[RFC PATCH] t5551: delete auth-for-pack-but-not-refs test

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



When using protocol v0, upload-pack over HTTP permits a "half-auth"
configuration in which, at the web server layer, the info/refs path is
not protected by authentication but the git-upload-pack path is, so that
a user can perform fetches that do not download any objects without
authentication, but still needs authentication to download objects.

2e736fd5e9 ("remote-curl: retry failed requests for auth even with
gzip", 2012-10-31) added a test for this, stating that this leaks
information about the repository but makes it occasionally more
convenient for users that use manual credential entry.

Protocol v2 does not support this, because both ref and pack are
obtained from the git-upload-pack path.

Because this configuration is not supported by all protocol versions,
and because this configuration seems to be of limited usefulness (only
useful for people who use manual credential entry and on servers that
are OK with exposing refs but not objects, and even in this case, helps
only in a no-op fetch), delete the test that verifies that this
configuration works.

This issue was discovered by the GIT_TEST_PROTOCOL_VERSION patches.

Signed-off-by: Jonathan Tan <jonathantanmy@xxxxxxxxxx>
---
This is on master. (It is reasonable to apply it even in the absence of
GIT_TEST_PROTOCOL_VERSION.)

Marking this as RFC, because my opinion is that the usefulness of this
feature is limited (as you can see in the commit message), but others
may have a use case that I haven't thought about.

The alternative is to add GIT_TEST_PROTOCOL_VERSION=0 to this test (and
rebase it to a branch that has GIT_TEST_PROTOCOL_VERSION).
---
 t/t5551-http-fetch-smart.sh | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/t/t5551-http-fetch-smart.sh b/t/t5551-http-fetch-smart.sh
index ba83e567e5..3be9c0063b 100755
--- a/t/t5551-http-fetch-smart.sh
+++ b/t/t5551-http-fetch-smart.sh
@@ -149,12 +149,6 @@ test_expect_success 'clone from auth-only-for-objects repository' '
 	test_cmp expect actual
 '
 
-test_expect_success 'no-op half-auth fetch does not require a password' '
-	set_askpass wrong &&
-	git --git-dir=half-auth fetch &&
-	expect_askpass none
-'
-
 test_expect_success 'redirects send auth to new location' '
 	set_askpass user@host pass@host &&
 	git -c credential.useHttpPath=true \
-- 
2.21.0.155.ge902e9bcae.dirty




[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux