Commit Graph

77 Commits

Author SHA1 Message Date
Jeff King
050ef3655c remote-curl: rewrite base url from info/refs redirects
For efficiency and security reasons, an earlier commit in
this series taught http_get_* to re-write the base url based
on redirections we saw while making a specific request.

This commit wires that option into the info/refs request,
meaning that a redirect from

    http://example.com/foo.git/info/refs

to

    https://example.com/bar.git/info/refs

will behave as if "https://example.com/bar.git" had been
provided to git in the first place.

The tests bear some explanation. We introduce two new
hierearchies into the httpd test config:

  1. Requests to /smart-redir-limited will work only for the
     initial info/refs request, but not any subsequent
     requests. As a result, we can confirm whether the
     client is re-rooting its requests after the initial
     contact, since otherwise it will fail (it will ask for
     "repo.git/git-upload-pack", which is not redirected).

  2. Requests to smart-redir-auth will redirect, and require
     auth after the redirection. Since we are using the
     redirected base for further requests, we also update
     the credential struct, in order not to mislead the user
     (or credential helpers) about which credential is
     needed. We can therefore check the GIT_ASKPASS prompts
     to make sure we are prompting for the new location.
     Because we have neither multiple servers nor https
     support in our test setup, we can only redirect between
     paths, meaning we need to turn on
     credential.useHttpPath to see the difference.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
2013-10-14 17:01:34 -07:00
Jeff King
42aa29ee12 t5541: mark passing c-a-s test as success
Commit 05c1eb1 (push: teach --force-with-lease to smart-http
transport) fixed the compare-and-swap test in t5541. It
tried to mark the test as passing by teaching the test
helper function to expect an extra "success or failure"
parameter, but forgot to actually use the parameter in the
helper.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-09-20 11:18:09 -07:00
Junio C Hamano
05c1eb1034 push: teach --force-with-lease to smart-http transport
We have been passing enough information to enable the
compare-and-swap logic down to the transport layer, but the
transport helper was not passing it to smart-http transport.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-08-02 16:11:06 -07:00
Junio C Hamano
e69fa70f48 t5540/5541: smart-http does not support "--force-with-lease"
The push() method in remote-curl.c is not told and does not pass the
necessary information to underlying send-pack, so this extension
does not yet work.  Leave a note in the test suite.

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-08-01 11:10:36 -07:00
Shawn Pearce
4656bf47fc Verify Content-Type from smart HTTP servers
Before parsing a suspected smart-HTTP response verify the returned
Content-Type matches the standard. This protects a client from
attempting to process a payload that smells like a smart-HTTP
server response.

JGit has been doing this check on all responses since the dawn of
time. I mistakenly failed to include it in git-core when smart HTTP
was introduced. At the time I didn't know how to get the Content-Type
from libcurl. I punted, meant to circle back and fix this, and just
plain forgot about it.

Signed-off-by: Shawn Pearce <spearce@spearce.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2013-02-04 10:22:36 -08:00
Junio C Hamano
e6dd70e9bf Merge branch 'jk/maint-http-half-auth-push'
Pushing to smart HTTP server with recent Git fails without having
the username in the URL to force authentication, if the server is
configured to allow GET anonymously, while requiring authentication
for POST.

* jk/maint-http-half-auth-push:
  http: prompt for credentials on failed POST
  http: factor out http error code handling
  t: test http access to "half-auth" repositories
  t: test basic smart-http authentication
  t/lib-httpd: recognize */smart/* repos as smart-http
  t/lib-httpd: only route auth/dumb to dumb repos
  t5550: factor out http auth setup
  t5550: put auth-required repo in auth/dumb
2012-09-07 11:09:50 -07:00
Jeff King
e837936c7c t5550: factor out http auth setup
The t5550 script sets up a nice askpass helper for
simulating user input and checking what git prompted for.
Let's make it available to other http scripts by migrating
it to lib-httpd.

We can use this immediately in t5540 to make our tests more
robust (previously, we did not check at all that hitting the
password-protected repo actually involved a password).
Unfortunately, we end up failing the test because the
current code erroneously prompts twice (once for
git-remote-http, and then again when the former spawns
git-http-push).

More importantly, though, it will let us easily add
smart-http authentication tests in t5541 and t5551; we
currently do not test smart-http authentication at all.

