##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r29231:b1b35a90 default
r32050:77eaf953 4.1.3 stable
Show More
hghave
69 lines | 1.8 KiB | text/plain | TextLexer
Patrick Mezard
Add hghave utility and run-tests.py support....
r4881 #!/usr/bin/env python
"""Test the running system for features availability. Exit with zero
Patrick Mezard
hghave: feature absence can be checked by prefixing with 'no-'
r5084 if all features are there, non-zero otherwise. If a feature name is
prefixed with "no-", the absence of feature is tested.
Patrick Mezard
Add hghave utility and run-tests.py support....
r4881 """
Gregory Szorc
hghave: use print function...
r28283
Pulkit Goyal
py3: make tests/hghave use absolute_import
r29161 from __future__ import absolute_import, print_function
Gregory Szorc
hghave: use print function...
r28283
Pulkit Goyal
py3: make tests/hghave use absolute_import
r29161 import hghave
Patrick Mezard
Add hghave utility and run-tests.py support....
r4881 import optparse
Pulkit Goyal
py3: make tests/hghave use absolute_import
r29161 import os
import sys
Martin Geisler
test-gendoc: test documentation generation
r9446
Adrian Buehlmann
tests/hghave: extract hghave.py...
r16966 checks = hghave.checks
Patrick Mezard
Add hghave utility and run-tests.py support....
r4881
def list_features():
timeless
hghave: switch from iteritems to items...
r29141 for name, feature in sorted(checks.items()):
Patrick Mezard
Add hghave utility and run-tests.py support....
r4881 desc = feature[1]
Gregory Szorc
hghave: use print function...
r28283 print(name + ':', desc)
Patrick Mezard
Add hghave utility and run-tests.py support....
r4881
Nicolas Dumazet
hghave: checking that all targets are Exception-free
r8059 def test_features():
failed = 0
timeless
hghave: switch from iteritems to items...
r29141 for name, feature in checks.items():
Nicolas Dumazet
hghave: checking that all targets are Exception-free
r8059 check, _ = feature
try:
check()
FUJIWARA Katsunori
misc: use modern exception syntax...
r28047 except Exception as e:
Gregory Szorc
hghave: use print function...
r28283 print("feature %s failed: %s" % (name, e))
Nicolas Dumazet
hghave: checking that all targets are Exception-free
r8059 failed += 1
return failed
Patrick Mezard
Add hghave utility and run-tests.py support....
r4881 parser = optparse.OptionParser("%prog [options] [features]")
Nicolas Dumazet
hghave: checking that all targets are Exception-free
r8059 parser.add_option("--test-features", action="store_true",
help="test available features")
Patrick Mezard
Add hghave utility and run-tests.py support....
r4881 parser.add_option("--list-features", action="store_true",
help="list available features")
Gregory Szorc
hghave: remove quiet option...
r26068 def _loadaddon():
FUJIWARA Katsunori
hghave: allow adding customized features at runtime...
r25732 if 'TESTDIR' in os.environ:
# loading from '.' isn't needed, because `hghave` should be
# running at TESTTMP in this case
path = os.environ['TESTDIR']
else:
path = '.'
if not os.path.exists(os.path.join(path, 'hghaveaddon.py')):
return
sys.path.insert(0, path)
try:
import hghaveaddon
Yuya Nishihara
hghave: silence future pyflakes warning of unused import
r29231 assert hghaveaddon # silence pyflakes
FUJIWARA Katsunori
misc: use modern exception syntax...
r28047 except BaseException as inst:
Gregory Szorc
hghave: remove quiet option...
r26068 sys.stderr.write('failed to import hghaveaddon.py from %r: %s\n'
% (path, inst))
FUJIWARA Katsunori
hghave: allow adding customized features at runtime...
r25732 sys.exit(2)
sys.path.pop(0)
Patrick Mezard
Add hghave utility and run-tests.py support....
r4881 if __name__ == '__main__':
options, args = parser.parse_args()
Gregory Szorc
hghave: remove quiet option...
r26068 _loadaddon()
Patrick Mezard
Add hghave utility and run-tests.py support....
r4881 if options.list_features:
list_features()
sys.exit(0)
Thomas Arendsen Hein
Remove trailing spaces
r5081
Nicolas Dumazet
hghave: checking that all targets are Exception-free
r8059 if options.test_features:
sys.exit(test_features())
Gregory Szorc
hghave: remove quiet option...
r26068 hghave.require(args)