]>
Commit | Line | Data |
---|---|---|
7da4e228 SP |
1 | #!/bin/sh |
2 | ||
73c49a44 JK |
3 | : ${HTTP_PROTO:=HTTP} |
4 | test_description="test smart fetching over http via http-backend ($HTTP_PROTO)" | |
028cb644 | 5 | GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main |
334afbc7 JS |
6 | export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME |
7 | ||
7da4e228 | 8 | . ./test-lib.sh |
7da4e228 | 9 | . "$TEST_DIRECTORY"/lib-httpd.sh |
73c49a44 | 10 | test "$HTTP_PROTO" = "HTTP/2" && enable_http2 |
7da4e228 SP |
11 | start_httpd |
12 | ||
73c49a44 JK |
13 | test_expect_success HTTP2 'enable client-side http/2' ' |
14 | git config --global http.version HTTP/2 | |
15 | ' | |
16 | ||
7da4e228 | 17 | test_expect_success 'setup repository' ' |
bd7ac599 | 18 | git config push.default matching && |
7da4e228 SP |
19 | echo content >file && |
20 | git add file && | |
21 | git commit -m one | |
22 | ' | |
23 | ||
24 | test_expect_success 'create http-accessible bare repository' ' | |
25 | mkdir "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
26 | (cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
27 | git --bare init | |
28 | ) && | |
29 | git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
028cb644 | 30 | git push public main:main |
7da4e228 SP |
31 | ' |
32 | ||
6ac2b3ae JK |
33 | setup_askpass_helper |
34 | ||
7da4e228 | 35 | test_expect_success 'clone http repository' ' |
92b7fd87 TG |
36 | cat >exp <<-\EOF && |
37 | > GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/1.1 | |
38 | > Accept: */* | |
39 | > Accept-Encoding: ENCODINGS | |
b0c4adcd | 40 | > Accept-Language: ko-KR, *;q=0.9 |
92b7fd87 TG |
41 | > Pragma: no-cache |
42 | < HTTP/1.1 200 OK | |
43 | < Pragma: no-cache | |
44 | < Cache-Control: no-cache, max-age=0, must-revalidate | |
45 | < Content-Type: application/x-git-upload-pack-advertisement | |
46 | > POST /smart/repo.git/git-upload-pack HTTP/1.1 | |
47 | > Accept-Encoding: ENCODINGS | |
48 | > Content-Type: application/x-git-upload-pack-request | |
49 | > Accept: application/x-git-upload-pack-result | |
b0c4adcd | 50 | > Accept-Language: ko-KR, *;q=0.9 |
92b7fd87 TG |
51 | > Content-Length: xxx |
52 | < HTTP/1.1 200 OK | |
53 | < Pragma: no-cache | |
54 | < Cache-Control: no-cache, max-age=0, must-revalidate | |
55 | < Content-Type: application/x-git-upload-pack-result | |
56 | EOF | |
b0c4adcd LL |
57 | |
58 | GIT_TRACE_CURL=true GIT_TEST_PROTOCOL_VERSION=0 LANGUAGE="ko_KR.UTF-8" \ | |
8cbeba06 | 59 | git clone --quiet $HTTPD_URL/smart/repo.git clone 2>err && |
7da4e228 SP |
60 | test_cmp file clone/file && |
61 | tr '\''\015'\'' Q <err | | |
62 | sed -e " | |
63 | s/Q\$// | |
64 | /^[*] /d | |
14e24114 EP |
65 | /^== Info:/d |
66 | /^=> Send header, /d | |
67 | /^=> Send header:$/d | |
68 | /^<= Recv header, /d | |
69 | /^<= Recv header:$/d | |
70 | s/=> Send header: // | |
71 | s/= Recv header:// | |
72 | /^<= Recv data/d | |
73 | /^=> Send data/d | |
0a8fcbdc SP |
74 | /^$/d |
75 | /^< $/d | |
7da4e228 SP |
76 | |
77 | /^[^><]/{ | |
78 | s/^/> / | |
79 | } | |
80 | ||
81 | /^> User-Agent: /d | |
82 | /^> Host: /d | |
20366635 SP |
83 | /^> POST /,$ { |
84 | /^> Accept: [*]\\/[*]/d | |
85 | } | |
7da4e228 | 86 | s/^> Content-Length: .*/> Content-Length: xxx/ |
0a8fcbdc SP |
87 | /^> 00..want /d |
88 | /^> 00.*done/d | |
7da4e228 SP |
89 | |
90 | /^< Server: /d | |
91 | /^< Expires: /d | |
92 | /^< Date: /d | |
93 | /^< Content-Length: /d | |
94 | /^< Transfer-Encoding: /d | |
1a53e692 | 95 | " >actual && |
1a53e692 | 96 | |
d790ee17 JT |
97 | # NEEDSWORK: If the overspecification of the expected result is reduced, we |
98 | # might be able to run this test in all protocol versions. | |
8a1b0978 | 99 | if test "$GIT_TEST_PROTOCOL_VERSION" = 0 |
