]>
Commit | Line | Data |
---|---|---|
7da4e228 SP |
1 | #!/bin/sh |
2 | ||
8dfe36b0 | 3 | : ${HTTP_PROTO:=HTTP/1.1} |
73c49a44 | 4 | test_description="test smart fetching over http via http-backend ($HTTP_PROTO)" |
028cb644 | 5 | GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main |
334afbc7 JS |
6 | export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME |
7 | ||
7da4e228 | 8 | . ./test-lib.sh |
7da4e228 | 9 | . "$TEST_DIRECTORY"/lib-httpd.sh |
73c49a44 | 10 | test "$HTTP_PROTO" = "HTTP/2" && enable_http2 |
7da4e228 SP |
11 | start_httpd |
12 | ||
73c49a44 JK |
13 | test_expect_success HTTP2 'enable client-side http/2' ' |
14 | git config --global http.version HTTP/2 | |
15 | ' | |
16 | ||
7da4e228 | 17 | test_expect_success 'setup repository' ' |
bd7ac599 | 18 | git config push.default matching && |
7da4e228 SP |
19 | echo content >file && |
20 | git add file && | |
21 | git commit -m one | |
22 | ' | |
23 | ||
24 | test_expect_success 'create http-accessible bare repository' ' | |
25 | mkdir "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
26 | (cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
27 | git --bare init | |
28 | ) && | |
29 | git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
028cb644 | 30 | git push public main:main |
7da4e228 SP |
31 | ' |
32 | ||
6ac2b3ae JK |
33 | setup_askpass_helper |
34 | ||
7da4e228 | 35 | test_expect_success 'clone http repository' ' |
86190028 JK |
36 | if test_have_prereq HTTP2 && test "$HTTPD_PROTO" = "https" |
37 | then | |
38 | # ALPN lets us immediately use HTTP/2; likewise, POSTs with | |
39 | # bodies can use it because they do not need to upgrade | |
40 | INITIAL_PROTO=HTTP/2 | |
41 | else | |
42 | # either we are not using HTTP/2, or the initial | |
43 | # request is sent via HTTP/1.1 and asks for upgrade | |
44 | INITIAL_PROTO=HTTP/1.1 | |
45 | fi && | |
46 | ||
1c5a6381 | 47 | cat >exp.raw <<-EOF && |
86190028 | 48 | > GET /smart/repo.git/info/refs?service=git-upload-pack $INITIAL_PROTO |
4a21230a JK |
49 | > accept: */* |
50 | > accept-encoding: ENCODINGS | |
51 | > accept-language: ko-KR, *;q=0.9 | |
52 | > pragma: no-cache | |
1c5a6381 | 53 | {V2} > git-protocol: version=2 |
8dfe36b0 | 54 | < $HTTP_PROTO 200 OK |
4a21230a JK |
55 | < pragma: no-cache |
56 | < cache-control: no-cache, max-age=0, must-revalidate | |
57 | < content-type: application/x-git-upload-pack-advertisement | |
86190028 | 58 | > POST /smart/repo.git/git-upload-pack $INITIAL_PROTO |
4a21230a JK |
59 | > accept-encoding: ENCODINGS |
60 | > content-type: application/x-git-upload-pack-request | |
61 | > accept: application/x-git-upload-pack-result | |
62 | > accept-language: ko-KR, *;q=0.9 | |
1c5a6381 | 63 | {V2} > git-protocol: version=2 |
4a21230a | 64 | > content-length: xxx |
86190028 | 65 | < $INITIAL_PROTO 200 OK |
4a21230a JK |
66 | < pragma: no-cache |
67 | < cache-control: no-cache, max-age=0, must-revalidate | |
68 | < content-type: application/x-git-upload-pack-result | |
86190028 | 69 | {V2} > POST /smart/repo.git/git-upload-pack $INITIAL_PROTO |
1c5a6381 JK |
70 | {V2} > accept-encoding: ENCODINGS |
71 | {V2} > content-type: application/x-git-upload-pack-request | |
72 | {V2} > accept: application/x-git-upload-pack-result | |
73 | {V2} > accept-language: ko-KR, *;q=0.9 | |
74 | {V2} > git-protocol: version=2 | |
75 | {V2} > content-length: xxx | |
86190028 | 76 | {V2} < $INITIAL_PROTO 200 OK |
1c5a6381 JK |
77 | {V2} < pragma: no-cache |
78 | {V2} < cache-control: no-cache, max-age=0, must-revalidate | |
79 | {V2} < content-type: application/x-git-upload-pack-result | |
92b7fd87 | 80 | EOF |
b0c4adcd | 81 | |
1c5a6381 JK |
82 | if test "$GIT_TEST_PROTOCOL_VERSION" = 0 |
83 | then | |
84 | sed "/^{V2}/d" <exp.raw >exp | |
85 | else | |
86 | sed "s/^{V2} //" <exp.raw >exp | |
87 | fi && | |
88 | ||
2f87277d | 89 | GIT_TRACE_CURL=true LANGUAGE="ko_KR.UTF-8" \ |
8cbeba06 | 90 | git clone --quiet $HTTPD_URL/smart/repo.git clone 2>err && |
