##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r26921:b11495c2 default
r32050:77eaf953 4.1.3 stable
Show More
test-init.t
260 lines | 6.2 KiB | text/troff | Tads3Lexer
Matt Mackall
tests: fix a bunch of pointless #s in unified tests
r12328 This test tries to exercise the ssh functionality with a dummy script
Nicolas Dumazet
tests: unify test-init
r11786
Pierre-Yves David
tests: test generaldelta configuration in test-init.t...
r26921 (enable general delta early)
$ cat << EOF >> $HGRCPATH
> [format]
> usegeneraldelta=yes
> EOF
Nicolas Dumazet
tests: unify test-init
r11786 $ checknewrepo()
> {
> name=$1
Mads Kiilerich
init: expand destination url as a configured paths...
r12584 > if [ -d "$name"/.hg/store ]; then
Nicolas Dumazet
tests: unify test-init
r11786 > echo store created
> fi
Mads Kiilerich
init: expand destination url as a configured paths...
r12584 > if [ -f "$name"/.hg/00changelog.i ]; then
Nicolas Dumazet
tests: unify test-init
r11786 > echo 00changelog.i created
> fi
Mads Kiilerich
init: expand destination url as a configured paths...
r12584 > cat "$name"/.hg/requires
Nicolas Dumazet
tests: unify test-init
r11786 > }
creating 'local'
$ hg init local
$ checknewrepo local
store created
00changelog.i created
Mads Kiilerich
localrepo: store requirements sorted
r18356 dotencode
Andrew Pritchard
localrepo: make requirements attribute of newly-created repos contain a set...
r14905 fncache
Pierre-Yves David
tests: test generaldelta configuration in test-init.t...
r26921 generaldelta
Mads Kiilerich
localrepo: store requirements sorted
r18356 revlogv1
Nicolas Dumazet
tests: unify test-init
r11786 store
$ echo this > local/foo
Martin Geisler
tests: remove unneeded -d flags...
r12156 $ hg ci --cwd local -A -m "init"
Nicolas Dumazet
tests: unify test-init
r11786 adding foo
Brodie Rao
revlog: allow tuning of the chunk cache size (via format.chunkcachesize)...
r20180 test custom revlog chunk cache sizes
$ hg --config format.chunkcachesize=0 log -R local -pv
abort: revlog chunk cache size 0 is not greater than 0!
[255]
$ hg --config format.chunkcachesize=1023 log -R local -pv
abort: revlog chunk cache size 1023 is not a power of 2!
[255]
$ hg --config format.chunkcachesize=1024 log -R local -pv
changeset: 0:08b9e9f63b32
tag: tip
user: test
date: Thu Jan 01 00:00:00 1970 +0000
files: foo
description:
init
diff -r 000000000000 -r 08b9e9f63b32 foo
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/foo Thu Jan 01 00:00:00 1970 +0000
@@ -0,0 +1,1 @@
+this
Nicolas Dumazet
tests: unify test-init
r11786 creating repo with format.usestore=false
$ hg --config format.usestore=false init old
$ checknewrepo old
Pierre-Yves David
tests: test generaldelta configuration in test-init.t...
r26921 generaldelta
Nicolas Dumazet
tests: unify test-init
r11786 revlogv1
creating repo with format.usefncache=false
$ hg --config format.usefncache=false init old2
$ checknewrepo old2
store created
00changelog.i created
Pierre-Yves David
tests: test generaldelta configuration in test-init.t...
r26921 generaldelta
Nicolas Dumazet
tests: unify test-init
r11786 revlogv1
store
Adrian Buehlmann
tests: add testcase for --config format.dotencode=false
r12712 creating repo with format.dotencode=false
$ hg --config format.dotencode=false init old3
$ checknewrepo old3
store created
00changelog.i created
Mads Kiilerich
localrepo: store requirements sorted
r18356 fncache
Pierre-Yves David
tests: test generaldelta configuration in test-init.t...
r26921 generaldelta
revlogv1
store
creating repo with format.dotencode=false
$ hg --config format.generaldelta=false --config format.usegeneraldelta=false init old4
$ checknewrepo old4
store created
00changelog.i created
dotencode
fncache
Adrian Buehlmann
tests: add testcase for --config format.dotencode=false
r12712 revlogv1
store
Nicolas Dumazet
tests: unify test-init
r11786 test failure
$ hg init local
abort: repository local already exists!