d790ee17 JT |
100 | then |
101 | sed -e "s/^> Accept-Encoding: .*/> Accept-Encoding: ENCODINGS/" \ | |
102 | actual >actual.smudged && | |
103 | test_cmp exp actual.smudged && | |
104 | ||
105 | grep "Accept-Encoding:.*gzip" actual >actual.gzip && | |
b0c4adcd LL |
106 | test_line_count = 2 actual.gzip && |
107 | ||
108 | grep "Accept-Language: ko-KR, *" actual >actual.language && | |
109 | test_line_count = 2 actual.language | |
d790ee17 | 110 | fi |
7da4e228 SP |
111 | ' |
112 | ||
113 | test_expect_success 'fetch changes via http' ' | |
114 | echo content >>file && | |
115 | git commit -a -m two && | |
99094a7a | 116 | git push public && |
7da4e228 SP |
117 | (cd clone && git pull) && |
118 | test_cmp file clone/file | |
119 | ' | |
120 | ||
7da4e228 | 121 | test_expect_success 'used upload-pack service' ' |
92b7fd87 TG |
122 | cat >exp <<-\EOF && |
123 | GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/1.1 200 | |
124 | POST /smart/repo.git/git-upload-pack HTTP/1.1 200 | |
125 | GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/1.1 200 | |
126 | POST /smart/repo.git/git-upload-pack HTTP/1.1 200 | |
127 | EOF | |
d790ee17 JT |
128 | |
129 | # NEEDSWORK: If the overspecification of the expected result is reduced, we | |
130 | # might be able to run this test in all protocol versions. | |
8a1b0978 | 131 | if test "$GIT_TEST_PROTOCOL_VERSION" = 0 |
d790ee17 JT |
132 | then |
133 | check_access_log exp | |
134 | fi | |
7da4e228 SP |
135 | ' |
136 | ||
311e2ea0 TRC |
137 | test_expect_success 'follow redirects (301)' ' |
138 | git clone $HTTPD_URL/smart-redir-perm/repo.git --quiet repo-p | |
139 | ' | |
140 | ||
141 | test_expect_success 'follow redirects (302)' ' | |
142 | git clone $HTTPD_URL/smart-redir-temp/repo.git --quiet repo-t | |
143 | ' | |
144 | ||
050ef365 JK |
145 | test_expect_success 'redirects re-root further requests' ' |
146 | git clone $HTTPD_URL/smart-redir-limited/repo.git repo-redir-limited | |
147 | ' | |
148 | ||
6628eb41 JK |
149 | test_expect_success 're-rooting dies on insane schemes' ' |
150 | test_must_fail git clone $HTTPD_URL/insane-redir/repo.git insane | |
151 | ' | |
152 | ||
6ac2b3ae JK |
153 | test_expect_success 'clone from password-protected repository' ' |
154 | echo two >expect && | |
afbf5ca5 | 155 | set_askpass user@host pass@host && |
6ac2b3ae JK |
156 | git clone --bare "$HTTPD_URL/auth/smart/repo.git" smart-auth && |
157 | expect_askpass both user@host && | |
158 | git --git-dir=smart-auth log -1 --format=%s >actual && | |
159 | test_cmp expect actual | |
160 | ' | |
161 | ||
4c71009d JK |
162 | test_expect_success 'clone from auth-only-for-push repository' ' |
163 | echo two >expect && | |
164 | set_askpass wrong && | |
165 | git clone --bare "$HTTPD_URL/auth-push/smart/repo.git" smart-noauth && | |
166 | expect_askpass none && | |
167 | git --git-dir=smart-noauth log -1 --format=%s >actual && | |
168 | test_cmp expect actual | |
169 | ' | |
170 | ||
2e736fd5 JK |
171 | test_expect_success 'clone from auth-only-for-objects repository' ' |
172 | echo two >expect && | |
afbf5ca5 | 173 | set_askpass user@host pass@host && |
2e736fd5 JK |
174 | git clone --bare "$HTTPD_URL/auth-fetch/smart/repo.git" half-auth && |
175 | expect_askpass both user@host && | |
176 | git --git-dir=half-auth log -1 --format=%s >actual && | |
177 | test_cmp expect actual | |
178 | ' | |
179 | ||
180 | test_expect_success 'no-op half-auth fetch does not require a password' ' | |
181 | set_askpass wrong && | |
3a9e1ad7 JT |
182 | |
183 | # NEEDSWORK: When using HTTP(S), protocol v0 supports a "half-auth" | |
184 | # configuration with authentication required only when downloading | |
185 | # objects and not refs, by having the HTTP server only require | |
