t / t5550-http-fetch-dumb.shon commit t4045: abstract away SHA-1-specific constants (5c02428)
   1#!/bin/sh
   2
   3test_description='test dumb fetching over http via static file'
   4. ./test-lib.sh
   5. "$TEST_DIRECTORY"/lib-httpd.sh
   6start_httpd
   7
   8test_expect_success 'setup repository' '
   9        git config push.default matching &&
  10        echo content1 >file &&
  11        git add file &&
  12        git commit -m one &&
  13        echo content2 >file &&
  14        git add file &&
  15        git commit -m two
  16'
  17
  18test_expect_success 'create http-accessible bare repository with loose objects' '
  19        cp -R .git "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
  20        (cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
  21         git config core.bare true &&
  22         mkdir -p hooks &&
  23         write_script "hooks/post-update" <<-\EOF &&
  24         exec git update-server-info
  25        EOF
  26         hooks/post-update
  27        ) &&
  28        git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
  29        git push public master:master
  30'
  31
  32test_expect_success 'clone http repository' '
  33        git clone $HTTPD_URL/dumb/repo.git clone-tmpl &&
  34        cp -R clone-tmpl clone &&
  35        test_cmp file clone/file
  36'
  37
  38test_expect_success 'list refs from outside any repository' '
  39        cat >expect <<-EOF &&
  40        $(git rev-parse master) HEAD
  41        $(git rev-parse master) refs/heads/master
  42        EOF
  43        nongit git ls-remote "$HTTPD_URL/dumb/repo.git" >actual &&
  44        test_cmp expect actual
  45'
  46
  47test_expect_success 'create password-protected repository' '
  48        mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/" &&
  49        cp -Rf "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
  50               "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git"
  51'
  52
  53setup_askpass_helper
  54
  55test_expect_success 'cloning password-protected repository can fail' '
  56        set_askpass wrong &&
  57        test_must_fail git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-fail &&
  58        expect_askpass both wrong
  59'
  60
  61test_expect_success 'http auth can use user/pass in URL' '
  62        set_askpass wrong &&
  63        git clone "$HTTPD_URL_USER_PASS/auth/dumb/repo.git" clone-auth-none &&
  64        expect_askpass none
  65'
  66
  67test_expect_success 'http auth can use just user in URL' '
  68        set_askpass wrong pass@host &&
  69        git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-pass &&
  70        expect_askpass pass user@host
  71'
  72
  73test_expect_success 'http auth can request both user and pass' '
  74        set_askpass user@host pass@host &&
  75        git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-both &&
  76        expect_askpass both user@host
  77'
  78
  79test_expect_success 'http auth respects credential helper config' '
  80        test_config_global credential.helper "!f() {
  81                cat >/dev/null
  82                echo username=user@host
  83                echo password=pass@host
  84        }; f" &&
  85        set_askpass wrong &&
  86        git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-helper &&
  87        expect_askpass none
  88'
  89
  90test_expect_success 'http auth can get username from config' '
  91        test_config_global "credential.$HTTPD_URL.username" user@host &&
  92        set_askpass wrong pass@host &&
  93        git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-user &&
  94        expect_askpass pass user@host
  95'
  96
  97test_expect_success 'configured username does not override URL' '
  98        test_config_global "credential.$HTTPD_URL.username" wrong &&
  99        set_askpass wrong pass@host &&
 100        git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-user2 &&
 101        expect_askpass pass user@host
 102'
 103
 104test_expect_success 'set up repo with http submodules' '
 105        git init super &&
 106        set_askpass user@host pass@host &&
 107        (
 108                cd super &&
 109                git submodule add "$HTTPD_URL/auth/dumb/repo.git" sub &&
 110                git commit -m "add submodule"
 111        )
 112'
 113
 114test_expect_success 'cmdline credential config passes to submodule via clone' '
 115        set_askpass wrong pass@host &&
