3 test_description
='test smart fetching over http via http-backend'
4 GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
=main
5 export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
8 .
"$TEST_DIRECTORY"/lib-httpd.sh
11 test_expect_success
'setup repository' '
12 git config push.default matching &&
18 test_expect_success
'create http-accessible bare repository' '
19 mkdir "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
20 (cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
23 git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
24 git push public main:main
29 test_expect_success
'clone http repository' '
31 > GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/1.1
33 > Accept-Encoding: ENCODINGS
37 < Cache-Control: no-cache, max-age=0, must-revalidate
38 < Content-Type: application/x-git-upload-pack-advertisement
39 > POST /smart/repo.git/git-upload-pack HTTP/1.1
40 > Accept-Encoding: ENCODINGS
41 > Content-Type: application/x-git-upload-pack-request
42 > Accept: application/x-git-upload-pack-result
46 < Cache-Control: no-cache, max-age=0, must-revalidate
47 < Content-Type: application/x-git-upload-pack-result
49 GIT_TRACE_CURL=true GIT_TEST_PROTOCOL_VERSION=0 \
50 git clone --quiet $HTTPD_URL/smart/repo.git clone 2>err &&
51 test_cmp file clone/file &&
52 tr '\''\015'\'' Q <err |
75 /^> Accept: [*]\\/[*]/d
77 s/^> Content-Length: .*/> Content-Length: xxx/
84 /^< Content-Length: /d
85 /^< Transfer-Encoding: /d
88 # NEEDSWORK: If the overspecification of the expected result is reduced, we
89 # might be able to run this test in all protocol versions.
90 if test "$GIT_TEST_PROTOCOL_VERSION" = 0
92 sed -e "s/^> Accept-Encoding: .*/> Accept-Encoding: ENCODINGS/" \
93 actual >actual.smudged &&
94 test_cmp exp actual.smudged &&
96 grep "Accept-Encoding:.*gzip" actual >actual.gzip &&
97 test_line_count = 2 actual.gzip
101 test_expect_success
'fetch changes via http' '
102 echo content >>file &&
103 git commit -a -m two &&
105 (cd clone && git pull) &&
106 test_cmp file clone/file
109 test_expect_success
'used upload-pack service' '
111 GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/1.1 200
112 POST /smart/repo.git/git-upload-pack HTTP/1.1 200
113 GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/1.1 200
114 POST /smart/repo.git/git-upload-pack HTTP/1.1 200
117 # NEEDSWORK: If the overspecification of the expected result is reduced, we
118 # might be able to run this test in all protocol versions.
119 if test "$GIT_TEST_PROTOCOL_VERSION" = 0
125 test_expect_success
'follow redirects (301)' '
126 git clone $HTTPD_URL/smart-redir-perm/repo.git --quiet repo-p
129 test_expect_success
'follow redirects (302)' '
130 git clone $HTTPD_URL/smart-redir-temp/repo.git --quiet repo-t
133 test_expect_success
'redirects re-root further requests' '
134 git clone $HTTPD_URL/smart-redir-limited/repo.git repo-redir-limited
137 test_expect_success
're-rooting dies on insane schemes' '
138 test_must_fail git clone $HTTPD_URL/insane-redir/repo.git insane
141 test_expect_success
'clone from password-protected repository' '
143 set_askpass user@host pass@host &&
144 git clone --bare "$HTTPD_URL/auth/smart/repo.git" smart-auth &&
145 expect_askpass both user@host &&
146 git --git-dir=smart-auth log -1 --format=%s >actual &&
147 test_cmp expect actual
150 test_expect_success
'clone from auth-only-for-push repository' '
153 git clone --bare "$HTTPD_URL/auth-push/smart/repo.git" smart-noauth &&
154 expect_askpass none &&
155 git --git-dir=smart-noauth log -1 --format=%s >actual &&
156 test_cmp expect actual
159 test_expect_success
'clone from auth-only-for-objects repository' '
161 set_askpass user@host pass@host &&
162 git clone --bare "$HTTPD_URL/auth-fetch/smart/repo.git" half-auth &&
163 expect_askpass both user@host &&
164 git --git-dir=half-auth log -1 --format=%s >actual &&
165 test_cmp expect actual
168 test_expect_success
'no-op half-auth fetch does not require a password' '
171 # NEEDSWORK: When using HTTP(S), protocol v0 supports a "half-auth"
172 # configuration with authentication required only when downloading
173 # objects and not refs, by having the HTTP server only require
174 # authentication for the "git-upload-pack" path and not "info/refs".
