mirrors/git
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
68c3be61fc58cafe3786625f5a2b5cf8e7186392
git/t/t5540-http-push-webdav.sh
brian m. carlson 3306edb380 http: allow using netrc for WebDAV-based HTTP protocol 
For an extended period of time, we've enabled libcurl's netrc
functionality, which will read credentials from the netrc file if none
are provided.  Unfortunately, we have also not documented this fact or
written any tests for it, but people have come to rely on it.

In 610cbc1dfb ("http: allow authenticating proactively", 2024-07-10), we
accidentally broke the ability of users to use the netrc file for the
WebDAV-based HTTP protocol.  Notably, it works on the initial request
but does not work on subsequent requests, which causes failures because
that version of the protocol will necessarily make multiple requests.

This happens because curl_empty_auth_enabled never returns -1, only 0 or
1, and so if http.proactiveAuth is not enabled, the username and
password are always set to empty credentials, which prevents libcurl's
fallback to netrc from working.  However, in other cases, the server
continues to get a 401 response and the credential helper is invoked,
which is the normal behavior, so this was not noticed earlier.

To fix this, change the condition to check for enabling empty auth and
also not having proactive auth enabled, which should result in the
username and password not being set to a single colon in the typical
case, and thus the netrc file being used.

Reported-by: Peter Georg <peter.georg@physik.uni-regensburg.de>
Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2025-02-24 08:49:10 -08:00