186 | # authentication for the "git-upload-pack" path and not "info/refs". | |
187 | # This is not possible with protocol v2, since both objects and refs | |
188 | # are obtained from the "git-upload-pack" path. A solution to this is | |
189 | # to teach the server and client to be able to inline ls-refs requests | |
5db92105 ÆAB |
190 | # as an Extra Parameter (see "git help gitformat-pack-protocol"), so that |
191 | # "info/refs" can serve refs, just like it does in protocol v0. | |
3a9e1ad7 | 192 | GIT_TEST_PROTOCOL_VERSION=0 git --git-dir=half-auth fetch && |
2e736fd5 JK |
193 | expect_askpass none |
194 | ' | |
195 | ||
050ef365 | 196 | test_expect_success 'redirects send auth to new location' ' |
afbf5ca5 | 197 | set_askpass user@host pass@host && |
050ef365 JK |
198 | git -c credential.useHttpPath=true \ |
199 | clone $HTTPD_URL/smart-redir-auth/repo.git repo-redir-auth && | |
200 | expect_askpass both user@host auth/smart/repo.git | |
201 | ' | |
202 | ||
73c49a44 | 203 | test_expect_success !HTTP2 'GIT_TRACE_CURL redacts auth details' ' |
373e9bd6 JT |
204 | rm -rf redact-auth trace && |
205 | set_askpass user@host pass@host && | |
206 | GIT_TRACE_CURL="$(pwd)/trace" git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth && | |
207 | expect_askpass both user@host && | |
208 | ||
209 | # Ensure that there is no "Basic" followed by a base64 string, but that | |
210 | # the auth details are redacted | |
b66c77a6 JK |
211 | ! grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace && |
212 | grep -i "Authorization: Basic <redacted>" trace | |
373e9bd6 JT |
213 | ' |
214 | ||
73c49a44 | 215 | test_expect_success !HTTP2 'GIT_CURL_VERBOSE redacts auth details' ' |
7167a62b JT |
216 | rm -rf redact-auth trace && |
217 | set_askpass user@host pass@host && | |
218 | GIT_CURL_VERBOSE=1 git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth 2>trace && | |
219 | expect_askpass both user@host && | |
220 | ||
221 | # Ensure that there is no "Basic" followed by a base64 string, but that | |
222 | # the auth details are redacted | |
b66c77a6 JK |
223 | ! grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace && |
224 | grep -i "Authorization: Basic <redacted>" trace | |
7167a62b JT |
225 | ' |
226 | ||
827e7d4d JT |
227 | test_expect_success 'GIT_TRACE_CURL does not redact auth details if GIT_TRACE_REDACT=0' ' |
228 | rm -rf redact-auth trace && | |
229 | set_askpass user@host pass@host && | |
230 | GIT_TRACE_REDACT=0 GIT_TRACE_CURL="$(pwd)/trace" \ | |
231 | git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth && | |
232 | expect_askpass both user@host && | |
233 | ||
b66c77a6 | 234 | grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace |
827e7d4d JT |
235 | ' |
236 | ||
02572c2e JK |
237 | test_expect_success 'disable dumb http on server' ' |
238 | git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \ | |
239 | config http.getanyfile false | |
240 | ' | |
241 | ||
242 | test_expect_success 'GIT_SMART_HTTP can disable smart http' ' | |
243 | (GIT_SMART_HTTP=0 && | |
244 | export GIT_SMART_HTTP && | |
245 | cd clone && | |
246 | test_must_fail git fetch) | |
247 | ' | |
248 | ||
4656bf47 | 249 | test_expect_success 'invalid Content-Type rejected' ' |
8fb26872 | 250 | test_must_fail git clone $HTTPD_URL/broken_smart/repo.git 2>actual && |
e532a90a | 251 | test_i18ngrep "not valid:" actual |
4656bf47 SP |
252 | ' |
253 | ||
6130f86d JK |
254 | test_expect_success 'create namespaced refs' ' |
255 | test_commit namespaced && | |
028cb644 | 256 | git push public HEAD:refs/namespaces/ns/refs/heads/main && |
6130f86d | 257 | git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \ |
028cb644 | 258 | symbolic-ref refs/namespaces/ns/HEAD refs/namespaces/ns/refs/heads/main |