175 # This is not possible with protocol v2, since both objects and refs
176 # are obtained from the "git-upload-pack" path. A solution to this is
177 # to teach the server and client to be able to inline ls-refs requests
178 # as an Extra Parameter (see pack-protocol.txt), so that "info/refs"
179 # can serve refs, just like it does in protocol v0.
180 GIT_TEST_PROTOCOL_VERSION=0 git --git-dir=half-auth fetch &&
184 test_expect_success
'redirects send auth to new location' '
185 set_askpass user@host pass@host &&
186 git -c credential.useHttpPath=true \
187 clone $HTTPD_URL/smart-redir-auth/repo.git repo-redir-auth &&
188 expect_askpass both user@host auth/smart/repo.git
191 test_expect_success
'GIT_TRACE_CURL redacts auth details' '
192 rm -rf redact-auth trace &&
193 set_askpass user@host pass@host &&
194 GIT_TRACE_CURL="$(pwd)/trace" git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth &&
195 expect_askpass both user@host &&
197 # Ensure that there is no "Basic" followed by a base64 string, but that
198 # the auth details are redacted
199 ! grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace &&
200 grep -i "Authorization: Basic <redacted>" trace
203 test_expect_success
'GIT_CURL_VERBOSE redacts auth details' '
204 rm -rf redact-auth trace &&
205 set_askpass user@host pass@host &&
206 GIT_CURL_VERBOSE=1 git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth 2>trace &&
207 expect_askpass both user@host &&
209 # Ensure that there is no "Basic" followed by a base64 string, but that
210 # the auth details are redacted
211 ! grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace &&
212 grep -i "Authorization: Basic <redacted>" trace
215 test_expect_success
'GIT_TRACE_CURL does not redact auth details if GIT_TRACE_REDACT=0' '
216 rm -rf redact-auth trace &&
217 set_askpass user@host pass@host &&
218 GIT_TRACE_REDACT=0 GIT_TRACE_CURL="$(pwd)/trace" \
219 git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth &&
220 expect_askpass both user@host &&
222 grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace
225 test_expect_success
'disable dumb http on server' '
226 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
227 config http.getanyfile false
230 test_expect_success
'GIT_SMART_HTTP can disable smart http' '
232 export GIT_SMART_HTTP &&
234 test_must_fail git fetch)
237 test_expect_success
'invalid Content-Type rejected' '
238 test_must_fail git clone $HTTPD_URL/broken_smart/repo.git 2>actual &&
239 test_i18ngrep "not valid:" actual
242 test_expect_success
'create namespaced refs' '
243 test_commit namespaced &&
244 git push public HEAD:refs/namespaces/ns/refs/heads/main &&
245 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
246 symbolic-ref refs/namespaces/ns/HEAD refs/namespaces/ns/refs/heads/main
249 test_expect_success
'smart clone respects namespace' '
250 git clone "$HTTPD_URL/smart_namespace/repo.git" ns-smart &&
251 echo namespaced >expect &&
252 git --git-dir=ns-smart/.git log -1 --format=%s >actual &&
253 test_cmp expect actual
256 test_expect_success
'dumb clone via http-backend respects namespace' '
257 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
258 config http.getanyfile true &&
259 GIT_SMART_HTTP=0 git clone \
260 "$HTTPD_URL/smart_namespace/repo.git" ns-dumb &&
261 echo namespaced >expect &&
262 git --git-dir=ns-dumb/.git log -1 --format=%s >actual &&
263 test_cmp expect actual
266 test_expect_success
'cookies stored in http.cookiefile when http.savecookies set' '
267 cat >cookies.txt <<-\EOF &&
268 127.0.0.1 FALSE /smart_cookies/ FALSE 0 othername othervalue
270 sort >expect_cookies.txt <<-\EOF &&
272 127.0.0.1 FALSE /smart_cookies/ FALSE 0 othername othervalue
273 127.0.0.1 FALSE /smart_cookies/repo.git/info/ FALSE 0 name value
275 git config http.cookiefile cookies.txt &&
276 git config http.savecookies true &&
277 git ls-remote $HTTPD_URL/smart_cookies/repo.git main &&
279 # NEEDSWORK: If the overspecification of the expected result is reduced, we
280 # might be able to run this test in all protocol versions.
