUCeM8I12bkRharBh4N/Oqg1W1DGRX FNurJcQFwjUfPJzXeVX0HPOA92Yy75+W4YAjFp8lwIv9VRvnTO9iwI/YBVAclKlaBawWTslE+ rVBDXebeeit+PiFewRQlXJhwjJRYt1MHeLR4M5HTxx5l/zxu2Bm95OWXF2HDSCBc0fMroyB+W s3QL2fu8D5V5nG11xPZ1MDy/60HKZU6EEx16Wz853jvWv8Tc9NH4rY7ocV1jjte/bRxnQZ6Md EqFXjJI9KuMUGeWBT0oIHyL1Sg1CVH9i73qoOeC6mfkcdlEpX4srmLIn5njz0w5RtWqWlBgql hGYklPI7VYPF5WikdVTOLm/aLE7H0HdujkQOefUHrQ3+c1DYy9Qfi0PsjBfRIsRv6Uo46QaJs nNJ20SU3rFnuAa5fN5ikIVFDTzMqVIvGxfzYK1Is10gKF+JLDTAkCy/uFIWrIhljz4mHwuEvB GHOKotMGcLhIJrBsfAPvhVzkOJWUCgOhX0q7CqqehLjX7KfjHqTBhpqdwnpkPKvUZzsis61+I 2f7L82rBB0Cy2b6cu3wgFUbsfZnRFK3IxM0rW6baVw5EAanKVD/aXgI9Ic2Vyfn0fJ0o1MbOy BytCk7DmyCaNSdV5tHS6RSb1LblubPR/kUz/H0+UkurVUm6YpIyt8AbgNlf0F8eKe22dk/V5c lSNmeDY8yJMxdoPC+Vz9B5KUb9wqkXjupi/i1/Nu7FrqlQrxxGDf3LoKn0wXtzn5GLFVW21X1 Z2jBTz/QuYep3x8+5f9X0miAYLlmdJqlAjzBy8KqZ/bBCMY4lYUEqskXng4zGAWJjjJS4b34X iQwcLbFuSr1bCTe7yG22UGg2A5Ft4f3eeeDH2bPUhAnfAgpiGX54sEyofSgTIQldEXRipA5JW Py+3VZqxWNjMhGxBARJt3wP18/bZDFuyeGkzzgF1svGBt08w3dX3almqX3ROxGOM4fyOl36ra yT02NeslFqyV1P5qbDCsKER0/6wwLOI+T9T/QETw0aPavW0zqNreeYXCJnxT/hxUGRku6q56N V5UG1qaoPUoRLSJX2Kqn/a70IZs3alubUHSWN6w3Bb65gyBtmYiJWJyi+iqa/BrciYjcn49g5 Ls/avfhWB0+nWm9I0uMi5CsYvuEH1T0PaW6otfXAuHQzOhkUHmGEbqrfTxOgGCl4vEZLMxE4q nzvads9QTvxsGnYHx X-Rspamd-Queue-Id: 4F7Xxz1Y64z4TZw X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmx.net header.s=badeba3b8450 header.b=hQLTl31C; dmarc=none; spf=none (mx1.freebsd.org: domain of ohartmann@walstatt.org has no SPF policy when checking 212.227.15.15) smtp.mailfrom=ohartmann@walstatt.org X-Spamd-Result: default: False [-3.50 / 15.00]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[gmx.net:s=badeba3b8450]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-ports@freebsd.org]; DMARC_NA(0.00)[walstatt.org]; RCPT_COUNT_ONE(0.00)[1]; HAS_ORG_HEADER(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[77.191.191.234:received]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmx.net:+]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RWL_MAILSPIKE_VERYGOOD(0.00)[212.227.15.15:from]; RCVD_COUNT_TWO(0.00)[2]; ASN(0.00)[asn:8560, ipnet:212.227.0.0/16, country:DE]; MAILMAN_DEST(0.00)[freebsd-ports]; RCVD_IN_DNSWL_LOW(-0.10)[212.227.15.15:from] X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Mar 2021 11:08:24 -0000 --Sig_/H6Ky4VLoQd4SWgRliyFP5yp Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Hello folks, first of all sorry for "misusing" the lis for this question of mine. But ma= ybe someone already has setup devel/git over HTTPS and it is working. I fail for severa= l days for now and I'm unable to find the problem. After realized that the content of the book "Pro Git" by Chacon and Straub = is outdated (chapter 4: git on the server, Smart HTTP p. 89) compared to the website at https://git-scm.com/book/en/v2 and none of the examples of the book nor tho= se taken from several websites I've found, I checked out the explanations for git-http-ba= ckend taken from GitHub, git documentation, "git-http-backend - Server siede implementa= tion of Git over HTTP. Also, this approach failed. Now I'm getting gray hair ... The setup is simple, the aim is as simple as well. We have to authenticate = each pull/clone and each push. We're running a subversion server over