As part of making it generic, let's always look for and
store auxiliary askpass files at the top-level trash
directory; this makes it compatible with t5540, which runs
some tests from sub-repositories. We can abstract away the
ugliness with a short helper function.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-08-27 10:49:04 -07:00
Jeff King
f628825481 t/lib-httpd: handle running under --valgrind
Running the http tests with valgrind does not work for two
reasons:

  1. Apache complains about following the symbolic link from
     git-http-backend to valgrind.sh.

  2. Apache does not pass through the GIT_VALGRIND variable
     to the backend CGI.

This patch fixes both problems. Unfortunately, there is a
slight hack we need to handle passing environment variables
through Apache. If we just tell it:

  PassEnv GIT_VALGRIND

then Apache will complain when GIT_VALGRIND is not set. If
we try:

  SetEnv GIT_VALGRIND ${GIT_VALGRIND}

then when GIT_VALGRIND is not set, it will pass through the
literal "${GIT_VALGRIND}". Instead, we now unconditionally
pass through GIT_VALGRIND from lib-httpd.sh into apache,
even if it is empty.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-07-24 12:43:44 -07:00
Christopher Tiwald
0aff719f48 Fix httpd tests that broke when non-ff push advice changed
Signed-off-by: Christopher Tiwald <christiwald@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2012-04-12 13:48:52 -07:00
Jeff King
5232586c79 improve httpd auth tests
These just checked that we could clone a repository when the
username and password were given in the URL; we should also
check that git will prompt when no or partial credentials
are given.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-07-20 11:38:34 -07:00
Junio C Hamano
d3bd0425b2 i18n: use test_i18ngrep in lib-httpd and t2019
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-04-13 15:52:47 -07:00
Ævar Arnfjörð Bjarmason
b32227e770 i18n: git-push "prevent you from losing" message
Gettextize the "To prevent you from losing history" message. A test in
lib-httpd.sh and another in t5541-http-push.sh explicitly checked for
this message. Change them to skip under GETTEXT_POISON=YesPlease.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2011-03-09 23:52:56 -08:00
Gabriel Corona
3cf8fe1d26 t5550: test HTTP authentication and userinfo decoding
Add a test for HTTP authentication and proper percent-decoding of the
userinfo (username and password) part of the URL.

Signed-off-by: Gabriel Corona <gabriel.corona@enst-bretagne.fr>
Acked-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-11-17 13:07:43 -08:00
Brandon Casey
77b5be2aba t/{t5541,lib-httpd}: replace problematic '!()' notation with test_must_fail
The '!()' notation is interpreted as a pattern-list on Ksh.  The Ksh man
page describe it as follows:

   !(pattern-list)
      Matches anything except one of the given patterns.

Ksh performs a file glob using the pattern-list and then tries to execute
the first file in the list.  If a space is added between the '!' and the
open parens, then Ksh will not interpret it as a pattern list, but in this
case, it is preferred to use test_must_fail, so lets do so.

Signed-off-by: Brandon Casey <casey@nrlssc.navy.mil>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-07-20 11:37:45 -07:00
Ævar Arnfjörð Bjarmason
e8344e8666 tests: Use skip_all=* to skip tests
Change tests to skip with skip_all=* + test_done instead of using say
+ test_done.

This is a follow-up to "tests: Skip tests in a way that makes sense
under TAP" (fadb5156e4). I missed these cases when prepearing that
patch, hopefully this is all of them.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-07-08 17:53:12 -07:00
Ævar Arnfjörð Bjarmason
fadb5156e4 tests: Skip tests in a way that makes sense under TAP
SKIP messages are now part of the TAP plan. A TAP harness now knows
why a particular test was skipped and can report that information. The
non-TAP harness built into Git's test-lib did nothing special with
these messages, and is unaffected by these changes.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-06-25 10:08:20 -07:00
Tay Ray Chuan
6cbd6e9261 t554[01]-http-push: refactor, add non-ff tests
Move non-fast forward tests to lib-httpd.sh so that we don't have to
duplicate the tests in both t5540 and t5541.

Signed-off-by: Tay Ray Chuan <rctay89@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-03-02 11:10:35 -08:00
Tarmigan Casebolt
0d344738dc t/lib-http.sh: Restructure finding of default httpd location
On CentOS 5, httpd is located at /usr/sbin/httpd, and the modules are
located at /usr/lib64/httpd/modules.  To enable easy testing of httpd,
we would like those locations to be detected automatically.

uname might not be the best way to determine the default location for
httpd since different Linux distributions apparently put httpd in
different places, so we test a couple different locations for httpd,
and use the first one that we come across.  We do the same for the
modules directory.

cc: Jay Soffian <jaysoffian@gmail.com>
Signed-off-by: Tarmigan Casebolt <tarmigan+git@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2010-01-06 01:07:07 -08:00
Clemens Buchacher
a5adcbe377 test-lib: fix http exit codes
Previously, die() would report the exit code of stop_httpd. Instead,
save and reset the exit code before dying.

