mirror of
https://github.com/git/git.git
synced 2024-11-08 10:13:18 +01:00
a78fbb4fb6
When parsing a URL into a credential struct, we carefully record each part of the URL, including the path on the remote host, and use the result as part of the credential context. This had two practical implications: 1. Credential helpers which store a credential for later access are likely to use the "path" portion as part of the storage key. That means that a request to https://example.com/foo.git would not use the same credential that was stored in an earlier request for: https://example.com/bar.git 2. The prompt shown to the user includes all relevant context, including the path. In most cases, however, users will have a single password per host. The behavior in (1) will be inconvenient, and the prompt in (2) will be overly long. This patch introduces a config option to toggle the relevance of http paths. When turned on, we use the path as before. When turned off, we drop the path component from the context: helpers don't see it, and it does not appear in the prompt. This is nothing you couldn't do with a clever credential helper at the start of your stack, like: [credential "http://"] helper = "!f() { grep -v ^path= ; }; f" helper = your_real_helper But doing this: [credential] useHttpPath = false is way easier and more readable. Furthermore, since most users will want the "off" behavior, that is the new default. Users who want it "on" can set the variable (either for all credentials, or just for a subset using credential.*.useHttpPath). Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
208 lines
5.6 KiB
Bash
Executable file
208 lines
5.6 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
test_description='test dumb fetching over http via static file'
|
|
. ./test-lib.sh
|
|
|
|
if test -n "$NO_CURL"; then
|
|
skip_all='skipping test, git built without http support'
|
|
test_done
|
|
fi
|
|
|
|
LIB_HTTPD_PORT=${LIB_HTTPD_PORT-'5550'}
|
|
. "$TEST_DIRECTORY"/lib-httpd.sh
|
|
start_httpd
|
|
|
|
test_expect_success 'setup repository' '
|
|
echo content >file &&
|
|
git add file &&
|
|
git commit -m one
|
|
'
|
|
|
|
test_expect_success 'create http-accessible bare repository' '
|
|
mkdir "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
|
|
(cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
|
|
git --bare init &&
|
|
echo "exec git update-server-info" >hooks/post-update &&
|
|
chmod +x hooks/post-update
|
|
) &&
|
|
git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
|
|
git push public master:master
|
|
'
|
|
|
|
test_expect_success 'clone http repository' '
|
|
git clone $HTTPD_URL/dumb/repo.git clone-tmpl &&
|
|
cp -R clone-tmpl clone &&
|
|
test_cmp file clone/file
|
|
'
|
|
|
|
test_expect_success 'create password-protected repository' '
|
|
mkdir "$HTTPD_DOCUMENT_ROOT_PATH/auth/" &&
|
|
cp -Rf "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
|
|
"$HTTPD_DOCUMENT_ROOT_PATH/auth/repo.git"
|
|
'
|
|
|
|
test_expect_success 'setup askpass helpers' '
|
|
cat >askpass <<-EOF &&
|
|
#!/bin/sh
|
|
echo >>"$PWD/askpass-query" "askpass: \$*" &&
|
|
cat "$PWD/askpass-response"
|
|
EOF
|
|
chmod +x askpass &&
|
|
GIT_ASKPASS="$PWD/askpass" &&
|
|
export GIT_ASKPASS
|
|
'
|
|
|
|
expect_askpass() {
|
|
dest=$HTTPD_DEST
|
|
{
|
|
case "$1" in
|
|
none)
|
|
;;
|
|
pass)
|
|
echo "askpass: Password for 'http://$2@$dest': "
|
|
;;
|
|
both)
|
|
echo "askpass: Username for 'http://$dest': "
|
|
echo "askpass: Password for 'http://$2@$dest': "
|
|
;;
|
|
*)
|
|
false
|
|
;;
|
|
esac
|
|
} >askpass-expect &&
|
|
test_cmp askpass-expect askpass-query
|
|
}
|
|
|
|
test_expect_success 'cloning password-protected repository can fail' '
|
|
>askpass-query &&
|
|
echo wrong >askpass-response &&
|
|
test_must_fail git clone "$HTTPD_URL/auth/repo.git" clone-auth-fail &&
|
|
expect_askpass both wrong
|
|
'
|
|
|
|
test_expect_success 'http auth can use user/pass in URL' '
|
|
>askpass-query &&
|
|
