From c7db2d16474874b21aad9141e6856f836f719643 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Thu, 22 May 2014 05:28:56 -0400 Subject: t/lib-httpd: use write_script to copy CGI scripts Using write_script will set our shebang line appropriately with $SHELL_PATH. The script that is there now is quite simple and likely to succeed even with a non-POSIX /bin/sh, but it does not hurt to be defensive. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- t/lib-httpd/broken-smart-http.sh | 1 - 1 file changed, 1 deletion(-) mode change 100755 => 100644 t/lib-httpd/broken-smart-http.sh (limited to 't/lib-httpd') diff --git a/t/lib-httpd/broken-smart-http.sh b/t/lib-httpd/broken-smart-http.sh old mode 100755 new mode 100644 index f7ebfffa80..82cc610b0a --- a/t/lib-httpd/broken-smart-http.sh +++ b/t/lib-httpd/broken-smart-http.sh @@ -1,4 +1,3 @@ -#!/bin/sh printf "Content-Type: text/%s\n" "html" echo printf "%s\n" "001e# service=git-upload-pack" -- cgit v1.3-5-g9baa From dbcf2bd3dec1244fdbafb3ec7312ed14d83c0025 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Thu, 22 May 2014 05:29:03 -0400 Subject: t5550: test display of remote http error messages Since commit 426e70d (remote-curl: show server content on http errors, 2013-04-05), we relay any text/plain error messages from the remote server to the user. However, we never tested it. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- t/lib-httpd.sh | 1 + t/lib-httpd/apache.conf | 4 ++++ t/lib-httpd/error.sh | 17 +++++++++++++++++ t/t5550-http-fetch-dumb.sh | 10 ++++++++++ 4 files changed, 32 insertions(+) create mode 100755 t/lib-httpd/error.sh (limited to 't/lib-httpd') diff --git a/t/lib-httpd.sh b/t/lib-httpd.sh index 8e680efbf0..f7640bee9a 100644 --- a/t/lib-httpd.sh +++ b/t/lib-httpd.sh @@ -113,6 +113,7 @@ prepare_httpd() { mkdir -p "$HTTPD_DOCUMENT_ROOT_PATH" cp "$TEST_PATH"/passwd "$HTTPD_ROOT_PATH" install_script broken-smart-http.sh + install_script error.sh ln -s "$LIB_HTTPD_MODULE_PATH" "$HTTPD_ROOT_PATH/modules" diff --git a/t/lib-httpd/apache.conf b/t/lib-httpd/apache.conf index 3a03e8263d..b384d79935 100644 --- a/t/lib-httpd/apache.conf +++ b/t/lib-httpd/apache.conf @@ -97,12 +97,16 @@ Alias /auth/dumb/ www/auth/dumb/ ScriptAliasMatch /smart_*[^/]*/(.*) ${GIT_EXEC_PATH}/git-http-backend/$1 ScriptAlias /broken_smart/ broken-smart-http.sh/ +ScriptAlias /error/ error.sh/ Options FollowSymlinks Options ExecCGI + + Options ExecCGI + Options ExecCGI diff --git a/t/lib-httpd/error.sh b/t/lib-httpd/error.sh new file mode 100755 index 0000000000..786f2816bb --- /dev/null +++ b/t/lib-httpd/error.sh @@ -0,0 +1,17 @@ +#!/bin/sh + +printf "Status: 500 Intentional Breakage\n" + +printf "Content-Type: " +case "$PATH_INFO" in +*html*) + printf "text/html" + ;; +*text*) + printf "text/plain" + ;; +esac +printf "\n" + +printf "\n" +printf "this is the error message\n" diff --git a/t/t5550-http-fetch-dumb.sh b/t/t5550-http-fetch-dumb.sh index 1a3a2b6c1a..13defd3886 100755 --- a/t/t5550-http-fetch-dumb.sh +++ b/t/t5550-http-fetch-dumb.sh @@ -171,5 +171,15 @@ test_expect_success 'did not use upload-pack service' ' test_cmp exp act ' +test_expect_success 'git client shows text/plain errors' ' + test_must_fail git clone "$HTTPD_URL/error/text" 2>stderr && + grep "this is the error message" stderr +' + +test_expect_success 'git client does not show html errors' ' + test_must_fail git clone "$HTTPD_URL/error/html" 2>stderr && + ! grep "this is the error message" stderr +' + stop_httpd test_done -- cgit v1.3-5-g9baa From bf197fd7eebcb3579dd659af35822ce88adc66c8 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Thu, 22 May 2014 05:29:47 -0400 Subject: http: extract type/subtype portion of content-type When we get a content-type from curl, we get the whole header line, including any parameters, and without any normalization (like downcasing or