6130f86d JK |
259 | ' |
260 | ||
261 | test_expect_success 'smart clone respects namespace' ' | |
262 | git clone "$HTTPD_URL/smart_namespace/repo.git" ns-smart && | |
263 | echo namespaced >expect && | |
264 | git --git-dir=ns-smart/.git log -1 --format=%s >actual && | |
265 | test_cmp expect actual | |
266 | ' | |
267 | ||
268 | test_expect_success 'dumb clone via http-backend respects namespace' ' | |
269 | git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \ | |
270 | config http.getanyfile true && | |
271 | GIT_SMART_HTTP=0 git clone \ | |
272 | "$HTTPD_URL/smart_namespace/repo.git" ns-dumb && | |
273 | echo namespaced >expect && | |
274 | git --git-dir=ns-dumb/.git log -1 --format=%s >actual && | |
275 | test_cmp expect actual | |
276 | ' | |
277 | ||
912b2acf | 278 | test_expect_success 'cookies stored in http.cookiefile when http.savecookies set' ' |
92b7fd87 TG |
279 | cat >cookies.txt <<-\EOF && |
280 | 127.0.0.1 FALSE /smart_cookies/ FALSE 0 othername othervalue | |
281 | EOF | |
29e8dc50 | 282 | sort >expect_cookies.txt <<-\EOF && |
92b7fd87 TG |
283 | |
284 | 127.0.0.1 FALSE /smart_cookies/ FALSE 0 othername othervalue | |
285 | 127.0.0.1 FALSE /smart_cookies/repo.git/info/ FALSE 0 name value | |
286 | EOF | |
912b2acf DB |
287 | git config http.cookiefile cookies.txt && |
288 | git config http.savecookies true && | |
028cb644 | 289 | git ls-remote $HTTPD_URL/smart_cookies/repo.git main && |
d790ee17 JT |
290 | |
291 | # NEEDSWORK: If the overspecification of the expected result is reduced, we | |
292 | # might be able to run this test in all protocol versions. | |
8a1b0978 | 293 | if test "$GIT_TEST_PROTOCOL_VERSION" = 0 |
d790ee17 JT |
294 | then |
295 | tail -3 cookies.txt | sort >cookies_tail.txt && | |
296 | test_cmp expect_cookies.txt cookies_tail.txt | |
297 | fi | |
912b2acf DB |
298 | ' |
299 | ||
e172755b JK |
300 | test_expect_success 'transfer.hiderefs works over smart-http' ' |
301 | test_commit hidden && | |
302 | test_commit visible && | |
303 | git push public HEAD^:refs/heads/a HEAD:refs/heads/b && | |
304 | git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \ | |
305 | config transfer.hiderefs refs/heads/a && | |
306 | git clone --bare "$HTTPD_URL/smart/repo.git" hidden.git && | |
307 | test_must_fail git -C hidden.git rev-parse --verify a && | |
308 | git -C hidden.git rev-parse --verify b | |
309 | ' | |
310 | ||
cc969c8d JK |
311 | # create an arbitrary number of tags, numbered from tag-$1 to tag-$2 |
312 | create_tags () { | |
313 | rm -f marks && | |
314 | for i in $(test_seq "$1" "$2") | |
7103d254 | 315 | do |
cc969c8d JK |
316 | # don't use here-doc, because it requires a process |
317 | # per loop iteration | |
318 | echo "commit refs/heads/too-many-refs-$1" && | |
319 | echo "mark :$i" && | |
320 | echo "committer git <git@example.com> $i +0000" && | |
321 | echo "data 0" && | |
322 | echo "M 644 inline bla.txt" && | |
323 | echo "data 4" && | |
324 | echo "bla" && | |
7103d254 IT |
325 | # make every commit dangling by always |
326 | # rewinding the branch after each commit | |
cc969c8d JK |
327 | echo "reset refs/heads/too-many-refs-$1" && |
328 | echo "from :$1" | |
7103d254 IT |
329 | done | git fast-import --export-marks=marks && |
330 | ||
331 | # now assign tags to all the dangling commits we created above | |
94221d22 | 332 | tag=$(perl -e "print \"bla\" x 30") && |
5e2c7cd2 | 333 | sed -e "s|^:\([^ ]*\) \(.*\)$|\2 refs/tags/$tag-\1|" <marks >>packed-refs |
cc969c8d JK |
334 | } |
335 | ||
7419a03f | 336 | test_expect_success 'create 2,000 tags in the repo' ' |
cc969c8d JK |
337 | ( |
338 | cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
7419a03f | 339 | create_tags 1 2000 |
7103d254 IT |
340 | ) |
341 | ' | |
