devel/git: Git via Apache 2.4 HTTPS - info/refs not valid: could not determine hash algorithm

Hartmann, O. ohartmann at walstatt.org
Sun Mar 28 11:08:24 UTC 2021 

Hello folks,

first of all sorry for "misusing" the lis for this question of mine. But maybe someone
already has setup devel/git over HTTPS and it is working. I fail for several days for now
and I'm unable to find the problem.

After realized that the content of the book "Pro Git" by Chacon and Straub is outdated
(chapter 4: git on the server, Smart HTTP p. 89) compared to the website at
https://git-scm.com/book/en/v2 and none of the examples of the book nor those taken from
several websites I've found, I checked out the explanations for git-http-backend taken
from GitHub, git documentation, "git-http-backend - Server siede implementation of Git
over HTTP. Also, this approach failed. Now I'm getting gray hair ...

The setup is simple, the aim is as simple as well. We have to authenticate each pull/clone
and each push. We're running a subversion server over https this way, were every valid
user is authenticated against LDAP. This type of authentication works well, not only for
svn via https.

All right, the setup is as follows.
The base is located on ZFS at /pool/gitbase/ and its owned by www:www. A test repos has
been initilaised via "git init --shared --bare test.git", also owned by www:www (chown
-R www:www test.git):

:/pool/gitbase # ll
total 65
    34 drwxr-xr-x   6 www   www    uarch    7B Mar 21 15:42 ./
321028 drwxr-xr-x  25 root  wheel  -      512B Mar 24 18:45 ../
   324 drwxrwxr-x   7 www   www    uarch   10B Mar 14 16:25 ports.git/
     3 drwxrwxr-x   7 www   www    uarch   10B Mar 21 15:45 test.git/

From the GitHub documentation of git's git-http-backend (by the way: devel/git is
installed and at 2.31, the latest available port in the tree so far), I followed the
recommenadation starting with " ... To require authentication for both reads and writes,
use a Location directive ...".

The setup for Apache 2.4 (port www/apache24) is as follows, the service is realised as
service as folder (in contrary to a service a vhost, which we do not use at the moment):

[...]
SetEnv  GIT_PROJECT_ROOT    /pool/gitbase
SetEnv  REMOTE_USER         $REDIRECT_REMOTE_USER
#SetEnv GIT_HTTP_EXPORT_ALL

ScriptAlias /git/   /usr/local/libexec/git-core/git-http-backend/

<Directory "/usr/local/libexec/git-core/">

    Options         +ExecCGI -MultiViews +SymLinksIfOwnerMatch

    <RequireAll>
        Require ssl
        Require user    committer
    </RequireAll>

    <Files "git-http-backend">
        <RequireAll>
            Require ssl
            Require user    committer
        </RequireAll>

        AuthType            basic
        AuthName            "Git Access"
        AuthBasicProvider   ldap-alias1 ldap-alias2
    </Files>

    AuthType            basic
    AuthName            "Git Access"
    AuthBasicProvider   ldap-alias1 ldap-alias2

</Directory>

<Location "^/git/.*">

    Options         +ExecCGI -MultiViews +SymLinksIfOwnerMatch

    <RequireAll>
        Require ssl
        Require user    committer
    </RequireAll>

    AuthType            basic
    AuthName            "Git Access"
    AuthBasicProvider   ldap-alias1 ldap-alias2

</Location>
[...]

The above config example is one of endless trials and derived from a long thinking about
the "problem" - without success.

From the client, within the "test" repos which I want to push,

git push -u origin master

fails always with: 

Username for 'https://[url]': 
Password for 'https://committer@[url]': 
fatal: https://[url]/git/test.git/info/refs not valid: could not \
determine hash algorithm; is this a git repository?

Checking the server's access log doesn't reveal anything wrong:
[...]
[remote IP] - [28/Mar/2021:11:01:01 +0000] "GET \
    /git/test.git/info/refs?service=git-receive-pack HTTP/1.1" 401 1405 "-" "git/2.31.0"
   840 6269 
[remote IP] - committer [28/Mar/2021:11:01:09 +0000] "GET \
    /git/test.git/info/refs?service=git-receive-pack HTTP/1.1" 200 1689032 "-"
    "git/2.31.0" 1023 1692144

Searching the web for the error
info/refs not valid: could not determine hash algorithm; is this a git repository?

results in several hints toward missing access rights to the git repo base directory, in
this case /pool/gitbase/test.git. But Apache has already as user and group full access
rights.

What am I missing here?

Kind regards and thank you very much in advance,

O. Hartmann
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-ports/attachments/20210328/5841c366/attachment.sig>

More information about the freebsd-ports mailing list