search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Sync with 'maint'
[alt-git.git] / t / t5551-http-fetch-smart.sh
blob2ce88535a60e698e5f1ccfcaffd6d2ad640c3a0f
1 #!/bin/sh
2
3 : ${HTTP_PROTO:=HTTP/1.1}
4 test_description="test smart fetching over http via http-backend ($HTTP_PROTO)"
5 GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main
6 export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
7
8 TEST_PASSES_SANITIZE_LEAK=true
9 . ./test-lib.sh
10 . "$TEST_DIRECTORY"/lib-httpd.sh
11 test "$HTTP_PROTO" = "HTTP/2" && enable_http2
12 start_httpd
13
14 test_expect_success HTTP2 'enable client-side http/2' '
15 git config --global http.version HTTP/2
16 '
17
18 test_expect_success 'setup repository' '
19 git config push.default matching &&
20 echo content >file &&
21 git add file &&
22 git commit -m one
23 '
24
25 test_expect_success 'create http-accessible bare repository' '
26 mkdir "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
27 (cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
28 git --bare init
29 ) &&
30 git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
31 git push public main:main
32 '
33
34 setup_askpass_helper
35
36 test_expect_success 'clone http repository' '
37 if test_have_prereq HTTP2 && test "$HTTPD_PROTO" = "https"
38 then
39 # ALPN lets us immediately use HTTP/2; likewise, POSTs with
40 # bodies can use it because they do not need to upgrade
41 INITIAL_PROTO=HTTP/2
42 else
43 # either we are not using HTTP/2, or the initial
44 # request is sent via HTTP/1.1 and asks for upgrade
45 INITIAL_PROTO=HTTP/1.1
46 fi &&
47
48 cat >exp.raw <<-EOF &&
49 > GET /smart/repo.git/info/refs?service=git-upload-pack $INITIAL_PROTO
50 > accept: */*
51 > accept-encoding: ENCODINGS
52 > accept-language: ko-KR, *;q=0.9
53 > pragma: no-cache
54 {V2} > git-protocol: version=2
55 < $HTTP_PROTO 200 OK
56 < pragma: no-cache
57 < cache-control: no-cache, max-age=0, must-revalidate
58 < content-type: application/x-git-upload-pack-advertisement
59 > POST /smart/repo.git/git-upload-pack $INITIAL_PROTO
60 > accept-encoding: ENCODINGS
61 > content-type: application/x-git-upload-pack-request
62 > accept: application/x-git-upload-pack-result
63 > accept-language: ko-KR, *;q=0.9
64 {V2} > git-protocol: version=2
65 > content-length: xxx
66 < $INITIAL_PROTO 200 OK
67 < pragma: no-cache
68 < cache-control: no-cache, max-age=0, must-revalidate
69 < content-type: application/x-git-upload-pack-result
70 {V2} > POST /smart/repo.git/git-upload-pack $INITIAL_PROTO
71 {V2} > accept-encoding: ENCODINGS
72 {V2} > content-type: application/x-git-upload-pack-request
73 {V2} > accept: application/x-git-upload-pack-result
74 {V2} > accept-language: ko-KR, *;q=0.9
75 {V2} > git-protocol: version=2
76 {V2} > content-length: xxx
77 {V2} < $INITIAL_PROTO 200 OK
78 {V2} < pragma: no-cache
79 {V2} < cache-control: no-cache, max-age=0, must-revalidate
80 {V2} < content-type: application/x-git-upload-pack-result
81 EOF
82
83 if test "$GIT_TEST_PROTOCOL_VERSION" = 0
84 then
85 sed "/^{V2}/d" <exp.raw >exp
86 else
87 sed "s/^{V2} //" <exp.raw >exp
88 fi &&
89
90 GIT_TRACE_CURL=true LANGUAGE="ko_KR.UTF-8" \
91 git clone --quiet $HTTPD_URL/smart/repo.git clone 2>err &&
92 test_cmp file clone/file &&
93 tr '\''\015'\'' Q <err |
94 perl -pe '\''
95 s/(Send|Recv) header: ([A-Za-z0-9-]+):/
96 "$1 header: " . lc($2) . ":"
97 /e;
98 '\'' |
99 sed -e "
100 s/Q\$//
101 /^[^<=]/d
102 /^== Info:/d
103 /^=> Send header, /d
104 /^=> Send header:$/d
