# LIB_HTTPD_DAV enable DAV
# LIB_HTTPD_SVN enable SVN at given location (e.g. "svn")
# LIB_HTTPD_SSL enable SSL
+# LIB_HTTPD_PROXY enable proxy
#
# Copyright (c) 2008 Clemens Buchacher <drizzd@aon.at>
#
fi
HTTPD_VERSION=$($LIB_HTTPD_PATH -v | \
- sed -n 's/^Server version: Apache\/\([0-9]*\)\..*$/\1/p; q')
+ sed -n 's/^Server version: Apache\/\([0-9.]*\).*$/\1/p; q')
+HTTPD_VERSION_MAJOR=$(echo $HTTPD_VERSION | cut -d. -f1)
+HTTPD_VERSION_MINOR=$(echo $HTTPD_VERSION | cut -d. -f2)
-if test -n "$HTTPD_VERSION"
+if test -n "$HTTPD_VERSION_MAJOR"
then
if test -z "$LIB_HTTPD_MODULE_PATH"
then
- if ! test $HTTPD_VERSION -ge 2
+ if ! test "$HTTPD_VERSION_MAJOR" -eq 2 ||
+ ! test "$HTTPD_VERSION_MINOR" -ge 4
then
test_skip_or_die GIT_TEST_HTTPD \
- "at least Apache version 2 is required"
+ "at least Apache version 2.4 is required"
fi
if ! test -d "$DEFAULT_HTTPD_MODULE_PATH"
then
prepare_httpd() {
mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH"
cp "$TEST_PATH"/passwd "$HTTPD_ROOT_PATH"
+ cp "$TEST_PATH"/proxy-passwd "$HTTPD_ROOT_PATH"
install_script incomplete-length-upload-pack-v2-http.sh
install_script incomplete-body-upload-pack-v2-http.sh
install_script error-no-report.sh
export LIB_HTTPD_SVN LIB_HTTPD_SVNPATH
fi
fi
+
+ if test -n "$LIB_HTTPD_PROXY"
+ then
+ HTTPD_PARA="$HTTPD_PARA -DPROXY"
+ fi
}
enable_http2 () {
test_set_prereq HTTP2
}
+ enable_cgipassauth () {
+ # We are looking for 2.4.13 or more recent. Since we only support
+ # 2.4 and up, no need to check for older major/minor.
+ if test "$HTTPD_VERSION_MAJOR" = 2 &&
+ test "$HTTPD_VERSION_MINOR" = 4 &&
+ test "$(echo $HTTPD_VERSION | cut -d. -f3)" -lt 13
+ then
+ echo >&4 "apache $HTTPD_VERSION too old for CGIPassAuth"
+ return
+ fi
+ HTTPD_PARA="$HTTPD_PARA -DUSE_CGIPASSAUTH"
+ test_set_prereq CGIPASSAUTH
+ }
+
start_httpd() {
prepare_httpd >&3 2>&4
git commit -a -m path2 --amend &&
test_must_fail git push -v origin >output 2>&1 &&
- (cd "$REMOTE_REPO" &&
- test $HEAD = $(git rev-parse --verify HEAD))
+ (
+ cd "$REMOTE_REPO" &&
+ echo "$HEAD" >expect &&
+ git rev-parse --verify HEAD >actual &&
+ test_cmp expect actual
+ )
'
test_expect_success 'non-fast-forward push show ref status' '
none)
;;
pass)
- echo "askpass: Password for 'http://$2@$dest': "
+ echo "askpass: Password for '$HTTPD_PROTO://$2@$dest': "
;;
both)
- echo "askpass: Username for 'http://$dest': "
- echo "askpass: Password for 'http://$2@$dest': "
+ echo "askpass: Username for '$HTTPD_PROTO://$dest': "
+ echo "askpass: Password for '$HTTPD_PROTO://$2@$dest': "
;;
*)
false
<IfDefine HTTP2>
LoadModule http2_module modules/mod_http2.so
-Protocols h2c
+Protocols h2 h2c
</IfDefine>
-<IfVersion < 2.4>
-LockFile accept.lock
-</IfVersion>
-
-<IfVersion < 2.1>
-<IfModule !mod_auth.c>
- LoadModule auth_module modules/mod_auth.so
-</IfModule>
-</IfVersion>
-
-<IfVersion >= 2.1>
<IfModule !mod_auth_basic.c>
LoadModule auth_basic_module modules/mod_auth_basic.so
</IfModule>
<IfModule !mod_authz_host.c>
LoadModule authz_host_module modules/mod_authz_host.so
</IfModule>
-</IfVersion>
-<IfVersion >= 2.4>
+<IfDefine PROXY>
+<IfModule !mod_proxy.c>
+ LoadModule proxy_module modules/mod_proxy.so
+</IfModule>
+<IfModule !mod_proxy_http.c>
+ LoadModule proxy_http_module modules/mod_proxy_http.so
+</IfModule>
+ProxyRequests On
+<Proxy "*">
+ AuthType Basic
+ AuthName "proxy-auth"
+ AuthUserFile proxy-passwd
+ Require valid-user
+</Proxy>
+</IfDefine>
+
<IfModule !mod_authn_core.c>
LoadModule authn_core_module modules/mod_authn_core.so
</IfModule>
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
</IfModule>
</IfDefine>
-</IfVersion>
PassEnv GIT_VALGRIND
PassEnv GIT_VALGRIND_OPTIONS
Alias /dumb/ www/
Alias /auth/dumb/ www/auth/dumb/
+SetEnv PERL_PATH ${PERL_PATH}
+
<LocationMatch /smart/>
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
SetEnv GIT_HTTP_EXPORT_ALL
Header set Set-Cookie name=value
</LocationMatch>
<LocationMatch /smart_headers/>
+ <RequireAll>
+ Require expr %{HTTP:x-magic-one} == 'abra'
+ Require expr %{HTTP:x-magic-two} == 'cadabra'
+ </RequireAll>
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
SetEnv GIT_HTTP_EXPORT_ALL
</LocationMatch>
<LocationMatch /custom_auth/>
SetEnv GIT_EXEC_PATH ${GIT_EXEC_PATH}
SetEnv GIT_HTTP_EXPORT_ALL
+ <IfDefine USE_CGIPASSAUTH>
CGIPassAuth on
+ </IfDefine>
</LocationMatch>
ScriptAlias /smart/incomplete_length/git-upload-pack incomplete-length-upload-pack-v2-http.sh/
ScriptAlias /smart/incomplete_body/git-upload-pack incomplete-body-upload-pack-v2-http.sh/
RewriteRule ^/redir-objects/(.*/info/refs)$ /dumb/$1 [PT]
RewriteRule ^/redir-objects/(.*/objects/.*)$ /dumb/$1 [R=301]
-# Apache 2.2 does not understand <RequireAll>, so we use RewriteCond.
-# And as RewriteCond does not allow testing for non-matches, we match
-# the desired case first (one has abra, two has cadabra), and let it
-# pass by marking the RewriteRule as [L], "last rule, do not process
-# any other matching RewriteRules after this"), and then have another
-# RewriteRule that matches all other cases and lets them fail via '[F]',
-# "fail the request".
-RewriteCond %{HTTP:x-magic-one} =abra
-RewriteCond %{HTTP:x-magic-two} =cadabra
-RewriteRule ^/smart_headers/.* - [L]
-RewriteRule ^/smart_headers/.* - [F]
-
<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect file:/dev/urandom 512
SSLSessionCache none
-SSLMutex file:ssl_mutex
SSLEngine On
</IfDefine>
. ./test-lib.sh
. "$TEST_DIRECTORY"/lib-httpd.sh
+ enable_cgipassauth
+ if ! test_have_prereq CGIPASSAUTH
+ then
+ skip_all="no CGIPassAuth support"
+ test_done
+ fi
start_httpd
test_expect_success 'setup_credential_helper' '
# Note that leading and trailing whitespace is important to correctly
# simulate a continuation/folded header.
- printf "">$CHALLENGE &&
- printf "WWW-Authenticate: FooBar param1=\"value1\"\r\n" >$CHALLENGE &&
- printf " \r\n" >>$CHALLENGE &&
- printf " param2=\"value2\"\r\n" >>$CHALLENGE &&
- printf "WWW-Authenticate: Bearer authorize_uri=\"id.example.com\"\r\n" >>$CHALLENGE &&
- printf " p=1\r\n" >>$CHALLENGE &&
- printf " \r\n" >>$CHALLENGE &&
- printf " q=0\r\n" >>$CHALLENGE &&
- printf "WWW-Authenticate: Basic realm=\"example.com\"\r\n" >>$CHALLENGE &&
+ printf "WWW-Authenticate: FooBar param1=\"value1\"\r\n" >"$CHALLENGE" &&
+ printf " \r\n" >>"$CHALLENGE" &&
+ printf " param2=\"value2\"\r\n" >>"$CHALLENGE" &&
+ printf "WWW-Authenticate: Bearer authorize_uri=\"id.example.com\"\r\n" >>"$CHALLENGE" &&
+ printf " p=1\r\n" >>"$CHALLENGE" &&
+ printf " \r\n" >>"$CHALLENGE" &&
+ printf " q=0\r\n" >>"$CHALLENGE" &&
+ printf "WWW-Authenticate: Basic realm=\"example.com\"\r\n" >>"$CHALLENGE" &&
test_config_global credential.helper test-helper &&
git ls-remote "$HTTPD_URL/custom_auth/repo.git" &&
# Note that leading and trailing whitespace is important to correctly
# simulate a continuation/folded header.
- printf "">$CHALLENGE &&
- printf "WWW-Authenticate: FooBar param1=\"value1\"\r\n" >$CHALLENGE &&
- printf " \r\n" >>$CHALLENGE &&
- printf "\tparam2=\"value2\"\r\n" >>$CHALLENGE &&
- printf "WWW-Authenticate: Basic realm=\"example.com\"" >>$CHALLENGE &&
+ printf "WWW-Authenticate: FooBar param1=\"value1\"\r\n" >"$CHALLENGE" &&
+ printf " \r\n" >>"$CHALLENGE" &&
+ printf "\tparam2=\"value2\"\r\n" >>"$CHALLENGE" &&
+ printf "WWW-Authenticate: Basic realm=\"example.com\"" >>"$CHALLENGE" &&
test_config_global credential.helper test-helper &&
git ls-remote "$HTTPD_URL/custom_auth/repo.git" &&