mbox series

[0/2] updating curl http/2 header matching (again)

Message ID 20230915113237.GA3531328@coredump.intra.peff.net (mailing list archive)
Headers show
Series updating curl http/2 header matching (again) | expand

Message

Jeff King Sept. 15, 2023, 11:32 a.m. UTC 
This is similar to the issue discussed/fixed a few months ago in:

  https://lore.kernel.org/git/20230617051559.GD562686@coredump.intra.peff.net/

but it looks like curl has updated the trace line format again. This
updates our matching code to handle it. It would obviously be nice to
avoid the dependency altogether, but I don't think there is another
option here. I expected the previous update to last longer than it did,
but hopefully things will settle a bit more now. :)

(If anyone wants to confirm the bug or test, the new version of curl
just hit debian unstable).

  [1/2]: http: factor out matching of curl http/2 trace lines
  [2/2]: http: update curl http/2 info matching for curl 8.3.0

 http.c | 37 +++++++++++++++++++++++++++++++------
 1 file changed, 31 insertions(+), 6 deletions(-)

-Peff

Comments

Taylor Blau Sept. 15, 2023, 6:28 p.m. UTC | #1 
On Fri, Sep 15, 2023 at 07:32:37AM -0400, Jeff King wrote:
> (If anyone wants to confirm the bug or test, the new version of curl
> just hit debian unstable).

These two patches look sensible, and I can confirm that they resolve the
issue with the newest version of curl. With the latest 'master' (which
is bda494f404 (The ninth batch, 2023-09-14), at the time of writing) and
an old version of curl, I get:

    $ ./t5559-http-fetch-smart-http2.sh -vdi
    [...]
    expecting success of 5559.17 'GIT_TRACE_CURL redacts auth details':
      rm -rf redact-auth trace &&
      set_askpass user@host pass@host &&
      GIT_TRACE_CURL="$(pwd)/trace" git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth &&
      expect_askpass both user@host &&

      # Ensure that there is no "Basic" followed by a base64 string, but that
      # the auth details are redacted
      ! grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace &&
      grep -i "Authorization: Basic <redacted>" trace

    Cloning into bare repository 'redact-auth'...
    remote: Enumerating objects: 6, done.
    remote: Counting objects: 100% (6/6), done.
    remote: Compressing objects: 100% (2/2), done.
    remote: Total 6 (delta 0), reused 0 (delta 0), pack-reused 0
    Receiving objects: 100% (6/6), done.
    == Info: [HTTP/2] [3] [authorization: Basic dXNlckBob3N0OnBhc3NAaG9zdA==]
    == Info: [HTTP/2] [5] [authorization: Basic dXNlckBob3N0OnBhc3NAaG9zdA==]
    == Info: [HTTP/2] [7] [authorization: Basic dXNlckBob3N0OnBhc3NAaG9zdA==]
    not ok 17 - GIT_TRACE_CURL redacts auth details
    #
    #		rm -rf redact-auth trace &&
    #		set_askpass user@host pass@host &&
    #		GIT_TRACE_CURL="$(pwd)/trace" git clone --bare "$HTTPD_URL/auth/smart/repo.git" redact-auth &&
    #		expect_askpass both user@host &&
    #
    #		# Ensure that there is no "Basic" followed by a base64 string, but that
    #		# the auth details are redacted
    #		! grep -i "Authorization: Basic [0-9a-zA-Z+/]" trace &&
    #		grep -i "Authorization: Basic <redacted>" trace
    #

and after applying these patches, those tests pass.

    $ ./t5559-http-fetch-smart-http2.sh -di
    [...]
    # passed all 54 test(s)
    1..54

Thanks,
Taylor