git/t/lib-httpd.sh
Johannes Schindelin ef0fc42829 Merge branch 'jk/httpd-test-updates'
Test update.

* jk/httpd-test-updates:
  t/lib-httpd: increase ssl key size to 2048 bits
  t/lib-httpd: drop SSLMutex config
  t/lib-httpd: bump required apache version to 2.4
  t/lib-httpd: bump required apache version to 2.2

This is a backport onto the `maint-2.39` branch, to improve the CI
health of that branch.

Signed-off-by: Johannes Schindelin <Johannes.Schindelin@gmx.de>
2024-04-16 23:58:40 +02:00

371 lines
9.0 KiB
Bash

# Shell library to run an HTTP server for use in tests.
# Ends the test early if httpd tests should not be run,
# for example because the user has not enabled them.
#
# Usage:
#
# . ./test-lib.sh
# . "$TEST_DIRECTORY"/lib-httpd.sh
# start_httpd
#
# test_expect_success '...' '
# ...
# '
#
# test_expect_success ...
#
# test_done
#
# Can be configured using the following variables.
#
# GIT_TEST_HTTPD enable HTTPD tests
# LIB_HTTPD_PATH web server path
# LIB_HTTPD_MODULE_PATH web server modules path
# LIB_HTTPD_PORT listening port
# LIB_HTTPD_DAV enable DAV
# LIB_HTTPD_SVN enable SVN at given location (e.g. "svn")
# LIB_HTTPD_SSL enable SSL
# LIB_HTTPD_PROXY enable proxy
#
# Copyright (c) 2008 Clemens Buchacher <drizzd@aon.at>
#
if ! test_have_prereq LIBCURL
then
skip_all='skipping test, git built without http support'
test_done
fi
if test -n "$NO_EXPAT" && test -n "$LIB_HTTPD_DAV"
then
skip_all='skipping test, git built without expat support'
test_done
fi
if ! test_bool_env GIT_TEST_HTTPD true
then
skip_all="Network testing disabled (unset GIT_TEST_HTTPD to enable)"
test_done
fi
if ! test_have_prereq NOT_ROOT; then
test_skip_or_die GIT_TEST_HTTPD \
"Cannot run httpd tests as root"
fi
HTTPD_PARA=""
for DEFAULT_HTTPD_PATH in '/usr/sbin/httpd' \
'/usr/sbin/apache2' \
"$(command -v httpd)" \
"$(command -v apache2)"
do
if test -n "$DEFAULT_HTTPD_PATH" && test -x "$DEFAULT_HTTPD_PATH"
then
break
fi
done
if test -x "$DEFAULT_HTTPD_PATH"
then
DETECTED_HTTPD_ROOT="$("$DEFAULT_HTTPD_PATH" -V 2>/dev/null | sed -n 's/^ -D HTTPD_ROOT="\(.*\)"$/\1/p')"
fi
for DEFAULT_HTTPD_MODULE_PATH in '/usr/libexec/apache2' \
'/usr/lib/apache2/modules' \
'/usr/lib64/httpd/modules' \
'/usr/lib/httpd/modules' \
'/usr/libexec/httpd' \
'/usr/lib/apache2' \
"${DETECTED_HTTPD_ROOT:+${DETECTED_HTTPD_ROOT}/modules}"
do
if test -n "$DEFAULT_HTTPD_MODULE_PATH" && test -d "$DEFAULT_HTTPD_MODULE_PATH"
then
break
fi
done
case $(uname) in
Darwin)
HTTPD_PARA="$HTTPD_PARA -DDarwin"
;;
esac
LIB_HTTPD_PATH=${LIB_HTTPD_PATH-"$DEFAULT_HTTPD_PATH"}
test_set_port LIB_HTTPD_PORT
TEST_PATH="$TEST_DIRECTORY"/lib-httpd
HTTPD_ROOT_PATH="$PWD"/httpd
HTTPD_DOCUMENT_ROOT_PATH=$HTTPD_ROOT_PATH/www
# hack to suppress apache PassEnv warnings
GIT_VALGRIND=$GIT_VALGRIND; export GIT_VALGRIND
GIT_VALGRIND_OPTIONS=$GIT_VALGRIND_OPTIONS; export GIT_VALGRIND_OPTIONS
GIT_TEST_SIDEBAND_ALL=$GIT_TEST_SIDEBAND_ALL; export GIT_TEST_SIDEBAND_ALL
GIT_TRACE=$GIT_TRACE; export GIT_TRACE
if ! test -x "$LIB_HTTPD_PATH"
then
test_skip_or_die GIT_TEST_HTTPD "no web server found at '$LIB_HTTPD_PATH'"