342 | ||
376e4b39 JK |
343 | test_expect_success CMDLINE_LIMIT \ |
344 | 'clone the 2,000 tag repo to check OS command line overflow' ' | |
345 | run_with_limited_cmdline git clone $HTTPD_URL/smart/repo.git too-many-refs && | |
5e2c7cd2 JH |
346 | ( |
347 | cd too-many-refs && | |
376e4b39 JK |
348 | git for-each-ref refs/tags >actual && |
349 | test_line_count = 2000 actual | |
5e2c7cd2 | 350 | ) |
7103d254 IT |
351 | ' |
352 | ||
8d45ad8c | 353 | test_expect_success 'large fetch-pack requests can be sent using chunked encoding' ' |
14e24114 | 354 | GIT_TRACE_CURL=true git -c http.postbuffer=65536 \ |
376e4b39 | 355 | clone --bare "$HTTPD_URL/smart/repo.git" split.git 2>err && |
73c49a44 JK |
356 | { |
357 | test_have_prereq HTTP2 || | |
358 | grep "^=> Send header: Transfer-Encoding: chunked" err | |
359 | } | |
376e4b39 JK |
360 | ' |
361 | ||
296b847c DT |
362 | test_expect_success 'test allowreachablesha1inwant' ' |
363 | test_when_finished "rm -rf test_reachable.git" && | |
364 | server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
028cb644 | 365 | main_sha=$(git -C "$server" rev-parse refs/heads/main) && |
296b847c DT |
366 | git -C "$server" config uploadpack.allowreachablesha1inwant 1 && |
367 | ||
368 | git init --bare test_reachable.git && | |
369 | git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" && | |
028cb644 | 370 | git -C test_reachable.git fetch origin "$main_sha" |
296b847c DT |
371 | ' |
372 | ||
373 | test_expect_success 'test allowreachablesha1inwant with unreachable' ' | |
374 | test_when_finished "rm -rf test_reachable.git; git reset --hard $(git rev-parse HEAD)" && | |
375 | ||
376 | #create unreachable sha | |
377 | echo content >file2 && | |
378 | git add file2 && | |
379 | git commit -m two && | |
380 | git push public HEAD:refs/heads/doomed && | |
381 | git push public :refs/heads/doomed && | |
382 | ||
383 | server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
028cb644 | 384 | main_sha=$(git -C "$server" rev-parse refs/heads/main) && |
296b847c DT |
385 | git -C "$server" config uploadpack.allowreachablesha1inwant 1 && |
386 | ||
387 | git init --bare test_reachable.git && | |
388 | git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" && | |
ab0c5f50 JT |
389 | # Some protocol versions (e.g. 2) support fetching |
390 | # unadvertised objects, so restrict this test to v0. | |
8a1b0978 | 391 | test_must_fail env GIT_TEST_PROTOCOL_VERSION=0 \ |
ab0c5f50 | 392 | git -C test_reachable.git fetch origin "$(git rev-parse HEAD)" |
296b847c DT |
393 | ' |
394 | ||
f8edeaa0 DT |
395 | test_expect_success 'test allowanysha1inwant with unreachable' ' |
396 | test_when_finished "rm -rf test_reachable.git; git reset --hard $(git rev-parse HEAD)" && | |
397 | ||
398 | #create unreachable sha | |
399 | echo content >file2 && | |
400 | git add file2 && | |
401 | git commit -m two && | |
402 | git push public HEAD:refs/heads/doomed && | |
403 | git push public :refs/heads/doomed && | |
404 | ||
405 | server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
028cb644 | 406 | main_sha=$(git -C "$server" rev-parse refs/heads/main) && |
f8edeaa0 DT |
407 | git -C "$server" config uploadpack.allowreachablesha1inwant 1 && |
408 | ||
409 | git init --bare test_reachable.git && | |
410 | git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" && | |
ab0c5f50 JT |
411 | # Some protocol versions (e.g. 2) support fetching |
412 | # unadvertised objects, so restrict this test to v0. | |
8a1b0978 | 413 | test_must_fail env GIT_TEST_PROTOCOL_VERSION=0 \ |
ab0c5f50 | 414 | git -C test_reachable.git fetch origin "$(git rev-parse HEAD)" && |
f8edeaa0 DT |
415 | |
416 | git -C "$server" config uploadpack.allowanysha1inwant 1 && | |