105 /^<= Recv header, /d
106 /^<= Recv header:$/d
107 s/=> Send header: //
108 s/= Recv header://
109 /^<= Recv data/d
110 /^=> Send data/d
111 /^<= Recv SSL data/d
112 /^=> Send SSL data/d
113 /^$/d
114 /^< $/d
115
116 /^[^><]/{
117 s/^/> /
118 }
119
120 /^< HTTP/ {
121 s/200$/200 OK/
122 }
123 /^< HTTP\\/1.1 101/d
124 /^[><] connection: /d
125 /^[><] upgrade: /d
126 /^> http2-settings: /d
127
128 /^> user-agent: /d
129 /^> host: /d
130 /^> POST /,$ {
131 /^> Accept: [*]\\/[*]/d
132 }
133 s/^> content-length: .*/> content-length: xxx/
134 /^> 00..want /d
135 /^> 00.*done/d
136
137 /^< server: /d
138 /^< expires: /d
139 /^< date: /d
140 /^< content-length: /d
141 /^< transfer-encoding: /d
142 " >actual &&
143
144 sed -e "s/^> accept-encoding: .*/> accept-encoding: ENCODINGS/" \
145 actual >actual.smudged &&
146 test_cmp exp actual.smudged &&
147
148 grep "accept-encoding:.*gzip" actual >actual.gzip
149 '
150
151 test_expect_success 'fetch changes via http' '
152 echo content >>file &&
153 git commit -a -m two &&
154 git push public &&
155 (cd clone && git pull) &&
156 test_cmp file clone/file
157 '
158
159 test_expect_success 'used upload-pack service' '
160 strip_access_log >log &&
161 grep "GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/[0-9.]* 200" log &&
162 grep "POST /smart/repo.git/git-upload-pack HTTP/[0-9.]* 200" log
163 '
164
165 test_expect_success 'follow redirects (301)' '
166 git clone $HTTPD_URL/smart-redir-perm/repo.git --quiet repo-p
167 '
168
169 test_expect_success 'follow redirects (302)' '
170 git clone $HTTPD_URL/smart-redir-temp/repo.git --quiet repo-t
171 '
172
173 test_expect_success 'redirects re-root further requests' '
174 git clone $HTTPD_URL/smart-redir-limited/repo.git repo-redir-limited
175 '
176
177 test_expect_success 're-rooting dies on insane schemes' '
178 test_must_fail git clone $HTTPD_URL/insane-redir/repo.git insane
179 '
180
181 test_expect_success 'clone from password-protected repository' '
182 echo two >expect &&
183 set_askpass user@host pass@host &&
184 git clone --bare "$HTTPD_URL/auth/smart/repo.git" smart-auth &&
185 expect_askpass both user@host &&
186 git --git-dir=smart-auth log -1 --format=%s >actual &&
187 test_cmp expect actual
188 '
189
190 test_expect_success 'credential.interactive=false skips askpass' '
191 set_askpass bogus nonsense &&
192 (
193 GIT_TRACE2_EVENT="$(pwd)/interactive-true" &&
194 export GIT_TRACE2_EVENT &&
195 test_must_fail git clone --bare "$HTTPD_URL/auth/smart/repo.git" interactive-true-dir &&
196 test_region credential interactive interactive-true &&
197
198 GIT_TRACE2_EVENT="$(pwd)/interactive-false" &&
199 export GIT_TRACE2_EVENT &&
200 test_must_fail git -c credential.interactive=false \
201 clone --bare "$HTTPD_URL/auth/smart/repo.git" interactive-false-dir &&
202 test_region ! credential interactive interactive-false &&
203
204 GIT_TRACE2_EVENT="$(pwd)/interactive-never" &&
205 export GIT_TRACE2_EVENT &&
206 test_must_fail git -c credential.interactive=never \
207 clone --bare "$HTTPD_URL/auth/smart/repo.git" interactive-never-dir &&
208 test_region ! credential interactive interactive-never
209 )
210 '
211
212 test_expect_success 'clone from auth-only-for-push repository' '
213 echo two >expect &&
214 set_askpass wrong &&
215 git clone --bare "$HTTPD_URL/auth-push/smart/repo.git" smart-noauth &&
216 expect_askpass none &&
217 git --git-dir=smart-noauth log -1 --format=%s >actual &&
218 test_cmp expect actual
219 '
220
