]> git.ipfire.org Git - thirdparty/git.git/blob - t/t5550-http-fetch-dumb.sh
projects / thirdparty / git.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
http-fetch: allow custom index-pack args
[thirdparty/git.git] / t / t5550-http-fetch-dumb.sh
1 #!/bin/sh
2
3 test_description='test dumb fetching over http via static file'
4 . ./test-lib.sh
5 . "$TEST_DIRECTORY"/lib-httpd.sh
6 start_httpd
7
8 test_expect_success 'setup repository' '
9 git config push.default matching &&
10 echo content1 >file &&
11 git add file &&
12 git commit -m one &&
13 echo content2 >file &&
14 git add file &&
15 git commit -m two
16 '
17
18 test_expect_success 'create http-accessible bare repository with loose objects' '
19 cp -R .git "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
20 (cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
21 git config core.bare true &&
22 mkdir -p hooks &&
23 write_script "hooks/post-update" <<-\EOF &&
24 exec git update-server-info
25 EOF
26 hooks/post-update
27 ) &&
28 git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
29 git push public master:master
30 '
31
32 test_expect_success 'clone http repository' '
33 git clone $HTTPD_URL/dumb/repo.git clone-tmpl &&
34 cp -R clone-tmpl clone &&
35 test_cmp file clone/file
36 '
37
38 test_expect_success 'list refs from outside any repository' '
39 cat >expect <<-EOF &&
40 $(git rev-parse master) HEAD
41 $(git rev-parse master) refs/heads/master
42 EOF
43 nongit git ls-remote "$HTTPD_URL/dumb/repo.git" >actual &&
44 test_cmp expect actual
45 '
46
47 test_expect_success 'create password-protected repository' '
48 mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/" &&
49 cp -Rf "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
50 "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git"
51 '
52
53 test_expect_success 'create empty remote repository' '
54 git init --bare "$HTTPD_DOCUMENT_ROOT_PATH/empty.git" &&
55 (cd "$HTTPD_DOCUMENT_ROOT_PATH/empty.git" &&
56 mkdir -p hooks &&
57 write_script "hooks/post-update" <<-\EOF &&
58 exec git update-server-info
59 EOF
60 hooks/post-update
61 )
62 '
63
64 test_expect_success 'empty dumb HTTP repository has default hash algorithm' '
65 test_when_finished "rm -fr clone-empty" &&
66 git clone $HTTPD_URL/dumb/empty.git clone-empty &&
67 git -C clone-empty rev-parse --show-object-format >empty-format &&
68 test "$(cat empty-format)" = "$(test_oid algo)"
69 '
70
71 setup_askpass_helper
72
73 test_expect_success 'cloning password-protected repository can fail' '
74 set_askpass wrong &&
75 test_must_fail git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-fail &&
76 expect_askpass both wrong
77 '
78
79 test_expect_success 'http auth can use user/pass in URL' '
80 set_askpass wrong &&
81 git clone "$HTTPD_URL_USER_PASS/auth/dumb/repo.git" clone-auth-none &&
82 expect_askpass none
83 '
84
85 test_expect_success 'http auth can use just user in URL' '
86 set_askpass wrong pass@host &&
87 git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-pass &&
88 expect_askpass pass user@host
89 '
90
91 test_expect_success 'http auth can request both user and pass' '
92 set_askpass user@host pass@host &&
93 git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-both &&
94 expect_askpass both user@host
95 '
96
97 test_expect_success 'http auth respects credential helper config' '
98 test_config_global credential.helper "!f() {
99 cat >/dev/null
100 echo username=user@host
101 echo password=pass@host
102 }; f" &&
103 set_askpass wrong &&
104 git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-helper &&
105 expect_askpass none
106 '
107
108 test_expect_success 'http auth can get username from config' '
109 test_config_global "credential.$HTTPD_URL.username" user@host &&