whitespace) applied. If we later try to match it with strcmp() or even strcasecmp(), we may get false negatives. This could cause two visible behaviors: 1. We might fail to recognize a smart-http server by its content-type. 2. We might fail to relay text/plain error messages to users (especially if they contain a charset parameter). This patch teaches the http code to extract and normalize just the type/subtype portion of the string. This is technically passing out less information to the callers, who can no longer see the parameters. But none of the current callers cares, and a future patch will add back an easier-to-use method for accessing those parameters. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- http.c | 38 +++++++++++++++++++++++++++++++++++--- remote-curl.c | 2 +- t/lib-httpd/error.sh | 8 +++++++- t/t5550-http-fetch-dumb.sh | 5 +++++ 4 files changed, 48 insertions(+), 5 deletions(-) (limited to 't/lib-httpd') diff --git a/http.c b/http.c index 94e1afdee7..6bfd0934b3 100644 --- a/http.c +++ b/http.c @@ -906,6 +906,35 @@ static CURLcode curlinfo_strbuf(CURL *curl, CURLINFO info, struct strbuf *buf) return ret; } +/* + * Extract a normalized version of the content type, with any + * spaces suppressed, all letters lowercased, and no trailing ";" + * or parameters. + * + * Note that we will silently remove even invalid whitespace. For + * example, "text / plain" is specifically forbidden by RFC 2616, + * but "text/plain" is the only reasonable output, and this keeps + * our code simple. + * + * Example: + * "TEXT/PLAIN; charset=utf-8" -> "text/plain" + * "text / plain" -> "text/plain" + */ +static void extract_content_type(struct strbuf *raw, struct strbuf *type) +{ + const char *p; + + strbuf_reset(type); + strbuf_grow(type, raw->len); + for (p = raw->buf; *p; p++) { + if (isspace(*p)) + continue; + if (*p == ';') + break; + strbuf_addch(type, tolower(*p)); + } +} + /* http_request() targets */ #define HTTP_REQUEST_STRBUF 0 #define HTTP_REQUEST_FILE 1 @@ -957,9 +986,12 @@ static int http_request(const char *url, ret = run_one_slot(slot, &results); - if (options && options->content_type) - curlinfo_strbuf(slot->curl, CURLINFO_CONTENT_TYPE, - options->content_type); + if (options && options->content_type) { + struct strbuf raw = STRBUF_INIT; + curlinfo_strbuf(slot->curl, CURLINFO_CONTENT_TYPE, &raw); + extract_content_type(&raw, options->content_type); + strbuf_release(&raw); + } if (options && options->effective_url) curlinfo_strbuf(slot->curl, CURLINFO_EFFECTIVE_URL, diff --git a/remote-curl.c b/remote-curl.c index 52c2d96ce6..a5ab977306 100644 --- a/remote-curl.c +++ b/remote-curl.c @@ -205,7 +205,7 @@ static int show_http_message(struct strbuf *type, struct strbuf *msg) * TODO should handle "; charset=XXX", and re-encode into * logoutputencoding */ - if (strcasecmp(type->buf, "text/plain")) + if (strcmp(type->buf, "text/plain")) return -1; strbuf_trim(msg); diff --git a/t/lib-httpd/error.sh b/t/lib-httpd/error.sh index 786f2816bb..23cec97cc3 100755 --- a/t/lib-httpd/error.sh +++ b/t/lib-httpd/error.sh @@ -3,6 +3,7 @@ printf "Status: 500 Intentional Breakage\n" printf "Content-Type: " +charset=iso-8859-1 case "$PATH_INFO" in *html*) printf "text/html" @@ -10,8 +11,13 @@ case "$PATH_INFO" in *text*) printf "text/plain" ;; +*charset*) + printf "text/plain; charset=utf-8" + charset=utf-8 + ;; esac printf "\n" printf "\n" -printf "this is the error message\n" +printf "this is the error message\n" | +iconv -f us-ascii -t $charset diff --git a/t/t5550-http-fetch-dumb.sh b/t/t5550-http-fetch-dumb.sh index 13defd3886..b35b2610e3 100755 --- a/t/t5550-http-fetch-dumb.sh +++ b/t/t5550-http-fetch-dumb.sh @@ -181,5 +181,10 @@ test_expect_success 'git client does not show html errors' ' ! grep "this is the error message" stderr ' +test_expect_success 'git client shows text/plain with