1#!/bin/sh
2
3test_description='test dumb fetching over http via static file'
4. ./test-lib.sh
5. "$TEST_DIRECTORY"/lib-httpd.sh
6start_httpd
7
8test_expect_success 'setup repository' '
9 git config push.default matching &&
10 echo content1 >file &&
11 git add file &&
12 git commit -m one &&
13 echo content2 >file &&
14 git add file &&
15 git commit -m two
16'
17
18test_expect_success 'create http-accessible bare repository with loose objects' '
19 cp -R .git "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
20 (cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
21 git config core.bare true &&
22 mkdir -p hooks &&
23 echo "exec git update-server-info" >hooks/post-update &&
24 chmod +x hooks/post-update &&
25 hooks/post-update
26 ) &&
27 git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
28 git push public master:master
29'
30
31test_expect_success 'clone http repository' '
32 git clone $HTTPD_URL/dumb/repo.git clone-tmpl &&
33 cp -R clone-tmpl clone &&
34 test_cmp file clone/file
35'
36
37test_expect_success 'list refs from outside any repository' '
38 cat >expect <<-EOF &&
39 $(git rev-parse master) HEAD
40 $(git rev-parse master) refs/heads/master
41 EOF
42 nongit git ls-remote "$HTTPD_URL/dumb/repo.git" >actual &&
43 test_cmp expect actual
44'
45
46test_expect_success 'create password-protected repository' '
47 mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/" &&
48 cp -Rf "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
49 "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git"
50'
51
52setup_askpass_helper
53
54test_expect_success 'cloning password-protected repository can fail' '
55 set_askpass wrong &&
56 test_must_fail git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-fail &&
57 expect_askpass both wrong
58'
59
60test_expect_success 'http auth can use user/pass in URL' '
61 set_askpass wrong &&
62 git clone "$HTTPD_URL_USER_PASS/auth/dumb/repo.git" clone-auth-none &&
63 expect_askpass none
64'
65
66test_expect_success 'http auth can use just user in URL' '
67 set_askpass wrong pass@host &&
68 git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-pass &&
69 expect_askpass pass user@host
70'
71
72test_expect_success 'http auth can request both user and pass' '
73 set_askpass user@host pass@host &&
74 git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-both &&
75 expect_askpass both user@host
76'
77
78test_expect_success 'http auth respects credential helper config' '
79 test_config_global credential.helper "!f() {
80 cat >/dev/null
81 echo username=user@host
82 echo password=pass@host
83 }; f" &&
84 set_askpass wrong &&
85 git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-helper &&
86 expect_askpass none
87'
88
89test_expect_success 'http auth can get username from config' '
90 test_config_global "credential.$HTTPD_URL.username" user@host &&
91 set_askpass wrong pass@host &&
92 git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-user &&
93 expect_askpass pass user@host
94'
95
96test_expect_success 'configured username does not override URL' '
97 test_config_global "credential.$HTTPD_URL.username" wrong &&
98 set_askpass wrong pass@host &&
99 git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-user2 &&
100 expect_askpass pass user@host
101'
102
103test_expect_success 'set up repo with http submodules' '
104 git init super &&
105 set_askpass user@host pass@host &&
106 (
107 cd super &&
108 git submodule add "$HTTPD_URL/auth/dumb/repo.git" sub &&
109 git commit -m "add submodule"
110 )
111'
112
113test_expect_success 'cmdline credential config passes to submodule via clone' '
114 set_askpass wrong pass@host &&
115 test_must_fail git clone --recursive super super-clone &&
116 rm -rf super-clone &&
117
118 set_askpass wrong pass@host &&
119 git -c "credential.$HTTPD_URL.username=user@host" \
120 clone --recursive super super-clone &&
121 expect_askpass pass user@host
122'
123
124test_expect_success 'cmdline credential config passes submodule via fetch' '
125 set_askpass wrong pass@host &&
126 test_must_fail git -C super-clone fetch --recurse-submodules &&
127
128 set_askpass wrong pass@host &&
129 git -C super-clone \
130 -c "credential.$HTTPD_URL.username=user@host" \
131 fetch --recurse-submodules &&
132 expect_askpass pass user@host
133'
134
135test_expect_success 'cmdline credential config passes submodule update' '
136 # advance the submodule HEAD so that a fetch is required
137 git commit --allow-empty -m foo &&
138 git push "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git" HEAD &&
139 sha1=$(git rev-parse HEAD) &&
140 git -C super-clone update-index --cacheinfo 160000,$sha1,sub &&
141
142 set_askpass wrong pass@host &&
143 test_must_fail git -C super-clone submodule update &&
144
145 set_askpass wrong pass@host &&
146 git -C super-clone \
147 -c "credential.$HTTPD_URL.username=user@host" \
148 submodule update &&
149 expect_askpass pass user@host
150'
151
152test_expect_success 'fetch changes via http' '
153 echo content >>file &&
154 git commit -a -m two &&
155 git push public &&
156 (cd clone && git pull) &&
157 test_cmp file clone/file
158'
159
160test_expect_success 'fetch changes via manual http-fetch' '
161 cp -R clone-tmpl clone2 &&
162
163 HEAD=$(git rev-parse --verify HEAD) &&
164 (cd clone2 &&
165 git http-fetch -a -w heads/master-new $HEAD $(git config remote.origin.url) &&
166 git checkout master-new &&
167 test $HEAD = $(git rev-parse --verify HEAD)) &&
168 test_cmp file clone2/file
169'
170