221 test_expect_success 'clone from auth-only-for-objects repository' '
222 echo two >expect &&
223 set_askpass user@host pass@host &&
224 git clone --bare "$HTTPD_URL/auth-fetch/smart/repo.git" half-auth &&
225 expect_askpass both user@host &&
226 git --git-dir=half-auth log -1 --format=%s >actual &&
227 test_cmp expect actual
228 '
229
230 test_expect_success 'no-op half-auth fetch does not require a password' '
231 set_askpass wrong &&
232
233 # NEEDSWORK: When using HTTP(S), protocol v0 supports a "half-auth"
234 # configuration with authentication required only when downloading
235 # objects and not refs, by having the HTTP server only require
236 # authentication for the "git-upload-pack" path and not "info/refs".
237 # This is not possible with protocol v2, since both objects and refs
238 # are obtained from the "git-upload-pack" path. A solution to this is
239 # to teach the server and client to be able to inline ls-refs requests
240 # as an Extra Parameter (see "git help gitformat-pack-protocol"), so that
241 # "info/refs" can serve refs, just like it does in protocol v0.
242 GIT_TEST_PROTOCOL_VERSION=0 git --git-dir=half-auth fetch &&
243 expect_askpass none
244 '
245
246 test_expect_success 'redirects send auth to new location' '
247 set_askpass user@host pass@host &&
248 git -c credential.useHttpPath=true \
249 clone $HTTPD_URL/smart-redir-auth/repo.git repo-redir-auth &&
250 expect_askpass both user@host auth/smart/repo.git
251 '
252
253 test_expect_success 'GIT_TRACE_CURL redacts auth details' '
254 rm -rf redact-auth trace &&
255 set_askpass user@host pass@host &&
256 GIT_TRACE_CURL="$(pwd)/trace" git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth &&
257 expect_askpass both user@host &&
258
259 # Ensure that there is no "Basic" followed by a base64 string, but that
260 # the auth details are redacted
261 ! grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace &&
262 grep -i "Authorization: Basic <redacted>" trace
263 '
264
265 test_expect_success 'GIT_CURL_VERBOSE redacts auth details' '
266 rm -rf redact-auth trace &&
267 set_askpass user@host pass@host &&
268 GIT_CURL_VERBOSE=1 git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth 2>trace &&
269 expect_askpass both user@host &&
270
271 # Ensure that there is no "Basic" followed by a base64 string, but that
272 # the auth details are redacted
273 ! grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace &&
274 grep -i "Authorization: Basic <redacted>" trace
275 '
276
277 test_expect_success 'GIT_TRACE_CURL does not redact auth details if GIT_TRACE_REDACT=0' '
278 rm -rf redact-auth trace &&
279 set_askpass user@host pass@host &&
280 GIT_TRACE_REDACT=0 GIT_TRACE_CURL="$(pwd)/trace" \
281 git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth &&
282 expect_askpass both user@host &&
283
284 grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace
285 '
286
287 test_expect_success 'disable dumb http on server' '
288 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
289 config http.getanyfile false
290 '
291
292 test_expect_success 'GIT_SMART_HTTP can disable smart http' '
293 (GIT_SMART_HTTP=0 &&
294 export GIT_SMART_HTTP &&
295 cd clone &&
296 test_must_fail git fetch)
297 '
298
299 test_expect_success 'invalid Content-Type rejected' '
300 test_must_fail git clone $HTTPD_URL/broken_smart/repo.git 2>actual &&
301 test_grep "not valid:" actual
302 '
303
304 test_expect_success 'create namespaced refs' '
305 test_commit namespaced &&
306 git push public HEAD:refs/namespaces/ns/refs/heads/main &&
