use distinct username/password for http auth tests
authorJeff King <peff@peff.net>
Thu, 2 Jan 2014 07:38:35 +0000 (02:38 -0500)
committerJunio C Hamano <gitster@pobox.com>
Thu, 2 Jan 2014 18:25:03 +0000 (10:25 -0800)
The httpd server we set up to test git's http client code
knows about a single account, in which both the username and
password are "user@host" (the unusual use of the "@" here is
to verify that we handle the character correctly when URL
escaped).

This means that we may miss a certain class of errors in
which the username and password are mixed up internally by
git. We can make our tests more robust by having distinct
values for the username and password.

In addition to tweaking the server passwd file and the
client URL, we must teach the "askpass" harness to accept
multiple values. As a bonus, this makes the setup of some
tests more obvious; when we are expecting git to ask
only about the password, we can seed the username askpass
response with a bogus value.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
t/lib-httpd.sh
t/lib-httpd/passwd
t/t5540-http-push.sh
t/t5541-http-push.sh
t/t5550-http-fetch.sh
t/t5551-http-fetch.sh
index ad8f1ef71efcd7e449d2cad8edd3cf80c98ca188..d15fa0f045bca78b2d779882e89aa5f8c8f6aac2 100644 (file)
@@ -102,7 +102,7 @@ prepare_httpd() {
        HTTPD_DEST=127.0.0.1:$LIB_HTTPD_PORT
        HTTPD_URL=$HTTPD_PROTO://$HTTPD_DEST
        HTTPD_URL_USER=$HTTPD_PROTO://user%40host@$HTTPD_DEST
-       HTTPD_URL_USER_PASS=$HTTPD_PROTO://user%40host:user%40host@$HTTPD_DEST
+       HTTPD_URL_USER_PASS=$HTTPD_PROTO://user%40host:pass%40host@$HTTPD_DEST
 
        if test -n "$LIB_HTTPD_DAV" -o -n "$LIB_HTTPD_SVN"
        then
@@ -190,7 +190,15 @@ setup_askpass_helper() {
        test_expect_success 'setup askpass helper' '
                write_script "$TRASH_DIRECTORY/askpass" <<-\EOF &&
                echo >>"$TRASH_DIRECTORY/askpass-query" "askpass: $*" &&
-               cat "$TRASH_DIRECTORY/askpass-response"
+               case "$*" in
+               *Username*)
+                       what=user
+                       ;;
+               *Password*)
+                       what=pass
+                       ;;
+               esac &&
+               cat "$TRASH_DIRECTORY/askpass-$what"
                EOF
                GIT_ASKPASS="$TRASH_DIRECTORY/askpass" &&
                export GIT_ASKPASS &&
@@ -200,7 +208,8 @@ setup_askpass_helper() {
 
 set_askpass() {
        >"$TRASH_DIRECTORY/askpass-query" &&
-       echo "$*" >"$TRASH_DIRECTORY/askpass-response"
+       echo "$1" >"$TRASH_DIRECTORY/askpass-user" &&
+       echo "$2" >"$TRASH_DIRECTORY/askpass-pass"
 }
 
 expect_askpass() {
index f2fbcad33e28adcbd30a539371e5d659251ba3a6..99a34d648742f669e7b501298a92fab401bc1971 100644 (file)
@@ -1 +1 @@
-user@host:nKpa8pZUHx/ic
+user@host:xb4E8pqD81KQs
index 01d0d95b4d6476f691f650cc413fa7156caee88b..5b0198cbc88ad54ea4e6f102429697c2da2ed2ba 100755 (executable)
@@ -154,7 +154,7 @@ test_http_push_nonff "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo.git \
 
 test_expect_success 'push to password-protected repository (user in URL)' '
        test_commit pw-user &&
-       set_askpass user@host &&
+       set_askpass user@host pass@host &&
        git push "$HTTPD_URL_USER/auth/dumb/test_repo.git" HEAD &&
        git rev-parse --verify HEAD >expect &&
        git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/test_repo.git" \
@@ -168,7 +168,7 @@ test_expect_failure 'user was prompted only once for password' '
 
