t/t5550-http-fetch-dumb.sh

   1 #!/bin/sh
   2
   3 test_description='test dumb fetching over http via static file'
   4 . ./test-lib.sh
   5 . "$TEST_DIRECTORY"/lib-httpd.sh
   6 start_httpd
   7
   8 test_expect_success 'setup repository' '
   9         git config push.default matching &&
  10         echo content1 >file &&
  11         git add file &&
  12         git commit -m one &&
  13         echo content2 >file &&
  14         git add file &&
  15         git commit -m two
  16 '
  17
  18 test_expect_success 'create http-accessible bare repository with loose objects' '
  19         cp -R .git "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
  20         (cd "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
  21          git config core.bare true &&
  22          mkdir -p hooks &&
  23          write_script "hooks/post-update" <<-\EOF &&
  24          exec git update-server-info
  25         EOF
  26          hooks/post-update
  27         ) &&
  28         git remote add public "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" &&
  29         git push public master:master
  30 '
  31
  32 test_expect_success 'clone http repository' '
  33         git clone $HTTPD_URL/dumb/repo.git clone-tmpl &&
  34         cp -R clone-tmpl clone &&
  35         test_cmp file clone/file
  36 '
  37
  38 test_expect_success 'list refs from outside any repository' '
  39         cat >expect <<-EOF &&
  40         $(git rev-parse master) HEAD
  41         $(git rev-parse master) refs/heads/master
  42         EOF
  43         nongit git ls-remote "$HTTPD_URL/dumb/repo.git" >actual &&
  44         test_cmp expect actual
  45 '
  46
  47 test_expect_success 'create password-protected repository' '
  48         mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/" &&
  49         cp -Rf "$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
  50                "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git"
  51 '
  52
  53 setup_askpass_helper
  54
  55 test_expect_success 'cloning password-protected repository can fail' '
  56         set_askpass wrong &&
  57         test_must_fail git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-fail &&
  58         expect_askpass both wrong
  59 '
  60
  61 test_expect_success 'http auth can use user/pass in URL' '
  62         set_askpass wrong &&
  63         git clone "$HTTPD_URL_USER_PASS/auth/dumb/repo.git" clone-auth-none &&
  64         expect_askpass none
  65 '
  66
  67 test_expect_success 'http auth can use just user in URL' '
  68         set_askpass wrong pass@host &&
  69         git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-pass &&
  70         expect_askpass pass user@host
  71 '
  72
  73 test_expect_success 'http auth can request both user and pass' '
  74         set_askpass user@host pass@host &&
  75         git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-both &&
  76         expect_askpass both user@host
  77 '
  78
  79 test_expect_success 'http auth respects credential helper config' '
  80         test_config_global credential.helper "!f() {
  81                 cat >/dev/null
  82                 echo username=user@host
  83                 echo password=pass@host
  84         }; f" &&
  85         set_askpass wrong &&
  86         git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-helper &&
  87         expect_askpass none
  88 '
  89
  90 test_expect_success 'http auth can get username from config' '
  91         test_config_global "credential.$HTTPD_URL.username" user@host &&
  92         set_askpass wrong pass@host &&
  93         git clone "$HTTPD_URL/auth/dumb/repo.git" clone-auth-user &&
  94         expect_askpass pass user@host
  95 '
  96
  97 test_expect_success 'configured username does not override URL' '
  98         test_config_global "credential.$HTTPD_URL.username" wrong &&
  99         set_askpass wrong pass@host &&
 100         git clone "$HTTPD_URL_USER/auth/dumb/repo.git" clone-auth-user2 &&
 101         expect_askpass pass user@host
 102 '
 103
 104 test_expect_success 'set up repo with http submodules' '
 105         git init super &&
 106         set_askpass user@host pass@host &&
 107         (
 108                 cd super &&
 109                 git submodule add "$HTTPD_URL/auth/dumb/repo.git" sub &&
 110                 git commit -m "add submodule"
 111         )
 112 '
 113
 114 test_expect_success 'cmdline credential config passes to submodule via clone' '