307 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
308 symbolic-ref refs/namespaces/ns/HEAD refs/namespaces/ns/refs/heads/main
309 '
310
311 test_expect_success 'smart clone respects namespace' '
312 git clone "$HTTPD_URL/smart_namespace/repo.git" ns-smart &&
313 echo namespaced >expect &&
314 git --git-dir=ns-smart/.git log -1 --format=%s >actual &&
315 test_cmp expect actual
316 '
317
318 test_expect_success 'dumb clone via http-backend respects namespace' '
319 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
320 config http.getanyfile true &&
321 GIT_SMART_HTTP=0 git clone \
322 "$HTTPD_URL/smart_namespace/repo.git" ns-dumb &&
323 echo namespaced >expect &&
324 git --git-dir=ns-dumb/.git log -1 --format=%s >actual &&
325 test_cmp expect actual
326 '
327
328 test_expect_success 'cookies stored in http.cookiefile when http.savecookies set' '
329 cat >cookies.txt <<-\EOF &&
330 127.0.0.1 FALSE /smart_cookies/ FALSE 0 othername othervalue
331 EOF
332 sort >expect_cookies.txt <<-\EOF &&
333 127.0.0.1 FALSE /smart_cookies/ FALSE 0 othername othervalue
334 127.0.0.1 FALSE /smart_cookies/repo.git/ FALSE 0 name value
335 127.0.0.1 FALSE /smart_cookies/repo.git/info/ FALSE 0 name value
336 EOF
337 git config http.cookiefile cookies.txt &&
338 git config http.savecookies true &&
339
340 test_when_finished "
341 git --git-dir=\"\$HTTPD_DOCUMENT_ROOT_PATH/repo.git\" \
342 tag -d cookie-tag
343 " &&
344 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
345 tag -m "foo" cookie-tag &&
346 git fetch $HTTPD_URL/smart_cookies/repo.git cookie-tag &&
347
348 grep "^[^#]" cookies.txt | sort >cookies_stripped.txt &&
349 test_cmp expect_cookies.txt cookies_stripped.txt
350 '
351
352 test_expect_success 'transfer.hiderefs works over smart-http' '
353 test_commit hidden &&
354 test_commit visible &&
355 git push public HEAD^:refs/heads/a HEAD:refs/heads/b &&
356 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
357 config transfer.hiderefs refs/heads/a &&
358 git clone --bare "$HTTPD_URL/smart/repo.git" hidden.git &&
359 test_must_fail git -C hidden.git rev-parse --verify a &&
360 git -C hidden.git rev-parse --verify b
361 '
362
363 # create an arbitrary number of tags, numbered from tag-$1 to tag-$2
364 create_tags () {
365 rm -f marks &&
366 for i in $(test_seq "$1" "$2")
367 do
368 # don't use here-doc, because it requires a process
369 # per loop iteration
370 echo "commit refs/heads/too-many-refs-$1" &&
371 echo "mark :$i" &&
372 echo "committer git <git@example.com> $i +0000" &&
373 echo "data 0" &&
374 echo "M 644 inline bla.txt" &&
375 echo "data 4" &&
376 echo "bla" &&
377 # make every commit dangling by always
378 # rewinding the branch after each commit
379 echo "reset refs/heads/too-many-refs-$1" &&
380 echo "from :$1"
381 done | git fast-import --export-marks=marks &&
382
383 # now assign tags to all the dangling commits we created above
384 tag=$(perl -e "print \"bla\" x 30") &&
385 sed -e "s|^:\([^ ]*\) \(.*\)$|create refs/tags/$tag-\1 \2|" <marks >input &&
386 git update-ref --stdin <input &&
387 rm input
388 }
389
390 test_expect_success 'create 2,000 tags in the repo' '
391 (
392 cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
393 create_tags 1 2000
394 )
395 '
396
397 test_expect_success CMDLINE_LIMIT \
398 'clone the 2,000 tag repo to check OS command line overflow' '
399 run_with_limited_cmdline git clone $HTTPD_URL/smart/repo.git too-many-refs &&
400 (
401 cd too-many-refs &&
402 git for-each-ref refs/tags >actual &&
