##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r30375:11b8b740 default
r32050:77eaf953 4.1.3 stable
Show More
debugshell.py
59 lines | 1.4 KiB | text/x-python | PythonLexer
Vishakh H
contrib: add debugshell extension
r11633 # debugshell extension
"""a python shell with repo, changelog & manifest objects"""
Pulkit Goyal
debugshell: use absolute_import
r28476 from __future__ import absolute_import
import code
Vishakh H
contrib: add debugshell extension
r11633 import mercurial
Pulkit Goyal
debugshell: use absolute_import
r28476 import sys
Gregory Szorc
debugshell: disable demand importer when importing debugger...
r27721 from mercurial import (
cmdutil,
demandimport,
)
Gregory Szorc
debugshell: declare command using decorator
r21243
cmdtable = {}
command = cmdutil.command(cmdtable)
Vishakh H
contrib: add debugshell extension
r11633
Sean Farley
debugshell: abstract out pdb code.interact
r19771 def pdb(ui, repo, msg, **opts):
Vishakh H
contrib: add debugshell extension
r11633 objects = {
'mercurial': mercurial,
'repo': repo,
'cl': repo.changelog,
Durham Goode
manifest: remove last uses of repo.manifest...
r30375 'mf': repo.manifestlog,
Vishakh H
contrib: add debugshell extension
r11633 }
Sean Farley
debugshell: abstract out pdb code.interact
r19771
code.interact(msg, local=objects)
Sean Farley
debugshell: add function to embed ipython
r19772 def ipdb(ui, repo, msg, **opts):
import IPython
cl = repo.changelog
Durham Goode
manifest: remove last uses of repo.manifest...
r30375 mf = repo.manifestlog
Matt Mackall
debugshell: appease pyflakes
r19794 cl, mf # use variables to appease pyflakes
Sean Farley
debugshell: add function to embed ipython
r19772
IPython.embed()
Gregory Szorc
debugshell: declare command using decorator
r21243 @command('debugshell|dbsh', [])
Sean Farley
debugshell: abstract out pdb code.interact
r19771 def debugshell(ui, repo, **opts):
Vishakh H
contrib: add debugshell extension
r11633 bannermsg = "loaded repo : %s\n" \
"using source: %s" % (repo.root,
mercurial.__path__[0])
Sean Farley
debugshell: abstract out pdb code.interact
r19771
Sean Farley
debugshell: check ui.debugger for which debugger to use
r19773 pdbmap = {
'pdb' : 'code',
'ipdb' : 'IPython'
}
debugger = ui.config("ui", "debugger")
if not debugger:
debugger = 'pdb'
# if IPython doesn't exist, fallback to code.interact
try:
Gregory Szorc
debugshell: disable demand importer when importing debugger...
r27721 with demandimport.deactivated():
__import__(pdbmap[debugger])
Sean Farley
debugshell: check ui.debugger for which debugger to use
r19773 except ImportError:
FUJIWARA Katsunori
check-code: detect "missing _() in ui message" more exactly...
r29397 ui.warn(("%s debugger specified but %s module was not found\n")
Sean Farley
debugshell: check ui.debugger for which debugger to use
r19773 % (debugger, pdbmap[debugger]))
debugger = 'pdb'
getattr(sys.modules[__name__], debugger)(ui, repo, bannermsg, **opts)