diff --git a/test/cmd/lfstest-gitserver.go b/test/cmd/lfstest-gitserver.go index c8a39a41..5a63fb0e 100644 --- a/test/cmd/lfstest-gitserver.go +++ b/test/cmd/lfstest-gitserver.go @@ -25,6 +25,7 @@ var ( repoDir string largeObjects = newLfsStorage() server *httptest.Server + serverTLS *httptest.Server // maps OIDs to content strings. Both the LFS and Storage test servers below // see OIDs. @@ -48,6 +49,8 @@ func main() { mux := http.NewServeMux() server = httptest.NewServer(mux) + serverTLS = httptest.NewTLSServer(mux) + stopch := make(chan bool) mux.HandleFunc("/shutdown", func(w http.ResponseWriter, r *http.Request) { @@ -69,28 +72,41 @@ func main() { gitHandler(w, r) }) - urlname := os.Getenv("LFSTEST_URL") - if len(urlname) == 0 { - urlname = "lfstest-gitserver" - } + urlname := writeTestStateFile([]byte(server.URL), "LFSTEST_URL", "lfstest-gitserver") + defer os.RemoveAll(urlname) - file, err := os.Create(urlname) - if err != nil { - log.Fatalln(err) - } + // SSL URL must include 'localhost' not IP for cert matching + sslurl := strings.Replace(serverTLS.URL, "127.0.0.1", "localhost", 1) + sslurlname := writeTestStateFile([]byte(sslurl), "LFSTEST_SSL_URL", "lfstest-gitserver-ssl") + defer os.RemoveAll(sslurlname) + + certname := writeTestStateFile(serverTLS.TLS.Certificates[0].Certificate[0], "LFSTEST_CERT", "lfstest-gitserver-cert") + defer os.RemoveAll(certname) - file.Write([]byte(server.URL)) - file.Close() log.Println(server.URL) - - defer func() { - os.RemoveAll(urlname) - }() + log.Println(serverTLS.URL) <-stopch log.Println("git server done") } +// writeTestStateFile writes contents to either the file referenced by the +// environment variable envVar, or defaultFilename if that's not set. Returns +// the filename that was used +func writeTestStateFile(contents []byte, envVar, defaultFilename string) string { + f := os.Getenv(envVar) + if len(f) == 0 { + f = defaultFilename + } + file, err := os.Create(f) + if err != nil { + log.Fatalln(err) + } + file.Write(contents) + file.Close() + return f +} + type lfsObject struct { Oid string `json:"oid,omitempty"` Size int64 `json:"size,omitempty"` diff --git a/test/test-clone.sh b/test/test-clone.sh index 6997f108..02a85b71 100755 --- a/test/test-clone.sh +++ b/test/test-clone.sh @@ -78,3 +78,61 @@ begin_test "clone" ) end_test +begin_test "cloneSSL" +( + set -e + + reponame="test-cloneSSL" + setup_remote_repo "$reponame" + clone_repo_ssl "$reponame" "$reponame" + + git lfs track "*.dat" 2>&1 | tee track.log + grep "Tracking \*.dat" track.log + + # generate some test data & commits with random LFS data + echo "[ + { + \"CommitDate\":\"$(get_date -5d)\", + \"Files\":[ + {\"Filename\":\"file1.dat\",\"Size\":100}, + {\"Filename\":\"file2.dat\",\"Size\":75}] + }, + { + \"CommitDate\":\"$(get_date -1d)\", + \"Files\":[ + {\"Filename\":\"file3.dat\",\"Size\":30}] + } + ]" | lfstest-testutils addcommits + + git push origin master + + # Now SSL clone again with 'git lfs clone', test specific clone dir + cd "$TRASHDIR" + + newclonedir="testclone1" + git -c http.sslcainfo="$LFS_CERT_FILE" lfs clone "$SSLGITSERVER/$reponame" "$newclonedir" 2>&1 | tee lfsclone.log + grep "Cloning into" lfsclone.log + grep "Git LFS:" lfsclone.log + # should be no filter errors + [ ! $(grep "filter" lfsclone.log) ] + [ ! $(grep "error" lfsclone.log) ] + # should be cloned into location as per arg + [ -d "$newclonedir" ] + + # check a few file sizes to make sure pulled + pushd "$newclonedir" + [ $(wc -c < "file1.dat") -eq 110 ] + [ $(wc -c < "file2.dat") -eq 75 ] + [ $(wc -c < "file3.dat") -eq 30 ] + popd + + + # Now check SSL clone with standard 'git clone' and smudge download + rm -rf "$reponame" + git -c http.sslcainfo="$LFS_CERT_FILE" clone "$SSLGITSERVER/$reponame" 2>&1 | tee lfsclone.log + grep "Cloning into" lfsclone.log + grep "Git LFS:" lfsclone.log + +) +end_test + diff --git a/test/testenv.sh b/test/testenv.sh index 918c0602..e070c592 100644 --- a/test/testenv.sh +++ b/test/testenv.sh @@ -44,6 +44,13 @@ LFS_CONFIG="$REMOTEDIR/config" # section in test/README.md LFS_URL_FILE="$REMOTEDIR/url" +# This file contains the SSL URL of the test Git server. See the "Test Suite" +# section in test/README.md +LFS_SSL_URL_FILE="$REMOTEDIR/sslurl" + +# This file contains the self-signed SSL cert of the TLS endpoint of the test Git server. +LFS_CERT_FILE="$REMOTEDIR/cert" + # the fake home dir used for the initial setup TESTHOME="$REMOTEDIR/home" diff --git a/test/testhelpers.sh b/test/testhelpers.sh index c4304f98..ba6681a5 100644 --- a/test/testhelpers.sh +++ b/test/testhelpers.sh @@ -195,6 +195,23 @@ clone_repo() { echo "$out" } + +# clone_repo_ssl clones a repository from the test Git server to the subdirectory +# $dir under $TRASHDIR, using the SSL endpoint. +# setup_remote_repo() needs to be run first. Output is written to clone_ssl.log. +clone_repo_ssl() { + cd "$TRASHDIR" + + local reponame="$1" + local dir="$2" + echo "clone local git repository $reponame to $dir" + out=$(git -c http.sslcainfo="$LFS_CERT_FILE" clone "$SSLGITSERVER/$reponame" "$dir" 2>&1) + cd "$dir" + + git config credential.helper lfstest + echo "$out" > clone_ssl.log + echo "$out" +} # setup initializes the clean, isolated environment for integration tests. setup() { cd "$ROOTDIR" @@ -221,7 +238,7 @@ setup() { GO15VENDOREXPERIMENT=0 go build -o "$BINPATH/git-lfs-test-server-api" "test/git-lfs-test-server-api/main.go" "test/git-lfs-test-server-api/testdownload.go" "test/git-lfs-test-server-api/testupload.go" fi - LFSTEST_URL="$LFS_URL_FILE" LFSTEST_DIR="$REMOTEDIR" lfstest-gitserver > "$REMOTEDIR/gitserver.log" 2>&1 & + LFSTEST_URL="$LFS_URL_FILE" LFSTEST_SSL_URL="$LFS_SSL_URL_FILE" LFSTEST_DIR="$REMOTEDIR" LFSTEST_CERT="$LFS_CERT_FILE" lfstest-gitserver > "$REMOTEDIR/gitserver.log" 2>&1 & # Set up the initial git config and osx keychain if applicable HOME="$TESTHOME" @@ -246,6 +263,8 @@ setup() { echo "CREDS: $CREDSDIR" echo "lfstest-gitserver:" echo " LFSTEST_URL=$LFS_URL_FILE" + echo " LFSTEST_SSL_URL=$LFS_SSL_URL_FILE" + echo " LFSTEST_CERT=$LFS_CERT_FILE" echo " LFSTEST_DIR=$REMOTEDIR" echo "GIT:" git config --global --get-regexp "lfs|credential|user" @@ -266,6 +285,7 @@ setup() { fi wait_for_file "$LFS_URL_FILE" + wait_for_file "$LFS_SSL_URL_FILE" echo } diff --git a/test/testlib.sh b/test/testlib.sh index aab07984..4719f966 100644 --- a/test/testlib.sh +++ b/test/testlib.sh @@ -58,6 +58,7 @@ else fi GITSERVER=$(cat "$LFS_URL_FILE") +SSLGITSERVER=$(cat "$LFS_SSL_URL_FILE") cd "$TRASHDIR" # Mark the beginning of a test. A subshell should immediately follow this