7da4e228 SP |
91 | test_cmp file clone/file && |
92 | tr '\''\015'\'' Q <err | | |
4a21230a JK |
93 | perl -pe '\'' |
94 | s/(Send|Recv) header: ([A-Za-z0-9-]+):/ | |
95 | "$1 header: " . lc($2) . ":" | |
96 | /e; | |
97 | '\'' | | |
7da4e228 SP |
98 | sed -e " |
99 | s/Q\$// | |
b71a2bf1 | 100 | /^[^<=]/d |
14e24114 EP |
101 | /^== Info:/d |
102 | /^=> Send header, /d | |
103 | /^=> Send header:$/d | |
104 | /^<= Recv header, /d | |
105 | /^<= Recv header:$/d | |
106 | s/=> Send header: // | |
107 | s/= Recv header:// | |
108 | /^<= Recv data/d | |
109 | /^=> Send data/d | |
86190028 JK |
110 | /^<= Recv SSL data/d |
111 | /^=> Send SSL data/d | |
0a8fcbdc SP |
112 | /^$/d |
113 | /^< $/d | |
7da4e228 SP |
114 | |
115 | /^[^><]/{ | |
116 | s/^/> / | |
117 | } | |
118 | ||
8dfe36b0 JK |
119 | /^< HTTP/ { |
120 | s/200$/200 OK/ | |
121 | } | |
122 | /^< HTTP\\/1.1 101/d | |
123 | /^[><] connection: /d | |
124 | /^[><] upgrade: /d | |
125 | /^> http2-settings: /d | |
126 | ||
4a21230a JK |
127 | /^> user-agent: /d |
128 | /^> host: /d | |
20366635 SP |
129 | /^> POST /,$ { |
130 | /^> Accept: [*]\\/[*]/d | |
131 | } | |
4a21230a | 132 | s/^> content-length: .*/> content-length: xxx/ |
0a8fcbdc SP |
133 | /^> 00..want /d |
134 | /^> 00.*done/d | |
7da4e228 | 135 | |
4a21230a JK |
136 | /^< server: /d |
137 | /^< expires: /d | |
138 | /^< date: /d | |
139 | /^< content-length: /d | |
140 | /^< transfer-encoding: /d | |
1a53e692 | 141 | " >actual && |
1a53e692 | 142 | |
1c5a6381 JK |
143 | sed -e "s/^> accept-encoding: .*/> accept-encoding: ENCODINGS/" \ |
144 | actual >actual.smudged && | |
145 | test_cmp exp actual.smudged && | |
d790ee17 | 146 | |
1c5a6381 | 147 | grep "accept-encoding:.*gzip" actual >actual.gzip |
7da4e228 SP |
148 | ' |
149 | ||
150 | test_expect_success 'fetch changes via http' ' | |
151 | echo content >>file && | |
152 | git commit -a -m two && | |
99094a7a | 153 | git push public && |
7da4e228 SP |
154 | (cd clone && git pull) && |
155 | test_cmp file clone/file | |
156 | ' | |
157 | ||
7da4e228 | 158 | test_expect_success 'used upload-pack service' ' |
795d713e JK |
159 | strip_access_log >log && |
160 | grep "GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/[0-9.]* 200" log && | |
161 | grep "POST /smart/repo.git/git-upload-pack HTTP/[0-9.]* 200" log | |
7da4e228 SP |
162 | ' |
163 | ||
311e2ea0 TRC |
164 | test_expect_success 'follow redirects (301)' ' |
165 | git clone $HTTPD_URL/smart-redir-perm/repo.git --quiet repo-p | |
166 | ' | |
167 | ||
168 | test_expect_success 'follow redirects (302)' ' | |
169 | git clone $HTTPD_URL/smart-redir-temp/repo.git --quiet repo-t | |
170 | ' | |
171 | ||
050ef365 JK |
172 | test_expect_success 'redirects re-root further requests' ' |
173 | git clone $HTTPD_URL/smart-redir-limited/repo.git repo-redir-limited | |
174 | ' | |
175 | ||
6628eb41 JK |
176 | test_expect_success 're-rooting dies on insane schemes' ' |
177 | test_must_fail git clone $HTTPD_URL/insane-redir/repo.git insane | |
178 | ' | |
179 | ||
6ac2b3ae JK |
180 | test_expect_success 'clone from password-protected repository' ' |
181 | echo two >expect && | |
afbf5ca5 | 182 | set_askpass user@host pass@host && |
6ac2b3ae JK |
183 | git clone --bare "$HTTPD_URL/auth/smart/repo.git" smart-auth && |
184 | expect_askpass both user@host && | |
185 | git --git-dir=smart-auth log -1 --format=%s >actual && | |
186 | test_cmp expect actual | |
187 | ' | |
188 | ||
4c71009d JK |
189 | test_expect_success 'clone from auth-only-for-push repository' ' |
190 | echo two >expect && | |
191 | set_askpass wrong && | |
192 | git clone --bare "$HTTPD_URL/auth-push/smart/repo.git" smart-noauth && | |
193 | expect_askpass none && | |
194 | git --git-dir=smart-noauth log -1 --format=%s >actual && | |
195 | test_cmp expect actual | |
196 | ' | |
197 | ||
2e736fd5 JK |
198 | test_expect_success 'clone from auth-only-for-objects repository' ' |
