Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 27 Mar 2019 11:41:39 -0600
From: Assaf Gordon <>
To:, vlse <>
Subject: Re: Supporting git access via smart HTTPS protocol for

More details:

>>>>>> [...] I suspect thttpd is doing something broken with
>>>>>> the POST request since the git clone breaks during that. 
>>>>> The same happened to me with busybox, and was solved by forcing:
>>>>>      export HTTP_CONTENT_ENCODING=gzip
>>>> Amazingly, this works, but only if I do it only for
>>>> REQUEST_METHOD=POST. Otherwise it breaks the GET request and it never
>>>> makes it to the POST.


> Digging further, it seems that in this case the "git fetch"
> command sent POST data which is *not* compressed.
> Forcing "CONTENT_ENCODING=gzip" always or for all POST request
> is not sufficient.

The git program (at least version 2.11.0) does send the
CONTENT_ENCODING header if the POST data is gzipped.

In the case of "busybox httpd" webserver, it simply does
not pass this header on to the CGI program - hence
all these problems:

Possibly thttpd behaves the same (while nginx/apache do pass
all headers, and there's no problem with them).

  - assaf

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.