Merge branch 'bw/transport-protocol-policy'
Finer-grained control of what protocols are allowed for transports during clone/fetch/push have been enabled via a new configuration mechanism. * bw/transport-protocol-policy: http: respect protocol.*.allow=user for http-alternates transport: add from_user parameter to is_transport_allowed http: create function to get curl allowed protocols transport: add protocol policy config option http: always warn if libcurl version is too old lib-proto-disable: variable name fix
This commit is contained in:
@ -368,5 +368,15 @@ test_expect_success 'http-alternates cannot point at funny protocols' '
|
||||
clone "$HTTPD_URL/dumb/evil.git" evil-file
|
||||
'
|
||||
|
||||
test_expect_success 'http-alternates triggers not-from-user protocol check' '
|
||||
echo "$HTTPD_URL/dumb/victim.git/objects" \
|
||||
>"$evil/objects/info/http-alternates" &&
|
||||
test_config_global http.followRedirects true &&
|
||||
test_must_fail git -c protocol.http.allow=user \
|
||||
clone $HTTPD_URL/dumb/evil.git evil-user &&
|
||||
git -c protocol.http.allow=always \
|
||||
clone $HTTPD_URL/dumb/evil.git evil-user
|
||||
'
|
||||
|
||||
stop_httpd
|
||||
test_done
|
||||
|
Reference in New Issue
Block a user