Description
Gitea Version
Go1.17.7
Git Version
2.20.1
Operating System
Debian Testing
How are you running Gitea?
Gitea is installed from the "gitea" package on Debian, and running as it's own user as a systemd service
Database
PostgreSQL
Can you reproduce the bug on the Gitea demo site?
No
Log Gist
No response
Description
I'm not sure if this is strictly a bug, but it's a very confusing issue I just spent two hours debugging so I thought I would note it down for the devs.
If a new user is created with the "require password change on first login" setting, and then they don't change their password, then they can still git pull from any public repository, but any attempt to git push will give a scary error message like the following:
fatal: https://[URL]/gitea/[USER]/[REPO].git/info/refs not valid: could not determine hash algorithm; is this a git repository?
This is caused by the HTTP request for info/refs being redirected to the "change your password" page. The workaround is to ask the user to actually change their password this time, but the error message is very confusing.
A potential fix for this could be to make HTTP requests for git-internal URLs fail with a 401 error in this case, instead of redirecting to a webpage intended for humans; this will at least give a "authentication failed" message, which is closer to the actual cause.
Screenshots
No response