 116        test_must_fail git clone --recursive super super-clone &&
 117        rm -rf super-clone &&
 118
 119        set_askpass wrong pass@host &&
 120        git -c "credential.$HTTPD_URL.username=user@host" \
 121                clone --recursive super super-clone &&
 122        expect_askpass pass user@host
 123'
 124
 125test_expect_success 'cmdline credential config passes submodule via fetch' '
 126        set_askpass wrong pass@host &&
 127        test_must_fail git -C super-clone fetch --recurse-submodules &&
 128
 129        set_askpass wrong pass@host &&
 130        git -C super-clone \
 131            -c "credential.$HTTPD_URL.username=user@host" \
 132            fetch --recurse-submodules &&
 133        expect_askpass pass user@host
 134'
 135
 136test_expect_success 'cmdline credential config passes submodule update' '
 137        # advance the submodule HEAD so that a fetch is required
 138        git commit --allow-empty -m foo &&
 139        git push "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git" HEAD &&
 140        sha1=$(git rev-parse HEAD) &&
 141        git -C super-clone update-index --cacheinfo 160000,$sha1,sub &&
 142
 143        set_askpass wrong pass@host &&
 144        test_must_fail git -C super-clone submodule update &&
 145
 146        set_askpass wrong pass@host &&
 147        git -C super-clone \
 148            -c "credential.$HTTPD_URL.username=user@host" \
 149            submodule update &&
 150        expect_askpass pass user@host
 151'
 152
 153test_expect_success 'fetch changes via http' '
 154        echo content >>file &&
 155        git commit -a -m two &&
 156        git push public &&
 157        (cd clone && git pull) &&
 158        test_cmp file clone/file
 159'
 160
 161test_expect_success 'fetch changes via manual http-fetch' '
 162        cp -R clone-tmpl clone2 &&
 163
 164        HEAD=$(git rev-parse --verify HEAD) &&
 165        (cd clone2 &&
 166         git http-fetch -a -w heads/master-new $HEAD $(git config remote.origin.url) &&
 167         git checkout master-new &&
 168         test $HEAD = $(git rev-parse --verify HEAD)) &&
 169        test_cmp file clone2/file
 170'
 171
 172test_expect_success 'manual http-fetch without -a works just as well' '
 173        cp -R clone-tmpl clone3 &&
 174
 175        HEAD=$(git rev-parse --verify HEAD) &&
 176        (cd clone3 &&
 177         git http-fetch -w heads/master-new $HEAD $(git config remote.origin.url) &&
 178         git checkout master-new &&
 179         test $HEAD = $(git rev-parse --verify HEAD)) &&
 180        test_cmp file clone3/file
 181'
 182
 183test_expect_success 'http remote detects correct HEAD' '
 184        git push public master:other &&
 185        (cd clone &&
 186         git remote set-head origin -d &&
 187         git remote set-head origin -a &&
 188         git symbolic-ref refs/remotes/origin/HEAD > output &&
 189         echo refs/remotes/origin/master > expect &&
 190         test_cmp expect output
 191        )
 192'
 193
 194test_expect_success 'fetch packed objects' '
 195        cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
 196        (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
 197         git --bare repack -a -d
 198        ) &&
 199        git clone $HTTPD_URL/dumb/repo_pack.git
 200'
 201
 202test_expect_success 'fetch notices corrupt pack' '
 203        cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
 204        (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
 205         p=$(ls objects/pack/pack-*.pack) &&
 206         chmod u+w $p &&
 207         printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
 208        ) &&
 209        mkdir repo_bad1.git &&
 210        (cd repo_bad1.git &&
 211         git --bare init &&
 212         test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad1.git &&
 213         test 0 = $(ls objects/pack/pack-*.pack | wc -l)
 214        )
 215'
 216
 217test_expect_success 'fetch notices corrupt idx' '
 218        cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
 219        (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
 220         p=$(ls objects/pack/pack-*.idx) &&
 221         chmod u+w $p &&
 222         printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
 223        ) &&
 224        mkdir repo_bad2.git &&
 225        (cd repo_bad2.git &&
 226         git --bare init &&
 227         test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad2.git &&
 228         test 0 = $(ls objects/pack | wc -l)