 test_expect_failure 'push to password-protected repository (no user in URL)' '
        test_commit pw-nouser &&
-       set_askpass user@host &&
+       set_askpass user@host pass@host &&
        git push "$HTTPD_URL/auth/dumb/test_repo.git" HEAD &&
        expect_askpass both user@host
        git rev-parse --verify HEAD >expect &&
index 470ac54295e8640feb4d23a81c5dc8ce362857d0..bfd241ea8ae4e51f69194f4a08685e9cd9d78b61 100755 (executable)
@@ -274,7 +274,7 @@ test_expect_success 'push over smart http with auth' '
        cd "$ROOT_PATH/test_repo_clone" &&
        echo push-auth-test >expect &&
        test_commit push-auth-test &&
-       set_askpass user@host &&
+       set_askpass user@host pass@host &&
        git push "$HTTPD_URL"/auth/smart/test_repo.git &&
        git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/test_repo.git" \
                log -1 --format=%s >actual &&
@@ -286,7 +286,7 @@ test_expect_success 'push to auth-only-for-push repo' '
        cd "$ROOT_PATH/test_repo_clone" &&
        echo push-half-auth >expect &&
        test_commit push-half-auth &&
-       set_askpass user@host &&
+       set_askpass user@host pass@host &&
        git push "$HTTPD_URL"/auth-push/smart/test_repo.git &&
        git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/test_repo.git" \
                log -1 --format=%s >actual &&
@@ -316,7 +316,7 @@ test_expect_success 'push into half-auth-complete requires password' '
        cd "$ROOT_PATH/half-auth-clone" &&
        echo two >expect &&
        test_commit two &&
-       set_askpass user@host &&
+       set_askpass user@host pass@host &&
        git push "$HTTPD_URL/half-auth-complete/smart/half-auth.git" &&
        git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/half-auth.git" \
                log -1 --format=%s >actual &&
index f7d0f146f0f69775dd3fa3ea06895e2bb1a74d55..83926247142458323298c844ec99a74c369107e7 100755 (executable)
@@ -62,13 +62,13 @@ test_expect_success 'http auth can use user/pass in URL' '
 '
 
 test_expect_success 'http auth can use just user in URL' '
-       set_askpass user@host &&
+       set_askpass wrong pass@host &&
        git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-pass &&
        expect_askpass pass user@host
 '
 
 test_expect_success 'http auth can request both user and pass' '
-       set_askpass user@host &&
+       set_askpass user@host pass@host &&
        git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-both &&
        expect_askpass both user@host
 '
@@ -77,7 +77,7 @@ test_expect_success 'http auth respects credential helper config' '
        test_config_global credential.helper "!f() {
                cat >/dev/null
                echo username=user@host
-               echo password=user@host
+               echo password=pass@host
        }; f" &&
        set_askpass wrong &&
        git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-helper &&
@@ -86,14 +86,14 @@ test_expect_success 'http auth respects credential helper config' '
 
 test_expect_success 'http auth can get username from config' '
        test_config_global "credential.$HTTPD_URL.username" user@host &&
-       set_askpass user@host &&
+       set_askpass wrong pass@host &&
        git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-user &&
        expect_askpass pass user@host
 '
 
 test_expect_success 'configured username does not override URL' '
        test_config_global "credential.$HTTPD_URL.username" wrong &&
-       set_askpass user@host &&
+       set_askpass wrong pass@host &&
        git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-user2 &&
        expect_askpass pass user@host
 '
index afb439e09c2db4853c6eba88a1e630f319337cf8..a124efe11459905a11d91bfb32f8388bf4876c1d 100755 (executable)
@@ -119,7 +119,7 @@ test_expect_success 'redirects re-root further requests' '
 
 test_expect_success 'clone from password-protected repository' '
        echo two >expect &&
-       set_askpass user@host &&
+       set_askpass user@host pass@host &&
        git clone --bare "$HTTPD_URL/auth/smart/repo.git" smart-auth &&
        expect_askpass both user@host &&
        git --git-dir=smart-auth log -1 --format=%s >actual &&
@@ -137,7 +137,7 @@ test_expect_success 'clone from auth-only-for-push repository' '
 
 test_expect_success 'clone from auth-only-for-objects repository' '
        echo two >expect &&
-       set_askpass user@host &&
+       set_askpass user@host pass@host &&
        git clone --bare "$HTTPD_URL/auth-fetch/smart/repo.git" half-auth &&
        expect_askpass both user@host &&
        git --git-dir=half-auth log -1 --format=%s >actual &&
@@ -151,7 +151,7 @@ test_expect_success 'no-op half-auth fetch does not require a password' '
 '
 
 test_expect_success 'redirects send auth to new location' '
-       set_askpass user@host &&
+       set_askpass user@host pass@host &&
        git -c credential.useHttpPath=true \
          clone $HTTPD_URL/smart-redir-auth/repo.git repo-redir-auth &&
        expect_askpass both user@host auth/smart/repo.git