281 if test "$GIT_TEST_PROTOCOL_VERSION" = 0
283 tail -3 cookies.txt | sort >cookies_tail.txt &&
284 test_cmp expect_cookies.txt cookies_tail.txt
288 test_expect_success
'transfer.hiderefs works over smart-http' '
289 test_commit hidden &&
290 test_commit visible &&
291 git push public HEAD^:refs/heads/a HEAD:refs/heads/b &&
292 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
293 config transfer.hiderefs refs/heads/a &&
294 git clone --bare "$HTTPD_URL/smart/repo.git" hidden.git &&
295 test_must_fail git -C hidden.git rev-parse --verify a &&
296 git -C hidden.git rev-parse --verify b
299 # create an arbitrary number of tags, numbered from tag-$1 to tag-$2
302 for i
in $
(test_seq
"$1" "$2")
304 # don't use here-doc, because it requires a process
306 echo "commit refs/heads/too-many-refs-$1" &&
308 echo "committer git <git@example.com> $i +0000" &&
310 echo "M 644 inline bla.txt" &&
313 # make every commit dangling by always
314 # rewinding the branch after each commit
315 echo "reset refs/heads/too-many-refs-$1" &&
317 done | git fast-import
--export-marks=marks
&&
319 # now assign tags to all the dangling commits we created above
320 tag
=$
(perl
-e "print \"bla\" x 30") &&
321 sed -e "s|^:\([^ ]*\) \(.*\)$|\2 refs/tags/$tag-\1|" <marks
>>packed-refs
324 test_expect_success
'create 2,000 tags in the repo' '
326 cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
331 test_expect_success CMDLINE_LIMIT \
332 'clone the 2,000 tag repo to check OS command line overflow' '
333 run_with_limited_cmdline git clone $HTTPD_URL/smart/repo.git too-many-refs &&
336 git for-each-ref refs/tags >actual &&
337 test_line_count = 2000 actual
341 test_expect_success
'large fetch-pack requests can be sent using chunked encoding' '
342 GIT_TRACE_CURL=true git -c http.postbuffer=65536 \
343 clone --bare "$HTTPD_URL/smart/repo.git" split.git 2>err &&
344 grep "^=> Send header: Transfer-Encoding: chunked" err
347 test_expect_success
'test allowreachablesha1inwant' '
348 test_when_finished "rm -rf test_reachable.git" &&
349 server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
350 main_sha=$(git -C "$server" rev-parse refs/heads/main) &&
351 git -C "$server" config uploadpack.allowreachablesha1inwant 1 &&
353 git init --bare test_reachable.git &&
354 git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" &&
355 git -C test_reachable.git fetch origin "$main_sha"
358 test_expect_success
'test allowreachablesha1inwant with unreachable' '
359 test_when_finished "rm -rf test_reachable.git; git reset --hard $(git rev-parse HEAD)" &&
361 #create unreachable sha
362 echo content >file2 &&
365 git push public HEAD:refs/heads/doomed &&
366 git push public :refs/heads/doomed &&
368 server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
369 main_sha=$(git -C "$server" rev-parse refs/heads/main) &&
370 git -C "$server" config uploadpack.allowreachablesha1inwant 1 &&
372 git init --bare test_reachable.git &&
373 git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" &&
374 # Some protocol versions (e.g. 2) support fetching
375 # unadvertised objects, so restrict this test to v0.