199 | echo two >expect && | |
afbf5ca5 | 200 | set_askpass user@host pass@host && |
2e736fd5 JK |
201 | git clone --bare "$HTTPD_URL/auth-fetch/smart/repo.git" half-auth && |
202 | expect_askpass both user@host && | |
203 | git --git-dir=half-auth log -1 --format=%s >actual && | |
204 | test_cmp expect actual | |
205 | ' | |
206 | ||
207 | test_expect_success 'no-op half-auth fetch does not require a password' ' | |
208 | set_askpass wrong && | |
3a9e1ad7 JT |
209 | |
210 | # NEEDSWORK: When using HTTP(S), protocol v0 supports a "half-auth" | |
211 | # configuration with authentication required only when downloading | |
212 | # objects and not refs, by having the HTTP server only require | |
213 | # authentication for the "git-upload-pack" path and not "info/refs". | |
214 | # This is not possible with protocol v2, since both objects and refs | |
215 | # are obtained from the "git-upload-pack" path. A solution to this is | |
216 | # to teach the server and client to be able to inline ls-refs requests | |
5db92105 ÆAB |
217 | # as an Extra Parameter (see "git help gitformat-pack-protocol"), so that |
218 | # "info/refs" can serve refs, just like it does in protocol v0. | |
3a9e1ad7 | 219 | GIT_TEST_PROTOCOL_VERSION=0 git --git-dir=half-auth fetch && |
2e736fd5 JK |
220 | expect_askpass none |
221 | ' | |
222 | ||
050ef365 | 223 | test_expect_success 'redirects send auth to new location' ' |
afbf5ca5 | 224 | set_askpass user@host pass@host && |
050ef365 JK |
225 | git -c credential.useHttpPath=true \ |
226 | clone $HTTPD_URL/smart-redir-auth/repo.git repo-redir-auth && | |
227 | expect_askpass both user@host auth/smart/repo.git | |
228 | ' | |
229 | ||
b637a41e | 230 | test_expect_success 'GIT_TRACE_CURL redacts auth details' ' |
373e9bd6 JT |
231 | rm -rf redact-auth trace && |
232 | set_askpass user@host pass@host && | |
233 | GIT_TRACE_CURL="$(pwd)/trace" git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth && | |
234 | expect_askpass both user@host && | |
235 | ||
236 | # Ensure that there is no "Basic" followed by a base64 string, but that | |
237 | # the auth details are redacted | |
b66c77a6 JK |
238 | ! grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace && |
239 | grep -i "Authorization: Basic <redacted>" trace | |
373e9bd6 JT |
240 | ' |
241 | ||
b637a41e | 242 | test_expect_success 'GIT_CURL_VERBOSE redacts auth details' ' |
7167a62b JT |
243 | rm -rf redact-auth trace && |
244 | set_askpass user@host pass@host && | |
245 | GIT_CURL_VERBOSE=1 git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth 2>trace && | |
246 | expect_askpass both user@host && | |
247 | ||
248 | # Ensure that there is no "Basic" followed by a base64 string, but that | |
249 | # the auth details are redacted | |
b66c77a6 JK |
250 | ! grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace && |
251 | grep -i "Authorization: Basic <redacted>" trace | |
7167a62b JT |
252 | ' |
253 | ||
827e7d4d JT |
254 | test_expect_success 'GIT_TRACE_CURL does not redact auth details if GIT_TRACE_REDACT=0' ' |
255 | rm -rf redact-auth trace && | |
256 | set_askpass user@host pass@host && | |
257 | GIT_TRACE_REDACT=0 GIT_TRACE_CURL="$(pwd)/trace" \ | |
258 | git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth && | |
259 | expect_askpass both user@host && | |
260 | ||
b66c77a6 | 261 | grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace |
827e7d4d JT |
262 | ' |
263 | ||
02572c2e JK |
264 | test_expect_success 'disable dumb http on server' ' |
265 | git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \ | |
266 | config http.getanyfile false | |
267 | ' | |
268 | ||
269 | test_expect_success 'GIT_SMART_HTTP can disable smart http' ' | |
270 | (GIT_SMART_HTTP=0 && | |
271 | export GIT_SMART_HTTP && | |
272 | cd clone && | |
273 | test_must_fail git fetch) | |
274 | ' | |
275 | ||
4656bf47 | 276 | test_expect_success 'invalid Content-Type rejected' ' |