 229        )
 230'
 231
 232test_expect_success 'fetch can handle previously-fetched .idx files' '
 233        git checkout --orphan branch1 &&
 234        echo base >file &&
 235        git add file &&
 236        git commit -m base &&
 237        git --bare init "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git &&
 238        git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch1 &&
 239        git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
 240        git checkout -b branch2 branch1 &&
 241        echo b2 >>file &&
 242        git commit -a -m b2 &&
 243        git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch2 &&
 244        git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
 245        git --bare init clone_packed_branches.git &&
 246        git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch1:branch1 &&
 247        git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch2:branch2
 248'
 249
 250test_expect_success 'did not use upload-pack service' '
 251        test_might_fail grep '/git-upload-pack' <"$HTTPD_ROOT_PATH"/access.log >act &&
 252        : >exp &&
 253        test_cmp exp act
 254'
 255
 256test_expect_success 'git client shows text/plain errors' '
 257        test_must_fail git clone "$HTTPD_URL/error/text" 2>stderr &&
 258        grep "this is the error message" stderr
 259'
 260
 261test_expect_success 'git client does not show html errors' '
 262        test_must_fail git clone "$HTTPD_URL/error/html" 2>stderr &&
 263        ! grep "this is the error message" stderr
 264'
 265
 266test_expect_success 'git client shows text/plain with a charset' '
 267        test_must_fail git clone "$HTTPD_URL/error/charset" 2>stderr &&
 268        grep "this is the error message" stderr
 269'
 270
 271test_expect_success 'http error messages are reencoded' '
 272        test_must_fail git clone "$HTTPD_URL/error/utf16" 2>stderr &&
 273        grep "this is the error message" stderr
 274'
 275
 276test_expect_success 'reencoding is robust to whitespace oddities' '
 277        test_must_fail git clone "$HTTPD_URL/error/odd-spacing" 2>stderr &&
 278        grep "this is the error message" stderr
 279'
 280
 281check_language () {
 282        case "$2" in
 283        '')
 284                >expect
 285                ;;
 286        ?*)
 287                echo "=> Send header: Accept-Language: $1" >expect
 288                ;;
 289        esac &&
 290        GIT_TRACE_CURL=true \
 291        LANGUAGE=$2 \
 292        git ls-remote "$HTTPD_URL/dumb/repo.git" >output 2>&1 &&
 293        tr -d '\015' <output |
 294        sort -u |
 295        sed -ne '/^=> Send header: Accept-Language:/ p' >actual &&
 296        test_cmp expect actual
 297}
 298
 299test_expect_success 'git client sends Accept-Language based on LANGUAGE' '
 300        check_language "ko-KR, *;q=0.9" ko_KR.UTF-8'
 301
 302test_expect_success 'git client sends Accept-Language correctly with unordinary LANGUAGE' '
 303        check_language "ko-KR, *;q=0.9" "ko_KR:" &&
 304        check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR::en_US" &&
 305        check_language "ko-KR, *;q=0.9" ":::ko_KR" &&
 306        check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR!!:en_US" &&
 307        check_language "ko-KR, ja-JP;q=0.9, *;q=0.8" "ko_KR en_US:ja_JP"'
 308
 309test_expect_success 'git client sends Accept-Language with many preferred languages' '
 310        check_language "ko-KR, en-US;q=0.9, fr-CA;q=0.8, de;q=0.7, sr;q=0.6, \
 311ja;q=0.5, zh;q=0.4, sv;q=0.3, pt;q=0.2, *;q=0.1" \
 312                ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt &&
 313        check_language "ko-KR, en-US;q=0.99, fr-CA;q=0.98, de;q=0.97, sr;q=0.96, \
 314ja;q=0.95, zh;q=0.94, sv;q=0.93, pt;q=0.92, nb;q=0.91, *;q=0.90" \
 315                ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt:nb
 316'
 317
 318test_expect_success 'git client does not send an empty Accept-Language' '
 319        GIT_TRACE_CURL=true LANGUAGE= git ls-remote "$HTTPD_URL/dumb/repo.git" 2>stderr &&
 320        ! grep "^=> Send header: Accept-Language:" stderr
 321'
 322
 323test_expect_success 'remote-http complains cleanly about malformed urls' '
 324        # do not actually issue "list" or other commands, as we do not
 325        # want to rely on what curl would actually do with such a broken
 326        # URL. This is just about making sure we do not segfault during
 327        # initialization.