417 | git -C test_reachable.git fetch origin "$(git rev-parse HEAD)" | |
418 | ' | |
419 | ||
6bc0cb51 | 420 | test_expect_success EXPENSIVE 'http can handle enormous ref negotiation' ' |
7419a03f JH |
421 | ( |
422 | cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
423 | create_tags 2001 50000 | |
424 | ) && | |
6bc0cb51 JK |
425 | git -C too-many-refs fetch -q --tags && |
426 | ( | |
427 | cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
428 | create_tags 50001 100000 | |
429 | ) && | |
430 | git -C too-many-refs fetch -q --tags && | |
431 | git -C too-many-refs for-each-ref refs/tags >tags && | |
432 | test_line_count = 100000 tags | |
433 | ' | |
434 | ||
8cb01e2f | 435 | test_expect_success 'custom http headers' ' |
e31165ce JS |
436 | test_must_fail git -c http.extraheader="x-magic-two: cadabra" \ |
437 | fetch "$HTTPD_URL/smart_headers/repo.git" && | |
8cb01e2f JS |
438 | git -c http.extraheader="x-magic-one: abra" \ |
439 | -c http.extraheader="x-magic-two: cadabra" \ | |
0bbe7317 JS |
440 | fetch "$HTTPD_URL/smart_headers/repo.git" && |
441 | git update-index --add --cacheinfo 160000,$(git rev-parse HEAD),sub && | |
442 | git config -f .gitmodules submodule.sub.path sub && | |
443 | git config -f .gitmodules submodule.sub.url \ | |
444 | "$HTTPD_URL/smart_headers/repo.git" && | |
445 | git submodule init sub && | |
446 | test_must_fail git submodule update sub && | |
447 | git -c http.extraheader="x-magic-one: abra" \ | |
448 | -c http.extraheader="x-magic-two: cadabra" \ | |
449 | submodule update sub | |
8cb01e2f JS |
450 | ' |
451 | ||
e2842b39 JT |
452 | test_expect_success 'using fetch command in remote-curl updates refs' ' |
453 | SERVER="$HTTPD_DOCUMENT_ROOT_PATH/twobranch" && | |
454 | rm -rf "$SERVER" client && | |
455 | ||
456 | git init "$SERVER" && | |
457 | test_commit -C "$SERVER" foo && | |
458 | git -C "$SERVER" update-ref refs/heads/anotherbranch foo && | |
459 | ||
460 | git clone $HTTPD_URL/smart/twobranch client && | |
461 | ||
462 | test_commit -C "$SERVER" bar && | |
463 | git -C client -c protocol.version=0 fetch && | |
464 | ||
028cb644 JS |
465 | git -C "$SERVER" rev-parse main >expect && |
466 | git -C client rev-parse origin/main >actual && | |
e2842b39 JT |
467 | test_cmp expect actual |
468 | ' | |
469 | ||
e70a3030 JT |
470 | test_expect_success 'fetch by SHA-1 without tag following' ' |
471 | SERVER="$HTTPD_DOCUMENT_ROOT_PATH/server" && | |
472 | rm -rf "$SERVER" client && | |
473 | ||
474 | git init "$SERVER" && | |
475 | test_commit -C "$SERVER" foo && | |
476 | ||
477 | git clone $HTTPD_URL/smart/server client && | |
478 | ||
479 | test_commit -C "$SERVER" bar && | |
480 | git -C "$SERVER" rev-parse bar >bar_hash && | |
481 | git -C client -c protocol.version=0 fetch \ | |
482 | --no-tags origin $(cat bar_hash) | |
483 | ' | |
484 | ||
73c49a44 | 485 | test_expect_success !HTTP2 'cookies are redacted by default' ' |
83411783 JT |
486 | rm -rf clone && |
487 | echo "Set-Cookie: Foo=1" >cookies && | |
488 | echo "Set-Cookie: Bar=2" >>cookies && | |
827e7d4d | 489 | GIT_TRACE_CURL=true \ |
7167a62b JT |
490 | git -c "http.cookieFile=$(pwd)/cookies" clone \ |
491 | $HTTPD_URL/smart/repo.git clone 2>err && | |
b66c77a6 JK |
492 | grep -i "Cookie:.*Foo=<redacted>" err && |
493 | grep -i "Cookie:.*Bar=<redacted>" err && | |
494 | ! grep -i "Cookie:.*Foo=1" err && | |
495 | ! grep -i "Cookie:.*Bar=2" err | |
7167a62b JT |
496 | ' |
497 | ||
827e7d4d | 498 | test_expect_success 'empty values of cookies are also redacted' ' |
7167a62b | 499 | rm -rf clone && |
827e7d4d JT |
500 | echo "Set-Cookie: Foo=" >cookies && |
501 | GIT_TRACE_CURL=true \ | |
83411783 JT |
502 | git -c "http.cookieFile=$(pwd)/cookies" clone \ |
503 | $HTTPD_URL/smart/repo.git clone 2>err && | |