8fb26872 | 277 | test_must_fail git clone $HTTPD_URL/broken_smart/repo.git 2>actual && |
e532a90a | 278 | test_i18ngrep "not valid:" actual |
4656bf47 SP |
279 | ' |
280 | ||
6130f86d JK |
281 | test_expect_success 'create namespaced refs' ' |
282 | test_commit namespaced && | |
028cb644 | 283 | git push public HEAD:refs/namespaces/ns/refs/heads/main && |
6130f86d | 284 | git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \ |
028cb644 | 285 | symbolic-ref refs/namespaces/ns/HEAD refs/namespaces/ns/refs/heads/main |
6130f86d JK |
286 | ' |
287 | ||
288 | test_expect_success 'smart clone respects namespace' ' | |
289 | git clone "$HTTPD_URL/smart_namespace/repo.git" ns-smart && | |
290 | echo namespaced >expect && | |
291 | git --git-dir=ns-smart/.git log -1 --format=%s >actual && | |
292 | test_cmp expect actual | |
293 | ' | |
294 | ||
295 | test_expect_success 'dumb clone via http-backend respects namespace' ' | |
296 | git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \ | |
297 | config http.getanyfile true && | |
298 | GIT_SMART_HTTP=0 git clone \ | |
299 | "$HTTPD_URL/smart_namespace/repo.git" ns-dumb && | |
300 | echo namespaced >expect && | |
301 | git --git-dir=ns-dumb/.git log -1 --format=%s >actual && | |
302 | test_cmp expect actual | |
303 | ' | |
304 | ||
912b2acf | 305 | test_expect_success 'cookies stored in http.cookiefile when http.savecookies set' ' |
92b7fd87 TG |
306 | cat >cookies.txt <<-\EOF && |
307 | 127.0.0.1 FALSE /smart_cookies/ FALSE 0 othername othervalue | |
308 | EOF | |
29e8dc50 | 309 | sort >expect_cookies.txt <<-\EOF && |
92b7fd87 | 310 | 127.0.0.1 FALSE /smart_cookies/ FALSE 0 othername othervalue |
93ea5bf3 | 311 | 127.0.0.1 FALSE /smart_cookies/repo.git/ FALSE 0 name value |
92b7fd87 TG |
312 | 127.0.0.1 FALSE /smart_cookies/repo.git/info/ FALSE 0 name value |
313 | EOF | |
912b2acf DB |
314 | git config http.cookiefile cookies.txt && |
315 | git config http.savecookies true && | |
d790ee17 | 316 | |
93ea5bf3 JK |
317 | test_when_finished " |
318 | git --git-dir=\"\$HTTPD_DOCUMENT_ROOT_PATH/repo.git\" \ | |
319 | tag -d cookie-tag | |
320 | " && | |
321 | git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \ | |
322 | tag -m "foo" cookie-tag && | |
323 | git fetch $HTTPD_URL/smart_cookies/repo.git cookie-tag && | |
324 | ||
325 | grep "^[^#]" cookies.txt | sort >cookies_stripped.txt && | |
326 | test_cmp expect_cookies.txt cookies_stripped.txt | |
912b2acf DB |
327 | ' |
328 | ||
e172755b JK |
329 | test_expect_success 'transfer.hiderefs works over smart-http' ' |
330 | test_commit hidden && | |
331 | test_commit visible && | |
332 | git push public HEAD^:refs/heads/a HEAD:refs/heads/b && | |
333 | git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \ | |
334 | config transfer.hiderefs refs/heads/a && | |
335 | git clone --bare "$HTTPD_URL/smart/repo.git" hidden.git && | |
336 | test_must_fail git -C hidden.git rev-parse --verify a && | |
337 | git -C hidden.git rev-parse --verify b | |
338 | ' | |
339 | ||
cc969c8d JK |
340 | # create an arbitrary number of tags, numbered from tag-$1 to tag-$2 |
341 | create_tags () { | |
342 | rm -f marks && | |
343 | for i in $(test_seq "$1" "$2") | |
7103d254 | 344 | do |
cc969c8d JK |
345 | # don't use here-doc, because it requires a process |
346 | # per loop iteration | |
347 | echo "commit refs/heads/too-many-refs-$1" && | |
348 | echo "mark :$i" && | |
349 | echo "committer git <git@example.com> $i +0000" && | |
350 | echo "data 0" && | |
351 | echo "M 644 inline bla.txt" && | |
352 | echo "data 4" && | |
353 | echo "bla" && | |
7103d254 IT |
354 | # make every commit dangling by always |
355 | # rewinding the branch after each commit | |
cc969c8d JK |
356 | echo "reset refs/heads/too-many-refs-$1" && |
357 | echo "from :$1" | |
7103d254 IT |
358 | done | git fast-import --export-marks=marks && |
359 | ||
360 | # now assign tags to all the dangling commits we created above | |
