Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F79174
D7468.id16831.diff
All Users
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
2 KB
Referenced Files
None
Subscribers
None
D7468.id16831.diff
View Options
diff --git a/src/applications/diffusion/controller/DiffusionController.php b/src/applications/diffusion/controller/DiffusionController.php
--- a/src/applications/diffusion/controller/DiffusionController.php
+++ b/src/applications/diffusion/controller/DiffusionController.php
@@ -35,6 +35,9 @@
} else if ($content_type == 'application/x-git-upload-pack-request') {
// We get this for `git-upload-pack`.
$vcs = PhabricatorRepositoryType::REPOSITORY_TYPE_GIT;
+ } else if ($content_type == 'application/x-git-receive-pack-request') {
+ // We get this for `git-receive-pack`.
+ $vcs = PhabricatorRepositoryType::REPOSITORY_TYPE_GIT;
} else if ($request->getExists('cmd')) {
// Mercurial also sends an Accept header like
// "application/mercurial-0.1", and a User-Agent like
@@ -61,15 +64,45 @@
private function processVCSRequest($callsign) {
- // TODO: Authenticate user.
+ // If authentication credentials have been provided, try
+ // and find a user that actually matches those credentials.
+ if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
+ $username = $_SERVER['PHP_AUTH_USER'];
+ $password = $_SERVER['PHP_AUTH_PW'];
+
+ // See if there is a PhabricatorRepositoryVCSPassword that matches.
+ $entry = new PhabricatorRepositoryVCSPassword();
+ $entry = $entry->loadOneWhere(
+ 'passwordHash = %s',
+ $entry->hashPassword($password));
+ if ($entry === null) {
+ return new PhabricatorVCSResponse(
+ 403,
+ pht('Invalid credentials.'));
+ }
- $viewer = new PhabricatorUser();
+ // We have a matching password, now check to make sure the
+ // related username is okay as well.
+ $viewer = id(new PhabricatorUser())
+ ->loadOneWhere(
+ 'phid = %s',
+ $entry->getUserPHID());
+ if ($viewer === null) {
+ return new PhabricatorVCSResponse(
+ 403,
+ pht('Invalid credentials.'));
+ }
+ } else {
+ // User hasn't provided credentials, which means we count as
+ // being "not logged in".
+ $viewer = new PhabricatorUser();
+ }
$allow_public = PhabricatorEnv::getEnvConfig('policy.allow-public');
if (!$allow_public) {
if (!$viewer->isLoggedIn()) {
return new PhabricatorVCSResponse(
- 403,
+ 401,
pht('You must log in to access repositories.'));
}
}
File Metadata
Details
Attached
Mime Type
text/x-diff
Storage Engine
amazon-s3
Storage Format
Raw Data
Storage Handle
phabricator/hx/w7/6pgoxktrg54peojw
Default Alt Text
D7468.id16831.diff (2 KB)
Attached To
Mode
D7468: Implement writes over HTTP for Git.
Attached
Detach File
Event Timeline
Log In to Comment