 328        test_must_fail git remote-http http::/example.com/repo.git
 329'
 330
 331test_expect_success 'redirects can be forbidden/allowed' '
 332        test_must_fail git -c http.followRedirects=false \
 333                clone $HTTPD_URL/dumb-redir/repo.git dumb-redir &&
 334        git -c http.followRedirects=true \
 335                clone $HTTPD_URL/dumb-redir/repo.git dumb-redir 2>stderr
 336'
 337
 338test_expect_success 'redirects are reported to stderr' '
 339        # just look for a snippet of the redirected-to URL
 340        test_i18ngrep /dumb/ stderr
 341'
 342
 343test_expect_success 'non-initial redirects can be forbidden' '
 344        test_must_fail git -c http.followRedirects=initial \
 345                clone $HTTPD_URL/redir-objects/repo.git redir-objects &&
 346        git -c http.followRedirects=true \
 347                clone $HTTPD_URL/redir-objects/repo.git redir-objects
 348'
 349
 350test_expect_success 'http.followRedirects defaults to "initial"' '
 351        test_must_fail git clone $HTTPD_URL/redir-objects/repo.git default
 352'
 353
 354# The goal is for a clone of the "evil" repository, which has no objects
 355# itself, to cause the client to fetch objects from the "victim" repository.
 356test_expect_success 'set up evil alternates scheme' '
 357        victim=$HTTPD_DOCUMENT_ROOT_PATH/victim.git &&
 358        git init --bare "$victim" &&
 359        git -C "$victim" --work-tree=. commit --allow-empty -m secret &&
 360        git -C "$victim" repack -ad &&
 361        git -C "$victim" update-server-info &&
 362        sha1=$(git -C "$victim" rev-parse HEAD) &&
 363
 364        evil=$HTTPD_DOCUMENT_ROOT_PATH/evil.git &&
 365        git init --bare "$evil" &&
 366        # do this by hand to avoid object existence check
 367        printf "%s\\t%s\\n" $sha1 refs/heads/master >"$evil/info/refs"
 368'
 369
 370# Here we'll just redirect via HTTP. In a real-world attack these would be on
 371# different servers, but we should reject it either way.
 372test_expect_success 'http-alternates is a non-initial redirect' '
 373        echo "$HTTPD_URL/dumb/victim.git/objects" \
 374                >"$evil/objects/info/http-alternates" &&
 375        test_must_fail git -c http.followRedirects=initial \
 376                clone $HTTPD_URL/dumb/evil.git evil-initial &&
 377        git -c http.followRedirects=true \
 378                clone $HTTPD_URL/dumb/evil.git evil-initial
 379'
 380
 381# Curl supports a lot of protocols that we'd prefer not to allow
 382# http-alternates to use, but it's hard to test whether curl has
 383# accessed, say, the SMTP protocol, because we are not running an SMTP server.
 384# But we can check that it does not allow access to file://, which would
 385# otherwise allow this clone to complete.
 386test_expect_success 'http-alternates cannot point at funny protocols' '
 387        echo "file://$victim/objects" >"$evil/objects/info/http-alternates" &&
 388        test_must_fail git -c http.followRedirects=true \
 389                clone "$HTTPD_URL/dumb/evil.git" evil-file
 390'
 391
 392test_expect_success 'http-alternates triggers not-from-user protocol check' '
 393        echo "$HTTPD_URL/dumb/victim.git/objects" \
 394                >"$evil/objects/info/http-alternates" &&
 395        test_config_global http.followRedirects true &&
 396        test_must_fail git -c protocol.http.allow=user \
 397                clone $HTTPD_URL/dumb/evil.git evil-user &&
 398        git -c protocol.http.allow=always \
 399                clone $HTTPD_URL/dumb/evil.git evil-user
 400'
 401
 402test_expect_success 'can redirect through non-"info/refs?service=git-upload-pack" URL' '
 403        git clone "$HTTPD_URL/redir-to/dumb/repo.git"
 404'
 405
 406test_expect_success 'print HTTP error when any intermediate redirect throws error' '
 407        test_must_fail git clone "$HTTPD_URL/redir-to/502" 2> stderr &&
 408        test_i18ngrep "unable to access.*/redir-to/502" stderr
 409'
 410
 411stop_httpd
 412test_done