403 test_line_count = 2000 actual
404 )
405 '
406
407 test_expect_success 'large fetch-pack requests can be sent using chunked encoding' '
408 GIT_TRACE_CURL=true git -c http.postbuffer=65536 \
409 clone --bare "$HTTPD_URL/smart/repo.git" split.git 2>err &&
410 {
411 test_have_prereq HTTP2 ||
412 grep "^=> Send header: Transfer-Encoding: chunked" err
413 }
414 '
415
416 test_expect_success 'test allowreachablesha1inwant' '
417 test_when_finished "rm -rf test_reachable.git" &&
418 server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
419 main_sha=$(git -C "$server" rev-parse refs/heads/main) &&
420 git -C "$server" config uploadpack.allowreachablesha1inwant 1 &&
421
422 git init --bare test_reachable.git &&
423 git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" &&
424 git -C test_reachable.git fetch origin "$main_sha"
425 '
426
427 test_expect_success 'test allowreachablesha1inwant with unreachable' '
428 test_when_finished "rm -rf test_reachable.git; git reset --hard $(git rev-parse HEAD)" &&
429
430 #create unreachable sha
431 echo content >file2 &&
432 git add file2 &&
433 git commit -m two &&
434 git push public HEAD:refs/heads/doomed &&
435 git push public :refs/heads/doomed &&
436
437 server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
438 main_sha=$(git -C "$server" rev-parse refs/heads/main) &&
439 git -C "$server" config uploadpack.allowreachablesha1inwant 1 &&
440
441 git init --bare test_reachable.git &&
442 git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" &&
443 # Some protocol versions (e.g. 2) support fetching
444 # unadvertised objects, so restrict this test to v0.
445 test_must_fail env GIT_TEST_PROTOCOL_VERSION=0 \
446 git -C test_reachable.git fetch origin "$(git rev-parse HEAD)"
447 '
448
449 test_expect_success 'test allowanysha1inwant with unreachable' '
450 test_when_finished "rm -rf test_reachable.git; git reset --hard $(git rev-parse HEAD)" &&
451
452 #create unreachable sha
453 echo content >file2 &&
454 git add file2 &&
455 git commit -m two &&
456 git push public HEAD:refs/heads/doomed &&
457 git push public :refs/heads/doomed &&
458
459 server="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
460 main_sha=$(git -C "$server" rev-parse refs/heads/main) &&
461 git -C "$server" config uploadpack.allowreachablesha1inwant 1 &&
462
463 git init --bare test_reachable.git &&
464 git -C test_reachable.git remote add origin "$HTTPD_URL/smart/repo.git" &&
465 # Some protocol versions (e.g. 2) support fetching
466 # unadvertised objects, so restrict this test to v0.
467 test_must_fail env GIT_TEST_PROTOCOL_VERSION=0 \
468 git -C test_reachable.git fetch origin "$(git rev-parse HEAD)" &&
469
470 git -C "$server" config uploadpack.allowanysha1inwant 1 &&
471 git -C test_reachable.git fetch origin "$(git rev-parse HEAD)"
472 '
473
474 test_expect_success EXPENSIVE 'http can handle enormous ref negotiation' '
475 (
476 cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
477 create_tags 2001 50000
478 ) &&
479 git -C too-many-refs fetch -q --tags &&
480 (
481 cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
482 create_tags 50001 100000
483 ) &&
484 git -C too-many-refs fetch -q --tags &&
485 git -C too-many-refs for-each-ref refs/tags >tags &&
486 test_line_count = 100000 tags
487 '
488
489 test_expect_success 'custom http headers' '
490 test_must_fail git -c http.extraheader="x-magic-two: cadabra" \
491 fetch "$HTTPD_URL/smart_headers/repo.git" &&