Signed-off-by: Clemens Buchacher <drizzd@aon.at>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-06-01 22:45:01 -07:00
Jeff King
5dba359124 tests: remove exit after test_done call
test_done always exits, so this line is never executed.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-04-05 00:38:26 -07:00
Jeff King
75318a3bad test scripts: refactor start_httpd helper
There are some redirects and some error checking that need
to be done by the caller; let's move both into the
start_httpd function so that all callers don't have to
repeat them (there is only one caller now, but another will
follow in this series).

This doesn't violate any assumptions that aren't already
being made by lib-httpd, which is happy to say "skipping"
and call test_done for a number of other cases.

Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jay Soffian <jaysoffian@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-02-26 00:49:44 -08:00
Jay Soffian
69707d616f Allow HTTP tests to run on Darwin
This patch allows the HTTP tests to run on OS X 10.5. It is not
sufficient to be able to pass in LIB_HTTPD_PATH and
LIB_HTTPD_MODULE_PATH alone, as the apache.conf also needs a couple
tweaks.

These changes are put into an <IfDefine> to keep them Darwin specific,
but this means lib-httpd.sh needs to be modified to pass -DDarwin to
apache when running on Darwin. As long as we're making this change to
lib-httpd.sh, we may as well set LIB_HTTPD_PATH and
LIB_HTTPD_MODULE_PATH to appropriate default values for the platform.

Note that we now pass HTTPD_PARA to apache at shutdown as well.
Otherwise apache will emit a harmless, but noisy warning that LogFormat
is an unknown directive.

Signed-off-by: Jay Soffian <jaysoffian@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-02-25 13:58:57 -08:00
Markus Heidelberg
35641310af use uppercase POSIX compliant signals for the 'trap' command
In 'man 1p trap' there is written:

    "Implementations may permit names with the SIG prefix or ignore case
    in signal names as an extension."

So change the lowercase signals to uppercase, which is POSIX compliant
instead of being an extension.

There wasn't anybody claiming that it doesn't work, but there was a bug
with using a signal with the SIG prefix, which is an extension as well.
So let's play it safe and change it, since it doesn't hurt anyone.

While at it, also convert 8 indentation spaces to 1 tab character.

Signed-off-by: Markus Heidelberg <markus.heidelberg@web.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-01-19 22:39:31 -08:00
Junio C Hamano
bfdbee9810 tests: use $TEST_DIRECTORY to refer to the t/ directory
Many test scripts assumed that they will start in a 'trash' subdirectory
that is a single level down from the t/ directory, and referred to their
test vector files by asking for files like "../t9999/expect".  This will
break if we move the 'trash' subdirectory elsewhere.

To solve this, we earlier introduced "$TEST_DIRECTORY" so that they can
refer to t/ directory reliably.  This finally makes all the tests use
it to refer to the outside environment.

With this patch, and a one-liner not included here (because it would
contradict with what Dscho really wants to do):

| diff --git a/t/test-lib.sh b/t/test-lib.sh
| index 70ea7e0..60e69e4 100644
| --- a/t/test-lib.sh
| +++ b/t/test-lib.sh
| @@ -485,7 +485,7 @@ fi
|  . ../GIT-BUILD-OPTIONS
|
|  # Test repository
| -test="trash directory"
| +test="trash directory/another level/yet another"
|  rm -fr "$test" || {
|         trap - exit
|         echo >&5 "FATAL: Cannot prepare test area"

all the tests still pass, but we would want extra sets of eyeballs on this
type of change to really make sure.

[jc: with help from Stephan Beyer on http-push tests I do not run myself;
 credits for locating silly quoting errors go to Olivier Marin.]

Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-08-17 00:41:52 -07:00
Mike Hommey
13b5481ed8 Fix http-push test
http-push test has been broken by 4a7aaccd adding a space character
in the place where the test is being run.

Signed-off-by: Mike Hommey <mh@glandium.org>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-07-08 22:49:42 -07:00
Bryan Donlan
0e46e70462 Don't use the 'export NAME=value' in the test scripts.
This form is not portable across all shells, so replace instances of:

  export FOO=bar

with:

  FOO=bar
  export FOO

Signed-off-by: Bryan Donlan <bdonlan@fushizen.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-05-05 14:17:01 -07:00
Clemens Buchacher
faa4bc35a0 http-push: add regression tests
http-push tests require a web server with WebDAV support.

This commit introduces a HTTPD test library, which can be configured using
the following environment variables.

GIT_TEST_HTTPD		enable HTTPD tests
LIB_HTTPD_PATH		web server path
LIB_HTTPD_MODULE_PATH	web server modules path
LIB_HTTPD_PORT		listening port
LIB_HTTPD_DAV		enable DAV
LIB_HTTPD_SVN		enable SVN
LIB_HTTPD_SSL		enable SSL

Signed-off-by: Clemens Buchacher <drizzd@aon.at>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2008-02-27 15:38:40 -08:00