b66c77a6 | 504 | grep -i "Cookie:.*Foo=<redacted>" err |
83411783 JT |
505 | ' |
506 | ||
827e7d4d | 507 | test_expect_success 'GIT_TRACE_REDACT=0 disables cookie redaction' ' |
83411783 | 508 | rm -rf clone && |
827e7d4d JT |
509 | echo "Set-Cookie: Foo=1" >cookies && |
510 | echo "Set-Cookie: Bar=2" >>cookies && | |
511 | GIT_TRACE_REDACT=0 GIT_TRACE_CURL=true \ | |
83411783 JT |
512 | git -c "http.cookieFile=$(pwd)/cookies" clone \ |
513 | $HTTPD_URL/smart/repo.git clone 2>err && | |
b66c77a6 JK |
514 | grep -i "Cookie:.*Foo=1" err && |
515 | grep -i "Cookie:.*Bar=2" err | |
83411783 JT |
516 | ' |
517 | ||
8ba18e6f JT |
518 | test_expect_success 'GIT_TRACE_CURL_NO_DATA prevents data from being traced' ' |
519 | rm -rf clone && | |
520 | GIT_TRACE_CURL=true \ | |
521 | git clone $HTTPD_URL/smart/repo.git clone 2>err && | |
522 | grep "=> Send data" err && | |
523 | ||
524 | rm -rf clone && | |
525 | GIT_TRACE_CURL=true GIT_TRACE_CURL_NO_DATA=1 \ | |
526 | git clone $HTTPD_URL/smart/repo.git clone 2>err && | |
527 | ! grep "=> Send data" err | |
528 | ' | |
529 | ||
30dea565 JS |
530 | test_expect_success 'server-side error detected' ' |
531 | test_must_fail git clone $HTTPD_URL/error_smart/repo.git 2>actual && | |
e532a90a | 532 | test_i18ngrep "server-side error" actual |
30dea565 JS |
533 | ' |
534 | ||
b694f1e4 JK |
535 | test_expect_success 'http auth remembers successful credentials' ' |
536 | rm -f .git-credentials && | |
537 | test_config credential.helper store && | |
538 | ||
539 | # the first request prompts the user... | |
540 | set_askpass user@host pass@host && | |
541 | git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null && | |
542 | expect_askpass both user@host && | |
543 | ||
544 | # ...and the second one uses the stored value rather than | |
545 | # prompting the user. | |
546 | set_askpass bogus-user bogus-pass && | |
547 | git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null && | |
548 | expect_askpass none | |
549 | ' | |
550 | ||
ecf7b129 | 551 | test_expect_success 'http auth forgets bogus credentials' ' |
b694f1e4 JK |
552 | # seed credential store with bogus values. In real life, |
553 | # this would probably come from a password which worked | |
554 | # for a previous request. | |
555 | rm -f .git-credentials && | |
556 | test_config credential.helper store && | |
557 | { | |
558 | echo "url=$HTTPD_URL" && | |
559 | echo "username=bogus" && | |
560 | echo "password=bogus" | |
561 | } | git credential approve && | |
562 | ||
563 | # we expect this to use the bogus values and fail, never even | |
564 | # prompting the user... | |
565 | set_askpass user@host pass@host && | |
566 | test_must_fail git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null && | |
567 | expect_askpass none && | |
568 | ||
569 | # ...but now we should have forgotten the bad value, causing | |
570 | # us to prompt the user again. | |
571 | set_askpass user@host pass@host && | |
572 | git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null && | |
573 | expect_askpass both user@host | |
574 | ' | |
575 | ||
26146980 JK |
576 | test_expect_success 'client falls back from v2 to v0 to match server' ' |
577 | GIT_TRACE_PACKET=$PWD/trace \ | |
578 | GIT_TEST_PROTOCOL_VERSION=2 \ | |
579 | git clone $HTTPD_URL/smart_v0/repo.git repo-v0 && | |
580 | # check for v0; there the HEAD symref is communicated in the capability | |
581 | # line; v2 uses a different syntax on each ref advertisement line | |
582 | grep symref=HEAD:refs/heads/ trace | |
583 | ' | |
584 | ||
511cfd3b CC |
585 | test_expect_success 'passing hostname resolution information works' ' |
586 | BOGUS_HOST=gitbogusexamplehost.invalid && | |
587 | BOGUS_HTTPD_URL=$HTTPD_PROTO://$BOGUS_HOST:$LIB_HTTPD_PORT && | |