376 test_must_fail env GIT_TEST_PROTOCOL_VERSION=0 \
377 git -C test_reachable.git fetch origin "$(git rev-parse HEAD)"
380 test_expect_success
'test allowanysha1inwant with unreachable' '
381 test_when_finished "rm -rf test_reachable.git; git reset --hard $(git rev-parse HEAD)" &&
383 #create unreachable sha
384 echo content >file2 &&
387 git push public HEAD:refs/heads/doomed &&
388 git push public :refs/heads/doomed &&
390 server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
391 main_sha=$(git -C "$server" rev-parse refs/heads/main) &&
392 git -C "$server" config uploadpack.allowreachablesha1inwant 1 &&
394 git init --bare test_reachable.git &&
395 git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" &&
396 # Some protocol versions (e.g. 2) support fetching
397 # unadvertised objects, so restrict this test to v0.
398 test_must_fail env GIT_TEST_PROTOCOL_VERSION=0 \
399 git -C test_reachable.git fetch origin "$(git rev-parse HEAD)" &&
401 git -C "$server" config uploadpack.allowanysha1inwant 1 &&
402 git -C test_reachable.git fetch origin "$(git rev-parse HEAD)"
405 test_expect_success EXPENSIVE
'http can handle enormous ref negotiation' '
407 cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
408 create_tags 2001 50000
410 git -C too-many-refs fetch -q --tags &&
412 cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
413 create_tags 50001 100000
415 git -C too-many-refs fetch -q --tags &&
416 git -C too-many-refs for-each-ref refs/tags >tags &&
417 test_line_count = 100000 tags
420 test_expect_success
'custom http headers' '
421 test_must_fail git -c http.extraheader="x-magic-two: cadabra" \
422 fetch "$HTTPD_URL/smart_headers/repo.git" &&
423 git -c http.extraheader="x-magic-one: abra" \
424 -c http.extraheader="x-magic-two: cadabra" \
425 fetch "$HTTPD_URL/smart_headers/repo.git" &&
426 git update-index --add --cacheinfo 160000,$(git rev-parse HEAD),sub &&
427 git config -f .gitmodules submodule.sub.path sub &&
428 git config -f .gitmodules submodule.sub.url \
429 "$HTTPD_URL/smart_headers/repo.git" &&
430 git submodule init sub &&
431 test_must_fail git submodule update sub &&
432 git -c http.extraheader="x-magic-one: abra" \
433 -c http.extraheader="x-magic-two: cadabra" \
437 test_expect_success
'using fetch command in remote-curl updates refs' '
438 SERVER="$HTTPD_DOCUMENT_ROOT_PATH/twobranch" &&
439 rm -rf "$SERVER" client &&
441 git init "$SERVER" &&
442 test_commit -C "$SERVER" foo &&
443 git -C "$SERVER" update-ref refs/heads/anotherbranch foo &&
445 git clone $HTTPD_URL/smart/twobranch client &&
447 test_commit -C "$SERVER" bar &&
448 git -C client -c protocol.version=0 fetch &&
450 git -C "$SERVER" rev-parse main >expect &&
451 git -C client rev-parse origin/main >actual &&
452 test_cmp expect actual
455 test_expect_success
'fetch by SHA-1 without tag following' '
456 SERVER="$HTTPD_DOCUMENT_ROOT_PATH/server" &&
457 rm -rf "$SERVER" client &&
459 git init "$SERVER" &&
460 test_commit -C "$SERVER" foo &&
462 git clone $HTTPD_URL/smart/server client &&
464 test_commit -C "$SERVER" bar &&
465 git -C "$SERVER" rev-parse bar >bar_hash &&
466 git -C client -c protocol.version=0 fetch \
467 --no-tags origin $(cat bar_hash)
470 test_expect_success
'cookies are redacted by default' '
472 echo "Set-Cookie: Foo=1" >cookies &&
473 echo "Set-Cookie: Bar=2" >>cookies &&
474 GIT_TRACE_CURL=true \
475 git -c "http.cookieFile=$(pwd)/cookies" clone \
476 $HTTPD_URL/smart/repo.git clone 2>err &&
