##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r31248:8d3e8c8c default
r32050:77eaf953 4.1.3 stable
Show More
undumprevlog
46 lines | 1.1 KiB | text/plain | TextLexer
Matt Mackall
add simple dump and undump scripts to contrib/
r6433 #!/usr/bin/env python
# Undump a dump from dumprevlog
# $ hg init
# $ undumprevlog < repo.dump
Pulkit Goyal
py3: make contrib/undumprevlog use absolute_import
r29167 from __future__ import absolute_import
Matt Mackall
add simple dump and undump scripts to contrib/
r6433 import sys
Pulkit Goyal
py3: make contrib/undumprevlog use absolute_import
r29167 from mercurial import (
node,
revlog,
scmutil,
transaction,
util,
)
Matt Mackall
add simple dump and undump scripts to contrib/
r6433
Adrian Buehlmann
contrib: fix binary file issues with dumprevlog on Windows...
r6466 for fp in (sys.stdin, sys.stdout, sys.stderr):
Adrian Buehlmann
rename util.set_binary to setbinary
r14233 util.setbinary(fp)
Adrian Buehlmann
contrib: fix binary file issues with dumprevlog on Windows...
r6466
Adrian Buehlmann
move opener from util to scmutil
r13970 opener = scmutil.opener('.', False)
Pierre-Yves David
transaction: pass a vfs map to the transaction...
r23310 tr = transaction.transaction(sys.stderr.write, opener, {'store': opener},
"undump.journal")
Mads Kiilerich
tests: run check-code on Python files without .py extension
r19022 while True:
Matt Mackall
add simple dump and undump scripts to contrib/
r6433 l = sys.stdin.readline()
if not l:
break
if l.startswith("file:"):
f = l[6:-1]
r = revlog.revlog(opener, f)
print f
elif l.startswith("node:"):
n = node.bin(l[6:-1])
elif l.startswith("linkrev:"):
lr = int(l[9:-1])
elif l.startswith("parents:"):
p = l[9:-1].split()
p1 = node.bin(p[0])
p2 = node.bin(p[1])
elif l.startswith("length:"):
length = int(l[8:-1])
sys.stdin.readline() # start marker
d = sys.stdin.read(length)
sys.stdin.readline() # end marker
r.addrevision(d, tr, lr, p1, p2)
tr.close()