[thirdparty/git.git] / t / t5550-http-fetch-dumb.sh

#!/bin/sh

test_description='test dumb fetching over http via static file'
. ./test-lib.sh
. "$TEST_DIRECTORY"/lib-httpd.sh
start_httpd

test_expect_success 'setup repository' '
	git config push.default matching &&
	echo content1 >file &&
	git add file &&
	git commit -m one &&
	echo content2 >file &&
	git add file &&
	git commit -m two
'

test_expect_success 'create http-accessible bare repository with loose objects' '
	cp -R .git "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
	(cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
	 git config core.bare true &&
	 mkdir -p hooks &&
	 write_script "hooks/post-update" <<-\EOF &&
	 exec git update-server-info
	EOF
	 hooks/post-update
	) &&
	git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
	git push public master:master
'

test_expect_success 'clone http repository' '
	git clone $HTTPD_URL/dumb/repo.git clone-tmpl &&
	cp -R clone-tmpl clone &&
	test_cmp file clone/file
'

test_expect_success 'list refs from outside any repository' '
	cat >expect <<-EOF &&
	$(git rev-parse master)	HEAD
	$(git rev-parse master)	refs/heads/master
	EOF
	nongit git ls-remote "$HTTPD_URL/dumb/repo.git" >actual &&
	test_cmp expect actual
'

test_expect_success 'create password-protected repository' '
	mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/" &&
	cp -Rf "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
	       "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git"
'

setup_askpass_helper

test_expect_success 'cloning password-protected repository can fail' '
	set_askpass wrong &&
	test_must_fail git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-fail &&
	expect_askpass both wrong
'

test_expect_success 'http auth can use user/pass in URL' '
	set_askpass wrong &&
	git clone "$HTTPD_URL_USER_PASS/auth/dumb/repo.git" clone-auth-none &&
	expect_askpass none
'

test_expect_success 'http auth can use just user in URL' '
	set_askpass wrong pass@host &&
	git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-pass &&
	expect_askpass pass user@host
'

test_expect_success 'http auth can request both user and pass' '
	set_askpass user@host pass@host &&
	git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-both &&
	expect_askpass both user@host
'

test_expect_success 'http auth respects credential helper config' '
	test_config_global credential.helper "!f() {
		cat >/dev/null
		echo username=user@host
		echo password=pass@host
	}; f" &&
	set_askpass wrong &&
	git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-helper &&
	expect_askpass none
'

test_expect_success 'http auth can get username from config' '
	test_config_global "credential.$HTTPD_URL.username" user@host &&
	set_askpass wrong pass@host &&
	git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-user &&
	expect_askpass pass user@host
'

test_expect_success 'configured username does not override URL' '
	test_config_global "credential.$HTTPD_URL.username" wrong &&
	set_askpass wrong pass@host &&
	git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-user2 &&
	expect_askpass pass user@host
'

test_expect_success 'set up repo with http submodules' '
	git init super &&
	set_askpass user@host pass@host &&
	(
		cd super &&
		git submodule add "$HTTPD_URL/auth/dumb/repo.git" sub &&
		git commit -m "add submodule"
	)
'

test_expect_success 'cmdline credential config passes to submodule via clone' '
	set_askpass wrong pass@host &&
	test_must_fail git clone --recursive super super-clone &&
	rm -rf super-clone &&

	set_askpass wrong pass@host &&
	git -c "credential.$HTTPD_URL.username=user@host" \
		clone --recursive super super-clone &&
	expect_askpass pass user@host
'

test_expect_success 'cmdline credential config passes submodule via fetch' '
	set_askpass wrong pass@host &&
	test_must_fail git -C super-clone fetch --recurse-submodules &&

	set_askpass wrong pass@host &&
	git -C super-clone \
	    -c "credential.$HTTPD_URL.username=user@host" \
	    fetch --recurse-submodules &&
	expect_askpass pass user@host
'

test_expect_success 'cmdline credential config passes submodule update' '
	# advance the submodule HEAD so that a fetch is required
	git commit --allow-empty -m foo &&
	git push "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git" HEAD &&
	sha1=$(git rev-parse HEAD) &&
	git -C super-clone update-index --cacheinfo 160000,$sha1,sub &&

	set_askpass wrong pass@host &&
	test_must_fail git -C super-clone submodule update &&

	set_askpass wrong pass@host &&
	git -C super-clone \
	    -c "credential.$HTTPD_URL.username=user@host" \
	    submodule update &&
	expect_askpass pass user@host
'

test_expect_success 'fetch changes via http' '
	echo content >>file &&
	git commit -a -m two &&
	git push public &&
	(cd clone && git pull) &&
	test_cmp file clone/file
'

test_expect_success 'fetch changes via manual http-fetch' '
	cp -R clone-tmpl clone2 &&

	HEAD=$(git rev-parse --verify HEAD) &&
	(cd clone2 &&
	 git http-fetch -a -w heads/master-new $HEAD $(git config remote.origin.url) &&
	 git checkout master-new &&
	 test $HEAD = $(git rev-parse --verify HEAD)) &&
	test_cmp file clone2/file
'

test_expect_success 'http remote detects correct HEAD' '
	git push public master:other &&
	(cd clone &&
	 git remote set-head origin -d &&
	 git remote set-head origin -a &&
	 git symbolic-ref refs/remotes/origin/HEAD > output &&
	 echo refs/remotes/origin/master > expect &&
	 test_cmp expect output
	)
'

test_expect_success 'fetch packed objects' '
	cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
	(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
	 git --bare repack -a -d
	) &&
	git clone $HTTPD_URL/dumb/repo_pack.git
'

test_expect_success 'fetch notices corrupt pack' '
	cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
	(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
	 p=$(ls objects/pack/pack-*.pack) &&
	 chmod u+w $p &&
	 printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
	) &&
	mkdir repo_bad1.git &&
	(cd repo_bad1.git &&
	 git --bare init &&
	 test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad1.git &&
	 test 0 = $(ls objects/pack/pack-*.pack | wc -l)
	)
'

test_expect_success 'fetch notices corrupt idx' '
	cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
	(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
	 p=$(ls objects/pack/pack-*.idx) &&
	 chmod u+w $p &&
	 printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
	) &&
	mkdir repo_bad2.git &&
	(cd repo_bad2.git &&
	 git --bare init &&
	 test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad2.git &&
	 test 0 = $(ls objects/pack | wc -l)
	)
'

test_expect_success 'fetch can handle previously-fetched .idx files' '
	git checkout --orphan branch1 &&
	echo base >file &&
	git add file &&
	git commit -m base &&
	git --bare init "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git &&
	git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch1 &&
	git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
	git checkout -b branch2 branch1 &&
	echo b2 >>file &&
	git commit -a -m b2 &&
	git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch2 &&
	git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
	git --bare init clone_packed_branches.git &&
	git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch1:branch1 &&
	git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch2:branch2
'

test_expect_success 'did not use upload-pack service' '
	test_might_fail grep '/git-upload-pack' <"$HTTPD_ROOT_PATH"/access.log >act &&
	: >exp &&
	test_cmp exp act
'

test_expect_success 'git client shows text/plain errors' '
	test_must_fail git clone "$HTTPD_URL/error/text" 2>stderr &&
	grep "this is the error message" stderr
'

test_expect_success 'git client does not show html errors' '
	test_must_fail git clone "$HTTPD_URL/error/html" 2>stderr &&
	! grep "this is the error message" stderr
'

test_expect_success 'git client shows text/plain with a charset' '
	test_must_fail git clone "$HTTPD_URL/error/charset" 2>stderr &&
	grep "this is the error message" stderr
'

test_expect_success 'http error messages are reencoded' '
	test_must_fail git clone "$HTTPD_URL/error/utf16" 2>stderr &&
	grep "this is the error message" stderr
'

test_expect_success 'reencoding is robust to whitespace oddities' '
	test_must_fail git clone "$HTTPD_URL/error/odd-spacing" 2>stderr &&
	grep "this is the error message" stderr
'

check_language () {
	case "$2" in
	'')
		>expect
		;;
	?*)
		echo "=> Send header: Accept-Language: $1" >expect
		;;
	esac &&
	GIT_TRACE_CURL=true \
	LANGUAGE=$2 \
	git ls-remote "$HTTPD_URL/dumb/repo.git" >output 2>&1 &&
	tr -d '\015' <output |
	sort -u |
	sed -ne '/^=> Send header: Accept-Language:/ p' >actual &&
	test_cmp expect actual
}

test_expect_success 'git client sends Accept-Language based on LANGUAGE' '
	check_language "ko-KR, *;q=0.9" ko_KR.UTF-8'

test_expect_success 'git client sends Accept-Language correctly with unordinary LANGUAGE' '
	check_language "ko-KR, *;q=0.9" "ko_KR:" &&
	check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR::en_US" &&
	check_language "ko-KR, *;q=0.9" ":::ko_KR" &&
	check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR!!:en_US" &&
	check_language "ko-KR, ja-JP;q=0.9, *;q=0.8" "ko_KR en_US:ja_JP"'

test_expect_success 'git client sends Accept-Language with many preferred languages' '
	check_language "ko-KR, en-US;q=0.9, fr-CA;q=0.8, de;q=0.7, sr;q=0.6, \
ja;q=0.5, zh;q=0.4, sv;q=0.3, pt;q=0.2, *;q=0.1" \
		ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt &&
	check_language "ko-KR, en-US;q=0.99, fr-CA;q=0.98, de;q=0.97, sr;q=0.96, \
ja;q=0.95, zh;q=0.94, sv;q=0.93, pt;q=0.92, nb;q=0.91, *;q=0.90" \
		ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt:nb
'

test_expect_success 'git client does not send an empty Accept-Language' '
	GIT_TRACE_CURL=true LANGUAGE= git ls-remote "$HTTPD_URL/dumb/repo.git" 2>stderr &&
	! grep "^=> Send header: Accept-Language:" stderr
'

test_expect_success 'remote-http complains cleanly about malformed urls' '
	# do not actually issue "list" or other commands, as we do not
	# want to rely on what curl would actually do with such a broken
	# URL. This is just about making sure we do not segfault during
	# initialization.
	test_must_fail git remote-http http::/example.com/repo.git
'

test_expect_success 'redirects can be forbidden/allowed' '
	test_must_fail git -c http.followRedirects=false \
		clone $HTTPD_URL/dumb-redir/repo.git dumb-redir &&
	git -c http.followRedirects=true \
		clone $HTTPD_URL/dumb-redir/repo.git dumb-redir 2>stderr
'

test_expect_success 'redirects are reported to stderr' '
	# just look for a snippet of the redirected-to URL
	test_i18ngrep /dumb/ stderr
'

test_expect_success 'non-initial redirects can be forbidden' '
	test_must_fail git -c http.followRedirects=initial \
		clone $HTTPD_URL/redir-objects/repo.git redir-objects &&
	git -c http.followRedirects=true \
		clone $HTTPD_URL/redir-objects/repo.git redir-objects
'

test_expect_success 'http.followRedirects defaults to "initial"' '
	test_must_fail git clone $HTTPD_URL/redir-objects/repo.git default
'

# The goal is for a clone of the "evil" repository, which has no objects
# itself, to cause the client to fetch objects from the "victim" repository.
test_expect_success 'set up evil alternates scheme' '
	victim=$HTTPD_DOCUMENT_ROOT_PATH/victim.git &&
	git init --bare "$victim" &&
	git -C "$victim" --work-tree=. commit --allow-empty -m secret &&
	git -C "$victim" repack -ad &&
	git -C "$victim" update-server-info &&
	sha1=$(git -C "$victim" rev-parse HEAD) &&

	evil=$HTTPD_DOCUMENT_ROOT_PATH/evil.git &&
	git init --bare "$evil" &&
	# do this by hand to avoid object existence check
	printf "%s\\t%s\\n" $sha1 refs/heads/master >"$evil/info/refs"
'