477 grep -i "Cookie:.*Foo=<redacted>" err &&
478 grep -i "Cookie:.*Bar=<redacted>" err &&
479 ! grep -i "Cookie:.*Foo=1" err &&
480 ! grep -i "Cookie:.*Bar=2" err
483 test_expect_success
'empty values of cookies are also redacted' '
485 echo "Set-Cookie: Foo=" >cookies &&
486 GIT_TRACE_CURL=true \
487 git -c "http.cookieFile=$(pwd)/cookies" clone \
488 $HTTPD_URL/smart/repo.git clone 2>err &&
489 grep -i "Cookie:.*Foo=<redacted>" err
492 test_expect_success
'GIT_TRACE_REDACT=0 disables cookie redaction' '
494 echo "Set-Cookie: Foo=1" >cookies &&
495 echo "Set-Cookie: Bar=2" >>cookies &&
496 GIT_TRACE_REDACT=0 GIT_TRACE_CURL=true \
497 git -c "http.cookieFile=$(pwd)/cookies" clone \
498 $HTTPD_URL/smart/repo.git clone 2>err &&
499 grep -i "Cookie:.*Foo=1" err &&
500 grep -i "Cookie:.*Bar=2" err
503 test_expect_success
'GIT_TRACE_CURL_NO_DATA prevents data from being traced' '
505 GIT_TRACE_CURL=true \
506 git clone $HTTPD_URL/smart/repo.git clone 2>err &&
507 grep "=> Send data" err &&
510 GIT_TRACE_CURL=true GIT_TRACE_CURL_NO_DATA=1 \
511 git clone $HTTPD_URL/smart/repo.git clone 2>err &&
512 ! grep "=> Send data" err
515 test_expect_success
'server-side error detected' '
516 test_must_fail git clone $HTTPD_URL/error_smart/repo.git 2>actual &&
517 test_i18ngrep "server-side error" actual
520 test_expect_success
'http auth remembers successful credentials' '
521 rm -f .git-credentials &&
522 test_config credential.helper store &&
524 # the first request prompts the user...
525 set_askpass user@host pass@host &&
526 git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
527 expect_askpass both user@host &&
529 # ...and the second one uses the stored value rather than
530 # prompting the user.
531 set_askpass bogus-user bogus-pass &&
532 git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
536 test_expect_success
'http auth forgets bogus credentials' '
537 # seed credential store with bogus values. In real life,
538 # this would probably come from a password which worked
539 # for a previous request.
540 rm -f .git-credentials &&
541 test_config credential.helper store &&
543 echo "url=$HTTPD_URL" &&
544 echo "username=bogus" &&
545 echo "password=bogus"
546 } | git credential approve &&
548 # we expect this to use the bogus values and fail, never even
549 # prompting the user...
550 set_askpass user@host pass@host &&
551 test_must_fail git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
552 expect_askpass none &&
554 # ...but now we should have forgotten the bad value, causing
555 # us to prompt the user again.
556 set_askpass user@host pass@host &&
557 git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
558 expect_askpass both user@host
561 test_expect_success
'client falls back from v2 to v0 to match server' '
562 GIT_TRACE_PACKET=$PWD/trace \
563 GIT_TEST_PROTOCOL_VERSION=2 \
564 git clone $HTTPD_URL/smart_v0/repo.git repo-v0 &&
565 # check for v0; there the HEAD symref is communicated in the capability
566 # line; v2 uses a different syntax on each ref advertisement line
567 grep symref=HEAD:refs/heads/ trace
570 test_expect_success
'passing hostname resolution information works' '
571 BOGUS_HOST=gitbogusexamplehost.invalid &&
572 BOGUS_HTTPD_URL=$HTTPD_PROTO://$BOGUS_HOST:$LIB_HTTPD_PORT &&
573 test_must_fail git ls-remote "$BOGUS_HTTPD_URL/smart/repo.git" >/dev/null &&
574 git -c "http.curloptResolve=$BOGUS_HOST:$LIB_HTTPD_PORT:127.0.0.1" ls-remote "$BOGUS_HTTPD_URL/smart/repo.git" >/dev/null