t5551: test that GIT_TRACE_CURL redacts password

Verify that when GIT_TRACE_CURL is set, Git prints out "Authorization: Basic <redacted>" instead of the base64-encoded authorization details. Signed-off-by: Jonathan Tan <jonathantanmy@google.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
author: Jonathan Tan <jonathantanmy@google.com> 2020-05-11 10:43:09 -0700
committer: Junio C Hamano <gitster@pobox.com> 2020-05-11 11:17:59 -0700
commit: 373e9bd66e2ba468f490e5e4ec1ccbe47853f8cd (patch)
tree: cbe8b2789fa29e319f73dad88931cf5156711029 /t
parent: The eighth batch (diff)
download: tgif-373e9bd66e2ba468f490e5e4ec1ccbe47853f8cd.tar.xz
1 files changed, 12 insertions, 0 deletions
diff --git a/t/t5551-http-fetch-smart.sh b/t/t5551-http-fetch-smart.sh
index 6788aeface..acc8473a72 100755
--- a/t/t5551-http-fetch-smart.sh
+++ b/t/t5551-http-fetch-smart.sh
@@ -185,6 +185,18 @@ test_expect_success 'redirects send auth to new location' '
 	expect_askpass both user@host auth/smart/repo.git
 '
 
+test_expect_success 'GIT_TRACE_CURL redacts auth details' '
+	rm -rf redact-auth trace &&
+	set_askpass user@host pass@host &&
+	GIT_TRACE_CURL="$(pwd)/trace" git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth &&
+	expect_askpass both user@host &&
+
+	# Ensure that there is no "Basic" followed by a base64 string, but that
+	# the auth details are redacted
+	! grep "Authorization: Basic [0-9a-zA-Z+/]" trace &&
+	grep "Authorization: Basic <redacted>" trace
+'
+
 test_expect_success 'disable dumb http on server' '
 	git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
 		config http.getanyfile false
author	Jonathan Tan <jonathantanmy@google.com>	2020-05-11 10:43:09 -0700
committer	Junio C Hamano <gitster@pobox.com>	2020-05-11 11:17:59 -0700
commit	373e9bd66e2ba468f490e5e4ec1ccbe47853f8cd (patch)
tree	cbe8b2789fa29e319f73dad88931cf5156711029 /t
parent	The eighth batch (diff)
download	tgif-373e9bd66e2ba468f490e5e4ec1ccbe47853f8cd.tar.xz