492 git -c http.extraheader="x-magic-one: abra" \
493 -c http.extraheader="x-magic-two: cadabra" \
494 fetch "$HTTPD_URL/smart_headers/repo.git" &&
495 git update-index --add --cacheinfo 160000,$(git rev-parse HEAD),sub &&
496 git config -f .gitmodules submodule.sub.path sub &&
497 git config -f .gitmodules submodule.sub.url \
498 "$HTTPD_URL/smart_headers/repo.git" &&
499 git submodule init sub &&
500 test_must_fail git submodule update sub &&
501 git -c http.extraheader="x-magic-one: abra" \
502 -c http.extraheader="x-magic-two: cadabra" \
503 submodule update sub
504 '
505
506 test_expect_success 'using fetch command in remote-curl updates refs' '
507 SERVER="$HTTPD_DOCUMENT_ROOT_PATH/twobranch" &&
508 rm -rf "$SERVER" client &&
509
510 git init "$SERVER" &&
511 test_commit -C "$SERVER" foo &&
512 git -C "$SERVER" update-ref refs/heads/anotherbranch foo &&
513
514 git clone $HTTPD_URL/smart/twobranch client &&
515
516 test_commit -C "$SERVER" bar &&
517 git -C client -c protocol.version=0 fetch &&
518
519 git -C "$SERVER" rev-parse main >expect &&
520 git -C client rev-parse origin/main >actual &&
521 test_cmp expect actual
522 '
523
524 test_expect_success 'fetch by SHA-1 without tag following' '
525 SERVER="$HTTPD_DOCUMENT_ROOT_PATH/server" &&
526 rm -rf "$SERVER" client &&
527
528 git init "$SERVER" &&
529 test_commit -C "$SERVER" foo &&
530
531 git clone $HTTPD_URL/smart/server client &&
532
533 test_commit -C "$SERVER" bar &&
534 git -C "$SERVER" rev-parse bar >bar_hash &&
535 git -C client -c protocol.version=0 fetch \
536 --no-tags origin $(cat bar_hash)
537 '
538
539 test_expect_success 'cookies are redacted by default' '
540 rm -rf clone &&
541 echo "Set-Cookie: Foo=1" >cookies &&
542 echo "Set-Cookie: Bar=2" >>cookies &&
543 GIT_TRACE_CURL=true \
544 git -c "http.cookieFile=$(pwd)/cookies" clone \
545 $HTTPD_URL/smart/repo.git clone 2>err &&
546 grep -i "Cookie:.*Foo=<redacted>" err &&
547 grep -i "Cookie:.*Bar=<redacted>" err &&
548 ! grep -i "Cookie:.*Foo=1" err &&
549 ! grep -i "Cookie:.*Bar=2" err
550 '
551
552 test_expect_success 'empty values of cookies are also redacted' '
553 rm -rf clone &&
554 echo "Set-Cookie: Foo=" >cookies &&
555 GIT_TRACE_CURL=true \
556 git -c "http.cookieFile=$(pwd)/cookies" clone \
557 $HTTPD_URL/smart/repo.git clone 2>err &&
558 grep -i "Cookie:.*Foo=<redacted>" err
559 '
560
561 test_expect_success 'GIT_TRACE_REDACT=0 disables cookie redaction' '
562 rm -rf clone &&
563 echo "Set-Cookie: Foo=1" >cookies &&
564 echo "Set-Cookie: Bar=2" >>cookies &&
565 GIT_TRACE_REDACT=0 GIT_TRACE_CURL=true \
566 git -c "http.cookieFile=$(pwd)/cookies" clone \
567 $HTTPD_URL/smart/repo.git clone 2>err &&
568 grep -i "Cookie:.*Foo=1" err &&
569 grep -i "Cookie:.*Bar=2" err
570 '
571
572 test_expect_success 'GIT_TRACE_CURL_NO_DATA prevents data from being traced' '
573 rm -rf clone &&
574 GIT_TRACE_CURL=true \
575 git clone $HTTPD_URL/smart/repo.git clone 2>err &&
576 grep "=> Send data" err &&
577
578 rm -rf clone &&
579 GIT_TRACE_CURL=true GIT_TRACE_CURL_NO_DATA=1 \
580 git clone $HTTPD_URL/smart/repo.git clone 2>err &&
581 ! grep "=> Send data" err
582 '
583
584 test_expect_success 'server-side error detected' '
585 test_must_fail git clone $HTTPD_URL/error_smart/repo.git 2>actual &&
586 test_grep "server-side error" actual
587 '
588
589 test_expect_success 'http auth remembers successful credentials' '
590 rm -f .git-credentials &&
591 test_config credential.helper store &&
592
593 # the first request prompts the user...
