diff options
author | Jeff King <peff@peff.net> | 2013-09-28 04:35:35 -0400 |
---|---|---|
committer | Jonathan Nieder <jrnieder@gmail.com> | 2013-10-14 17:01:34 -0700 |
commit | 050ef3655c8ea1dc7a2b3b843ca7c45dd94d9c88 (patch) | |
tree | c5f0f3da2da24b72fe828c634897991636cafe97 /t | |
parent | remote-curl: store url as a strbuf (diff) | |
download | tgif-050ef3655c8ea1dc7a2b3b843ca7c45dd94d9c88.tar.xz |
remote-curl: rewrite base url from info/refs redirects
For efficiency and security reasons, an earlier commit in
this series taught http_get_* to re-write the base url based
on redirections we saw while making a specific request.
This commit wires that option into the info/refs request,
meaning that a redirect from
http://example.com/foo.git/info/refs
to
https://example.com/bar.git/info/refs
will behave as if "https://example.com/bar.git" had been
provided to git in the first place.
The tests bear some explanation. We introduce two new
hierearchies into the httpd test config:
1. Requests to /smart-redir-limited will work only for the
initial info/refs request, but not any subsequent
requests. As a result, we can confirm whether the
client is re-rooting its requests after the initial
contact, since otherwise it will fail (it will ask for
"repo.git/git-upload-pack", which is not redirected).
2. Requests to smart-redir-auth will redirect, and require
auth after the redirection. Since we are using the
redirected base for further requests, we also update
the credential struct, in order not to mislead the user
(or credential helpers) about which credential is
needed. We can therefore check the GIT_ASKPASS prompts
to make sure we are prompting for the new location.
Because we have neither multiple servers nor https
support in our test setup, we can only redirect between
paths, meaning we need to turn on
credential.useHttpPath to see the difference.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
Diffstat (limited to 't')
-rw-r--r-- | t/lib-httpd.sh | 3 | ||||
-rw-r--r-- | t/lib-httpd/apache.conf | 2 | ||||
-rwxr-xr-x | t/t5551-http-fetch.sh | 11 |
3 files changed, 15 insertions, 1 deletions
diff --git a/t/lib-httpd.sh b/t/lib-httpd.sh index 895b9258b0..7059cc6c21 100644 --- a/t/lib-httpd.sh +++ b/t/lib-httpd.sh @@ -187,7 +187,8 @@ set_askpass() { } expect_askpass() { - dest=$HTTPD_DEST + dest=$HTTPD_DEST${3+/$3} + { case "$1" in none) diff --git a/t/lib-httpd/apache.conf b/t/lib-httpd/apache.conf index dd17e3a09d..4a261f13f5 100644 --- a/t/lib-httpd/apache.conf +++ b/t/lib-httpd/apache.conf @@ -102,6 +102,8 @@ ScriptAlias /broken_smart/ broken-smart-http.sh/ RewriteEngine on RewriteRule ^/smart-redir-perm/(.*)$ /smart/$1 [R=301] RewriteRule ^/smart-redir-temp/(.*)$ /smart/$1 [R=302] +RewriteRule ^/smart-redir-auth/(.*)$ /auth/smart/$1 [R=301] +RewriteRule ^/smart-redir-limited/(.*)/info/refs$ /smart/$1/info/refs [R=301] <IfDefine SSL> LoadModule ssl_module modules/mod_ssl.so diff --git a/t/t5551-http-fetch.sh b/t/t5551-http-fetch.sh index 55a866af80..1b71bb5156 100755 --- a/t/t5551-http-fetch.sh +++ b/t/t5551-http-fetch.sh @@ -113,6 +113,10 @@ test_expect_success 'follow redirects (302)' ' git clone $HTTPD_URL/smart-redir-temp/repo.git --quiet repo-t ' +test_expect_success 'redirects re-root further requests' ' + git clone $HTTPD_URL/smart-redir-limited/repo.git repo-redir-limited +' + test_expect_success 'clone from password-protected repository' ' echo two >expect && set_askpass user@host && @@ -146,6 +150,13 @@ test_expect_success 'no-op half-auth fetch does not require a password' ' expect_askpass none ' +test_expect_success 'redirects send auth to new location' ' + set_askpass user@host && + git -c credential.useHttpPath=true \ + clone $HTTPD_URL/smart-redir-auth/repo.git repo-redir-auth && + expect_askpass both user@host auth/smart/repo.git +' + test_expect_success 'disable dumb http on server' ' git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \ config http.getanyfile false |