a charset' ' + test_must_fail git clone "$HTTPD_URL/error/charset" 2>stderr && + grep "this is the error message" stderr +' + stop_httpd test_done -- cgit v1.3-5-g9baa From fc1b774c72990f0ff92370316412b19fd72baa77 Mon Sep 17 00:00:00 2001 From: Jeff King Date: Thu, 22 May 2014 05:30:29 -0400 Subject: remote-curl: reencode http error messages We currently recognize an error message with a content-type "text/plain; charset=utf-16" as text, but we ignore the charset parameter entirely. Let's encode it to log_output_encoding, which is presumably something the user's terminal can handle. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- remote-curl.c | 17 ++++++++++------- t/lib-httpd/error.sh | 4 ++++ t/t5550-http-fetch-dumb.sh | 5 +++++ 3 files changed, 19 insertions(+), 7 deletions(-) (limited to 't/lib-httpd') diff --git a/remote-curl.c b/remote-curl.c index a5ab977306..4493b389de 100644 --- a/remote-curl.c +++ b/remote-curl.c @@ -194,19 +194,19 @@ static void free_discovery(struct discovery *d) } } -static int show_http_message(struct strbuf *type, struct strbuf *msg) +static int show_http_message(struct strbuf *type, struct strbuf *charset, + struct strbuf *msg) { const char *p, *eol; /* * We only show text/plain parts, as other types are likely * to be ugly to look at on the user's terminal. - * - * TODO should handle "; charset=XXX", and re-encode into - * logoutputencoding */ if (strcmp(type->buf, "text/plain")) return -1; + if (charset->len) + strbuf_reencode(msg, charset->buf, get_log_output_encoding()); strbuf_trim(msg); if (!msg->len) @@ -225,6 +225,7 @@ static struct discovery* discover_refs(const char *service, int for_push) { struct strbuf exp = STRBUF_INIT; struct strbuf type = STRBUF_INIT; + struct strbuf charset = STRBUF_INIT; struct strbuf buffer = STRBUF_INIT; struct strbuf refs_url = STRBUF_INIT; struct strbuf effective_url = STRBUF_INIT; @@ -249,6 +250,7 @@ static struct discovery* discover_refs(const char *service, int for_push) memset(&options, 0, sizeof(options)); options.content_type = &type; + options.charset = &charset; options.effective_url = &effective_url; options.base_url = &url; options.no_cache = 1; @@ -259,13 +261,13 @@ static struct discovery* discover_refs(const char *service, int for_push) case HTTP_OK: break; case HTTP_MISSING_TARGET: - show_http_message(&type, &buffer); + show_http_message(&type, &charset, &buffer); die("repository '%s' not found", url.buf); case HTTP_NOAUTH: - show_http_message(&type, &buffer); + show_http_message(&type, &charset, &buffer); die("Authentication failed for '%s'", url.buf); default: - show_http_message(&type, &buffer); + show_http_message(&type, &charset, &buffer); die("unable to access '%s': %s", url.buf, curl_errorstr); } @@ -310,6 +312,7 @@ static struct discovery* discover_refs(const char *service, int for_push) strbuf_release(&refs_url); strbuf_release(&exp); strbuf_release(&type); + strbuf_release(&charset); strbuf_release(&effective_url); strbuf_release(&buffer); last_discovery = last; diff --git a/t/lib-httpd/error.sh b/t/lib-httpd/error.sh index 23cec97cc3..eafc9d2d90 100755 --- a/t/lib-httpd/error.sh +++ b/t/lib-httpd/error.sh @@ -15,6 +15,10 @@ case "$PATH_INFO" in printf "text/plain; charset=utf-8" charset=utf-8 ;; +*utf16*) + printf "text/plain; charset=utf-16" + charset=utf-16 + ;; esac printf "\n" diff --git a/t/t5550-http-fetch-dumb.sh b/t/t5550-http-fetch-dumb.sh index b35b2610e3..01b8aae2ed 100755 --- a/t/t5550-http-fetch-dumb.sh +++ b/t/t5550-http-fetch-dumb.sh @@ -186,5 +186,10 @@ test_expect_success 'git client shows text/plain with a charset' ' grep "this is the error message" stderr ' +test_expect_success 'http error messages are reencoded' ' + test_must_fail git clone "$HTTPD_URL/error/utf16" 2>stderr && + grep "this is the error message" stderr +' + stop_httpd test_done -- cgit v1.3-5-g9baa