 115         set_askpass wrong pass@host &&
 116         test_must_fail git clone --recursive super super-clone &&
 117         rm -rf super-clone &&
 118
 119         set_askpass wrong pass@host &&
 120         git -c "credential.$HTTPD_URL.username=user@host" \
 121                 clone --recursive super super-clone &&
 122         expect_askpass pass user@host
 123 '
 124
 125 test_expect_success 'cmdline credential config passes submodule via fetch' '
 126         set_askpass wrong pass@host &&
 127         test_must_fail git -C super-clone fetch --recurse-submodules &&
 128
 129         set_askpass wrong pass@host &&
 130         git -C super-clone \
 131             -c "credential.$HTTPD_URL.username=user@host" \
 132             fetch --recurse-submodules &&
 133         expect_askpass pass user@host
 134 '
 135
 136 test_expect_success 'cmdline credential config passes submodule update' '
 137         # advance the submodule HEAD so that a fetch is required
 138         git commit --allow-empty -m foo &&
 139         git push "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/repo.git" HEAD &&
 140         sha1=$(git rev-parse HEAD) &&
 141         git -C super-clone update-index --cacheinfo 160000,$sha1,sub &&
 142
 143         set_askpass wrong pass@host &&
 144         test_must_fail git -C super-clone submodule update &&
 145
 146         set_askpass wrong pass@host &&
 147         git -C super-clone \
 148             -c "credential.$HTTPD_URL.username=user@host" \
 149             submodule update &&
 150         expect_askpass pass user@host
 151 '
 152
 153 test_expect_success 'fetch changes via http' '
 154         echo content >>file &&
 155         git commit -a -m two &&
 156         git push public &&
 157         (cd clone && git pull) &&
 158         test_cmp file clone/file
 159 '
 160
 161 test_expect_success 'fetch changes via manual http-fetch' '
 162         cp -R clone-tmpl clone2 &&
 163
 164         HEAD=$(git rev-parse --verify HEAD) &&
 165         (cd clone2 &&
 166          git http-fetch -a -w heads/master-new $HEAD $(git config remote.origin.url) &&
 167          git checkout master-new &&
 168          test $HEAD = $(git rev-parse --verify HEAD)) &&
 169         test_cmp file clone2/file
 170 '
 171
 172 test_expect_success 'http remote detects correct HEAD' '
 173         git push public master:other &&
 174         (cd clone &&
 175          git remote set-head origin -d &&
 176          git remote set-head origin -a &&
 177          git symbolic-ref refs/remotes/origin/HEAD > output &&
 178          echo refs/remotes/origin/master > expect &&
 179          test_cmp expect output
 180         )
 181 '
 182
 183 test_expect_success 'fetch packed objects' '
 184         cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
 185         (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git &&
 186          git --bare repack -a -d
 187         ) &&
 188         git clone $HTTPD_URL/dumb/repo_pack.git
 189 '
 190
 191 test_expect_success 'fetch notices corrupt pack' '
 192         cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
 193         (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad1.git &&
 194          p=$(ls objects/pack/pack-*.pack) &&
 195          chmod u+w $p &&
 196          printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
 197         ) &&
 198         mkdir repo_bad1.git &&
 199         (cd repo_bad1.git &&
 200          git --bare init &&
 201          test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad1.git &&
 202          test 0 = $(ls objects/pack/pack-*.pack | wc -l)
 203         )
 204 '
 205
 206 test_expect_success 'fetch notices corrupt idx' '
 207         cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/repo_pack.git "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
 208         (cd "$HTTPD_DOCUMENT_ROOT_PATH"/repo_bad2.git &&
 209          p=$(ls objects/pack/pack-*.idx) &&
 210          chmod u+w $p &&
 211          printf %0256d 0 | dd of=$p bs=256 count=1 seek=1 conv=notrunc
 212         ) &&
 213         mkdir repo_bad2.git &&
 214         (cd repo_bad2.git &&
 215          git --bare init &&
 216          test_must_fail git --bare fetch $HTTPD_URL/dumb/repo_bad2.git &&
 217          test 0 = $(ls objects/pack | wc -l)
 218         )
 219 '
 220
 221 test_expect_success 'fetch can handle previously-fetched .idx files' '
 222         git checkout --orphan branch1 &&
 223         echo base >file &&
