Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 27 Mar 2019 11:41:39 -0600
From: Assaf Gordon <assafgordon@...il.com>
To: musl@...ts.openwall.com, vlse <vlse@...ra.biz>
Cc: dalias@...c.org
Subject: Re: Supporting git access via smart HTTPS protocol for
 musl-libc

More details:

>>>>>> [...] I suspect thttpd is doing something broken with
>>>>>> the POST request since the git clone breaks during that. 
>>>>>
>>>>> The same happened to me with busybox, and was solved by forcing:
>>>>>
>>>>>      export HTTP_CONTENT_ENCODING=gzip
>>>>>
>>>> Amazingly, this works, but only if I do it only for
>>>> REQUEST_METHOD=POST. Otherwise it breaks the GET request and it never
>>>> makes it to the POST.

[...]

> Digging further, it seems that in this case the "git fetch"
> command sent POST data which is *not* compressed.
> Forcing "CONTENT_ENCODING=gzip" always or for all POST request
> is not sufficient.


The git program (at least version 2.11.0) does send the
CONTENT_ENCODING header if the POST data is gzipped.

In the case of "busybox httpd" webserver, it simply does
not pass this header on to the CGI program - hence
all these problems:
https://git.busybox.net/busybox/tree/networking/httpd.c#n1443

Possibly thttpd behaves the same (while nginx/apache do pass
all headers, and there's no problem with them).

regards,
  - assaf

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.