594 set_askpass user@host pass@host &&
595 git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
596 expect_askpass both user@host &&
597
598 # ...and the second one uses the stored value rather than
599 # prompting the user.
600 set_askpass bogus-user bogus-pass &&
601 git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
602 expect_askpass none
603 '
604
605 test_expect_success 'http auth forgets bogus credentials' '
606 # seed credential store with bogus values. In real life,
607 # this would probably come from a password which worked
608 # for a previous request.
609 rm -f .git-credentials &&
610 test_config credential.helper store &&
611 {
612 echo "url=$HTTPD_URL" &&
613 echo "username=bogus" &&
614 echo "password=bogus"
615 } | git credential approve &&
616
617 # we expect this to use the bogus values and fail, never even
618 # prompting the user...
619 set_askpass user@host pass@host &&
620 test_must_fail git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
621 expect_askpass none &&
622
623 # ...but now we should have forgotten the bad value, causing
624 # us to prompt the user again.
625 set_askpass user@host pass@host &&
626 git ls-remote "$HTTPD_URL/auth/smart/repo.git" >/dev/null &&
627 expect_askpass both user@host
628 '
629
630 test_expect_success 'client falls back from v2 to v0 to match server' '
631 GIT_TRACE_PACKET=$PWD/trace \
632 GIT_TEST_PROTOCOL_VERSION=2 \
633 git clone $HTTPD_URL/smart_v0/repo.git repo-v0 &&
634 # check for v0; there the HEAD symref is communicated in the capability
635 # line; v2 uses a different syntax on each ref advertisement line
636 grep symref=HEAD:refs/heads/ trace
637 '
638
639 test_expect_success 'create empty http-accessible SHA-256 repository' '
640 mkdir "$HTTPD_DOCUMENT_ROOT_PATH/sha256.git" &&
641 (cd "$HTTPD_DOCUMENT_ROOT_PATH/sha256.git" &&
642 git --bare init --object-format=sha256
643 )
644 '
645
646 test_expect_success 'clone empty SHA-256 repository with protocol v2' '
647 rm -fr sha256 &&
648 echo sha256 >expected &&
649 git -c protocol.version=2 clone "$HTTPD_URL/smart/sha256.git" &&
650 git -C sha256 rev-parse --show-object-format >actual &&
651 test_cmp actual expected &&
652 git ls-remote "$HTTPD_URL/smart/sha256.git" >actual &&
653 test_must_be_empty actual
654 '
655
656 test_expect_success 'clone empty SHA-256 repository with protocol v0' '
657 rm -fr sha256 &&
658 echo sha256 >expected &&
659 GIT_TRACE=1 GIT_TRACE_PACKET=1 git -c protocol.version=0 clone "$HTTPD_URL/smart/sha256.git" &&
660 git -C sha256 rev-parse --show-object-format >actual &&
661 test_cmp actual expected &&
662 git ls-remote "$HTTPD_URL/smart/sha256.git" >actual &&
663 test_must_be_empty actual
664 '
665
666 test_expect_success 'passing hostname resolution information works' '
667 BOGUS_HOST=gitbogusexamplehost.invalid &&
668 BOGUS_HTTPD_URL=$HTTPD_PROTO://$BOGUS_HOST:$LIB_HTTPD_PORT &&
669 git -c "http.curloptResolve=$BOGUS_HOST:$LIB_HTTPD_PORT:127.0.0.1" ls-remote "$BOGUS_HTTPD_URL/smart/repo.git" >/dev/null
670 '
671
672 # here user%40host is the URL-encoded version of user@host,
673 # which is our intentionally-odd username to catch parsing errors
674 url_user=$HTTPD_URL_USER/auth/smart/repo.git
675 url_userpass=$HTTPD_URL_USER_PASS/auth/smart/repo.git
676 url_userblank=$HTTPD_PROTO://user%40host:@$HTTPD_DEST/auth/smart/repo.git
677 message="URL .*:<redacted>@.* uses plaintext credentials"
