1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
package http
import (
"context"
"crypto/tls"
"fmt"
"net"
"net/http"
"strings"
"sync/atomic"
"github.com/elazarl/goproxy"
fixtures "github.com/go-git/go-git-fixtures/v4"
"github.com/go-git/go-git/v5/plumbing/transport"
"github.com/go-git/go-git/v5/plumbing/transport/http/internal/test"
. "gopkg.in/check.v1"
)
type ProxySuite struct {
u UploadPackSuite
fixtures.Suite
}
var _ = Suite(&ProxySuite{})
var proxiedRequests int32
func (s *ProxySuite) TestAdvertisedReferences(c *C) {
s.u.SetUpTest(c)
proxy := goproxy.NewProxyHttpServer()
proxy.Verbose = true
setupHTTPProxy(proxy, &proxiedRequests)
httpListener, err := net.Listen("tcp", ":0")
c.Assert(err, IsNil)
defer httpListener.Close()
httpProxyAddr := fmt.Sprintf("http://localhost:%d", httpListener.Addr().(*net.TCPAddr).Port)
proxyServer := http.Server{
Addr: httpProxyAddr,
Handler: proxy,
}
go proxyServer.Serve(httpListener)
defer proxyServer.Close()
endpoint := s.u.prepareRepository(c, fixtures.Basic().One(), "basic.git")
endpoint.Proxy = transport.ProxyOptions{
URL: httpProxyAddr,
Username: "user",
Password: "pass",
}
s.u.Client = NewClient(nil)
session, err := s.u.Client.NewUploadPackSession(endpoint, nil)
c.Assert(err, IsNil)
ctx, cancel := context.WithCancel(context.Background())
defer cancel()
info, err := session.AdvertisedReferencesContext(ctx)
c.Assert(err, IsNil)
c.Assert(info, NotNil)
proxyUsed := atomic.LoadInt32(&proxiedRequests) > 0
c.Assert(proxyUsed, Equals, true)
atomic.StoreInt32(&proxiedRequests, 0)
test.SetupHTTPSProxy(proxy, &proxiedRequests)
httpsListener, err := net.Listen("tcp", ":0")
c.Assert(err, IsNil)
defer httpsListener.Close()
httpsProxyAddr := fmt.Sprintf("https://localhost:%d", httpsListener.Addr().(*net.TCPAddr).Port)
tlsProxyServer := http.Server{
Addr: httpsProxyAddr,
Handler: proxy,
// Due to how golang manages http/2 when provided with custom TLS config,
// servers and clients running in the same process leads to issues.
// Ref: https://github.com/golang/go/issues/21336
TLSConfig: &tls.Config{
NextProtos: []string{"http/1.1"},
},
}
go tlsProxyServer.ServeTLS(httpsListener, "testdata/certs/server.crt", "testdata/certs/server.key")
defer tlsProxyServer.Close()
endpoint, err = transport.NewEndpoint("https://github.com/git-fixtures/basic.git")
c.Assert(err, IsNil)
endpoint.Proxy = transport.ProxyOptions{
URL: httpsProxyAddr,
Username: "user",
Password: "pass",
}
endpoint.InsecureSkipTLS = true
session, err = s.u.Client.NewUploadPackSession(endpoint, nil)
c.Assert(err, IsNil)
info, err = session.AdvertisedReferencesContext(ctx)
c.Assert(err, IsNil)
c.Assert(info, NotNil)
proxyUsed = atomic.LoadInt32(&proxiedRequests) > 0
c.Assert(proxyUsed, Equals, true)
}
func setupHTTPProxy(proxy *goproxy.ProxyHttpServer, proxiedRequests *int32) {
// The request is being forwarded to the local test git server in this handler.
var proxyHandler goproxy.FuncReqHandler = func(req *http.Request, ctx *goproxy.ProxyCtx) (*http.Request, *http.Response) {
if strings.Contains(req.Host, "localhost") {
user, pass, _ := test.ParseBasicAuth(req.Header.Get("Proxy-Authorization"))
if user != "user" || pass != "pass" {
return req, goproxy.NewResponse(req, goproxy.ContentTypeText, http.StatusUnauthorized, "")
}
atomic.AddInt32(proxiedRequests, 1)
return req, nil
}
// Reject if it isn't our request.
return req, goproxy.NewResponse(req, goproxy.ContentTypeText, http.StatusForbidden, "")
}
proxy.OnRequest().Do(proxyHandler)
}
|