# Here we'll just redirect via HTTP. In a real-world attack these would be on
# different servers, but we should reject it either way.
test_expect_success 'http-alternates is a non-initial redirect' '
	echo "$HTTPD_URL/dumb/victim.git/objects" \
		>"$evil/objects/info/http-alternates" &&
	test_must_fail git -c http.followRedirects=initial \
		clone $HTTPD_URL/dumb/evil.git evil-initial &&
	git -c http.followRedirects=true \
		clone $HTTPD_URL/dumb/evil.git evil-initial
'

# Curl supports a lot of protocols that we'd prefer not to allow
# http-alternates to use, but it's hard to test whether curl has
# accessed, say, the SMTP protocol, because we are not running an SMTP server.
# But we can check that it does not allow access to file://, which would
# otherwise allow this clone to complete.
test_expect_success 'http-alternates cannot point at funny protocols' '
	echo "file://$victim/objects" >"$evil/objects/info/http-alternates" &&
	test_must_fail git -c http.followRedirects=true \
		clone "$HTTPD_URL/dumb/evil.git" evil-file
'

test_expect_success 'http-alternates triggers not-from-user protocol check' '
	echo "$HTTPD_URL/dumb/victim.git/objects" \
		>"$evil/objects/info/http-alternates" &&
	test_config_global http.followRedirects true &&
	test_must_fail git -c protocol.http.allow=user \
		clone $HTTPD_URL/dumb/evil.git evil-user &&
	git -c protocol.http.allow=always \
		clone $HTTPD_URL/dumb/evil.git evil-user
'

test_expect_success 'can redirect through non-"info/refs?service=git-upload-pack" URL' '
	git clone "$HTTPD_URL/redir-to/dumb/repo.git"
'

test_expect_success 'print HTTP error when any intermediate redirect throws error' '
	test_must_fail git clone "$HTTPD_URL/redir-to/502" 2> stderr &&
	test_i18ngrep "unable to access.*/redir-to/502" stderr
'

