From: Junio C Hamano <gitster@pobox.com>
Date: Wed, 12 Sep 2012 20:58:22 +0000 (-0700)
Subject: Merge branch 'jk/maint-http-half-auth-push' into maint-1.7.11
X-Git-Tag: v1.7.11.7~9
X-Git-Url: https://git.lorimer.id.au/gitweb.git/diff_plain/7d9483c299b4467fb4c6d32ade8207232235528c?ds=inline;hp=-c

Merge branch 'jk/maint-http-half-auth-push' into maint-1.7.11

Pushing to smart HTTP server with recent Git fails without having
the username in the URL to force authentication, if the server is
configured to allow GET anonymously, while requiring authentication
for POST.

* jk/maint-http-half-auth-push:
http: prompt for credentials on failed POST
http: factor out http error code handling
t: test http access to "half-auth" repositories
t: test basic smart-http authentication
t/lib-httpd: recognize */smart/* repos as smart-http
t/lib-httpd: only route auth/dumb to dumb repos
t5550: factor out http auth setup
t5550: put auth-required repo in auth/dumb
---

7d9483c299b4467fb4c6d32ade8207232235528c
diff --combined http.c
index 5cb87f16f2,7c4a4072f2..0a27b146ad
--- a/http.c
+++ b/http.c
@@@ -744,6 -744,33 +744,33 @@@ char *get_remote_object_url(const char 
  	return strbuf_detach(&buf, NULL);
  }
  
+ int handle_curl_result(struct active_request_slot *slot)
+ {
+ 	struct slot_results *results = slot->results;
+ 
+ 	if (results->curl_result == CURLE_OK) {
+ 		credential_approve(&http_auth);
+ 		return HTTP_OK;
+ 	} else if (missing_target(results))
+ 		return HTTP_MISSING_TARGET;
+ 	else if (results->http_code == 401) {
+ 		if (http_auth.username && http_auth.password) {
+ 			credential_reject(&http_auth);
+ 			return HTTP_NOAUTH;
+ 		} else {
+ 			credential_fill(&http_auth);
+ 			init_curl_http_auth(slot->curl);
+ 			return HTTP_REAUTH;
+ 		}
+ 	} else {
+ 		if (!curl_errorstr[0])
+ 			strlcpy(curl_errorstr,
+ 				curl_easy_strerror(results->curl_result),
+ 				sizeof(curl_errorstr));
+ 		return HTTP_ERROR;
+ 	}
+ }
+ 
  /* http_request() targets */
  #define HTTP_REQUEST_STRBUF	0
  #define HTTP_REQUEST_FILE	1
@@@ -791,26 -818,7 +818,7 @@@ static int http_request(const char *url
  
  	if (start_active_slot(slot)) {
  		run_active_slot(slot);
- 		if (results.curl_result == CURLE_OK)
- 			ret = HTTP_OK;
- 		else if (missing_target(&results))
- 			ret = HTTP_MISSING_TARGET;
- 		else if (results.http_code == 401) {
- 			if (http_auth.username && http_auth.password) {
- 				credential_reject(&http_auth);
- 				ret = HTTP_NOAUTH;
- 			} else {
- 				credential_fill(&http_auth);
- 				init_curl_http_auth(slot->curl);
- 				ret = HTTP_REAUTH;
- 			}
- 		} else {
- 			if (!curl_errorstr[0])
- 				strlcpy(curl_errorstr,
- 					curl_easy_strerror(results.curl_result),
- 					sizeof(curl_errorstr));
- 			ret = HTTP_ERROR;
- 		}
+ 		ret = handle_curl_result(slot);
  	} else {
  		error("Unable to start HTTP request for %s", url);
  		ret = HTTP_START_FAILED;
@@@ -819,9 -827,6 +827,6 @@@
  	curl_slist_free_all(headers);
  	strbuf_release(&buf);
  
- 	if (ret == HTTP_OK)
- 		credential_approve(&http_auth);
- 
  	return ret;
  }
  
@@@ -917,7 -922,7 +922,7 @@@ static char *fetch_pack_index(unsigned 
  	tmp = strbuf_detach(&buf, NULL);
  
  	if (http_get_file(url, tmp, 0) != HTTP_OK) {
 -		error("Unable to get pack index %s\n", url);
 +		error("Unable to get pack index %s", url);
  		free(tmp);
  		tmp = NULL;
  	}
diff --combined t/t5551-http-fetch.sh
index 91eaf53d1d,7380f2a2dd..2db5c35641
--- a/t/t5551-http-fetch.sh
+++ b/t/t5551-http-fetch.sh
@@@ -27,6 -27,8 +27,8 @@@ test_expect_success 'create http-access
  	git push public master:master
  '
  
+ setup_askpass_helper
+ 
  cat >exp <<EOF
  > GET /smart/repo.git/info/refs?service=git-upload-pack HTTP/1.1
  > Accept: */*
@@@ -109,12 -111,30 +111,30 @@@ test_expect_success 'follow redirects (
  	git clone $HTTPD_URL/smart-redir-temp/repo.git --quiet repo-t
  '
  
+ test_expect_success 'clone from password-protected repository' '
+ 	echo two >expect &&
+ 	set_askpass user@host &&
+ 	git clone --bare "$HTTPD_URL/auth/smart/repo.git" smart-auth &&
+ 	expect_askpass both user@host &&
+ 	git --git-dir=smart-auth log -1 --format=%s >actual &&
+ 	test_cmp expect actual
+ '
+ 
+ test_expect_success 'clone from auth-only-for-push repository' '
+ 	echo two >expect &&
+ 	set_askpass wrong &&
+ 	git clone --bare "$HTTPD_URL/auth-push/smart/repo.git" smart-noauth &&
+ 	expect_askpass none &&
+ 	git --git-dir=smart-noauth log -1 --format=%s >actual &&
+ 	test_cmp expect actual
+ '
+ 
  test -n "$GIT_TEST_LONG" && test_set_prereq EXPENSIVE
  
  test_expect_success EXPENSIVE 'create 50,000 tags in the repo' '
  	(
  	cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
 -	for i in `seq 50000`
 +	for i in `test_seq 50000`
  	do
  		echo "commit refs/heads/too-many-refs"
  		echo "mark :$i"
@@@ -130,7 -150,7 +150,7 @@@
  	done | git fast-import --export-marks=marks &&
  
  	# now assign tags to all the dangling commits we created above
 -	tag=$(perl -e "print \"bla\" x 30") &&
 +	tag=$("$PERL_PATH" -e "print \"bla\" x 30") &&
  	sed -e "s/^:\(.\+\) \(.\+\)$/\2 refs\/tags\/$tag-\1/" <marks >>packed-refs
  	)
  '