94221d22 | 361 | tag=$(perl -e "print \"bla\" x 30") && |
5e2c7cd2 | 362 | sed -e "s|^:\([^ ]*\) \(.*\)$|\2 refs/tags/$tag-\1|" <marks >>packed-refs |
cc969c8d JK |
363 | } |
364 | ||
7419a03f | 365 | test_expect_success 'create 2,000 tags in the repo' ' |
cc969c8d JK |
366 | ( |
367 | cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
7419a03f | 368 | create_tags 1 2000 |
7103d254 IT |
369 | ) |
370 | ' | |
371 | ||
376e4b39 JK |
372 | test_expect_success CMDLINE_LIMIT \ |
373 | 'clone the 2,000 tag repo to check OS command line overflow' ' | |
374 | run_with_limited_cmdline git clone $HTTPD_URL/smart/repo.git too-many-refs && | |
5e2c7cd2 JH |
375 | ( |
376 | cd too-many-refs && | |
376e4b39 JK |
377 | git for-each-ref refs/tags >actual && |
378 | test_line_count = 2000 actual | |
5e2c7cd2 | 379 | ) |
7103d254 IT |
380 | ' |
381 | ||
8d45ad8c | 382 | test_expect_success 'large fetch-pack requests can be sent using chunked encoding' ' |
14e24114 | 383 | GIT_TRACE_CURL=true git -c http.postbuffer=65536 \ |
376e4b39 | 384 | clone --bare "$HTTPD_URL/smart/repo.git" split.git 2>err && |
73c49a44 JK |
385 | { |
386 | test_have_prereq HTTP2 || | |
387 | grep "^=> Send header: Transfer-Encoding: chunked" err | |
388 | } | |
376e4b39 JK |
389 | ' |
390 | ||
296b847c DT |
391 | test_expect_success 'test allowreachablesha1inwant' ' |
392 | test_when_finished "rm -rf test_reachable.git" && | |
393 | server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
028cb644 | 394 | main_sha=$(git -C "$server" rev-parse refs/heads/main) && |
296b847c DT |
395 | git -C "$server" config uploadpack.allowreachablesha1inwant 1 && |
396 | ||
397 | git init --bare test_reachable.git && | |
398 | git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" && | |
028cb644 | 399 | git -C test_reachable.git fetch origin "$main_sha" |
296b847c DT |
400 | ' |
401 | ||
402 | test_expect_success 'test allowreachablesha1inwant with unreachable' ' | |
403 | test_when_finished "rm -rf test_reachable.git; git reset --hard $(git rev-parse HEAD)" && | |
404 | ||
405 | #create unreachable sha | |
406 | echo content >file2 && | |
407 | git add file2 && | |
408 | git commit -m two && | |
409 | git push public HEAD:refs/heads/doomed && | |
410 | git push public :refs/heads/doomed && | |
411 | ||
412 | server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
028cb644 | 413 | main_sha=$(git -C "$server" rev-parse refs/heads/main) && |
296b847c DT |
414 | git -C "$server" config uploadpack.allowreachablesha1inwant 1 && |
415 | ||
416 | git init --bare test_reachable.git && | |
417 | git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" && | |
ab0c5f50 JT |
418 | # Some protocol versions (e.g. 2) support fetching |
419 | # unadvertised objects, so restrict this test to v0. | |
8a1b0978 | 420 | test_must_fail env GIT_TEST_PROTOCOL_VERSION=0 \ |
ab0c5f50 | 421 | git -C test_reachable.git fetch origin "$(git rev-parse HEAD)" |
296b847c DT |
422 | ' |
423 | ||
f8edeaa0 DT |
424 | test_expect_success 'test allowanysha1inwant with unreachable' ' |
425 | test_when_finished "rm -rf test_reachable.git; git reset --hard $(git rev-parse HEAD)" && | |
426 | ||
427 | #create unreachable sha | |
428 | echo content >file2 && | |
429 | git add file2 && | |
430 | git commit -m two && | |
431 | git push public HEAD:refs/heads/doomed && | |
432 | git push public :refs/heads/doomed && | |
433 | ||
434 | server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
028cb644 | 435 | main_sha=$(git -C "$server" rev-parse refs/heads/main) && |
f8edeaa0 DT |
436 | git -C "$server" config uploadpack.allowreachablesha1inwant 1 && |
437 | ||
438 | git init --bare test_reachable.git && | |
439 | git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" && | |
ab0c5f50 JT |
440 | # Some protocol versions (e.g. 2) support fetching |
441 | # unadvertised objects, so restrict this test to v0. | |
8a1b0978 | 442 | test_must_fail env GIT_TEST_PROTOCOL_VERSION=0 \ |