https this way, were = every valid user is authenticated against LDAP. This type of authentication works well,= not only for svn via https. All right, the setup is as follows. The base is located on ZFS at /pool/gitbase/ and its owned by www:www. A te= st repos has been initilaised via "git init --shared --bare test.git", also owned by www= :www (chown -R www:www test.git): :/pool/gitbase # ll total 65 34 drwxr-xr-x 6 www www uarch 7B Mar 21 15:42 ./ 321028 drwxr-xr-x 25 root wheel - 512B Mar 24 18:45 ../ 324 drwxrwxr-x 7 www www uarch 10B Mar 14 16:25 ports.git/ 3 drwxrwxr-x 7 www www uarch 10B Mar 21 15:45 test.git/ =46rom the GitHub documentation of git's git-http-backend (by the way: devel/= git is installed and at 2.31, the latest available port in the tree so far), I fol= lowed the recommenadation starting with " ... To require authentication for both read= s and writes, use a Location directive ...". The setup for Apache 2.4 (port www/apache24) is as follows, the service is = realised as service as folder (in contrary to a service a vhost, which we do not use at= the moment): [...] SetEnv GIT_PROJECT_ROOT /pool/gitbase SetEnv REMOTE_USER $REDIRECT_REMOTE_USER #SetEnv GIT_HTTP_EXPORT_ALL ScriptAlias /git/ /usr/local/libexec/git-core/git-http-backend/ Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Require ssl Require user committer Require ssl Require user committer AuthType basic AuthName "Git Access" AuthBasicProvider ldap-alias1 ldap-alias2 AuthType basic AuthName "Git Access" AuthBasicProvider ldap-alias1 ldap-alias2 Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Require ssl Require user committer AuthType basic AuthName "Git Access" AuthBasicProvider ldap-alias1 ldap-alias2 [...] The above config example is one of endless trials and derived from a long t= hinking about the "problem" - without success. =46rom the client, within the "test" repos which I want to push, git push -u origin master fails always with:=20 Username for 'https://[url]':=20 Password for 'https://committer@[url]':=20 fatal: https://[url]/git/test.git/info/refs not valid: could not \ determine hash algorithm; is this a git repository? Checking the server's access log doesn't reveal anything wrong: [...] [remote IP] - [28/Mar/2021:11:01:01 +0000] "GET \ /git/test.git/info/refs?service=3Dgit-receive-pack HTTP/1.1" 401 1405 "= -" "git/2.31.0" 840 6269=20 [remote IP] - committer [28/Mar/2021:11:01:09 +0000] "GET \ /git/test.git/info/refs?service=3Dgit-receive-pack HTTP/1.1" 200 168903= 2 "-" "git/2.31.0" 1023 1692144 Searching the web for the error info/refs not valid: could not determine hash algorithm; is this a git repo= sitory? results in several hints toward missing access rights to the git repo base = directory, in this case /pool/gitbase/test.git. But Apache has already as user and group = full access rights. What am I missing here? Kind regards and thank you very much in advance, O. Hartmann --Sig_/H6Ky4VLoQd4SWgRliyFP5yp Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQSy8IBxAPDkqVBaTJ44N1ZZPba5RwUCYGBjowAKCRA4N1ZZPba5 R5jUAP47j2aidiYbtapxg67skmqyLcBxLWPLMffh1Uf478dsOgEA1ylj9Jf0y+2v ZxNCpaDju3LWUKHNa+8BTrdXaNCsFQc= =wvDG -----END PGP SIGNATURE----- --Sig_/H6Ky4VLoQd4SWgRliyFP5yp--