110 set_askpass wrong pass@host &&
111 git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-user &&
112 expect_askpass pass user@host
113 '
114
115 test_expect_success 'configured username does not override URL' '
116 test_config_global "credential.$HTTPD_URL.username" wrong &&
117 set_askpass wrong pass@host &&
118 git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-user2 &&
119 expect_askpass pass user@host
120 '
121
122 test_expect_success 'set up repo with http submodules' '
123 git init super &&
124 set_askpass user@host pass@host &&
125 (
126 cd super &&
127 git submodule add "$HTTPD_URL/auth/dumb/repo.git" sub &&
128 git commit -m "add submodule"
129 )
130 '
131
132 test_expect_success 'cmdline credential config passes to submodule via clone' '
133 set_askpass wrong pass@host &&
134 test_must_fail git clone --recursive super super-clone &&
135 rm -rf super-clone &&
136
137 set_askpass wrong pass@host &&
138 git -c "credential.$HTTPD_URL.username=user@host" \
139 clone --recursive super super-clone &&
140 expect_askpass pass user@host
141 '
142
143 test_expect_success 'cmdline credential config passes submodule via fetch' '
144 set_askpass wrong pass@host &&
145 test_must_fail git -C super-clone fetch --recurse-submodules &&
146
147 set_askpass wrong pass@host &&
148 git -C super-clone \
149 -c "credential.$HTTPD_URL.username=user@host" \
150 fetch --recurse-submodules &&
151 expect_askpass pass user@host
152 '
153
154 test_expect_success 'cmdline credential config passes submodule update' '
155 # advance the submodule HEAD so that a fetch is required
156 git commit --allow-empty -m foo &&
157 git push "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git" HEAD &&
158 sha1=$(git rev-parse HEAD) &&
159 git -C super-clone update-index --cacheinfo 160000,$sha1,sub &&
160
161 set_askpass wrong pass@host &&
162 test_must_fail git -C super-clone submodule update &&
163
164 set_askpass wrong pass@host &&
165 git -C super-clone \
166 -c "credential.$HTTPD_URL.username=user@host" \
167 submodule update &&
168 expect_askpass pass user@host
169 '
170
171 test_expect_success 'fetch changes via http' '
172 echo content >>file &&
173 git commit -a -m two &&
174 git push public &&
175 (cd clone && git pull) &&
176 test_cmp file clone/file
177 '
178
179 test_expect_success 'fetch changes via manual http-fetch' '
180 cp -R clone-tmpl clone2 &&
181
182 HEAD=$(git rev-parse --verify HEAD) &&
183 (cd clone2 &&
184 git http-fetch -a -w heads/master-new $HEAD $(git config remote.origin.url) &&
185 git checkout master-new &&
186 test $HEAD = $(git rev-parse --verify HEAD)) &&
187 test_cmp file clone2/file
188 '
189
190 test_expect_success 'manual http-fetch without -a works just as well' '
191 cp -R clone-tmpl clone3 &&
192
193 HEAD=$(git rev-parse --verify HEAD) &&
194 (cd clone3 &&
195 git http-fetch -w heads/master-new $HEAD $(git config remote.origin.url) &&
196 git checkout master-new &&
197 test $HEAD = $(git rev-parse --verify HEAD)) &&
198 test_cmp file clone3/file
199 '
200
201 test_expect_success 'http remote detects correct HEAD' '
202 git push public master:other &&
203 (cd clone &&
204 git remote set-head origin -d &&
205 git remote set-head origin -a &&
206 git symbolic-ref refs/remotes/origin/HEAD > output &&
207 echo refs/remotes/origin/master > expect &&
208 test_cmp expect output
209 )
210 '
211
212 test_expect_success 'fetch packed objects' '
213 cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
214 (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
215 git --bare repack -a -d
216 ) &&
217 git clone $HTTPD_URL/dumb/repo_pack.git
218 '
219
220 test_expect_success 'http-fetch --packfile' '
221 # Arbitrary hash. Use rev-parse so that we get one of the correct
222 # length.