stop_httpd
test_done
Commit	Line	Data
119c8eee JK	1	#!/bin/sh
119c8eee JK	2
7da4e228	3	test_description='test dumb fetching over http via static file'
119c8eee	4	. ./test-lib.sh
55bc3dc4	5	. "$TEST_DIRECTORY"/lib-httpd.sh
119c8eee JK	6	start_httpd
	7
	8	test_expect_success 'setup repository' '
c9704aa7	9	git config push.default matching &&
5a9681f4	10	echo content1 >file &&
119c8eee	11	git add file &&
99094a7a	12	git commit -m one &&
5a9681f4 CB	13	echo content2 >file &&
	14	git add file &&
	15	git commit -m two
119c8eee JK	16	'
119c8eee JK	17
5a9681f4	18	test_expect_success 'create http-accessible bare repository with loose objects' '
d4a7ffaa	19	cp -R .git "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
119c8eee	20	(cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
5a9681f4 CB	21	git config core.bare true &&
5a9681f4 CB	22	mkdir -p hooks &&
1fd1a919 BW	23	write_script "hooks/post-update" <<-\EOF &&
	24	exec git update-server-info
	25	EOF
5a9681f4	26	hooks/post-update
119c8eee JK	27	) &&
	28	git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
	29	git push public master:master
	30	'
	31
	32	test_expect_success 'clone http repository' '
6cfc0286 TRC	33	git clone $HTTPD_URL/dumb/repo.git clone-tmpl &&
6cfc0286 TRC	34	cp -R clone-tmpl clone &&
119c8eee JK	35	test_cmp file clone/file
	36	'
	37
4b0c3c77 JN	38	test_expect_success 'list refs from outside any repository' '
	39	cat >expect <<-EOF &&
	40	$(git rev-parse master) HEAD
	41	$(git rev-parse master) refs/heads/master
	42	EOF
	43	nongit git ls-remote "$HTTPD_URL/dumb/repo.git" >actual &&
	44	test_cmp expect actual
	45	'
	46
5232586c	47	test_expect_success 'create password-protected repository' '
726800a8	48	mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/" &&
5232586c	49	cp -Rf "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
726800a8	50	"$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git"
5232586c JK	51	'
5232586c JK	52
e837936c	53	setup_askpass_helper
148bb6a7	54
5232586c	55	test_expect_success 'cloning password-protected repository can fail' '
e837936c	56	set_askpass wrong &&
726800a8	57	test_must_fail git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-fail &&
148bb6a7	58	expect_askpass both wrong
5232586c JK	59	'
	60
	61	test_expect_success 'http auth can use user/pass in URL' '
e837936c	62	set_askpass wrong &&
726800a8	63	git clone "$HTTPD_URL_USER_PASS/auth/dumb/repo.git" clone-auth-none &&
148bb6a7	64	expect_askpass none
5232586c JK	65	'
5232586c JK	66
dfa1725a	67	test_expect_success 'http auth can use just user in URL' '
afbf5ca5	68	set_askpass wrong pass@host &&
726800a8	69	git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-pass &&
148bb6a7	70	expect_askpass pass user@host
5232586c JK	71	'
5232586c JK	72
dfa1725a	73	test_expect_success 'http auth can request both user and pass' '
afbf5ca5	74	set_askpass user@host pass@host &&
726800a8	75	git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-both &&
148bb6a7	76	expect_askpass both user@host
3cf8fe1d GC	77	'
3cf8fe1d GC	78
dfa1725a	79	test_expect_success 'http auth respects credential helper config' '
11825072 JK	80	test_config_global credential.helper "!f() {
	81	cat >/dev/null
	82	echo username=user@host
afbf5ca5	83	echo password=pass@host
11825072	84	}; f" &&
e837936c	85	set_askpass wrong &&
726800a8	86	git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-helper &&
11825072 JK	87	expect_askpass none
	88	'
	89
dfa1725a	90	test_expect_success 'http auth can get username from config' '
d5742425	91	test_config_global "credential.$HTTPD_URL.username" user@host &&
afbf5ca5	92	set_askpass wrong pass@host &&
726800a8	93	git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-user &&
d5742425 JK	94	expect_askpass pass user@host
	95	'
	96
dfa1725a	97	test_expect_success 'configured username does not override URL' '
d5742425	98	test_config_global "credential.$HTTPD_URL.username" wrong &&
afbf5ca5	99	set_askpass wrong pass@host &&
726800a8	100	git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-user2 &&
d5742425 JK	101	expect_askpass pass user@host
	102	'
	103
