Encountering this when attempting to clone without providing a password. This means the Git client gets back a 200 (causing invalid git repository) instead of a 403.
[05-Nov-2013 22:51:41 UTC] [2013-11-05 22:51:41] EXCEPTION: (Exception) Trying to digest empty password! at [/srv/phabricator/phabricator/src/infrastructure/util/PhabricatorHash.php:33] [05-Nov-2013 22:51:41 UTC] #0 PhabricatorHash::digestPassword(Object PhutilOpaqueEnvelope, PHID-USER-cqavrovfv3fqflsmgdas) called at [/srv/phabricator/phabricator/src/applications/repository/storage/PhabricatorRepositoryVCSPassword.php:31] [05-Nov-2013 22:51:41 UTC] #1 PhabricatorRepositoryVCSPassword::hashPassword(Object PhutilOpaqueEnvelope, Object PhabricatorUser) called at [/srv/phabricator/phabricator/src/applications/repository/storage/PhabricatorRepositoryVCSPassword.php:19] [05-Nov-2013 22:51:41 UTC] #2 PhabricatorRepositoryVCSPassword::comparePassword(Object PhutilOpaqueEnvelope, Object PhabricatorUser) called at [/srv/phabricator/phabricator/src/applications/diffusion/controller/DiffusionController.php:562] [05-Nov-2013 22:51:41 UTC] #3 DiffusionController::authenticateHTTPRepositoryUser(jamesr, Object PhutilOpaqueEnvelope) called at [/srv/phabricator/phabricator/src/applications/diffusion/controller/DiffusionController.php:75] [05-Nov-2013 22:51:41 UTC] #4 DiffusionController::processVCSRequest(P) called at [/srv/phabricator/phabricator/src/applications/diffusion/controller/DiffusionController.php:60] [05-Nov-2013 22:51:41 UTC] #5 DiffusionController::willBeginExecution() called at [/srv/phabricator/phabricator/webroot/index.php:72]
I have also observed my Git client just hitting /info/refs without any ?service= option. Adding:
} else if (strpos($_SERVER['HTTP_USER_AGENT'], "git/") === 0) { $vcs = PhabricatorRepositoryType::REPOSITORY_TYPE_GIT;
to the VCS detection (right after the $request->getExists('__vcs__')) ensured that the Git logic was hit regardless of what URL or query parameters were accessed.