223 ARBITRARY=$(git -C "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git rev-parse HEAD) &&
224
225 git init packfileclient &&
226 p=$(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git && ls objects/pack/pack-*.pack) &&
227 git -C packfileclient http-fetch --packfile=$ARBITRARY \
228 --index-pack-arg=index-pack --index-pack-arg=--stdin \
229 --index-pack-arg=--keep \
230 "$HTTPD_URL"/dumb/repo_pack.git/$p >out &&
231
232 grep "^keep.[0-9a-f]\{16,\}$" out &&
233 cut -c6- out >packhash &&
234
235 # Ensure that the expected files are generated
236 test -e "packfileclient/.git/objects/pack/pack-$(cat packhash).pack" &&
237 test -e "packfileclient/.git/objects/pack/pack-$(cat packhash).idx" &&
238 test -e "packfileclient/.git/objects/pack/pack-$(cat packhash).keep" &&
239
240 # Ensure that it has the HEAD of repo_pack, at least
241 HASH=$(git -C "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git rev-parse HEAD) &&
242 git -C packfileclient cat-file -e "$HASH"
243 '
244
245 test_expect_success 'fetch notices corrupt pack' '
246 cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
247 (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
248 p=$(ls objects/pack/pack-*.pack) &&
249 chmod u+w $p &&
250 printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
251 ) &&
252 mkdir repo_bad1.git &&
253 (cd repo_bad1.git &&
254 git --bare init &&
255 test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad1.git &&
256 test 0 = $(ls objects/pack/pack-*.pack | wc -l)
257 )
258 '
259
260 test_expect_success 'http-fetch --packfile with corrupt pack' '
261 rm -rf packfileclient &&
262 git init packfileclient &&
263 p=$(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git && ls objects/pack/pack-*.pack) &&
264 test_must_fail git -C packfileclient http-fetch --packfile \
265 "$HTTPD_URL"/dumb/repo_bad1.git/$p
266 '
267
268 test_expect_success 'fetch notices corrupt idx' '
269 cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
270 (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
271 p=$(ls objects/pack/pack-*.idx) &&
272 chmod u+w $p &&
273 printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
274 ) &&
275 mkdir repo_bad2.git &&
276 (cd repo_bad2.git &&
277 git --bare init &&
278 test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad2.git &&
279 test 0 = $(ls objects/pack | wc -l)
280 )
281 '
282
283 test_expect_success 'fetch can handle previously-fetched .idx files' '
284 git checkout --orphan branch1 &&
285 echo base >file &&
286 git add file &&
287 git commit -m base &&
288 git --bare init "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git &&
289 git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch1 &&
290 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
291 git checkout -b branch2 branch1 &&
292 echo b2 >>file &&
293 git commit -a -m b2 &&
294 git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch2 &&
295 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
296 git --bare init clone_packed_branches.git &&
297 git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch1:branch1 &&
298 git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch2:branch2
299 '
300
301 test_expect_success 'did not use upload-pack service' '
302 ! grep "/git-upload-pack" "$HTTPD_ROOT_PATH/access.log"
303 '
304
305 test_expect_success 'git client shows text/plain errors' '
306 test_must_fail git clone "$HTTPD_URL/error/text" 2>stderr &&
307 grep "this is the error message" stderr
308 '
309
310 test_expect_success 'git client does not show html errors' '
311 test_must_fail git clone "$HTTPD_URL/error/html" 2>stderr &&
312 ! grep "this is the error message" stderr
313 '
314
315 test_expect_success 'git client shows text/plain with a charset' '
316 test_must_fail git clone "$HTTPD_URL/error/charset" 2>stderr &&