171test_expect_success 'http remote detects correct HEAD' '
172 git push public master:other &&
173 (cd clone &&
174 git remote set-head origin -d &&
175 git remote set-head origin -a &&
176 git symbolic-ref refs/remotes/origin/HEAD > output &&
177 echo refs/remotes/origin/master > expect &&
178 test_cmp expect output
179 )
180'
181
182test_expect_success 'fetch packed objects' '
183 cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
184 (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
185 git --bare repack -a -d
186 ) &&
187 git clone $HTTPD_URL/dumb/repo_pack.git
188'
189
190test_expect_success 'fetch notices corrupt pack' '
191 cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
192 (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
193 p=$(ls objects/pack/pack-*.pack) &&
194 chmod u+w $p &&
195 printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
196 ) &&
197 mkdir repo_bad1.git &&
198 (cd repo_bad1.git &&
199 git --bare init &&
200 test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad1.git &&
201 test 0 = $(ls objects/pack/pack-*.pack | wc -l)
202 )
203'
204
205test_expect_success 'fetch notices corrupt idx' '
206 cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
207 (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
208 p=$(ls objects/pack/pack-*.idx) &&
209 chmod u+w $p &&
210 printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
211 ) &&
212 mkdir repo_bad2.git &&
213 (cd repo_bad2.git &&
214 git --bare init &&
215 test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad2.git &&
216 test 0 = $(ls objects/pack | wc -l)
217 )
218'
219
220test_expect_success 'fetch can handle previously-fetched .idx files' '
221 git checkout --orphan branch1 &&
222 echo base >file &&
223 git add file &&
224 git commit -m base &&
225 git --bare init "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git &&
226 git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch1 &&
227 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
228 git checkout -b branch2 branch1 &&
229 echo b2 >>file &&
230 git commit -a -m b2 &&
231 git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch2 &&
232 git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
233 git --bare init clone_packed_branches.git &&
234 git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch1:branch1 &&
235 git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch2:branch2
236'
237
238test_expect_success 'did not use upload-pack service' '
239 test_might_fail grep '/git-upload-pack' <"$HTTPD_ROOT_PATH"/access.log >act &&
240 : >exp &&
241 test_cmp exp act
242'
243
244test_expect_success 'git client shows text/plain errors' '
245 test_must_fail git clone "$HTTPD_URL/error/text" 2>stderr &&
246 grep "this is the error message" stderr
247'
248
249test_expect_success 'git client does not show html errors' '
250 test_must_fail git clone "$HTTPD_URL/error/html" 2>stderr &&
251 ! grep "this is the error message" stderr
252'
253
254test_expect_success 'git client shows text/plain with a charset' '
255 test_must_fail git clone "$HTTPD_URL/error/charset" 2>stderr &&
256 grep "this is the error message" stderr
257'
258
259test_expect_success 'http error messages are reencoded' '
260 test_must_fail git clone "$HTTPD_URL/error/utf16" 2>stderr &&
261 grep "this is the error message" stderr
262'
263
264test_expect_success 'reencoding is robust to whitespace oddities' '
265 test_must_fail git clone "$HTTPD_URL/error/odd-spacing" 2>stderr &&
266 grep "this is the error message" stderr
267'
268
269check_language () {
270 case "$2" in
271 '')
272 >expect
273 ;;
274 ?*)
275 echo "=> Send header: Accept-Language: $1" >expect
276 ;;
277 esac &&
278 GIT_TRACE_CURL=true \
279 LANGUAGE=$2 \
280 git ls-remote "$HTTPD_URL/dumb/repo.git" >output 2>&1 &&
281 tr -d '\015' <output |
282 sort -u |
283 sed -ne '/^=> Send header: Accept-Language:/ p' >actual &&
284 test_cmp expect actual
285}
286
287test_expect_success 'git client sends Accept-Language based on LANGUAGE' '
288 check_language "ko-KR, *;q=0.9" ko_KR.UTF-8'
289
290test_expect_success 'git client sends Accept-Language correctly with unordinary LANGUAGE' '
291 check_language "ko-KR, *;q=0.9" "ko_KR:" &&
292 check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR::en_US" &&
293 check_language "ko-KR, *;q=0.9" ":::ko_KR" &&
294 check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR!!:en_US" &&
295 check_language "ko-KR, ja-JP;q=0.9, *;q=0.8" "ko_KR en_US:ja_JP"'
296
297test_expect_success 'git client sends Accept-Language with many preferred languages' '
298 check_language "ko-KR, en-US;q=0.9, fr-CA;q=0.8, de;q=0.7, sr;q=0.6, \
299ja;q=0.5, zh;q=0.4, sv;q=0.3, pt;q=0.2, *;q=0.1" \
300 ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt &&
301 check_language "ko-KR, en-US;q=0.99, fr-CA;q=0.98, de;q=0.97, sr;q=0.96, \
302ja;q=0.95, zh;q=0.94, sv;q=0.93, pt;q=0.92, nb;q=0.91, *;q=0.90" \
303 ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt:nb
304'
305
306test_expect_success 'git client does not send an empty Accept-Language' '
307 GIT_TRACE_CURL=true LANGUAGE= git ls-remote "$HTTPD_URL/dumb/repo.git" 2>stderr &&
308 ! grep "^=> Send header: Accept-Language:" stderr
309'
310
311test_expect_success 'remote-http complains cleanly about malformed urls' '
312 # do not actually issue "list" or other commands, as we do not
313 # want to rely on what curl would actually do with such a broken
314 # URL. This is just about making sure we do not segfault during
315 # initialization.
