Bug: invalid headers for git over http

Wed, 28 Oct 2020 06:15:00 -0700 

Hi,
I've noticed cases in which kallithea returns headers that seem incorrect on git requests over http. This first occurred as some users had problems fetching repos from our kallithea instance with software that uses the JGit library on Windows (user agent string: JGit/5.4.2.201908231537-r). 
The error message noted:
'git fetch' command failed (repository dir: <TeamCity data dir>/system/caches/git/git-233054F9.git). stderr: https:<redacted>: expected Content-Type application/x-git-upload-pack-result; received Content-Type application/x-b'git-upload-pack'-result 


I was able to reproduce this header by using git for windows, although 
it didn't produce an error:

valentin@CASHEW MINGW64 ~
$ GIT_CURL_VERBOSE=1 git clone https:<redacted>
Cloning into 'master'...

...
...

12:14:51.522612 http.c:721              <= Recv header, 0000000059 bytes 
(0x0000003b)
12:14:51.522612 http.c:733              <= Recv header: Content-Type: 
application/x-git-upload-pack-advertisement

...
...

12:15:32.147657 http.c:721              <= Recv header, 0000000055 bytes 
(0x00000037)
12:15:32.147657 http.c:733              <= Recv header: Content-Type: 
application/x-b'git-upload-pack'-result




The problem arises in pygrack.py [0] where encode('utf-8') is used on 
line 178:

resp.content_type = 'application/x-%s-result' % git_command.encode('utf-8')

in contrary, on line 128 str() is used:
resp.content_type = 'application/x-%s-advertisement' % str(git_command)


I patched my kallithea instance to use str() (see the attached diff) 
which resolves the problem.
I think this is safe to do, as git_command is checked against valid 
commands before and therefor must be convertible to a string.


Hope i got that right and you can integrate this into an upcoming release.

Cheers,
Valentin



[0] 
https://kallithea-scm.org/repos/kallithea/files/855b37d3bacdc6175566ca7d23c19e2352da1087/kallithea/lib/middleware/pygrack.py



diff -r 855b37d3bacd kallithea/lib/middleware/pygrack.py
--- a/kallithea/lib/middleware/pygrack.py	Mon Oct 05 20:43:59 2020 +0200
+++ b/kallithea/lib/middleware/pygrack.py	Wed Oct 28 14:08:19 2020 +0100
@@ -175,7 +175,7 @@
                 update_server_info(repo._repo)
 
         resp = Response()
-        resp.content_type = 'application/x-%s-result' % git_command.encode('utf-8')
+        resp.content_type = 'application/x-%s-result' % str(git_command)
         resp.charset = None
         resp.app_iter = out
         return resp


_______________________________________________
kallithea-general mailing list
[email protected]
https://lists.sfconservancy.org/mailman/listinfo/kallithea-general






















					Reply via email to