tests/online/clone.c


Log

Author Commit Date CI Message
Ian Hattendorf 62b80138 2019-08-13T09:10:10 clone: Remove whitespace ssh test Will add later when infrastructure is configured
Ian Hattendorf b15e7f2d 2019-08-12T09:56:51 clone: Update whitespace test url
Ian Hattendorf 42ea2f95 2019-07-25T13:15:10 clone: whitespace in url ssh test
Ian Hattendorf 1748f92c 2019-07-24T16:36:45 clone: whitespace in url test
Patrick Steinhardt e54343a4 2019-06-29T09:17:32 fileops: rename to "futils.h" to match function signatures Our file utils functions all have a "futils" prefix, e.g. `git_futils_touch`. One would thus naturally guess that their definitions and implementation would live in files "futils.h" and "futils.c", respectively, but in fact they live in "fileops.h". Rename the files to match expectations.
Edward Thomson 3d11b6c5 2019-03-11T20:36:09 winhttp: support default credentials for proxies We did not properly support default credentials for proxies, only for destination servers. Refactor the credential handling to support sending either username/password _or_ default credentials to either the proxy or the destination server. This actually shares the authentication logic between proxy servers and destination servers. Due to copy/pasta drift over time, they had diverged. Now they share a common logic which is: first, use credentials specified in the URL (if there were any), treating empty username and password (ie, "http://:@foo.com/") as default credentials, for compatibility with git. Next, call the credential callbacks. Finally, fallback to WinHTTP compatibility layers using built-in authentication like we always have. Allowing default credentials for proxies requires moving the security level downgrade into the credential setting routines themselves. We will update our security level to "high" by default which means that we will never send default credentials without prompting. (A lower setting, like the WinHTTP default of "medium" would allow WinHTTP to handle credentials for us, despite what a user may have requested with their structures.) Now we start with "high" and downgrade to "low" only after a user has explicitly requested default credentials.
Edward Thomson 757411a0 2019-03-11T12:56:09 network: don't add arbitrary url rules There's no reason a git repository couldn't be at the root of a server, and URLs should have an implicit path of '/' when one is not specified.
Edward Thomson e66a4eb3 2019-06-05T14:19:14 online tests: use gitlab for auth failures GitHub recently changed their behavior from returning 401s for private or nonexistent repositories on a clone to returning 404s. For our tests that require an auth failure (and 401), move to GitLab to request a missing repository. This lets us continue to test our auth failure case, at least until they decide to mimic that decision.
Edward Thomson a1ef995d 2019-02-21T10:33:30 indexer: use git_indexer_progress throughout Update internal usage of `git_transfer_progress` to `git_indexer_progreses`.
Edward Thomson f673e232 2018-12-27T13:47:34 git_error: use new names in internal APIs and usage Move to the `git_error` name in the internal API for error-related functions.
Edward Thomson ed8cfbf0 2019-01-17T00:32:31 references: use new names in internal usage Update internal usage to use the `git_reference` names for constants.
Jason Haslam 35d86c77 2019-01-14T10:14:36 proxy: fix crash on remote connection with GIT_PROXY_AUTO but no proxy is detected
Edward Thomson 45054732 2018-10-29T10:45:59 tests: optionally ignore https cert validation For testing, we may wish to use a man-in-the-middle proxy that can inspect the CONNECT traffic to our test endpoints. For this, we will need to accept the proxy's certificate, which will not be valid for the true endpoint. Add a new environment variable, GITTEST_REMOTE_SSL_NOVERIFY to disable https certificate validation for the tests.
Edward Thomson 6ba3e6af 2018-11-18T21:53:48 proxy tests: rename credential callback Rename credential callback to proxy_cred_cb to match new cert callback.
Edward Thomson 394ae7e1 2018-10-22T17:35:35 proxy tests: support self-signed proxy cert Give the proxy tests a proxy certificate callback, and allow self-signed certificates when the `GITTEST_REMOTE_PROXY_SELFSIGNED` environment variable is set (to anything). In that case, simply compare the hostname from the callback to the hostname that we connected to.
Edward Thomson 4ecc14cd 2018-10-21T23:47:53 tests: support optional PROXY_SCHEME As we want to support HTTPS proxies, support an optional `GITTEST_REMOTE_PROXY_SCHEME` environment variable for tests that will allow for HTTPS support. (When unset, the tests default to HTTP proxies.)
Edward Thomson de60d9b4 2018-10-21T21:00:37 tests: PROXY_URL is more accurately PROXY_HOST Change the `GITTEST_REMOTE_PROXY_URL` environment variable to be `GITTEST_REMOTE_PROXY_HOST`, since it is a host:port combination, not an actual URL. (We cannot use a URL here since we may want to include the username:password combination in the constructed URL.)