ab0c5f50 | 443 | git -C test_reachable.git fetch origin "$(git rev-parse HEAD)" && |
f8edeaa0 DT |
444 | |
445 | git -C "$server" config uploadpack.allowanysha1inwant 1 && | |
446 | git -C test_reachable.git fetch origin "$(git rev-parse HEAD)" | |
447 | ' | |
448 | ||
6bc0cb51 | 449 | test_expect_success EXPENSIVE 'http can handle enormous ref negotiation' ' |
7419a03f JH |
450 | ( |
451 | cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
452 | create_tags 2001 50000 | |
453 | ) && | |
6bc0cb51 JK |
454 | git -C too-many-refs fetch -q --tags && |
455 | ( | |
456 | cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" && | |
457 | create_tags 50001 100000 | |
458 | ) && | |
459 | git -C too-many-refs fetch -q --tags && | |
460 | git -C too-many-refs for-each-ref refs/tags >tags && | |
461 | test_line_count = 100000 tags | |
462 | ' | |
463 | ||
8cb01e2f | 464 | test_expect_success 'custom http headers' ' |
e31165ce JS |
465 | test_must_fail git -c http.extraheader="x-magic-two: cadabra" \ |
466 | fetch "$HTTPD_URL/smart_headers/repo.git" && | |
8cb01e2f JS |
467 | git -c http.extraheader="x-magic-one: abra" \ |
468 | -c http.extraheader="x-magic-two: cadabra" \ | |
0bbe7317 JS |
469 | fetch "$HTTPD_URL/smart_headers/repo.git" && |
470 | git update-index --add --cacheinfo 160000,$(git rev-parse HEAD),sub && | |
471 | git config -f .gitmodules submodule.sub.path sub && | |
472 | git config -f .gitmodules submodule.sub.url \ | |
473 | "$HTTPD_URL/smart_headers/repo.git" && | |
474 | git submodule init sub && | |
475 | test_must_fail git submodule update sub && | |
476 | git -c http.extraheader="x-magic-one: abra" \ | |
477 | -c http.extraheader="x-magic-two: cadabra" \ | |
478 | submodule update sub | |
8cb01e2f JS |
479 | ' |
480 | ||
e2842b39 JT |
481 | test_expect_success 'using fetch command in remote-curl updates refs' ' |
482 | SERVER="$HTTPD_DOCUMENT_ROOT_PATH/twobranch" && | |
483 | rm -rf "$SERVER" client && | |
484 | ||
485 | git init "$SERVER" && | |
486 | test_commit -C "$SERVER" foo && | |
487 | git -C "$SERVER" update-ref refs/heads/anotherbranch foo && | |
488 | ||
489 | git clone $HTTPD_URL/smart/twobranch client && | |
490 | ||
491 | test_commit -C "$SERVER" bar && | |
492 | git -C client -c protocol.version=0 fetch && | |
493 | ||
028cb644 JS |
494 | git -C "$SERVER" rev-parse main >expect && |
495 | git -C client rev-parse origin/main >actual && | |
e2842b39 JT |
496 | test_cmp expect actual |
497 | ' | |
498 | ||
e70a3030 JT |
499 | test_expect_success 'fetch by SHA-1 without tag following' ' |
500 | SERVER="$HTTPD_DOCUMENT_ROOT_PATH/server" && | |
501 | rm -rf "$SERVER" client && | |
502 | ||
503 | git init "$SERVER" && | |
504 | test_commit -C "$SERVER" foo && | |
505 | ||
506 | git clone $HTTPD_URL/smart/server client && | |
507 | ||
508 | test_commit -C "$SERVER" bar && | |
509 | git -C "$SERVER" rev-parse bar >bar_hash && | |
510 | git -C client -c protocol.version=0 fetch \ | |
511 | --no-tags origin $(cat bar_hash) | |
512 | ' | |
513 | ||
b637a41e | 514 | test_expect_success 'cookies are redacted by default' ' |
83411783 JT |
515 | rm -rf clone && |
516 | echo "Set-Cookie: Foo=1" >cookies && | |
517 | echo "Set-Cookie: Bar=2" >>cookies && | |
827e7d4d | 518 | GIT_TRACE_CURL=true \ |
7167a62b JT |
519 | git -c "http.cookieFile=$(pwd)/cookies" clone \ |
520 | $HTTPD_URL/smart/repo.git clone 2>err && | |
b66c77a6 JK |
521 | grep -i "Cookie:.*Foo=<redacted>" err && |
522 | grep -i "Cookie:.*Bar=<redacted>" err && | |
523 | ! grep -i "Cookie:.*Foo=1" err && | |
524 | ! grep -i "Cookie:.*Bar=2" err | |
7167a62b JT |
525 | ' |
526 | ||
827e7d4d | 527 | test_expect_success 'empty values of cookies are also redacted' ' |
7167a62b | 528 | rm -rf clone && |
827e7d4d JT |
529 | echo "Set-Cookie: Foo=" >cookies && |
530 | GIT_TRACE_CURL=true \ | |
83411783 JT |
531 | git -c "http.cookieFile=$(pwd)/cookies" clone \ |