 224         git add file &&
 225         git commit -m base &&
 226         git --bare init "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git &&
 227         git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch1 &&
 228         git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
 229         git checkout -b branch2 branch1 &&
 230         echo b2 >>file &&
 231         git commit -a -m b2 &&
 232         git push "$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git branch2 &&
 233         git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH"/repo_packed_branches.git repack -d &&
 234         git --bare init clone_packed_branches.git &&
 235         git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch1:branch1 &&
 236         git --git-dir=clone_packed_branches.git fetch "$HTTPD_URL"/dumb/repo_packed_branches.git branch2:branch2
 237 '
 238
 239 test_expect_success 'did not use upload-pack service' '
 240         test_might_fail grep '/git-upload-pack' <"$HTTPD_ROOT_PATH"/access.log >act &&
 241         : >exp &&
 242         test_cmp exp act
 243 '
 244
 245 test_expect_success 'git client shows text/plain errors' '
 246         test_must_fail git clone "$HTTPD_URL/error/text" 2>stderr &&
 247         grep "this is the error message" stderr
 248 '
 249
 250 test_expect_success 'git client does not show html errors' '
 251         test_must_fail git clone "$HTTPD_URL/error/html" 2>stderr &&
 252         ! grep "this is the error message" stderr
 253 '
 254
 255 test_expect_success 'git client shows text/plain with a charset' '
 256         test_must_fail git clone "$HTTPD_URL/error/charset" 2>stderr &&
 257         grep "this is the error message" stderr
 258 '
 259
 260 test_expect_success 'http error messages are reencoded' '
 261         test_must_fail git clone "$HTTPD_URL/error/utf16" 2>stderr &&
 262         grep "this is the error message" stderr
 263 '
 264
 265 test_expect_success 'reencoding is robust to whitespace oddities' '
 266         test_must_fail git clone "$HTTPD_URL/error/odd-spacing" 2>stderr &&
 267         grep "this is the error message" stderr
 268 '
 269
 270 check_language () {
 271         case "$2" in
 272         '')
 273                 >expect
 274                 ;;
 275         ?*)
 276                 echo "=> Send header: Accept-Language: $1" >expect
 277                 ;;
 278         esac &&
 279         GIT_TRACE_CURL=true \
 280         LANGUAGE=$2 \
 281         git ls-remote "$HTTPD_URL/dumb/repo.git" >output 2>&1 &&
 282         tr -d '\015' <output |
 283         sort -u |
 284         sed -ne '/^=> Send header: Accept-Language:/ p' >actual &&
 285         test_cmp expect actual
 286 }
 287
 288 test_expect_success 'git client sends Accept-Language based on LANGUAGE' '
 289         check_language "ko-KR, *;q=0.9" ko_KR.UTF-8'
 290
 291 test_expect_success 'git client sends Accept-Language correctly with unordinary LANGUAGE' '
 292         check_language "ko-KR, *;q=0.9" "ko_KR:" &&
 293         check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR::en_US" &&
 294         check_language "ko-KR, *;q=0.9" ":::ko_KR" &&
 295         check_language "ko-KR, en-US;q=0.9, *;q=0.8" "ko_KR!!:en_US" &&
 296         check_language "ko-KR, ja-JP;q=0.9, *;q=0.8" "ko_KR en_US:ja_JP"'
 297
 298 test_expect_success 'git client sends Accept-Language with many preferred languages' '
 299         check_language "ko-KR, en-US;q=0.9, fr-CA;q=0.8, de;q=0.7, sr;q=0.6, \
 300 ja;q=0.5, zh;q=0.4, sv;q=0.3, pt;q=0.2, *;q=0.1" \
 301                 ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt &&
 302         check_language "ko-KR, en-US;q=0.99, fr-CA;q=0.98, de;q=0.97, sr;q=0.96, \
 303 ja;q=0.95, zh;q=0.94, sv;q=0.93, pt;q=0.92, nb;q=0.91, *;q=0.90" \
 304                 ko_KR.EUC-KR:en_US.UTF-8:fr_CA:de.UTF-8@euro:sr@latin:ja:zh:sv:pt:nb
 305 '
 306
 307 test_expect_success 'git client does not send an empty Accept-Language' '
 308         GIT_TRACE_CURL=true LANGUAGE= git ls-remote "$HTTPD_URL/dumb/repo.git" 2>stderr &&
 309         ! grep "^=> Send header: Accept-Language:" stderr
 310 '
 311
 312 test_expect_success 'remote-http complains cleanly about malformed urls' '
 313         # do not actually issue "list" or other commands, as we do not
 314         # want to rely on what curl would actually do with such a broken
 315         # URL. This is just about making sure we do not segfault during
 316         # initialization.
