diff options
author | Patrick Steinhardt <psteinhardt@gitlab.com> | 2022-11-11 11:36:16 +0300 |
---|---|---|
committer | Patrick Steinhardt <psteinhardt@gitlab.com> | 2022-11-11 11:36:16 +0300 |
commit | 081d52b6b28437bc8d3a17b6e3d8d80620c640f9 (patch) | |
tree | 4cb2dbe9d7bcbfebe1e884a8e35d44dd7ed395a9 | |
parent | 658f79a7dedc449d3bf8278784e8fda593e769ac (diff) | |
parent | 61841fde70a45e451ec6e2c7f702fa35e4e0075b (diff) |
Merge branch '4607-fix-fips-curl-issue' into 'master'
git: Don't use '*' wildcard with curl
Closes #4607
See merge request https://gitlab.com/gitlab-org/gitaly/-/merge_requests/5037
Merged-by: Patrick Steinhardt <psteinhardt@gitlab.com>
Approved-by: James Fargher <proglottis@gmail.com>
Approved-by: Patrick Steinhardt <psteinhardt@gitlab.com>
Co-authored-by: Karthik Nayak <knayak@gitlab.com>
4 files changed, 7 insertions, 7 deletions
diff --git a/internal/git/command_resolve.go b/internal/git/command_resolve.go index fc7d334b0..6deb06a4a 100644 --- a/internal/git/command_resolve.go +++ b/internal/git/command_resolve.go @@ -100,6 +100,6 @@ func getURLAndResolveConfigForURL(remoteURL, resolvedAddress string) (string, [] } return remoteURL, []ConfigPair{ - {Key: "http.curloptResolve", Value: fmt.Sprintf("*:%s:%s", port, resolvedAddress)}, + {Key: "http.curloptResolve", Value: fmt.Sprintf("%s:%s:%s", u.Hostname(), port, resolvedAddress)}, }, nil } diff --git a/internal/git/command_resolve_test.go b/internal/git/command_resolve_test.go index b3d059519..038da68c3 100644 --- a/internal/git/command_resolve_test.go +++ b/internal/git/command_resolve_test.go @@ -77,7 +77,7 @@ func TestGetUrlAndResolveConfig(t *testing.T) { resolvedAddress: "192.168.0.1", }, expectedURL: "http://gitlab.com/gitlab-org/gitaly.git", - expectedConfigPair: []ConfigPair{{Key: "http.curloptResolve", Value: "*:80:192.168.0.1"}}, + expectedConfigPair: []ConfigPair{{Key: "http.curloptResolve", Value: "gitlab.com:80:192.168.0.1"}}, expectedErrString: "", }, { @@ -87,7 +87,7 @@ func TestGetUrlAndResolveConfig(t *testing.T) { resolvedAddress: "192.168.0.1", }, expectedURL: "https://gitlab.com/gitlab-org/gitaly.git", - expectedConfigPair: []ConfigPair{{Key: "http.curloptResolve", Value: "*:443:192.168.0.1"}}, + expectedConfigPair: []ConfigPair{{Key: "http.curloptResolve", Value: "gitlab.com:443:192.168.0.1"}}, expectedErrString: "", }, { @@ -97,7 +97,7 @@ func TestGetUrlAndResolveConfig(t *testing.T) { resolvedAddress: "192.168.0.1", }, expectedURL: "https://gitlab.com:1234/gitlab-org/gitaly.git", - expectedConfigPair: []ConfigPair{{Key: "http.curloptResolve", Value: "*:1234:192.168.0.1"}}, + expectedConfigPair: []ConfigPair{{Key: "http.curloptResolve", Value: "gitlab.com:1234:192.168.0.1"}}, expectedErrString: "", }, { @@ -187,7 +187,7 @@ func TestGetUrlAndResolveConfig(t *testing.T) { resolvedAddress: "192.168.0.1", }, expectedURL: "git://www.gitlab.com/foo/bar", - expectedConfigPair: []ConfigPair{{Key: "http.curloptResolve", Value: "*:9418:192.168.0.1"}}, + expectedConfigPair: []ConfigPair{{Key: "http.curloptResolve", Value: "www.gitlab.com:9418:192.168.0.1"}}, expectedErrString: "", }, { diff --git a/internal/gitaly/service/remote/find_remote_root_ref_test.go b/internal/gitaly/service/remote/find_remote_root_ref_test.go index 151735210..0495b95bc 100644 --- a/internal/gitaly/service/remote/find_remote_root_ref_test.go +++ b/internal/gitaly/service/remote/find_remote_root_ref_test.go @@ -203,7 +203,7 @@ func TestServer_findRemoteRootRefCmd(t *testing.T) { }, expectedConfig: []string{ "GIT_CONFIG_KEY_0=http.curloptResolve", - fmt.Sprintf("GIT_CONFIG_VALUE_0=*:%d:127.0.0.1", port), + fmt.Sprintf("GIT_CONFIG_VALUE_0=example.com:%d:127.0.0.1", port), "GIT_CONFIG_KEY_1=remote.inmemory.url", "GIT_CONFIG_VALUE_1=" + originalURL, }, diff --git a/internal/gitaly/service/repository/create_repository_from_url_test.go b/internal/gitaly/service/repository/create_repository_from_url_test.go index 33bb78a25..fb9c6c1bd 100644 --- a/internal/gitaly/service/repository/create_repository_from_url_test.go +++ b/internal/gitaly/service/repository/create_repository_from_url_test.go @@ -258,7 +258,7 @@ func TestServer_CloneFromURLCommand(t *testing.T) { expectedAuthHeader: fmt.Sprintf("Authorization: %s", "some-token"), resolvedAddress: "192.0.1.1", expectedURL: "https://gitlab.com/secretrepo.git", - expectedCurloptResolveHeader: "*:443:192.0.1.1", + expectedCurloptResolveHeader: "gitlab.com:443:192.0.1.1", }, } { t.Run(tc.desc, func(t *testing.T) { |