532 | $HTTPD_URL/smart/repo.git clone 2>err && | |
b66c77a6 | 533 | grep -i "Cookie:.*Foo=<redacted>" err |
83411783 JT |
534 | ' |
535 | ||
827e7d4d | 536 | test_expect_success 'GIT_TRACE_REDACT=0 disables cookie redaction' ' |
83411783 | 537 | rm -rf clone && |
827e7d4d JT |
538 | echo "Set-Cookie: Foo=1" >cookies && |
539 | echo "Set-Cookie: Bar=2" >>cookies && | |
540 | GIT_TRACE_REDACT=0 GIT_TRACE_CURL=true \ | |
83411783 JT |
541 | git -c "http.cookieFile=$(pwd)/cookies" clone \ |
542 | $HTTPD_URL/smart/repo.git clone 2>err && | |
b66c77a6 JK |
543 | grep -i "Cookie:.*Foo=1" err && |
544 | grep -i "Cookie:.*Bar=2" err | |
83411783 JT |
545 | ' |
546 | ||
8ba18e6f JT |
547 | test_expect_success 'GIT_TRACE_CURL_NO_DATA prevents data from being traced' ' |
548 | rm -rf clone && | |
549 | GIT_TRACE_CURL=true \ | |
550 | git clone $HTTPD_URL/smart/repo.git clone 2>err && | |
551 | grep "=> Send data" err && | |
552 | ||
553 | rm -rf clone && | |
554 | GIT_TRACE_CURL=true GIT_TRACE_CURL_NO_DATA=1 \ | |
555 | git clone $HTTPD_URL/smart/repo.git clone 2>err && | |
556 | ! grep "=> Send data" err | |
557 | ' | |
558 | ||
30dea565 JS |
559 | test_expect_success 'server-side error detected' ' |
560 | test_must_fail git clone $HTTPD_URL/error_smart/repo.git 2>actual && | |
e532a90a | 561 | test_i18ngrep "server-side error" actual |
30dea565 JS |
562 | ' |
563 | ||
b694f1e4 JK |
564 | test_expect_success 'http auth remembers successful credentials' ' |
565 | rm -f .git-credentials && | |
566 | test_config credential.helper store && | |
567 | ||
568 | # the first request prompts the user... | |
569 | set_askpass user@host pass@host && | |
570 | git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null && | |
571 | expect_askpass both user@host && | |
572 | ||
573 | # ...and the second one uses the stored value rather than | |
574 | # prompting the user. | |
575 | set_askpass bogus-user bogus-pass && | |
576 | git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null && | |
577 | expect_askpass none | |
578 | ' | |
579 | ||
ecf7b129 | 580 | test_expect_success 'http auth forgets bogus credentials' ' |
b694f1e4 JK |
581 | # seed credential store with bogus values. In real life, |
582 | # this would probably come from a password which worked | |
583 | # for a previous request. | |
584 | rm -f .git-credentials && | |
585 | test_config credential.helper store && | |
586 | { | |
587 | echo "url=$HTTPD_URL" && | |
588 | echo "username=bogus" && | |
589 | echo "password=bogus" | |
590 | } | git credential approve && | |
591 | ||
592 | # we expect this to use the bogus values and fail, never even | |
593 | # prompting the user... | |
594 | set_askpass user@host pass@host && | |
595 | test_must_fail git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null && | |
596 | expect_askpass none && | |
597 | ||
598 | # ...but now we should have forgotten the bad value, causing | |
599 | # us to prompt the user again. | |
600 | set_askpass user@host pass@host && | |
601 | git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null && | |
602 | expect_askpass both user@host | |
603 | ' | |
604 | ||
26146980 JK |
605 | test_expect_success 'client falls back from v2 to v0 to match server' ' |
606 | GIT_TRACE_PACKET=$PWD/trace \ | |
607 | GIT_TEST_PROTOCOL_VERSION=2 \ | |
608 | git clone $HTTPD_URL/smart_v0/repo.git repo-v0 && | |
609 | # check for v0; there the HEAD symref is communicated in the capability | |
610 | # line; v2 uses a different syntax on each ref advertisement line | |
611 | grep symref=HEAD:refs/heads/ trace | |
612 | ' | |
613 | ||
511cfd3b CC |
614 | test_expect_success 'passing hostname resolution information works' ' |
615 | BOGUS_HOST=gitbogusexamplehost.invalid && | |
616 | BOGUS_HTTPD_URL=$HTTPD_PROTO://$BOGUS_HOST:$LIB_HTTPD_PORT && | |
617 | test_must_fail git ls-remote "$BOGUS_HTTPD_URL/smart/repo.git" >/dev/null && | |