fi
HTTPD_VERSION=$($LIB_HTTPD_PATH -v | \
sed -n 's/^Server version: Apache\/\([0-9.]*\).*$/\1/p; q')
HTTPD_VERSION_MAJOR=$(echo $HTTPD_VERSION | cut -d. -f1)
HTTPD_VERSION_MINOR=$(echo $HTTPD_VERSION | cut -d. -f2)
if test -n "$HTTPD_VERSION_MAJOR"
then
if test -z "$LIB_HTTPD_MODULE_PATH"
then
if ! test "$HTTPD_VERSION_MAJOR" -eq 2 ||
! test "$HTTPD_VERSION_MINOR" -ge 4
then
test_skip_or_die GIT_TEST_HTTPD \
"at least Apache version 2.4 is required"
fi
if ! test -d "$DEFAULT_HTTPD_MODULE_PATH"
then
test_skip_or_die GIT_TEST_HTTPD \
"Apache module directory not found"
fi
LIB_HTTPD_MODULE_PATH="$DEFAULT_HTTPD_MODULE_PATH"
fi
else
test_skip_or_die GIT_TEST_HTTPD \
"Could not identify web server at '$LIB_HTTPD_PATH'"
fi
if test -n "$LIB_HTTPD_DAV" && test -f /etc/os-release
then
case "$(grep "^ID=" /etc/os-release | cut -d= -f2-)" in
alpine)
# The WebDAV module in Alpine Linux is broken at least up to
# Alpine v3.16 as the default DBM driver is missing.
#
# https://gitlab.alpinelinux.org/alpine/aports/-/issues/13112
test_skip_or_die GIT_TEST_HTTPD \
"Apache WebDAV module does not have default DBM backend driver"
;;
esac
fi
install_script () {
write_script "$HTTPD_ROOT_PATH/$1" <"$TEST_PATH/$1"
}
prepare_httpd() {
mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH"
cp "$TEST_PATH"/passwd "$HTTPD_ROOT_PATH"
cp "$TEST_PATH"/proxy-passwd "$HTTPD_ROOT_PATH"
install_script incomplete-length-upload-pack-v2-http.sh
install_script incomplete-body-upload-pack-v2-http.sh
install_script error-no-report.sh
install_script broken-smart-http.sh
install_script error-smart-http.sh
install_script error.sh
install_script apply-one-time-perl.sh
install_script nph-custom-auth.sh
ln -s "$LIB_HTTPD_MODULE_PATH" "$HTTPD_ROOT_PATH/modules"
if test -n "$LIB_HTTPD_SSL"
then
HTTPD_PROTO=https
RANDFILE_PATH="$HTTPD_ROOT_PATH"/.rnd openssl req \
-config "$TEST_PATH/ssl.cnf" \
-new -x509 -nodes \
-out "$HTTPD_ROOT_PATH/httpd.pem" \
-keyout "$HTTPD_ROOT_PATH/httpd.pem"
GIT_SSL_NO_VERIFY=t
export GIT_SSL_NO_VERIFY
HTTPD_PARA="$HTTPD_PARA -DSSL"
else
HTTPD_PROTO=http
fi
HTTPD_DEST=127.0.0.1:$LIB_HTTPD_PORT
HTTPD_URL=$HTTPD_PROTO://$HTTPD_DEST
HTTPD_URL_USER=$HTTPD_PROTO://user%40host@$HTTPD_DEST
HTTPD_URL_USER_PASS=$HTTPD_PROTO://user%40host:pass%40host@$HTTPD_DEST
if test -n "$LIB_HTTPD_DAV" || test -n "$LIB_HTTPD_SVN"
then
HTTPD_PARA="$HTTPD_PARA -DDAV"
if test -n "$LIB_HTTPD_SVN"
then
HTTPD_PARA="$HTTPD_PARA -DSVN"
LIB_HTTPD_SVNPATH="$rawsvnrepo"
svnrepo="http://127.0.0.1:$LIB_HTTPD_PORT/"
svnrepo="$svnrepo$LIB_HTTPD_SVN"
export LIB_HTTPD_SVN LIB_HTTPD_SVNPATH
fi
fi
if test -n "$LIB_HTTPD_PROXY"
then
HTTPD_PARA="$HTTPD_PARA -DPROXY"
fi
}
enable_http2 () {
HTTPD_PARA="$HTTPD_PARA -DHTTP2"
test_set_prereq HTTP2
}
enable_cgipassauth () {
# We are looking for 2.4.13 or more recent. Since we only support
# 2.4 and up, no need to check for older major/minor.
if test "$HTTPD_VERSION_MAJOR" = 2 &&
test "$HTTPD_VERSION_MINOR" = 4 &&
test "$(echo $HTTPD_VERSION | cut -d. -f3)" -lt 13
then
