##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r31288:198cd5ad default
r32050:77eaf953 4.1.3 stable
Show More
schemes.py
133 lines | 4.0 KiB | text/x-python | PythonLexer
Alexander Solovyov
schemes extension
r9964 # Copyright 2009, Alexander Solovyov <piranha@piranha.org.ua>
#
# This software may be used and distributed according to the terms of the
Matt Mackall
Update license to GPLv2+
r10263 # GNU General Public License version 2 or any later version.
Alexander Solovyov
schemes extension
r9964
"""extend schemes with shortcuts to repository swarms
This extension allows you to specify shortcuts for parent URLs with a
lot of repositories to act like a scheme, for example::
[schemes]
py = http://code.python.org/hg/
After that you can use it like::
hg clone py://trunk/
Additionally there is support for some more complex schemas, for
example used by Google Code::
[schemes]
gcode = http://{1}.googlecode.com/hg/
The syntax is taken from Mercurial templates, and you have unlimited
number of variables, starting with ``{1}`` and continuing with
``{2}``, ``{3}`` and so on. This variables will receive parts of URL
supplied, split by ``/``. Anything not specified as ``{part}`` will be
just appended to an URL.
For convenience, the extension adds these schemes by default::
[schemes]
py = http://hg.python.org/
bb = https://bitbucket.org/
bb+ssh = ssh://hg@bitbucket.org/
gcode = https://{1}.googlecode.com/hg/
Benjamin Pollack
schemes: add Kiln On Demand to default schemes
r10777 kiln = https://{1}.kilnhg.com/Repo/
Alexander Solovyov
schemes extension
r9964
Martin Geisler
schemes: fixed typos in module docstring
r9965 You can override a predefined scheme by defining a new scheme with the
same name.
Alexander Solovyov
schemes extension
r9964 """
timeless
schemas: use absolute_import
r28379 from __future__ import absolute_import
Alexander Solovyov
schemes extension
r9964
timeless
schemas: use absolute_import
r28379 import os
import re
Yuya Nishihara
py3: move up symbol imports to enforce import-checker rules...
r29205
from mercurial.i18n import _
timeless
schemas: use absolute_import
r28379 from mercurial import (
cmdutil,
error,
extensions,
hg,
Pulkit Goyal
py3: replace os.name with pycompat.osname (part 2 of 2)
r30640 pycompat,
timeless
schemas: use absolute_import
r28379 templater,
util,
)
Alexander Solovyov
schemes extension
r9964
Jason R. Coombs
schemes: add debugexpandscheme command, resolving a scheme to canonical form
r27982 cmdtable = {}
command = cmdutil.command(cmdtable)
Augie Fackler
extensions: change magic "shipped with hg" string...
r29841 # Note for extension authors: ONLY specify testedwith = 'ships-with-hg-core' for
Augie Fackler
extensions: document that `testedwith = 'internal'` is special...
r25186 # extensions which SHIP WITH MERCURIAL. Non-mainline extensions should
# be specifying the version(s) of Mercurial they are tested with, or
# leave the attribute unspecified.
Augie Fackler
extensions: change magic "shipped with hg" string...
r29841 testedwith = 'ships-with-hg-core'
Augie Fackler
hgext: mark all first-party extensions as such
r16743
Alexander Solovyov
schemes extension
r9964
class ShortRepository(object):
def __init__(self, url, scheme, templater):
self.scheme = scheme
self.templater = templater
self.url = url
try:
self.parts = max(map(int, re.findall(r'\{(\d+)\}', self.url)))
except ValueError:
self.parts = 0
def __repr__(self):
return '<ShortRepository: %s>' % self.scheme
def instance(self, ui, url, create):
Jason R. Coombs
schemes: extract scheme expansion as its own method on ShortRepository
r27981 url = self.resolve(url)
return hg._peerlookup(url).instance(ui, url, create)
def resolve(self, url):
Mads Kiilerich
fix wording and not-completely-trivial spelling errors and bad docstrings
r17425 # Should this use the util.url class, or is manual parsing better?
Mads Kiilerich
scheme: don't crash on invalid URLs
r18910 try:
url = url.split('://', 1)[1]
except IndexError:
Pierre-Yves David
error: get Abort from 'error' instead of 'util'...
r26587 raise error.Abort(_("no '://' in scheme url '%s'") % url)
Alexander Solovyov
schemes extension
r9964 parts = url.split('/', self.parts)
if len(parts) > self.parts:
tail = parts[-1]
parts = parts[:-1]
else:
tail = ''
Matt Mackall
many, many trivial check-code fixups
r10282 context = dict((str(i + 1), v) for i, v in enumerate(parts))
Jason R. Coombs
schemes: extract scheme expansion as its own method on ShortRepository
r27981 return ''.join(self.templater.process(self.url, context)) + tail
Alexander Solovyov
schemes extension
r9964
Matt Mackall
url: nuke some newly-introduced underbars in identifiers
r13827 def hasdriveletter(orig, path):
Patrick Mezard
util: fix url.__str__() for windows file URLs...
r15609 if path:
for scheme in schemes:
if path.startswith(scheme + ':'):
return False
Brodie Rao
schemes: prevent one letter schemes from being interpreted as drive letters...
r13822 return orig(path)
Alexander Solovyov
schemes extension
r9964 schemes = {
'py': 'http://hg.python.org/',
'bb': 'https://bitbucket.org/',
'bb+ssh': 'ssh://hg@bitbucket.org/',
Benjamin Pollack
schemes: add Kiln On Demand to default schemes
r10777 'gcode': 'https://{1}.googlecode.com/hg/',
'kiln': 'https://{1}.kilnhg.com/Repo/'
Alexander Solovyov
schemes extension
r9964 }
def extsetup(ui):
schemes.update(dict(ui.configitems('schemes')))
t = templater.engine(lambda x: x)
for scheme, url in schemes.items():
Pulkit Goyal
py3: replace os.name with pycompat.osname (part 2 of 2)
r30640 if (pycompat.osname == 'nt' and len(scheme) == 1 and scheme.isalpha()
Brodie Rao
schemes: prevent one letter schemes from being interpreted as drive letters...
r13822 and os.path.exists('%s:\\' % scheme)):
Pierre-Yves David
error: get Abort from 'error' instead of 'util'...
r26587 raise error.Abort(_('custom scheme %s:// conflicts with drive '
Brodie Rao
schemes: prevent one letter schemes from being interpreted as drive letters...
r13822 'letter %s:\\\n') % (scheme, scheme.upper()))
Matt Mackall
hg: move peerschemes back to schemes...
r14606 hg.schemes[scheme] = ShortRepository(url, scheme, t)
Brodie Rao
schemes: prevent one letter schemes from being interpreted as drive letters...
r13822
Brodie Rao
url: move URL parsing functions into util to improve startup time...
r14076 extensions.wrapfunction(util, 'hasdriveletter', hasdriveletter)
Jason R. Coombs
schemes: add debugexpandscheme command, resolving a scheme to canonical form
r27982
@command('debugexpandscheme', norepo=True)
def expandscheme(ui, url, **opts):
"""given a repo path, provide the scheme-expanded path
"""
repo = hg._peerlookup(url)
if isinstance(repo, ShortRepository):
url = repo.resolve(url)
ui.write(url + '\n')