588 | test_must_fail git ls-remote "$BOGUS_HTTPD_URL/smart/repo.git" >/dev/null && | |
589 | git -c "http.curloptResolve=$BOGUS_HOST:$LIB_HTTPD_PORT:127.0.0.1" ls-remote "$BOGUS_HTTPD_URL/smart/repo.git" >/dev/null | |
590 | ' | |
591 | ||
762521e8 JK |
592 | # here user%40host is the URL-encoded version of user@host, |
593 | # which is our intentionally-odd username to catch parsing errors | |
594 | url_user=$HTTPD_URL_USER/auth/smart/repo.git | |
595 | url_userpass=$HTTPD_URL_USER_PASS/auth/smart/repo.git | |
596 | url_userblank=$HTTPD_PROTO://user%40host:@$HTTPD_DEST/auth/smart/repo.git | |
597 | message="URL .*:<redacted>@.* uses plaintext credentials" | |
598 | ||
599 | test_expect_success 'clone warns or fails when using username:password' ' | |
600 | test_when_finished "rm -rf attempt*" && | |
601 | ||
602 | git -c transfer.credentialsInUrl=allow \ | |
603 | clone $url_userpass attempt1 2>err && | |
604 | ! grep "$message" err && | |
605 | ||
606 | git -c transfer.credentialsInUrl=warn \ | |
607 | clone $url_userpass attempt2 2>err && | |
608 | grep "warning: $message" err >warnings && | |
db8016b4 | 609 | test_line_count -ge 1 warnings && |
762521e8 JK |
610 | |
611 | test_must_fail git -c transfer.credentialsInUrl=die \ | |
612 | clone $url_userpass attempt3 2>err && | |
613 | grep "fatal: $message" err >warnings && | |
db8016b4 | 614 | test_line_count -ge 1 warnings && |
762521e8 JK |
615 | |
616 | test_must_fail git -c transfer.credentialsInUrl=die \ | |
617 | clone $url_userblank attempt4 2>err && | |
618 | grep "fatal: $message" err >warnings && | |
db8016b4 | 619 | test_line_count -ge 1 warnings |
762521e8 JK |
620 | ' |
621 | ||
622 | test_expect_success 'clone does not detect username:password when it is https://username@domain:port/' ' | |
623 | test_when_finished "rm -rf attempt1" && | |
624 | ||
625 | # we are relying on lib-httpd for url construction, so document our | |
626 | # assumptions | |
627 | case "$HTTPD_URL_USER" in | |
628 | *:[0-9]*) : ok ;; | |
629 | *) BUG "httpd url does not have port: $HTTPD_URL_USER" | |
630 | esac && | |
631 | ||
632 | git -c transfer.credentialsInUrl=warn clone $url_user attempt1 2>err && | |
633 | ! grep "uses plaintext credentials" err | |
634 | ' | |
635 | ||
636 | test_expect_success 'fetch warns or fails when using username:password' ' | |
637 | git -c transfer.credentialsInUrl=allow fetch $url_userpass 2>err && | |
638 | ! grep "$message" err && | |
639 | ||
640 | git -c transfer.credentialsInUrl=warn fetch $url_userpass 2>err && | |
641 | grep "warning: $message" err >warnings && | |
db8016b4 | 642 | test_line_count -ge 1 warnings && |
762521e8 JK |
643 | |
644 | test_must_fail git -c transfer.credentialsInUrl=die \ | |
645 | fetch $url_userpass 2>err && | |
646 | grep "fatal: $message" err >warnings && | |
db8016b4 | 647 | test_line_count -ge 1 warnings && |
762521e8 JK |
648 | |
649 | test_must_fail git -c transfer.credentialsInUrl=die \ | |
650 | fetch $url_userblank 2>err && | |
651 | grep "fatal: $message" err >warnings && | |
db8016b4 | 652 | test_line_count -ge 1 warnings |
762521e8 JK |
653 | ' |
654 | ||
655 | ||
656 | test_expect_success 'push warns or fails when using username:password' ' | |
657 | git -c transfer.credentialsInUrl=allow push $url_userpass 2>err && | |
658 | ! grep "$message" err && | |
659 | ||
660 | git -c transfer.credentialsInUrl=warn push $url_userpass 2>err && | |
661 | grep "warning: $message" err >warnings && | |
662 | ||
663 | test_must_fail git -c transfer.credentialsInUrl=die \ | |
664 | push $url_userpass 2>err && | |
665 | grep "fatal: $message" err >warnings && | |
db8016b4 | 666 | test_line_count -ge 1 warnings |
762521e8 JK |
667 | ' |
668 | ||
7da4e228 | 669 | test_done |