455d22c1	104	test_expect_success 'set up repo with http submodules' '
14111fc4 JK	105	git init super &&
	106	set_askpass user@host pass@host &&
	107	(
	108	cd super &&
	109	git submodule add "$HTTPD_URL/auth/dumb/repo.git" sub &&
	110	git commit -m "add submodule"
455d22c1 JK	111	)
	112	'
	113
	114	test_expect_success 'cmdline credential config passes to submodule via clone' '
14111fc4 JK	115	set_askpass wrong pass@host &&
	116	test_must_fail git clone --recursive super super-clone &&
	117	rm -rf super-clone &&
455d22c1	118
14111fc4	119	set_askpass wrong pass@host &&
1149ee21	120	git -c "credential.$HTTPD_URL.username=user@host" \
14111fc4	121	clone --recursive super super-clone &&
c12e8656 JK	122	expect_askpass pass user@host
	123	'
	124
	125	test_expect_success 'cmdline credential config passes submodule via fetch' '
	126	set_askpass wrong pass@host &&
	127	test_must_fail git -C super-clone fetch --recurse-submodules &&
	128
	129	set_askpass wrong pass@host &&
	130	git -C super-clone \
	131	-c "credential.$HTTPD_URL.username=user@host" \
	132	fetch --recurse-submodules &&
14111fc4 JK	133	expect_askpass pass user@host
	134	'
	135
860cba61 JK	136	test_expect_success 'cmdline credential config passes submodule update' '
	137	# advance the submodule HEAD so that a fetch is required
	138	git commit --allow-empty -m foo &&
	139	git push "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git" HEAD &&
	140	sha1=$(git rev-parse HEAD) &&
	141	git -C super-clone update-index --cacheinfo 160000,$sha1,sub &&
	142
	143	set_askpass wrong pass@host &&
	144	test_must_fail git -C super-clone submodule update &&
	145
	146	set_askpass wrong pass@host &&
	147	git -C super-clone \
	148	-c "credential.$HTTPD_URL.username=user@host" \
	149	submodule update &&
	150	expect_askpass pass user@host
	151	'
	152
119c8eee JK	153	test_expect_success 'fetch changes via http' '
	154	echo content >>file &&
	155	git commit -a -m two &&
2bcd9ec5	156	git push public &&
119c8eee JK	157	(cd clone && git pull) &&
	158	test_cmp file clone/file
	159	'
	160
6cfc0286 TRC	161	test_expect_success 'fetch changes via manual http-fetch' '
	162	cp -R clone-tmpl clone2 &&
	163
	164	HEAD=$(git rev-parse --verify HEAD) &&
	165	(cd clone2 &&
	166	git http-fetch -a -w heads/master-new $HEAD $(git config remote.origin.url) &&
	167	git checkout master-new &&
	168	test $HEAD = $(git rev-parse --verify HEAD)) &&
	169	test_cmp file clone2/file
	170	'
	171
fbb074c2 JK	172	test_expect_success 'http remote detects correct HEAD' '
	173	git push public master:other &&
	174	(cd clone &&
	175	git remote set-head origin -d &&
	176	git remote set-head origin -a &&
	177	git symbolic-ref refs/remotes/origin/HEAD > output &&
	178	echo refs/remotes/origin/master > expect &&
	179	test_cmp expect output
	180	)
	181	'
	182
96a4f187 TRC	183	test_expect_success 'fetch packed objects' '
96a4f187 TRC	184	cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
d761b2ac	185	(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
1327d839	186	git --bare repack -a -d
d761b2ac	187	) &&
024bb125	188	git clone $HTTPD_URL/dumb/repo_pack.git
96a4f187 TRC	189	'
96a4f187 TRC	190
fe72d420 SP	191	test_expect_success 'fetch notices corrupt pack' '
	192	cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
	193	(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
bacb1c01	194	p=$(ls objects/pack/pack-*.pack) &&
fe72d420 SP	195	chmod u+w $p &&
	196	printf %0256d 0 \| dd of=$p bs=256 count=1 seek=1 conv=notrunc
	197	) &&
	198	mkdir repo_bad1.git &&
	199	(cd repo_bad1.git &&
	200	git --bare init &&
	201	test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad1.git &&
bacb1c01	202	test 0 = $(ls objects/pack/pack-*.pack \| wc -l)
fe72d420 SP	203	)
	204	'
	205
750ef425 SP	206	test_expect_success 'fetch notices corrupt idx' '
	207	cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
	208	(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
bacb1c01	209	p=$(ls objects/pack/pack-*.idx) &&
750ef425 SP	210	chmod u+w $p &&
	211	printf %0256d 0 \| dd of=$p bs=256 count=1 seek=1 conv=notrunc
	212	) &&
	213	mkdir repo_bad2.git &&