215 lines
6.2 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
#
# Copyright (c) 2008 Clemens Buchacher <drizzd@aon.at>
#
test_description='test WebDAV http-push
This test runs various sanity checks on http-push.'
GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME=main
export GIT_TEST_DEFAULT_INITIAL_BRANCH_NAME
. ./test-lib.sh
if git http-push > /dev/null 2>&1 || [ $? -eq 128 ]
then
skip_all="skipping test, USE_CURL_MULTI is not defined"
test_done
fi
if test_have_prereq !REFFILES
then
skip_all='skipping test; dumb HTTP protocol not supported with reftable.'
test_done
fi
LIB_HTTPD_DAV=t
. "$TEST_DIRECTORY"/lib-httpd.sh
ROOT_PATH="$PWD"
start_httpd
test_expect_success 'setup remote repository' '
cd "$ROOT_PATH" &&
mkdir test_repo &&
cd test_repo &&
git init &&
: >path1 &&
git add path1 &&
test_tick &&
git commit -m initial &&
cd - &&
git clone --bare test_repo test_repo.git &&
cd test_repo.git &&
git --bare update-server-info &&
test_hook --setup post-update <<-\EOF &&
exec git update-server-info
EOF
ORIG_HEAD=$(git rev-parse --verify HEAD) &&
cd - &&
mv test_repo.git "$HTTPD_DOCUMENT_ROOT_PATH"
'
test_expect_success 'create password-protected repository' '
mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb" &&
cp -Rf "$HTTPD_DOCUMENT_ROOT_PATH/test_repo.git" \
"$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/test_repo.git"
'
setup_askpass_helper
test_expect_success 'clone remote repository' '
cd "$ROOT_PATH" &&
git clone $HTTPD_URL/dumb/test_repo.git test_repo_clone
'
test_expect_success 'push to remote repository with packed refs' '
cd "$ROOT_PATH"/test_repo_clone &&
: >path2 &&
git add path2 &&
test_tick &&
git commit -m path2 &&
HEAD=$(git rev-parse --verify HEAD) &&
git push &&
(cd "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo.git &&
test $HEAD = $(git rev-parse --verify HEAD))
'
test_expect_success 'push already up-to-date' '
git push
'
test_expect_success 'push to remote repository with unpacked refs' '
(cd "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo.git &&
rm packed-refs &&
git update-ref refs/heads/main $ORIG_HEAD &&
git --bare update-server-info) &&
git push &&
(cd "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo.git &&
test $HEAD = $(git rev-parse --verify HEAD))
'
test_expect_success 'http-push fetches unpacked objects' '
cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo.git \
"$HTTPD_DOCUMENT_ROOT_PATH"/test_repo_unpacked.git &&
git clone $HTTPD_URL/dumb/test_repo_unpacked.git \
"$ROOT_PATH"/fetch_unpacked &&
# By reset, we force git to retrieve the object
(cd "$ROOT_PATH"/fetch_unpacked &&
git reset --hard HEAD^ &&
git remote rm origin &&
git reflog expire --expire=0 --all &&
git prune &&
git push -f -v $HTTPD_URL/dumb/test_repo_unpacked.git main)
'
test_expect_success 'http-push fetches packed objects' '
cp -R "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo.git \
"$HTTPD_DOCUMENT_ROOT_PATH"/test_repo_packed.git &&
git clone $HTTPD_URL/dumb/test_repo_packed.git \
"$ROOT_PATH"/test_repo_clone_packed &&
(cd "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo_packed.git &&
git --bare repack &&
git --bare prune-packed) &&
# By reset, we force git to retrieve the packed object
(cd "$ROOT_PATH"/test_repo_clone_packed &&
git reset --hard HEAD^ &&
git remote remove origin &&
git reflog expire --expire=0 --all &&
git prune &&
git push -f -v $HTTPD_URL/dumb/test_repo_packed.git main)
'
test_expect_success 'create and delete remote branch' '
cd "$ROOT_PATH"/test_repo_clone &&
git checkout -b dev &&
: >path3 &&
git add path3 &&
test_tick &&
git commit -m dev &&
git push origin dev &&
git push origin :dev &&
test_must_fail git show-ref --verify refs/remotes/origin/dev
'
test_expect_success 'non-force push fails if not up to date' '
git init --bare "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo_conflict.git &&
git -C "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo_conflict.git update-server-info &&
git clone $HTTPD_URL/dumb/test_repo_conflict.git "$ROOT_PATH"/c1 &&
git clone $HTTPD_URL/dumb/test_repo_conflict.git "$ROOT_PATH"/c2 &&
test_commit -C "$ROOT_PATH/c1" path1 &&
git -C "$ROOT_PATH/c1" push origin HEAD &&
git -C "$ROOT_PATH/c2" pull &&
test_commit -C "$ROOT_PATH/c1" path2 &&
git -C "$ROOT_PATH/c1" push origin HEAD &&
test_commit -C "$ROOT_PATH/c2" path3 &&
git -C "$ROOT_PATH/c1" log --graph --all &&
git -C "$ROOT_PATH/c2" log --graph --all &&
test_must_fail git -C "$ROOT_PATH/c2" push origin HEAD
'
test_expect_success 'MKCOL sends directory names with trailing slashes' '
! grep "\"MKCOL.*[^/] HTTP/[^ ]*\"" < "$HTTPD_ROOT_PATH"/access.log
'
x1="[0-9a-f]"
x2="$x1$x1"
xtrunc=$(echo $OID_REGEX | sed -e "s/\[0-9a-f\]\[0-9a-f\]//")
test_expect_success 'PUT and MOVE sends object to URLs with SHA-1 hash suffix' '
sed \
-e "s/PUT /OP /" \
-e "s/MOVE /OP /" \
-e "s|/objects/$x2/${xtrunc}_$OID_REGEX|WANTED_PATH_REQUEST|" \
"$HTTPD_ROOT_PATH"/access.log |
grep -e "\"OP .*WANTED_PATH_REQUEST HTTP/[.0-9]*\" 20[0-9] "
'
test_http_push_nonff "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo.git \
"$ROOT_PATH"/test_repo_clone main
test_expect_success 'push to password-protected repository (user in URL)' '
test_commit pw-user &&
set_askpass user@host pass@host &&
git push "$HTTPD_URL_USER/auth/dumb/test_repo.git" HEAD &&
git rev-parse --verify HEAD >expect &&
git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/test_repo.git" \
rev-parse --verify HEAD >actual &&
test_cmp expect actual
'
test_expect_failure 'user was prompted only once for password' '
expect_askpass pass user@host
'
test_expect_failure 'push to password-protected repository (no user in URL)' '
test_commit pw-nouser &&
set_askpass user@host pass@host &&
git push "$HTTPD_URL/auth/dumb/test_repo.git" HEAD &&
expect_askpass both user@host &&
git rev-parse --verify HEAD >expect &&
git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/test_repo.git" \
rev-parse --verify HEAD >actual &&
test_cmp expect actual
'
test_expect_success 'push to password-protected repository (netrc)' '
test_commit pw-netrc &&
echo "default login user@host password pass@host" >"$HOME/.netrc" &&
GIT_TRACE=1 GIT_CURL_VERBOSE=1 git push "$HTTPD_URL/auth/dumb/test_repo.git" HEAD &&
git rev-parse --verify HEAD >expect &&
git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/auth/dumb/test_repo.git" \
rev-parse --verify HEAD >actual &&
test_cmp expect actual
'
test_done
Reference in New Issue View Git Blame Copy Permalink