From: Jonathan Tan <jonathantanmy@google.com>
To: git@vger.kernel.org
Cc: Jonathan Tan <jonathantanmy@google.com>,
sandals@crustytoothpaste.net, gitster@pobox.com, peff@peff.net
Subject: [PATCH v2 1/3] t5551: test that GIT_TRACE_CURL redacts password
Date: Wed, 13 May 2020 12:12:46 -0700 [thread overview]
Message-ID: <bee4fc7241596a6b4206fa8b52dfdaea88180f37.1589394456.git.jonathantanmy@google.com> (raw)
In-Reply-To: <cover.1589394456.git.jonathantanmy@google.com>
Verify that when GIT_TRACE_CURL is set, Git prints out "Authorization:
Basic <redacted>" instead of the base64-encoded authorization details.
Signed-off-by: Jonathan Tan <jonathantanmy@google.com>
---
t/t5551-http-fetch-smart.sh | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/t/t5551-http-fetch-smart.sh b/t/t5551-http-fetch-smart.sh
index 6788aeface..acc8473a72 100755
--- a/t/t5551-http-fetch-smart.sh
+++ b/t/t5551-http-fetch-smart.sh
@@ -185,6 +185,18 @@ test_expect_success 'redirects send auth to new location' '
expect_askpass both user@host auth/smart/repo.git
'
+test_expect_success 'GIT_TRACE_CURL redacts auth details' '
+ rm -rf redact-auth trace &&
+ set_askpass user@host pass@host &&
+ GIT_TRACE_CURL="$(pwd)/trace" git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth &&
+ expect_askpass both user@host &&
+
+ # Ensure that there is no "Basic" followed by a base64 string, but that
+ # the auth details are redacted
+ ! grep "Authorization: Basic [0-9a-zA-Z+/]" trace &&
+ grep "Authorization: Basic <redacted>" trace
+'
+
test_expect_success 'disable dumb http on server' '
git --git-dir="$HTTPD_DOCUMENT_ROOT_PATH/repo.git" \
config http.getanyfile false
--
2.26.2.645.ge9eca65c58-goog
next prev parent reply other threads:[~2020-05-13 19:13 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-11 17:43 [PATCH 0/2] Safer GIT_CURL_VERBOSE Jonathan Tan
2020-05-11 17:43 ` [PATCH 1/2] t5551: test that GIT_TRACE_CURL redacts password Jonathan Tan
2020-05-12 19:08 ` Jeff King
2020-05-11 17:43 ` [PATCH 2/2] http, imap-send: stop using CURLOPT_VERBOSE Jonathan Tan
2020-05-12 19:16 ` Jeff King
2020-05-12 19:23 ` Jonathan Tan
2020-05-12 19:27 ` Jeff King
2020-05-12 23:13 ` brian m. carlson
2020-05-13 0:10 ` Junio C Hamano
2020-05-13 4:50 ` Jeff King
2020-05-13 5:05 ` Junio C Hamano
2020-05-13 6:16 ` Daniel Stenberg
2020-05-13 14:45 ` Jeff King
2020-05-13 19:12 ` [PATCH v2 0/3] Safer GIT_CURL_VERBOSE Jonathan Tan
2020-05-13 19:12 ` Jonathan Tan [this message]
2020-05-13 19:12 ` [PATCH v2 2/3] http: make GIT_TRACE_CURL auth redaction optional Jonathan Tan
2020-05-13 19:29 ` Junio C Hamano
2020-05-13 19:12 ` [PATCH v2 3/3] http, imap-send: stop using CURLOPT_VERBOSE Jonathan Tan
2020-05-13 19:27 ` [PATCH v2 0/3] Safer GIT_CURL_VERBOSE Junio C Hamano
2020-05-13 19:33 ` Junio C Hamano
2020-05-15 20:47 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bee4fc7241596a6b4206fa8b52dfdaea88180f37.1589394456.git.jonathantanmy@google.com \
--to=jonathantanmy@google.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=peff@peff.net \
--cc=sandals@crustytoothpaste.net \
--subject='Re: [PATCH v2 1/3] t5551: test that GIT_TRACE_CURL redacts password' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.