 317         test_must_fail git remote-http http::/example.com/repo.git
 318 '
 319
 320 test_expect_success 'redirects can be forbidden/allowed' '
 321         test_must_fail git -c http.followRedirects=false \
 322                 clone $HTTPD_URL/dumb-redir/repo.git dumb-redir &&
 323         git -c http.followRedirects=true \
 324                 clone $HTTPD_URL/dumb-redir/repo.git dumb-redir 2>stderr
 325 '
 326
 327 test_expect_success 'redirects are reported to stderr' '
 328         # just look for a snippet of the redirected-to URL
 329         test_i18ngrep /dumb/ stderr
 330 '
 331
 332 test_expect_success 'non-initial redirects can be forbidden' '
 333         test_must_fail git -c http.followRedirects=initial \
 334                 clone $HTTPD_URL/redir-objects/repo.git redir-objects &&
 335         git -c http.followRedirects=true \
 336                 clone $HTTPD_URL/redir-objects/repo.git redir-objects
 337 '
 338
 339 test_expect_success 'http.followRedirects defaults to "initial"' '
 340         test_must_fail git clone $HTTPD_URL/redir-objects/repo.git default
 341 '
 342
 343 # The goal is for a clone of the "evil" repository, which has no objects
 344 # itself, to cause the client to fetch objects from the "victim" repository.
 345 test_expect_success 'set up evil alternates scheme' '
 346         victim=$HTTPD_DOCUMENT_ROOT_PATH/victim.git &&
 347         git init --bare "$victim" &&
 348         git -C "$victim" --work-tree=. commit --allow-empty -m secret &&
 349         git -C "$victim" repack -ad &&
 350         git -C "$victim" update-server-info &&
 351         sha1=$(git -C "$victim" rev-parse HEAD) &&
 352
 353         evil=$HTTPD_DOCUMENT_ROOT_PATH/evil.git &&
 354         git init --bare "$evil" &&
 355         # do this by hand to avoid object existence check
 356         printf "%s\\t%s\\n" $sha1 refs/heads/master >"$evil/info/refs"
 357 '
 358
 359 # Here we'll just redirect via HTTP. In a real-world attack these would be on
 360 # different servers, but we should reject it either way.
 361 test_expect_success 'http-alternates is a non-initial redirect' '
 362         echo "$HTTPD_URL/dumb/victim.git/objects" \
 363                 >"$evil/objects/info/http-alternates" &&
 364         test_must_fail git -c http.followRedirects=initial \
 365                 clone $HTTPD_URL/dumb/evil.git evil-initial &&
 366         git -c http.followRedirects=true \
 367                 clone $HTTPD_URL/dumb/evil.git evil-initial
 368 '
 369
 370 # Curl supports a lot of protocols that we'd prefer not to allow
 371 # http-alternates to use, but it's hard to test whether curl has
 372 # accessed, say, the SMTP protocol, because we are not running an SMTP server.
 373 # But we can check that it does not allow access to file://, which would
 374 # otherwise allow this clone to complete.
 375 test_expect_success 'http-alternates cannot point at funny protocols' '
 376         echo "file://$victim/objects" >"$evil/objects/info/http-alternates" &&
 377         test_must_fail git -c http.followRedirects=true \
 378                 clone "$HTTPD_URL/dumb/evil.git" evil-file
 379 '
 380
 381 test_expect_success 'http-alternates triggers not-from-user protocol check' '
 382         echo "$HTTPD_URL/dumb/victim.git/objects" \
 383                 >"$evil/objects/info/http-alternates" &&
 384         test_config_global http.followRedirects true &&
 385         test_must_fail git -c protocol.http.allow=user \
 386                 clone $HTTPD_URL/dumb/evil.git evil-user &&
 387         git -c protocol.http.allow=always \
 388                 clone $HTTPD_URL/dumb/evil.git evil-user
 389 '
 390
 391 test_expect_success 'can redirect through non-"info/refs?service=git-upload-pack" URL' '
 392         git clone "$HTTPD_URL/redir-to/dumb/repo.git"
 393 '
 394
 395 test_expect_success 'print HTTP error when any intermediate redirect throws error' '
 396         test_must_fail git clone "$HTTPD_URL/redir-to/502" 2> stderr &&
 397         test_i18ngrep "unable to access.*/redir-to/502" stderr
 398 '
 399
 400 stop_httpd
 401 test_done