Edward Thomson e84914fd 2018-09-20T20:11:36 online::clone: free url and username before resetting Before resetting the url and username, ensure that we free them in case they were set by environment variables.
Patrick Steinhardt ecf4f33a 2018-02-08T11:14:48 Convert usage of `git_buf_free` to new `git_buf_dispose`
Edward Thomson fd634019 2018-04-16T15:42:35 Merge pull request #4556 from libgit2/ethomson/proxy_pass_in_env online::clone: validate user:pass in HTTP_PROXY
Edward Thomson 54bf4d14 2018-03-20T07:47:27 online tests: update auth for bitbucket test Update the settings to use a specific read-only token for accessing our test repositories in Bitbucket.
Edward Thomson 03c58778 2018-03-19T09:20:35 online::clone: skip creds fallback test At present, we have three online tests against bitbucket: one which specifies the credentials in the payload, one which specifies the correct credentials in the URL and a final one that specifies the incorrect credentials in the URL. Bitbucket has begun responding to the latter test with a 403, which causes us to fail. Break these three tests into separate tests so that we can skip the latter until this is resolved on Bitbucket's end or until we can change the test to a different provider.
Edward Thomson e380eae0 2018-02-28T16:10:53 online::clone: validate user:pass in HTTP_PROXY Validate using the http://user:pass@host/ format in HTTP_PROXY and HTTPS_PROXY environment variables.
Patrick Steinhardt 820fb712 2018-01-18T07:48:28 tests: online::clone: fix memory leak due to not freeing URL
Patrick Steinhardt 54a1bf05 2017-06-07T13:06:53 tests: online::clone: inline creds-test with nonexistent URL Right now, we test our credential callback code twice, once via SSH on localhost and once via a non-existent GitHub repository. While the first URL makes sense to be configurable, it does not make sense to hard-code the non-existing repository, which requires us to call tests multiple times. Instead, we can just inline the URL into another set of tests.
Patrick Steinhardt fea60920 2017-06-07T12:48:48 tests: online::clone: construct credential-URL from environment We support two types of passing credentials to the proxy, either via the URL or explicitly by specifying user and password. We test these types by modifying the proxy URL and executing the tests twice, which is in fact unnecessary and requires us to maintain the list of environment variables and test executions across multiple CI infrastructures. To fix the situation, we can just always pass the host, port, user and password to the tests. The tests can then assemble the complete URL either with or without included credentials, allowing us to test both cases in-process.
Patrick Steinhardt c2c95ad0 2017-04-26T13:16:18 tests: online::clone: use URL of test server All our tests running against a local SSH server usually read the server's URL from environment variables. But online::clone::ssh_cert test fails to do so and instead always connects to "ssh://localhost/foo". This assumption breaks whenever the SSH server is not running on the standard port, e.g. when it is running as a user. Fix the issue by using the URL provided by the environment.
Edward Thomson 0bd77401 2016-04-21T11:05:21 clone test: annotate unused vars
Carlos Martín Nieto 0d72f67f 2016-03-14T17:36:04 proxy: don't specify the protocol in the type We leave this up to the scheme in the url field. The type should only tell us about whether we want a proxy and whether we want to auto-detect it.
Carlos Martín Nieto b117721d 2015-07-29T21:23:56 proxy: use poxy to test our Windows proxy support
Carlos Martín Nieto 07bd3e57 2015-05-07T12:57:56 proxy: ask the user for credentials if necessary
Matt Burke 3245896b 2015-09-10T13:18:26 Add a test for custom header validation Also, *some* custom headers actually are valid.
Edward Thomson e069c621 2015-07-02T09:25:48 git__getenv: utf-8 aware env reader Introduce `git__getenv` which is a UTF-8 aware `getenv` everywhere. Make `cl_getenv` use this to keep consistent memory handling around return values (free everywhere, as opposed to only some platforms).
Carlos Martín Nieto 352ee171 2015-06-12T12:45:49 clone: set the credentials callback during testing
Michał Górny 8085adf8 2015-05-27T18:44:40 test: Add a test for in-memory SSH private key cred_cb
Carlos Martín Nieto 77254990 2015-04-23T06:51:34 remote: remove live changing of refspecs The base refspecs changing can be a cause of confusion as to what is the current base refspec set and complicate saving the remote's configuration. Change `git_remote_add_{fetch,push}()` to update the configuration instead of an instance. This finally makes `git_remote_save()` a no-op, it will be removed in a later commit.