echo wrong >askpass-response &&
|
|
git clone "$HTTPD_URL_USER_PASS/auth/repo.git" clone-auth-none &&
|
|
expect_askpass none
|
|
'
|
|
|
|
test_expect_success 'http auth can use just user in URL' '
|
|
>askpass-query &&
|
|
echo user@host >askpass-response &&
|
|
git clone "$HTTPD_URL_USER/auth/repo.git" clone-auth-pass &&
|
|
expect_askpass pass user@host
|
|
'
|
|
|
|
test_expect_success 'http auth can request both user and pass' '
|
|
>askpass-query &&
|
|
echo user@host >askpass-response &&
|
|
git clone "$HTTPD_URL/auth/repo.git" clone-auth-both &&
|
|
expect_askpass both user@host
|
|
'
|
|
|
|
test_expect_success 'http auth respects credential helper config' '
|
|
test_config_global credential.helper "!f() {
|
|
cat >/dev/null
|
|
echo username=user@host
|
|
echo password=user@host
|
|
}; f" &&
|
|
>askpass-query &&
|
|
echo wrong >askpass-response &&
|
|
git clone "$HTTPD_URL/auth/repo.git" clone-auth-helper &&
|
|
expect_askpass none
|
|
'
|
|
|
|
test_expect_success 'http auth can get username from config' '
|
|
test_config_global "credential.$HTTPD_URL.username" user@host &&
|
|
>askpass-query &&
|
|
echo user@host >askpass-response &&
|
|
git clone "$HTTPD_URL/auth/repo.git" clone-auth-user &&
|
|
expect_askpass pass user@host
|
|
'
|
|
|
|
test_expect_success 'configured username does not override URL' '
|
|
test_config_global "credential.$HTTPD_URL.username" wrong &&
|
|
>askpass-query &&
|
|
echo user@host >askpass-response &&
|
|
git clone "$HTTPD_URL_USER/auth/repo.git" clone-auth-user2 &&
|
|
expect_askpass pass user@host
|
|
'
|
|
|
|
test_expect_success 'fetch changes via http' '
|
|
echo content >>file &&
|
|
git commit -a -m two &&
|
|
git push public &&
|
|
(cd clone && git pull) &&
|
|
test_cmp file clone/file
|
|
'
|
|
|
|
test_expect_success 'fetch changes via manual http-fetch' '
|
|
cp -R clone-tmpl clone2 &&
|
|
|
|
HEAD=$(git rev-parse --verify HEAD) &&
|
|
(cd clone2 &&
|
|
git http-fetch -a -w heads/master-new $HEAD $(git config remote.origin.url) &&
|
|
git checkout master-new &&
|
|
test $HEAD = $(git rev-parse --verify HEAD)) &&
|
|
test_cmp file clone2/file
|
|
'
|
|
|
|
test_expect_success 'http remote detects correct HEAD' '
|
|
git push public master:other &&
|
|
(cd clone &&
|
|
git remote set-head origin -d &&
|
|
git remote set-head origin -a &&
|
|
git symbolic-ref refs/remotes/origin/HEAD > output &&
|
|
echo refs/remotes/origin/master > expect &&
|
|
test_cmp expect output
|
|
)
|
|
'
|
|
|
|
test_expect_success 'fetch packed objects' '
|
|
cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
|
|
(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
|
|
git --bare repack &&
|
|
git --bare prune-packed
|
|
) &&
|
|
git clone $HTTPD_URL/dumb/repo_pack.git
|
|
'
|
|
|
|
test_expect_success 'fetch notices corrupt pack' '
|
|
cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
|
|
(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
|
|
p=`ls objects/pack/pack-*.pack` &&
|
|
chmod u+w $p &&
|
|
printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
|
|
) &&
|
|
mkdir repo_bad1.git &&
|
|
(cd repo_bad1.git &&
|
|
git --bare init &&
|
|
test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad1.git &&
|
|
test 0 = `ls objects/pack/pack-*.pack | wc -l`
|
|
)
|
|
'
|
|
|
|
test_expect_success 'fetch notices corrupt idx' '
|
|
cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
|
|
(cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
|
|
p=`ls objects/pack/pack-*.idx` &&
|
|
chmod u+w $p &&
|
|
printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
|
|
) &&
|
|
mkdir repo_bad2.git &&
|
|
(cd repo_bad2.git &&
|
|
git --bare init &&
|
|
test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad2.git &&
|
|
test 0 = `ls objects/pack | wc -l`
|
|
)
|
|
'
|
|
|
|
test_expect_success 'did not use upload-pack service' '
|
|
grep '/git-upload-pack' <"$HTTPD_ROOT_PATH"/access.log >act
|
|
: >exp
|
|
test_cmp exp act
|
|
'
|
|
|
|
stop_httpd
|
|
test_done
|