618 | git -c "http.curloptResolve=$BOGUS_HOST:$LIB_HTTPD_PORT:127.0.0.1" ls-remote "$BOGUS_HTTPD_URL/smart/repo.git" >/dev/null | |
619 | ' | |
620 | ||
762521e8 JK |
621 | # here user%40host is the URL-encoded version of user@host, |
622 | # which is our intentionally-odd username to catch parsing errors | |
623 | url_user=$HTTPD_URL_USER/auth/smart/repo.git | |
624 | url_userpass=$HTTPD_URL_USER_PASS/auth/smart/repo.git | |
625 | url_userblank=$HTTPD_PROTO://user%40host:@$HTTPD_DEST/auth/smart/repo.git | |
626 | message="URL .*:<redacted>@.* uses plaintext credentials" | |
627 | ||
628 | test_expect_success 'clone warns or fails when using username:password' ' | |
629 | test_when_finished "rm -rf attempt*" && | |
630 | ||
631 | git -c transfer.credentialsInUrl=allow \ | |
632 | clone $url_userpass attempt1 2>err && | |
633 | ! grep "$message" err && | |
634 | ||
635 | git -c transfer.credentialsInUrl=warn \ | |
636 | clone $url_userpass attempt2 2>err && | |
637 | grep "warning: $message" err >warnings && | |
db8016b4 | 638 | test_line_count -ge 1 warnings && |
762521e8 JK |
639 | |
640 | test_must_fail git -c transfer.credentialsInUrl=die \ | |
641 | clone $url_userpass attempt3 2>err && | |
642 | grep "fatal: $message" err >warnings && | |
db8016b4 | 643 | test_line_count -ge 1 warnings && |
762521e8 JK |
644 | |
645 | test_must_fail git -c transfer.credentialsInUrl=die \ | |
646 | clone $url_userblank attempt4 2>err && | |
647 | grep "fatal: $message" err >warnings && | |
db8016b4 | 648 | test_line_count -ge 1 warnings |
762521e8 JK |
649 | ' |
650 | ||
651 | test_expect_success 'clone does not detect username:password when it is https://username@domain:port/' ' | |
652 | test_when_finished "rm -rf attempt1" && | |
653 | ||
654 | # we are relying on lib-httpd for url construction, so document our | |
655 | # assumptions | |
656 | case "$HTTPD_URL_USER" in | |
657 | *:[0-9]*) : ok ;; | |
658 | *) BUG "httpd url does not have port: $HTTPD_URL_USER" | |
659 | esac && | |
660 | ||
661 | git -c transfer.credentialsInUrl=warn clone $url_user attempt1 2>err && | |
662 | ! grep "uses plaintext credentials" err | |
663 | ' | |
664 | ||
665 | test_expect_success 'fetch warns or fails when using username:password' ' | |
666 | git -c transfer.credentialsInUrl=allow fetch $url_userpass 2>err && | |
667 | ! grep "$message" err && | |
668 | ||
669 | git -c transfer.credentialsInUrl=warn fetch $url_userpass 2>err && | |
670 | grep "warning: $message" err >warnings && | |
db8016b4 | 671 | test_line_count -ge 1 warnings && |
762521e8 JK |
672 | |
673 | test_must_fail git -c transfer.credentialsInUrl=die \ | |
674 | fetch $url_userpass 2>err && | |
675 | grep "fatal: $message" err >warnings && | |
db8016b4 | 676 | test_line_count -ge 1 warnings && |
762521e8 JK |
677 | |
678 | test_must_fail git -c transfer.credentialsInUrl=die \ | |
679 | fetch $url_userblank 2>err && | |
680 | grep "fatal: $message" err >warnings && | |
db8016b4 | 681 | test_line_count -ge 1 warnings |
762521e8 JK |
682 | ' |
683 | ||
684 | ||
685 | test_expect_success 'push warns or fails when using username:password' ' | |
686 | git -c transfer.credentialsInUrl=allow push $url_userpass 2>err && | |
687 | ! grep "$message" err && | |
688 | ||
689 | git -c transfer.credentialsInUrl=warn push $url_userpass 2>err && | |
690 | grep "warning: $message" err >warnings && | |
691 | ||
692 | test_must_fail git -c transfer.credentialsInUrl=die \ | |
693 | push $url_userpass 2>err && | |
694 | grep "fatal: $message" err >warnings && | |
db8016b4 | 695 | test_line_count -ge 1 warnings |
762521e8 JK |
696 | ' |
697 | ||
f1449a56 JK |
698 | test_expect_success 'no empty path components' ' |
699 | # In the URL, add a trailing slash, and see if git appends yet another | |
700 | # slash. | |
701 | git clone $HTTPD_URL/smart/repo.git/ clone-with-slash && | |
702 | ||
703 | strip_access_log >log && | |
704 | ! grep "//" log | |
705 | ' | |
706 | ||
7da4e228 | 707 | test_done |