678
679 test_expect_success 'clone warns or fails when using username:password' '
680 test_when_finished "rm -rf attempt*" &&
681
682 git -c transfer.credentialsInUrl=allow \
683 clone $url_userpass attempt1 2>err &&
684 ! grep "$message" err &&
685
686 git -c transfer.credentialsInUrl=warn \
687 clone $url_userpass attempt2 2>err &&
688 grep "warning: $message" err >warnings &&
689 test_line_count -ge 1 warnings &&
690
691 test_must_fail git -c transfer.credentialsInUrl=die \
692 clone $url_userpass attempt3 2>err &&
693 grep "fatal: $message" err >warnings &&
694 test_line_count -ge 1 warnings &&
695
696 test_must_fail git -c transfer.credentialsInUrl=die \
697 clone $url_userblank attempt4 2>err &&
698 grep "fatal: $message" err >warnings &&
699 test_line_count -ge 1 warnings
700 '
701
702 test_expect_success 'clone does not detect username:password when it is https://username@domain:port/' '
703 test_when_finished "rm -rf attempt1" &&
704
705 # we are relying on lib-httpd for url construction, so document our
706 # assumptions
707 case "$HTTPD_URL_USER" in
708 *:[0-9]*) : ok ;;
709 *) BUG "httpd url does not have port: $HTTPD_URL_USER"
710 esac &&
711
712 git -c transfer.credentialsInUrl=warn clone $url_user attempt1 2>err &&
713 ! grep "uses plaintext credentials" err
714 '
715
716 test_expect_success 'fetch warns or fails when using username:password' '
717 git -c transfer.credentialsInUrl=allow fetch $url_userpass 2>err &&
718 ! grep "$message" err &&
719
720 git -c transfer.credentialsInUrl=warn fetch $url_userpass 2>err &&
721 grep "warning: $message" err >warnings &&
722 test_line_count -ge 1 warnings &&
723
724 test_must_fail git -c transfer.credentialsInUrl=die \
725 fetch $url_userpass 2>err &&
726 grep "fatal: $message" err >warnings &&
727 test_line_count -ge 1 warnings &&
728
729 test_must_fail git -c transfer.credentialsInUrl=die \
730 fetch $url_userblank 2>err &&
731 grep "fatal: $message" err >warnings &&
732 test_line_count -ge 1 warnings
733 '
734
735
736 test_expect_success 'push warns or fails when using username:password' '
737 git -c transfer.credentialsInUrl=allow push $url_userpass 2>err &&
738 ! grep "$message" err &&
739
740 git -c transfer.credentialsInUrl=warn push $url_userpass 2>err &&
741 grep "warning: $message" err >warnings &&
742
743 test_must_fail git -c transfer.credentialsInUrl=die \
744 push $url_userpass 2>err &&
745 grep "fatal: $message" err >warnings &&
746 test_line_count -ge 1 warnings
747 '
748
749 test_expect_success 'no empty path components' '
750 # In the URL, add a trailing slash, and see if git appends yet another
751 # slash.
752 git clone $HTTPD_URL/smart/repo.git/ clone-with-slash &&
753
754 strip_access_log >log &&
755 ! grep "//" log
756 '
757
758 test_expect_success 'tag following always works over v0 http' '
759 upstream=$HTTPD_DOCUMENT_ROOT_PATH/tags &&
760 git init "$upstream" &&
761 (
762 cd "$upstream" &&
763 git commit --allow-empty -m base &&
764 git tag not-annotated &&
765 git tag -m foo annotated
766 ) &&
767 git init tags &&
768 git -C tags -c protocol.version=0 \
769 fetch --depth 1 $HTTPD_URL/smart/tags \
770 refs/tags/annotated:refs/tags/annotated &&
771 git -C "$upstream" for-each-ref refs/tags >expect &&
772 git -C tags for-each-ref >actual &&
773 test_cmp expect actual
774 '
775
776 test_done
Alternate source for your git.git needs