316 test_must_fail git remote-http http::/example.com/repo.git
317'
318
319test_expect_success 'redirects can be forbidden/allowed' '
320 test_must_fail git -c http.followRedirects=false \
321 clone $HTTPD_URL/dumb-redir/repo.git dumb-redir &&
322 git -c http.followRedirects=true \
323 clone $HTTPD_URL/dumb-redir/repo.git dumb-redir 2>stderr
324'
325
326test_expect_success 'redirects are reported to stderr' '
327 # just look for a snippet of the redirected-to URL
328 test_i18ngrep /dumb/ stderr
329'
330
331test_expect_success 'non-initial redirects can be forbidden' '
332 test_must_fail git -c http.followRedirects=initial \
333 clone $HTTPD_URL/redir-objects/repo.git redir-objects &&
334 git -c http.followRedirects=true \
335 clone $HTTPD_URL/redir-objects/repo.git redir-objects
336'
337
338test_expect_success 'http.followRedirects defaults to "initial"' '
339 test_must_fail git clone $HTTPD_URL/redir-objects/repo.git default
340'
341
342# The goal is for a clone of the "evil" repository, which has no objects
343# itself, to cause the client to fetch objects from the "victim" repository.
344test_expect_success 'set up evil alternates scheme' '
345 victim=$HTTPD_DOCUMENT_ROOT_PATH/victim.git &&
346 git init --bare "$victim" &&
347 git -C "$victim" --work-tree=. commit --allow-empty -m secret &&
348 git -C "$victim" repack -ad &&
349 git -C "$victim" update-server-info &&
350 sha1=$(git -C "$victim" rev-parse HEAD) &&
351
352 evil=$HTTPD_DOCUMENT_ROOT_PATH/evil.git &&
353 git init --bare "$evil" &&
354 # do this by hand to avoid object existence check
355 printf "%s\\t%s\\n" $sha1 refs/heads/master >"$evil/info/refs"
356'
357
358# Here we'll just redirect via HTTP. In a real-world attack these would be on
359# different servers, but we should reject it either way.
360test_expect_success 'http-alternates is a non-initial redirect' '
361 echo "$HTTPD_URL/dumb/victim.git/objects" \
362 >"$evil/objects/info/http-alternates" &&
363 test_must_fail git -c http.followRedirects=initial \
364 clone $HTTPD_URL/dumb/evil.git evil-initial &&
365 git -c http.followRedirects=true \
366 clone $HTTPD_URL/dumb/evil.git evil-initial
367'
368
369# Curl supports a lot of protocols that we'd prefer not to allow
370# http-alternates to use, but it's hard to test whether curl has
371# accessed, say, the SMTP protocol, because we are not running an SMTP server.
372# But we can check that it does not allow access to file://, which would
373# otherwise allow this clone to complete.
374test_expect_success 'http-alternates cannot point at funny protocols' '
375 echo "file://$victim/objects" >"$evil/objects/info/http-alternates" &&
376 test_must_fail git -c http.followRedirects=true \
377 clone "$HTTPD_URL/dumb/evil.git" evil-file
378'
379
380test_expect_success 'http-alternates triggers not-from-user protocol check' '
381 echo "$HTTPD_URL/dumb/victim.git/objects" \
382 >"$evil/objects/info/http-alternates" &&
383 test_config_global http.followRedirects true &&
384 test_must_fail git -c protocol.http.allow=user \
385 clone $HTTPD_URL/dumb/evil.git evil-user &&
386 git -c protocol.http.allow=always \
387 clone $HTTPD_URL/dumb/evil.git evil-user
388'
389
390stop_httpd
391test_done