Carlos Martín Nieto 058b753c 2015-04-22T15:45:21 remote: move the transport ctor to the callbacks Instead of having it set in a different place from every other callback, put it the main structure. This removes some state from the remote and makes it behave more like clone, where the constructors are passed via the options.
Carlos Martín Nieto 8f0104ec 2015-04-21T22:10:36 Remove the callbacks struct from the remote Having the setting be different from calling its actions was not a great idea and made for the sake of the wrong convenience. Instead of that, accept either fetch options, push options or the callbacks when dealing with the remote. The fetch options are currently only the callbacks, but more options will be moved from setters and getters on the remote to the options. This does mean passing the same struct along the different functions but the typical use-case will only call git_remote_fetch() or git_remote_push() and so won't notice much difference.
Carlos Martín Nieto 29e7ae5d 2015-03-16T19:39:05 Add failing test for cert callback with non-ecrypted stream When we have an HTTP stream and have set the certificatre check callback, we currently fail as we ask the unencrypted stream for its certificate.
Edward Thomson 6c9e86ad 2015-02-14T10:46:41 clone: drop now unnecessary SAFE_CREATE
Carlos Martín Nieto 209425ce 2014-11-08T13:25:51 remote: rename _load() to _lookup() This brings it in line with the rest of the lookup functions.
Sven Strickroth db3d169c 2014-09-24T11:28:45 Add tests for host names Signed-off-by: Sven Strickroth <email@cs-ware.de>
Sven Strickroth e6e834a1 2014-09-18T12:23:07 Provide host name to certificate_check_cb Signed-off-by: Sven Strickroth <email@cs-ware.de>
Carlos Martín Nieto 52e09724 2014-09-16T17:13:58 ssh: skip the localhost cert check earlier Skip it before we attempt to clone, as we would exit with -1 on systems which do not have sshd running.
Carlos Martín Nieto 1e0aa105 2014-09-16T03:22:09 ssh: expose both hashes The user may have the data hashed as MD5 or SHA-1, so we should provide both types for consumption.
Carlos Martín Nieto 286369a8 2014-09-16T02:27:16 ssh: provide our own types for host key lengths Instead of using the libssh2 defines, provide our own, which eases usage as we do not need to check whether libgit2 was built with libssh2 or not.
Carlos Martín Nieto 0782fc43 2014-09-16T01:47:30 net: use only structs to pass information about cert Instead of spreading the data in function arguments, some of which aren't used for ssh and having a struct only for ssh, use a struct for both, using a common parent to pass to the callback.
Carlos Martín Nieto 0fef3899 2014-09-16T01:25:53 Merge remote-tracking branch 'upstream/master' into cmn/host-cert-info
Carlos Martín Nieto bf8756d6 2014-09-15T21:51:42 ssh: add test for host key Test that the certificate check callback gets the right fingerprint from the host we're connecting to.
Carlos Martín Nieto 08545d36 2014-08-30T00:40:37 winhttp: credential check on successful connect On successful connection, still ask the user whether they accept the server's certificate, indicating that WinHTTP would let it though.
Carlos Martín Nieto 23ca0ad5 2014-08-29T21:25:13 Bring certificate check back to the normal return code Returning 0 lets the certificate check succeed. An error code is bubbled up to the user.
Carlos Martín Nieto 2f5864c5 2014-08-29T21:15:36 ssh: do ssh cert info before asking for credentials We know the host's key as soon as we connect, so we should perform the check as soon as we can, before we bother with the user's credentials.
Carlos Martín Nieto 17491f6e 2014-08-29T17:18:23 transport: always call the certificate check callback We should let the user decide whether to cancel the connection or not regardless of whether our checks have decided that the certificate is fine. We provide our own assessment to the callback to let the user fall back to our checks if they so desire.
Carlos Martín Nieto 85acc562 2014-08-29T17:07:07 remote: add tests for the certificate callback
Linquize fe3b6789 2014-09-01T19:18:20 Skip SSH clone tests if libgit2 not built with GIT_SSH defined
nulltoken f0c53d21 2014-08-27T10:28:46 winhttp: Prevent swallowing of url parsing error
Carlos Martín Nieto c13b6844 2014-08-27T15:25:46 Adjust clone tests to USERNAME cred type
Carlos Martín Nieto 6a0d2b43 2014-08-27T15:09:07 Merge remote-tracking branch 'upstream/master' into cmn/ssh-retry
Edward Thomson adcdeb36 2014-08-01T13:06:37 online::clone::credentials support default credentials
Edward Thomson aea67633 2014-07-31T17:59:03 Don't run the ssh clone tests against http remotes
Carlos Martín Nieto d4256ed5 2014-07-04T10:00:39 ssh: provide a factory function for setting ssh paths git allows you to set which paths to use for the git server programs when connecting over ssh; and we want to provide something similar. We do this by providing a factory function which can be set as the remote's transport callback which will set the given paths upon creation.
