diff options
author | Junio C Hamano <gitster@pobox.com> | 2014-09-15 14:59:00 -0700 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2014-09-17 14:58:04 -0700 |
commit | 0ea47f9d3307bdb1cd9364acd3e4a463b244bba2 (patch) | |
tree | a10ff42d754581a365f9dc943eddbd72e48c3663 /t/t5541-http-push-smart.sh | |
parent | b89363e4a5277038629491f8765c0598f366326c (diff) | |
download | git-0ea47f9d3307bdb1cd9364acd3e4a463b244bba2.tar.gz |
signed push: teach smart-HTTP to pass "git push --signed" around
The "--signed" option received by "git push" is first passed to the
transport layer, which the native transport directly uses to notice
that a push certificate needs to be sent. When the transport-helper
is involved, however, the option needs to be told to the helper with
set_helper_option(), and the helper needs to take necessary action.
For the smart-HTTP helper, the "necessary action" involves spawning
the "git send-pack" subprocess with the "--signed" option.
Once the above all gets wired in, the smart-HTTP transport now can
use the push certificate mechanism to authenticate its pushes.
Add a test that is modeled after tests for the native transport in
t5534-push-signed.sh to t5541-http-push-smart.sh. Update the test
Apache configuration to pass GNUPGHOME environment variable through.
As PassEnv would trigger warnings for an environment variable that
is not set, export it from test-lib.sh set to a harmless value when
GnuPG is not being used in the tests.
Note that the added test is deliberately loose and does not check
the nonce in this step. This is because the stateless RPC mode is
inevitably flaky and a nonce that comes back in the actual push
processing is one issued by a different process; if the two
interactions with the server crossed a second boundary, the nonces
will not match and such a check will fail. A later patch in the
series will work around this shortcoming.
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t5541-http-push-smart.sh')
-rwxr-xr-x | t/t5541-http-push-smart.sh | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/t/t5541-http-push-smart.sh b/t/t5541-http-push-smart.sh index 73af16f481..24926a4a42 100755 --- a/t/t5541-http-push-smart.sh +++ b/t/t5541-http-push-smart.sh @@ -12,6 +12,7 @@ if test -n "$NO_CURL"; then fi ROOT_PATH="$PWD" +. "$TEST_DIRECTORY"/lib-gpg.sh . "$TEST_DIRECTORY"/lib-httpd.sh . "$TEST_DIRECTORY"/lib-terminal.sh start_httpd @@ -323,5 +324,40 @@ test_expect_success 'push into half-auth-complete requires password' ' test_cmp expect actual ' +test_expect_success GPG 'push with post-receive to inspect certificate' ' + ( + cd "$HTTPD_DOCUMENT_ROOT_PATH"/test_repo.git && + mkdir -p hooks && + write_script hooks/post-receive <<-\EOF && + # discard the update list + cat >/dev/null + # record the push certificate + if test -n "${GIT_PUSH_CERT-}" + then + git cat-file blob $GIT_PUSH_CERT >../push-cert + fi && + cat >../push-cert-status <<E_O_F + SIGNER=${GIT_PUSH_CERT_SIGNER-nobody} + KEY=${GIT_PUSH_CERT_KEY-nokey} + STATUS=${GIT_PUSH_CERT_STATUS-nostatus} + E_O_F + EOF + + git config receive.certnonceseed sekrit + ) && + cd "$ROOT_PATH/test_repo_clone" && + test_commit cert-test && + git push --signed "$HTTPD_URL/smart/test_repo.git" && + ( + cd "$HTTPD_DOCUMENT_ROOT_PATH" && + cat <<-\EOF + SIGNER=C O Mitter <committer@example.com> + KEY=13B6F51ECDDE430D + STATUS=G + EOF + ) >expect && + test_cmp expect "$HTTPD_DOCUMENT_ROOT_PATH/push-cert-status" +' + stop_httpd test_done |