# Test routines for checking protocol disabling. # test cloning a particular protocol # $1 - description of the protocol # $2 - machine-readable name of the protocol # $3 - the URL to try cloning proc test_proto { global desc := $1 global proto := $2 global url := $3 test_expect_success "clone $1 (enabled)" ' rm -rf tmp.git && ( GIT_ALLOW_PROTOCOL=$proto && export GIT_ALLOW_PROTOCOL && git clone --bare "$url" tmp.git ) ' test_expect_success "fetch $1 (enabled)" ' ( cd tmp.git && GIT_ALLOW_PROTOCOL=$proto && export GIT_ALLOW_PROTOCOL && git fetch ) ' test_expect_success "push $1 (enabled)" ' ( cd tmp.git && GIT_ALLOW_PROTOCOL=$proto && export GIT_ALLOW_PROTOCOL && git push origin HEAD:pushed ) ' test_expect_success "push $1 (disabled)" ' ( cd tmp.git && GIT_ALLOW_PROTOCOL=none && export GIT_ALLOW_PROTOCOL && test_must_fail git push origin HEAD:pushed ) ' test_expect_success "fetch $1 (disabled)" ' ( cd tmp.git && GIT_ALLOW_PROTOCOL=none && export GIT_ALLOW_PROTOCOL && test_must_fail git fetch ) ' test_expect_success "clone $1 (disabled)" ' rm -rf tmp.git && ( GIT_ALLOW_PROTOCOL=none && export GIT_ALLOW_PROTOCOL && test_must_fail git clone --bare "$url" tmp.git ) ' } # set up an ssh wrapper that will access $host/$repo in the # trash directory, and enable it for subsequent tests. proc setup_ssh_wrapper { test_expect_success 'setup ssh wrapper' ' write_script ssh-wrapper <<-\EOF && echo >&2 "ssh: $*" host=$1; shift cd "$TRASH_DIRECTORY/$host" && eval "$*" EOF GIT_SSH="$PWD/ssh-wrapper" && export GIT_SSH && export TRASH_DIRECTORY ' } # set up a wrapper that can be used with remote-ext to # access repositories in the "remote" directory of trash-dir, # like "ext::fake-remote %S repo.git" proc setup_ext_wrapper { test_expect_success 'setup ext wrapper' ' write_script fake-remote <<-\EOF && echo >&2 "fake-remote: $*" cd "$TRASH_DIRECTORY/remote" && eval "$*" EOF PATH=$TRASH_DIRECTORY:$PATH && export TRASH_DIRECTORY ' } (CommandList children: [ (FuncDef name: test_proto body: (BraceGroup children: [ (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:desc) op: Equal rhs: {($ VSub_Number "$1")} spids: [24] ) ] spids: [24] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:proto) op: Equal rhs: {($ VSub_Number "$2")} spids: [28] ) ] spids: [28] ) (Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (LhsName name:url) op: Equal rhs: {($ VSub_Number "$3")} spids: [32] ) ] spids: [32] ) (C {(test_expect_success)} {(DQ ("clone ") ($ VSub_Number "$1") (" (enabled)"))} { (SQ <"\n"> <"\t\trm -rf tmp.git &&\n"> <"\t\t(\n"> <"\t\t\tGIT_ALLOW_PROTOCOL=$proto &&\n"> <"\t\t\texport GIT_ALLOW_PROTOCOL &&\n"> <"\t\t\tgit clone --bare \"$url\" tmp.git\n"> <"\t\t)\n"> <"\t"> ) } ) (C {(test_expect_success)} {(DQ ("fetch ") ($ VSub_Number "$1") (" (enabled)"))} { (SQ <"\n"> <"\t\t(\n"> <"\t\t\tcd tmp.git &&\n"> <"\t\t\tGIT_ALLOW_PROTOCOL=$proto &&\n"> <"\t\t\texport GIT_ALLOW_PROTOCOL &&\n"> <"\t\t\tgit fetch\n"> <"\t\t)\n"> <"\t"> ) } ) (C {(test_expect_success)} {(DQ ("push ") ($ VSub_Number "$1") (" (enabled)"))} { (SQ <"\n"> <"\t\t(\n"> <"\t\t\tcd tmp.git &&\n"> <"\t\t\tGIT_ALLOW_PROTOCOL=$proto &&\n"> <"\t\t\texport GIT_ALLOW_PROTOCOL &&\n"> <"\t\t\tgit push origin HEAD:pushed\n"> <"\t\t)\n"> <"\t"> ) } ) (C {(test_expect_success)} {(DQ ("push ") ($ VSub_Number "$1") (" (disabled)"))} { (SQ <"\n"> <"\t\t(\n"> <"\t\t\tcd tmp.git &&\n"> <"\t\t\tGIT_ALLOW_PROTOCOL=none &&\n"> <"\t\t\texport GIT_ALLOW_PROTOCOL &&\n"> <"\t\t\ttest_must_fail git push origin HEAD:pushed\n"> <"\t\t)\n"> <"\t"> ) } ) (C {(test_expect_success)} {(DQ ("fetch ") ($ VSub_Number "$1") (" (disabled)"))} { (SQ <"\n"> <"\t\t(\n"> <"\t\t\tcd tmp.git &&\n"> <"\t\t\tGIT_ALLOW_PROTOCOL=none &&\n"> <"\t\t\texport GIT_ALLOW_PROTOCOL &&\n"> <"\t\t\ttest_must_fail git fetch\n"> <"\t\t)\n"> <"\t"> ) } ) (C {(test_expect_success)} {(DQ ("clone ") ($ VSub_Number "$1") (" (disabled)"))} { (SQ <"\n"> <"\t\trm -rf tmp.git &&\n"> <"\t\t(\n"> <"\t\t\tGIT_ALLOW_PROTOCOL=none &&\n"> <"\t\t\texport GIT_ALLOW_PROTOCOL &&\n"> <"\t\t\ttest_must_fail git clone --bare \"$url\" tmp.git\n"> <"\t\t)\n"> <"\t"> ) } ) ] spids: [21] ) spids: [16 20] ) (FuncDef name: setup_ssh_wrapper body: (BraceGroup children: [ (C {(test_expect_success)} {(SQ <"setup ssh wrapper">)} { (SQ <"\n"> <"\t\twrite_script ssh-wrapper <<-\\EOF &&\n"> <"\t\techo >&2 \"ssh: $*\"\n"> <"\t\thost=$1; shift\n"> <"\t\tcd \"$TRASH_DIRECTORY/$host\" &&\n"> <"\t\teval \"$*\"\n"> <"\t\tEOF\n"> <"\t\tGIT_SSH=\"$PWD/ssh-wrapper\" &&\n"> <"\t\texport GIT_SSH &&\n"> <"\t\texport TRASH_DIRECTORY\n"> <"\t"> ) } ) ] spids: [175] ) spids: [170 174] ) (FuncDef name: setup_ext_wrapper body: (BraceGroup children: [ (C {(test_expect_success)} {(SQ <"setup ext wrapper">)} { (SQ <"\n"> <"\t\twrite_script fake-remote <<-\\EOF &&\n"> <"\t\techo >&2 \"fake-remote: $*\"\n"> <"\t\tcd \"$TRASH_DIRECTORY/remote\" &&\n"> <"\t\teval \"$*\"\n"> <"\t\tEOF\n"> <"\t\tPATH=$TRASH_DIRECTORY:$PATH &&\n"> <"\t\texport TRASH_DIRECTORY\n"> <"\t"> ) } ) ] spids: [215] ) spids: [210 214] ) ] )