echo >&4 "apache $HTTPD_VERSION too old for CGIPassAuth"
return
fi
HTTPD_PARA="$HTTPD_PARA -DUSE_CGIPASSAUTH"
test_set_prereq CGIPASSAUTH
}
start_httpd() {
prepare_httpd >&3 2>&4
test_atexit stop_httpd
"$LIB_HTTPD_PATH" -d "$HTTPD_ROOT_PATH" \
-f "$TEST_PATH/apache.conf" $HTTPD_PARA \
-c "Listen 127.0.0.1:$LIB_HTTPD_PORT" -k start \
>&3 2>&4
if test $? -ne 0
then
cat "$HTTPD_ROOT_PATH"/error.log >&4 2>/dev/null
test_skip_or_die GIT_TEST_HTTPD "web server setup failed"
fi
}
stop_httpd() {
"$LIB_HTTPD_PATH" -d "$HTTPD_ROOT_PATH" \
-f "$TEST_PATH/apache.conf" $HTTPD_PARA -k stop
}
test_http_push_nonff () {
REMOTE_REPO=$1
LOCAL_REPO=$2
BRANCH=$3
EXPECT_CAS_RESULT=${4-failure}
test_expect_success 'non-fast-forward push fails' '
cd "$REMOTE_REPO" &&
HEAD=$(git rev-parse --verify HEAD) &&
cd "$LOCAL_REPO" &&
git checkout $BRANCH &&
echo "changed" > path2 &&
git commit -a -m path2 --amend &&
test_must_fail git push -v origin >output 2>&1 &&
(
cd "$REMOTE_REPO" &&
echo "$HEAD" >expect &&
git rev-parse --verify HEAD >actual &&
test_cmp expect actual
)
'
test_expect_success 'non-fast-forward push show ref status' '
grep "^ ! \[rejected\][ ]*$BRANCH -> $BRANCH (non-fast-forward)$" output
'
test_expect_success 'non-fast-forward push shows help message' '
test_grep "Updates were rejected because" output
'
test_expect_${EXPECT_CAS_RESULT} 'force with lease aka cas' '
HEAD=$( cd "$REMOTE_REPO" && git rev-parse --verify HEAD ) &&
test_when_finished '\''
(cd "$REMOTE_REPO" && git update-ref HEAD "$HEAD")
'\'' &&
(
cd "$LOCAL_REPO" &&
git push -v --force-with-lease=$BRANCH:$HEAD origin
) &&
git rev-parse --verify "$BRANCH" >expect &&
(
cd "$REMOTE_REPO" && git rev-parse --verify HEAD
) >actual &&
test_cmp expect actual
'
}
setup_askpass_helper() {
test_expect_success 'setup askpass helper' '
write_script "$TRASH_DIRECTORY/askpass" <<-\EOF &&
echo >>"$TRASH_DIRECTORY/askpass-query" "askpass: $*" &&
case "$*" in
*Username*)
what=user
;;
*Password*)
what=pass
;;
esac &&
cat "$TRASH_DIRECTORY/askpass-$what"
EOF
GIT_ASKPASS="$TRASH_DIRECTORY/askpass" &&
export GIT_ASKPASS &&
export TRASH_DIRECTORY
'
}
set_askpass() {
>"$TRASH_DIRECTORY/askpass-query" &&
echo "$1" >"$TRASH_DIRECTORY/askpass-user" &&
echo "$2" >"$TRASH_DIRECTORY/askpass-pass"
}
expect_askpass() {
dest=$HTTPD_DEST${3+/$3}
{
case "$1" in
none)
;;
pass)
echo "askpass: Password for '$HTTPD_PROTO://$2@$dest': "
;;
both)
echo "askpass: Username for '$HTTPD_PROTO://$dest': "
echo "askpass: Password for '$HTTPD_PROTO://$2@$dest': "
;;
*)
false
;;
esac
} >"$TRASH_DIRECTORY/askpass-expect" &&
test_cmp "$TRASH_DIRECTORY/askpass-expect" \
"$TRASH_DIRECTORY/askpass-query"
}
strip_access_log() {
sed -e "
s/^.* \"//
s/\"//
s/ [1-9][0-9]*\$//
s/^GET /GET /
" "$HTTPD_ROOT_PATH"/access.log
}
# Requires one argument: the name of a file containing the expected stripped
# access log entries.
check_access_log() {
sort "$1" >"$1".sorted &&
strip_access_log >access.log.stripped &&
sort access.log.stripped >access.log.sorted &&
if ! test_cmp "$1".sorted access.log.sorted
then
test_cmp "$1" access.log.stripped
fi
}