317 grep "this is the error message" stderr
318 '
319
320 test_expect_success 'http error messages are reencoded' '
321 test_must_fail git clone "$HTTPD_URL/error/utf16" 2>stderr &&
322 grep "this is the error message" stderr
323 '
324
325 test_expect_success 'reencoding is robust to whitespace oddities' '
326 test_must_fail git clone "$HTTPD_URL/error/odd-spacing" 2>stderr &&
327 grep "this is the error message" stderr
328 '
329
330 check_language () {
331 case "$2" in
332 '')
333 >expect
334 ;;
335 ?*)
336 echo "=> Send header: Accept-Language: $1" >expect
337 ;;
338 esac &&
339 GIT_TRACE_CURL=true \
340 LANGUAGE=$2 \
341 git ls-remote "$HTTPD_URL/dumb/repo.git" >output 2>&1 &&
342 tr -d '\015' <output |
343 sort -u |
344 sed -ne '/^=> Send header: Accept-Language:/ p' >actual &&
345 test_cmp expect actual
346 }
347
348 test_expect_success 'git client sends Accept-Language based on LANGUAGE' '
349 check_language "ko-KR, *;q=0.9" ko_KR.UTF-8'
350
351 test_expect_success 'git client sends Accept-Language correctly with unordinary LANGUAGE' '
352 check_language "ko-KR, *;q=0.9" "ko_KR:" &&
353 check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR::en_US" &&
354 check_language "ko-KR, *;q=0.9" ":::ko_KR" &&
355 check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR!!:en_US" &&
356 check_language "ko-KR, ja-JP;q=0.9, *;q=0.8" "ko_KR en_US:ja_JP"'
357
358 test_expect_success 'git client sends Accept-Language with many preferred languages' '
359 check_language "ko-KR, en-US;q=0.9, fr-CA;q=0.8, de;q=0.7, sr;q=0.6, \
360 ja;q=0.5, zh;q=0.4, sv;q=0.3, pt;q=0.2, *;q=0.1" \
361 ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt &&
362 check_language "ko-KR, en-US;q=0.99, fr-CA;q=0.98, de;q=0.97, sr;q=0.96, \
363 ja;q=0.95, zh;q=0.94, sv;q=0.93, pt;q=0.92, nb;q=0.91, *;q=0.90" \
364 ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt:nb
365 '
366
367 test_expect_success 'git client does not send an empty Accept-Language' '
368 GIT_TRACE_CURL=true LANGUAGE= git ls-remote "$HTTPD_URL/dumb/repo.git" 2>stderr &&
369 ! grep "^=> Send header: Accept-Language:" stderr
370 '
371
372 test_expect_success 'remote-http complains cleanly about malformed urls' '
373 test_must_fail git remote-http http::/example.com/repo.git 2>stderr &&
374 test_i18ngrep "url has no scheme" stderr
375 '
376
377 # NEEDSWORK: Writing commands to git-remote-curl can race against the latter
378 # erroring out, producing SIGPIPE. Remove "ok=sigpipe" once transport-helper has
379 # learned to handle early remote helper failures more cleanly.
380 test_expect_success 'remote-http complains cleanly about empty scheme' '
381 test_must_fail ok=sigpipe git ls-remote \
382 http::${HTTPD_URL#http}/dumb/repo.git 2>stderr &&
383 test_i18ngrep "url has no scheme" stderr
384 '
385
386 test_expect_success 'redirects can be forbidden/allowed' '
387 test_must_fail git -c http.followRedirects=false \
388 clone $HTTPD_URL/dumb-redir/repo.git dumb-redir &&
389 git -c http.followRedirects=true \
390 clone $HTTPD_URL/dumb-redir/repo.git dumb-redir 2>stderr
391 '
392
393 test_expect_success 'redirects are reported to stderr' '
394 # just look for a snippet of the redirected-to URL
395 test_i18ngrep /dumb/ stderr
396 '
397
398 test_expect_success 'non-initial redirects can be forbidden' '
399 test_must_fail git -c http.followRedirects=initial \
400 clone $HTTPD_URL/redir-objects/repo.git redir-objects &&
401 git -c http.followRedirects=true \
402 clone $HTTPD_URL/redir-objects/repo.git redir-objects
403 '
404
405 test_expect_success 'http.followRedirects defaults to "initial"' '
406 test_must_fail git clone $HTTPD_URL/redir-objects/repo.git default
407 '
408
409 # The goal is for a clone of the "evil" repository, which has no objects
410 # itself, to cause the client to fetch objects from the "victim" repository.
