On Thu, Mar 21, 2019 at 03:55:37PM -0400, Jeff King wrote: > I am a little confused about v2 here, though. It should hit the initial > info/refs endpoint the same as usual. If it's a noop fetch, then it's > done. Otherwise, we'd hit the git-upload-pack and expect to require > authentication. That should work after your switch to using post_rpc, > shouldn't it? > > And I guess it does, because you did not delete the test before "clone > from auth-only-for-objects repository", which would actually do the > second half of that conversation, and require authentication. You're > only deleting the part that does the noop fetch. > > Puzzled... Ah, nevermind. I forgot that v2 really will make two requests for this noop case. The initial endpoint hit only returns the capabilities and nothing else. And that's inherent in the protocol. I'm OK with dropping this test, but I think my reasoning is slightly different than what you wrote. The interesting bits are actually happening in the test _before_ this one, which are exercising the gzipped auth-retry code. And that happens in both protocol v0 and v2. The test you're deleting is basically just verifying that our apache config is indeed "half-auth". Because in v0, the server is never even going to ask for credentials, so no interesting code paths in the client are triggered. So it's not actually testing anything of interest. -Peff
