From: Jeff King <peff@peff.net>
To: Johannes Schindelin via GitGitGadget <gitgitgadget@gmail.com>
Cc: git@vger.kernel.org, Derrick Stolee <derrickstolee@github.com>,
Johannes Schindelin <johannes.schindelin@gmx.de>
Subject: Re: [PATCH 1/2] t5516/t5601: avoid using `localhost` for failing HTTPS requests
Date: Mon, 31 Oct 2022 19:20:11 -0400 [thread overview]
Message-ID: <Y2BYKxxkG57XAV/1@coredump.intra.peff.net> (raw)
In-Reply-To: <25cc0f6d91a9d23eb1b755e1463d672e4958a4e9.1667245639.git.gitgitgadget@gmail.com>
On Mon, Oct 31, 2022 at 07:47:17PM +0000, Johannes Schindelin via GitGitGadget wrote:
> In 6dcbdc0d6616 (remote: create fetch.credentialsInUrl config,
> 2022-06-06), we added four test cases that validate various behavior
> around passing credentials as part of the URL (which is considered
> unsafe in general).
>
> These tests do not _actually_ try to connect anywhere, but have to use
> the https:// protocol in order to validate the intended code paths.
By "actually" here, I assume you mean "they do not expect to succeed".
But I think the first one (with credentialsInUrl=allow), does try to
make a connection.
> However, using `localhost` for such a connection causes several
> problems:
>
> - There might be a web server running on localhost, and we do not
> actually want to connect to that.
>
> - The DNS resolver, or the local firewall, might take a substantial
> amount of time (or forever, whichever comes first) to fail to connect,
> slowing down the test cases unnecessarily.
Right. I think we assume that DNS resolution of localhost is fast-ish,
as we use it in other https tests. But I could certainly imagine a local
firewall causing issues (especially as this is real port 443, whereas
our other tests are usually high ports).
> Let's instead use an IPv4 address that is guaranteed never to offer a
> web server: 224.0.0.1 (which is part of the IP multicast range).
This feels pretty magical. I think it would be pretty unlikely for it to
have a web server, but I wouldn't be surprised if there are systems
where we get similar IP-routing hangs.
Is there a reason not to move all of these tests into t5550 or t5551,
where we have a real http server? That would be less magical, and then
this first test:
> test_expect_success LIBCURL 'fetch warns or fails when using username:password' '
> - message="URL '\''https://username:<redacted>@localhost/'\'' uses plaintext credentials" &&
> - test_must_fail git -c transfer.credentialsInUrl=allow fetch https://username:password@localhost 2>err &&
> + message="URL '\''https://username:<redacted>@224.0.0.1/'\'' uses plaintext credentials" &&
> + test_must_fail git -c transfer.credentialsInUrl=allow fetch https://username:password@224.0.0.1 2>err &&
> ! grep "$message" err &&
could be more robust. It would actually check that we succeeded in using
the URL.
-Peff
next prev parent reply other threads:[~2022-10-31 23:20 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-31 19:47 [PATCH 0/2] t5516/t5601: avoid using localhost for failing HTTPS requests Johannes Schindelin via GitGitGadget
2022-10-31 19:47 ` [PATCH 1/2] t5516/t5601: avoid using `localhost` " Johannes Schindelin via GitGitGadget
2022-10-31 20:49 ` Ævar Arnfjörð Bjarmason
2022-10-31 23:20 ` Jeff King [this message]
2022-11-01 0:59 ` Taylor Blau
2022-11-01 2:28 ` Jeff King
2022-11-01 2:03 ` Jeff King
2022-11-01 2:25 ` Jeff King
2022-11-01 2:26 ` [PATCH 1/2] t5516: move plaintext-password tests from t5601 and t5516 Jeff King
2022-11-01 3:18 ` Ævar Arnfjörð Bjarmason
2022-11-01 7:32 ` Jeff King
2022-11-01 20:37 ` Taylor Blau
2022-11-01 2:26 ` [PATCH 2/2] t5516/t5601: be less strict about the number of credential warnings Jeff King
2022-11-01 3:29 ` Ævar Arnfjörð Bjarmason
2022-11-01 7:39 ` Jeff King
2022-11-01 8:15 ` Ævar Arnfjörð Bjarmason
2022-11-01 9:12 ` Jeff King
2022-11-01 14:05 ` Ævar Arnfjörð Bjarmason
2022-11-01 4:54 ` Junio C Hamano
2022-11-01 7:42 ` Jeff King
2022-11-01 20:50 ` Taylor Blau
2022-10-31 19:47 ` Johannes Schindelin via GitGitGadget
2022-10-31 23:22 ` Jeff King
2022-11-01 0:57 ` Taylor Blau
2022-11-01 2:27 ` Jeff King
2022-10-31 20:47 ` [RFC PATCH] fetch: stop emitting duplicate transfer.credentialsInUrl=warn warnings Ævar Arnfjörð Bjarmason
2022-11-01 1:06 ` Taylor Blau
2022-11-01 2:32 ` Jeff King
2022-11-01 3:01 ` Ævar Arnfjörð Bjarmason
2022-11-01 20:54 ` Taylor Blau
2022-11-01 22:17 ` Ævar Arnfjörð Bjarmason
2022-11-02 0:53 ` Taylor Blau
2022-11-02 8:42 ` [PATCH v3 2/2] t5551: be less strict about the number of credential warnings Jeff King
2022-11-02 8:49 ` Eric Sunshine
2022-11-02 9:15 ` Jeff King
2022-11-02 9:31 ` Eric Sunshine
2022-11-02 9:18 ` Jeff King
2022-11-03 1:31 ` Taylor Blau
2022-11-01 9:35 ` [RFC PATCH] fetch: stop emitting duplicate transfer.credentialsInUrl=warn warnings Jeff King
2022-11-01 13:07 ` Ævar Arnfjörð Bjarmason
2022-11-01 21:00 ` Taylor Blau
2022-11-01 21:57 ` Ævar Arnfjörð Bjarmason
2022-11-02 8:19 ` Jeff King
2022-11-04 9:01 ` Ævar Arnfjörð Bjarmason
2022-11-04 13:16 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y2BYKxxkG57XAV/1@coredump.intra.peff.net \
--to=peff@peff.net \
--cc=derrickstolee@github.com \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=johannes.schindelin@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.