	214	(cd repo_bad2.git &&
	215	git --bare init &&
	216	test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad2.git &&
bacb1c01	217	test 0 = $(ls objects/pack \| wc -l)
750ef425 SP	218	)
	219	'
	220
8b9c2dd4 JK	221	test_expect_success 'fetch can handle previously-fetched .idx files' '
	222	git checkout --orphan branch1 &&
	223	echo base >file &&
	224	git add file &&
	225	git commit -m base &&
	226	git --bare init "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git &&
	227	git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch1 &&
	228	git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
	229	git checkout -b branch2 branch1 &&
	230	echo b2 >>file &&
	231	git commit -a -m b2 &&
	232	git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch2 &&
	233	git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
	234	git --bare init clone_packed_branches.git &&
	235	git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch1:branch1 &&
	236	git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch2:branch2
	237	'
	238
7da4e228	239	test_expect_success 'did not use upload-pack service' '
35da1bf5 JK	240	test_might_fail grep '/git-upload-pack' <"$HTTPD_ROOT_PATH"/access.log >act &&
35da1bf5 JK	241	: >exp &&
7da4e228 SP	242	test_cmp exp act
	243	'
	244
dbcf2bd3 JK	245	test_expect_success 'git client shows text/plain errors' '
	246	test_must_fail git clone "$HTTPD_URL/error/text" 2>stderr &&
	247	grep "this is the error message" stderr
	248	'
	249
	250	test_expect_success 'git client does not show html errors' '
	251	test_must_fail git clone "$HTTPD_URL/error/html" 2>stderr &&
	252	! grep "this is the error message" stderr
	253	'
	254
bf197fd7 JK	255	test_expect_success 'git client shows text/plain with a charset' '
	256	test_must_fail git clone "$HTTPD_URL/error/charset" 2>stderr &&
	257	grep "this is the error message" stderr
	258	'
	259
fc1b774c JK	260	test_expect_success 'http error messages are reencoded' '
	261	test_must_fail git clone "$HTTPD_URL/error/utf16" 2>stderr &&
	262	grep "this is the error message" stderr
	263	'
	264
f34a655d YE	265	test_expect_success 'reencoding is robust to whitespace oddities' '
	266	test_must_fail git clone "$HTTPD_URL/error/odd-spacing" 2>stderr &&
	267	grep "this is the error message" stderr
	268	'
	269
f18604bb YE	270	check_language () {
	271	case "$2" in
	272	'')
	273	>expect
	274	;;
	275	?*)
81590bf7	276	echo "=> Send header: Accept-Language: $1" >expect
f18604bb YE	277	;;
f18604bb YE	278	esac &&
81590bf7	279	GIT_TRACE_CURL=true \
f18604bb YE	280	LANGUAGE=$2 \
	281	git ls-remote "$HTTPD_URL/dumb/repo.git" >output 2>&1 &&
	282	tr -d '\015' <output \|
	283	sort -u \|
81590bf7	284	sed -ne '/^=> Send header: Accept-Language:/ p' >actual &&
f18604bb YE	285	test_cmp expect actual
	286	}
	287
	288	test_expect_success 'git client sends Accept-Language based on LANGUAGE' '
	289	check_language "ko-KR, *;q=0.9" ko_KR.UTF-8'
	290
	291	test_expect_success 'git client sends Accept-Language correctly with unordinary LANGUAGE' '
	292	check_language "ko-KR, *;q=0.9" "ko_KR:" &&
	293	check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR::en_US" &&
	294	check_language "ko-KR, *;q=0.9" ":::ko_KR" &&
	295	check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR!!:en_US" &&
	296	check_language "ko-KR, ja-JP;q=0.9, *;q=0.8" "ko_KR en_US:ja_JP"'
	297
	298	test_expect_success 'git client sends Accept-Language with many preferred languages' '
	299	check_language "ko-KR, en-US;q=0.9, fr-CA;q=0.8, de;q=0.7, sr;q=0.6, \
	300	ja;q=0.5, zh;q=0.4, sv;q=0.3, pt;q=0.2, *;q=0.1" \
	301	ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt &&
	302	check_language "ko-KR, en-US;q=0.99, fr-CA;q=0.98, de;q=0.97, sr;q=0.96, \
	303	ja;q=0.95, zh;q=0.94, sv;q=0.93, pt;q=0.92, nb;q=0.91, *;q=0.90" \
	304	ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt:nb
	305	'
	306
	307	test_expect_success 'git client does not send an empty Accept-Language' '
81590bf7 EP	308	GIT_TRACE_CURL=true LANGUAGE= git ls-remote "$HTTPD_URL/dumb/repo.git" 2>stderr &&
81590bf7 EP	309	! grep "^=> Send header: Accept-Language:" stderr
f18604bb YE	310	'
f18604bb YE	311
d63ed6ef JK	312	test_expect_success 'remote-http complains cleanly about malformed urls' '
	313	# do not actually issue "list" or other commands, as we do not
	314	# want to rely on what curl would actually do with such a broken
	315	# URL. This is just about making sure we do not segfault during
	316	# initialization.
	317	test_must_fail git remote-http http::/example.com/repo.git
	318	'
	319
50d34137 JK	320	test_expect_success 'redirects can be forbidden/allowed' '
	321	test_must_fail git -c http.followRedirects=false \
	322	clone $HTTPD_URL/dumb-redir/repo.git dumb-redir &&
	323	git -c http.followRedirects=true \
	324	clone $HTTPD_URL/dumb-redir/repo.git dumb-redir 2>stderr
	325	'
	326
	327	test_expect_success 'redirects are reported to stderr' '
	328	# just look for a snippet of the redirected-to URL
	329	test_i18ngrep /dumb/ stderr
	330	'
	331
	332	test_expect_success 'non-initial redirects can be forbidden' '
	333	test_must_fail git -c http.followRedirects=initial \
	334	clone $HTTPD_URL/redir-objects/repo.git redir-objects &&
	335	git -c http.followRedirects=true \
	336	clone $HTTPD_URL/redir-objects/repo.git redir-objects
	337	'
	338
	339	test_expect_success 'http.followRedirects defaults to "initial"' '
	340	test_must_fail git clone $HTTPD_URL/redir-objects/repo.git default
	341	'
	342
cb4d2d35 JK	343	# The goal is for a clone of the "evil" repository, which has no objects
	344	# itself, to cause the client to fetch objects from the "victim" repository.
	345	test_expect_success 'set up evil alternates scheme' '
	346	victim=$HTTPD_DOCUMENT_ROOT_PATH/victim.git &&
	347	git init --bare "$victim" &&
	348	git -C "$victim" --work-tree=. commit --allow-empty -m secret &&
	349	git -C "$victim" repack -ad &&
	350	git -C "$victim" update-server-info &&
	351	sha1=$(git -C "$victim" rev-parse HEAD) &&
	352
	353	evil=$HTTPD_DOCUMENT_ROOT_PATH/evil.git &&
	354	git init --bare "$evil" &&
	355	# do this by hand to avoid object existence check
	356	printf "%s\\t%s\\n" $sha1 refs/heads/master >"$evil/info/refs"
	357	'
	358
	359	# Here we'll just redirect via HTTP. In a real-world attack these would be on
	360	# different servers, but we should reject it either way.
	361	test_expect_success 'http-alternates is a non-initial redirect' '
	362	echo "$HTTPD_URL/dumb/victim.git/objects" \
	363	>"$evil/objects/info/http-alternates" &&
	364	test_must_fail git -c http.followRedirects=initial \
	365	clone $HTTPD_URL/dumb/evil.git evil-initial &&
	366	git -c http.followRedirects=true \
	367	clone $HTTPD_URL/dumb/evil.git evil-initial
	368	'
	369
	370	# Curl supports a lot of protocols that we'd prefer not to allow
	371	# http-alternates to use, but it's hard to test whether curl has
	372	# accessed, say, the SMTP protocol, because we are not running an SMTP server.
	373	# But we can check that it does not allow access to file://, which would
	374	# otherwise allow this clone to complete.
	375	test_expect_success 'http-alternates cannot point at funny protocols' '
	376	echo "file://$victim/objects" >"$evil/objects/info/http-alternates" &&
	377	test_must_fail git -c http.followRedirects=true \
	378	clone "$HTTPD_URL/dumb/evil.git" evil-file
	379	'
	380
abcbdc03 JK	381	test_expect_success 'http-alternates triggers not-from-user protocol check' '
	382	echo "$HTTPD_URL/dumb/victim.git/objects" \
	383	>"$evil/objects/info/http-alternates" &&
	384	test_config_global http.followRedirects true &&
	385	test_must_fail git -c protocol.http.allow=user \
	386	clone $HTTPD_URL/dumb/evil.git evil-user &&
	387	git -c protocol.http.allow=always \
	388	clone $HTTPD_URL/dumb/evil.git evil-user
	389	'
	390
8e27391a JT	391	test_expect_success 'can redirect through non-"info/refs?service=git-upload-pack" URL' '
	392	git clone "$HTTPD_URL/redir-to/dumb/repo.git"
	393	'
	394
	395	test_expect_success 'print HTTP error when any intermediate redirect throws error' '
	396	test_must_fail git clone "$HTTPD_URL/redir-to/502" 2> stderr &&
	397	test_i18ngrep "unable to access.*/redir-to/502" stderr
	398	'
	399
119c8eee JK	400	stop_httpd
119c8eee JK	401	test_done