##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r30576:541949a1 default
r32050:77eaf953 4.1.3 stable
Show More
simplemerge
67 lines | 2.1 KiB | text/plain | TextLexer
Alexis S. L. Carvalho
actually port simplemerge to hg...
r4363 #!/usr/bin/env python
Alexis S. L. Carvalho
Import 3-way merge code from bzr...
r4362
Alexis S. L. Carvalho
polish the simplemerge command; add a test
r4364 from mercurial import demandimport
demandimport.enable()
Alexis S. L. Carvalho
Import 3-way merge code from bzr...
r4362
Pulkit Goyal
fancyopts: switch from fancyopts.getopt.* to getopt.*...
r30576 import getopt
Simon Heimberg
cleanup: drop unused variables and an unused import
r19378 import sys
Alexis S. L. Carvalho
actually port simplemerge to hg...
r4363 from mercurial.i18n import _
Pierre-Yves David
error: get Abort from 'error' instead of 'util'...
r26587 from mercurial import error, simplemerge, fancyopts, util, ui
Alexis S. L. Carvalho
Import 3-way merge code from bzr...
r4362
Alexis S. L. Carvalho
polish the simplemerge command; add a test
r4364 options = [('L', 'label', [], _('labels to use on conflict markers')),
('a', 'text', None, _('treat all files as text')),
('p', 'print', None,
_('print results instead of overwriting LOCAL')),
Pierre-Yves David
simplemerge: burn "minimal" feature to the ground...
r22023 ('', 'no-minimal', None, _('no effect (DEPRECATED)')),
Alexis S. L. Carvalho
polish the simplemerge command; add a test
r4364 ('h', 'help', None, _('display help and exit')),
('q', 'quiet', None, _('suppress output'))]
usage = _('''simplemerge [OPTS] LOCAL BASE OTHER
Simple three-way file merge utility with a minimal feature set.
Thomas Arendsen Hein
Remove trailing spaces
r5081
Alexis S. L. Carvalho
polish the simplemerge command; add a test
r4364 Apply to LOCAL the changes necessary to go from BASE to OTHER.
Thomas Arendsen Hein
Remove trailing spaces
r5081
Alexis S. L. Carvalho
polish the simplemerge command; add a test
r4364 By default, LOCAL is overwritten with the results of this operation.
''')
Matt Mackall
merge: move the bulk of simplemerge into core...
r6002 class ParseError(Exception):
"""Exception raised on errors in parsing the command line."""
Alexis S. L. Carvalho
polish the simplemerge command; add a test
r4364 def showhelp():
sys.stdout.write(usage)
sys.stdout.write('\noptions:\n')
Alexis S. L. Carvalho
Import 3-way merge code from bzr...
r4362
Alexis S. L. Carvalho
polish the simplemerge command; add a test
r4364 out_opts = []
for shortopt, longopt, default, desc in options:
out_opts.append(('%2s%s' % (shortopt and '-%s' % shortopt,
longopt and ' --%s' % longopt),
'%s' % desc))
opts_len = max([len(opt[0]) for opt in out_opts])
for first, second in out_opts:
sys.stdout.write(' %-*s %s\n' % (opts_len, first, second))
Matt Mackall
merge: move the bulk of simplemerge into core...
r6002 try:
Patrick Mezard
tests: Windows compatibility fixes...
r7080 for fp in (sys.stdin, sys.stdout, sys.stderr):
Adrian Buehlmann
rename util.set_binary to setbinary
r14233 util.setbinary(fp)
Mads Kiilerich
tests: run check-code on Python files without .py extension
r19022
Matt Mackall
merge: move the bulk of simplemerge into core...
r6002 opts = {}
Alexis S. L. Carvalho
polish the simplemerge command; add a test
r4364 try:
Matt Mackall
merge: move the bulk of simplemerge into core...
r6002 args = fancyopts.fancyopts(sys.argv[1:], options, opts)
Pulkit Goyal
fancyopts: switch from fancyopts.getopt.* to getopt.*...
r30576 except getopt.GetoptError as e:
Matt Mackall
merge: move the bulk of simplemerge into core...
r6002 raise ParseError(e)
if opts['help']:
Alexis S. L. Carvalho
polish the simplemerge command; add a test
r4364 showhelp()
Matt Mackall
merge: move the bulk of simplemerge into core...
r6002 sys.exit(0)
if len(args) != 3:
raise ParseError(_('wrong number of arguments'))
Yuya Nishihara
ui: factor out ui.load() to create a ui without loading configs (API)...
r30559 sys.exit(simplemerge.simplemerge(ui.ui.load(), *args, **opts))
FUJIWARA Katsunori
misc: use modern exception syntax...
r28047 except ParseError as e:
Matt Mackall
merge: move the bulk of simplemerge into core...
r6002 sys.stdout.write("%s: %s\n" % (sys.argv[0], e))
showhelp()
sys.exit(1)
FUJIWARA Katsunori
misc: use modern exception syntax...
r28047 except error.Abort as e:
Matt Mackall
merge: move the bulk of simplemerge into core...
r6002 sys.stderr.write("abort: %s\n" % e)
sys.exit(255)
except KeyboardInterrupt:
sys.exit(255)