Carlos Martín Nieto 6812afaf 2014-06-30T21:36:38 clone: remote git_clone_into{,_local} from the public API As git_clone now has callbacks to configure the details of the repository and remote, remove the lower-level functions from the public API, as they lack some of the logic from git_clone proper.
Carlos Martín Nieto e26b08d3 2014-06-25T17:05:27 ssh: adjust clone and push test credentials to the split user+pass method For urls where we do not specify a username, we must handle the case where the ssh transport asks us for the username. Test also that switching username fails.
Carlos Martín Nieto ccb85c8f 2014-06-25T16:27:43 ssh: make sure to ask for a username and use the same one In order to know which authentication methods are supported/allowed by the ssh server, we need to send a NONE auth request, which needs a username associated with it. Most ssh server implementations do not allow switching the username between authentication attempts, which means we cannot use a dummy username and then switch. There are two ways around this. The first is to use a different connection, which an earlier commit implements, but this increases how long it takes to get set up, and without knowing the right username, we cannot guarantee that the list we get in response is the right one. The second is what's implemented here: if there is no username specified in the url, ask for it first. We can then ask for the list of auth methods and use the user's credentials in the same connection.
Carlos Martín Nieto d7f962f4 2014-06-16T19:30:06 ssh: request credentials again on authentication failure Instead of completely giving up on the first failure, ask for credentials as long as we fail to authenticate.
Carlos Martín Nieto b529c5f9 2014-06-12T17:19:00 ssh: propagate the error code from the auth callback We need to be able to get a GIT_EUSER back through the outermost call.
Carlos Martín Nieto 22618906 2014-06-12T16:09:54 ssh: detect authentication methods Before calling the credentials callback, ask the sever which authentication methods it supports and report that to the user, instead of simply reporting everything that the transport supports. In case of an error, we do fall back to listing all of them.
Carlos Martín Nieto 09561d33 2014-06-13T22:27:46 test: remove assembla clone test The assembla failure we were seeing referred to a private repository, which is not what is there at the moment. This reverts 1fd21b0342f
Carlos Martín Nieto 3382d8b1 2014-06-13T22:24:43 test: use read-only account Don't write in plaintext the password of an account which has full control over the repository. Instead use an account with read-only access.
Philip Kelley 6d1b0438 2014-06-07T12:18:24 Win32: Fix failing clone_mirror test
Carlos Martín Nieto b2067248 2014-05-15T09:03:30 clone: add failing test for a mirror-clone with clone_into Show a failure to perform a mirror-clone from a repository, both local and remote.
Vicent Marti 0f65733b 2014-04-02T18:50:47 Clar: skip tests
Ben Straub 6affd71f 2014-01-03T17:38:34 git_checkout_opts -> git_checkout_options
Ben Straub 5dae3ffe 2014-02-05T19:27:27 Only run clone-failure test on private repo
Ben Straub fe45922d 2014-02-05T13:41:12 Fix broken clone test
Ben Straub 1cc974ab 2014-01-27T14:40:31 Augment clone API with reflog parameters
Russell Belfer 25e0b157 2013-12-06T15:07:57 Remove converting user error to GIT_EUSER This changes the behavior of callbacks so that the callback error code is not converted into GIT_EUSER and instead we propagate the return value through to the caller. Instead of using the giterr_capture and giterr_restore functions, we now rely on all functions to pass back the return value from a callback. To avoid having a return value with no error message, the user can call the public giterr_set_str or some such function to set an error message. There is a new helper 'giterr_set_callback' that functions can invoke after making a callback which ensures that some error message was set in case the callback did not set one. In places where the sign of the callback return value is meaningful (e.g. positive to skip, negative to abort), only the negative values are returned back to the caller, obviously, since the other values allow for continuing the loop. The hardest parts of this were in the checkout code where positive return values were overloaded as meaningful values for checkout. I fixed this by adding an output parameter to many of the internal checkout functions and removing the overload. This added some code, but it is probably a better implementation. There is some funkiness in the network code where user provided callbacks could be returning a positive or a negative value and we want to rely on that to cancel the loop. There are still a couple places where an user error might get turned into GIT_EUSER there, I think, though none exercised by the tests.
Russell Belfer 8f2a3d62 2013-11-18T12:14:50 Fix warnings
Edward Thomson 80fc7d6b 2013-11-13T16:46:45 Propagate auth error codes as GIT_EUSER in winhttp
Ben Straub 17820381 2013-11-14T14:05:52 Rename tests-clar to tests