411 test_expect_success 'set up evil alternates scheme' '
412 victim=$HTTPD_DOCUMENT_ROOT_PATH/victim.git &&
413 git init --bare "$victim" &&
414 git -C "$victim" --work-tree=. commit --allow-empty -m secret &&
415 git -C "$victim" repack -ad &&
416 git -C "$victim" update-server-info &&
417 sha1=$(git -C "$victim" rev-parse HEAD) &&
418
419 evil=$HTTPD_DOCUMENT_ROOT_PATH/evil.git &&
420 git init --bare "$evil" &&
421 # do this by hand to avoid object existence check
422 printf "%s\\t%s\\n" $sha1 refs/heads/master >"$evil/info/refs"
423 '
424
425 # Here we'll just redirect via HTTP. In a real-world attack these would be on
426 # different servers, but we should reject it either way.
427 test_expect_success 'http-alternates is a non-initial redirect' '
428 echo "$HTTPD_URL/dumb/victim.git/objects" \
429 >"$evil/objects/info/http-alternates" &&
430 test_must_fail git -c http.followRedirects=initial \
431 clone $HTTPD_URL/dumb/evil.git evil-initial &&
432 git -c http.followRedirects=true \
433 clone $HTTPD_URL/dumb/evil.git evil-initial
434 '
435
436 # Curl supports a lot of protocols that we'd prefer not to allow
437 # http-alternates to use, but it's hard to test whether curl has
438 # accessed, say, the SMTP protocol, because we are not running an SMTP server.
439 # But we can check that it does not allow access to file://, which would
440 # otherwise allow this clone to complete.
441 test_expect_success 'http-alternates cannot point at funny protocols' '
442 echo "file://$victim/objects" >"$evil/objects/info/http-alternates" &&
443 test_must_fail git -c http.followRedirects=true \
444 clone "$HTTPD_URL/dumb/evil.git" evil-file
445 '
446
447 test_expect_success 'http-alternates triggers not-from-user protocol check' '
448 echo "$HTTPD_URL/dumb/victim.git/objects" \
449 >"$evil/objects/info/http-alternates" &&
450 test_config_global http.followRedirects true &&
451 test_must_fail git -c protocol.http.allow=user \
452 clone $HTTPD_URL/dumb/evil.git evil-user &&
453 git -c protocol.http.allow=always \
454 clone $HTTPD_URL/dumb/evil.git evil-user
455 '
456
457 test_expect_success 'can redirect through non-"info/refs?service=git-upload-pack" URL' '
458 git clone "$HTTPD_URL/redir-to/dumb/repo.git"
459 '
460
461 test_expect_success 'print HTTP error when any intermediate redirect throws error' '
462 test_must_fail git clone "$HTTPD_URL/redir-to/502" 2> stderr &&
463 test_i18ngrep "unable to access.*/redir-to/502" stderr
464 '
465
466 test_expect_success 'fetching via http alternates works' '
467 parent=$HTTPD_DOCUMENT_ROOT_PATH/alt-parent.git &&
468 git init --bare "$parent" &&
469 git -C "$parent" --work-tree=. commit --allow-empty -m foo &&
470 git -C "$parent" update-server-info &&
471 commit=$(git -C "$parent" rev-parse HEAD) &&
472
473 child=$HTTPD_DOCUMENT_ROOT_PATH/alt-child.git &&
474 git init --bare "$child" &&
475 echo "../../alt-parent.git/objects" >"$child/objects/info/alternates" &&
476 git -C "$child" update-ref HEAD $commit &&
477 git -C "$child" update-server-info &&
478
479 git -c http.followredirects=true clone "$HTTPD_URL/dumb/alt-child.git"
480 '
481
482 test_done
Unnamed repository; edit this file 'description' to name the repository.