Matt Mackall
tests: add exit codes to unified tests
r12316 [255]
Nicolas Dumazet
tests: unify test-init
r11786
init+push to remote2
Matt Harbison
tests: restore 'python' and '$TESTDIR/' for dummyssh invocation...
r25495 $ hg init -e "python \"$TESTDIR/dummyssh\"" ssh://user@dummy/remote2
Nicolas Dumazet
tests: unify test-init
r11786 $ hg incoming -R remote2 local
comparing with local
Martin Geisler
tests: remove unneeded -d flags...
r12156 changeset: 0:08b9e9f63b32
Nicolas Dumazet
tests: unify test-init
r11786 tag: tip
user: test
Martin Geisler
tests: remove unneeded -d flags...
r12156 date: Thu Jan 01 00:00:00 1970 +0000
Nicolas Dumazet
tests: unify test-init
r11786 summary: init
Matt Harbison
tests: restore 'python' and '$TESTDIR/' for dummyssh invocation...
r25495 $ hg push -R local -e "python \"$TESTDIR/dummyssh\"" ssh://user@dummy/remote2
Nicolas Dumazet
tests: unify test-init
r11786 pushing to ssh://user@dummy/remote2
searching for changes
remote: adding changesets
remote: adding manifests
remote: adding file changes
remote: added 1 changesets with 1 changes to 1 files
clone to remote1
Matt Harbison
tests: restore 'python' and '$TESTDIR/' for dummyssh invocation...
r25495 $ hg clone -e "python \"$TESTDIR/dummyssh\"" local ssh://user@dummy/remote1
Nicolas Dumazet
tests: unify test-init
r11786 searching for changes
remote: adding changesets
remote: adding manifests
remote: adding file changes
remote: added 1 changesets with 1 changes to 1 files
Matt Harbison
largefiles: don't crash when cloning to a remote repo...
r24812 The largefiles extension doesn't crash
Matt Harbison
tests: restore 'python' and '$TESTDIR/' for dummyssh invocation...
r25495 $ hg clone -e "python \"$TESTDIR/dummyssh\"" local ssh://user@dummy/remotelf --config extensions.largefiles=
Matt Harbison
largefiles: don't crash when cloning to a remote repo...
r24812 searching for changes
remote: adding changesets
remote: adding manifests
remote: adding file changes
remote: added 1 changesets with 1 changes to 1 files
Nicolas Dumazet
tests: unify test-init
r11786 init to existing repo
Matt Harbison
tests: restore 'python' and '$TESTDIR/' for dummyssh invocation...
r25495 $ hg init -e "python \"$TESTDIR/dummyssh\"" ssh://user@dummy/remote1
Nicolas Dumazet
tests: unify test-init
r11786 abort: repository remote1 already exists!
abort: could not create remote repo!
Matt Mackall
tests: add exit codes to unified tests
r12316 [255]
Nicolas Dumazet
tests: unify test-init
r11786
clone to existing repo
Matt Harbison
tests: restore 'python' and '$TESTDIR/' for dummyssh invocation...
r25495 $ hg clone -e "python \"$TESTDIR/dummyssh\"" local ssh://user@dummy/remote1
Nicolas Dumazet
tests: unify test-init
r11786 abort: repository remote1 already exists!
abort: could not create remote repo!
Matt Mackall
tests: add exit codes to unified tests
r12316 [255]
Nicolas Dumazet
tests: unify test-init
r11786
output of dummyssh
$ cat dummylog
Mads Kiilerich
sshrepo: don't quote obviously safe strings (issue2983)...
r15622 Got arguments 1:user@dummy 2:hg init remote2
Got arguments 1:user@dummy 2:hg -R remote2 serve --stdio
Got arguments 1:user@dummy 2:hg -R remote2 serve --stdio
Got arguments 1:user@dummy 2:hg init remote1
Got arguments 1:user@dummy 2:hg -R remote1 serve --stdio
Matt Harbison
largefiles: don't crash when cloning to a remote repo...
r24812 Got arguments 1:user@dummy 2:hg init remotelf
Got arguments 1:user@dummy 2:hg -R remotelf serve --stdio
Mads Kiilerich
sshrepo: don't quote obviously safe strings (issue2983)...
r15622 Got arguments 1:user@dummy 2:hg init remote1
Got arguments 1:user@dummy 2:hg init remote1
Nicolas Dumazet
tests: unify test-init
r11786
comparing repositories
$ hg tip -q -R local
Martin Geisler
tests: remove unneeded -d flags...
r12156 0:08b9e9f63b32
Nicolas Dumazet
tests: unify test-init
r11786 $ hg tip -q -R remote1
Martin Geisler
tests: remove unneeded -d flags...
r12156 0:08b9e9f63b32
Nicolas Dumazet
tests: unify test-init
r11786 $ hg tip -q -R remote2
Martin Geisler
tests: remove unneeded -d flags...
r12156 0:08b9e9f63b32
Nicolas Dumazet
tests: unify test-init
r11786
check names for repositories (clashes with URL schemes, special chars)
Adrian Buehlmann
test-init: enable for Windows...
r16915 $ for i in bundle file hg http https old-http ssh static-http "with space"; do
Martin Geisler
test-init: replace 'echo -n' with 'printf'...
r11883 > printf "hg init \"$i\"... "
Nicolas Dumazet
tests: unify test-init
r11786 > hg init "$i"
> test -d "$i" -a -d "$i/.hg" && echo "ok" || echo "failed"
> done
hg init "bundle"... ok
hg init "file"... ok
hg init "hg"... ok
hg init "http"... ok
hg init "https"... ok
hg init "old-http"... ok
hg init "ssh"... ok
hg init "static-http"... ok
hg init "with space"... ok
Mads Kiilerich
tests: use hghave eol-in-paths to test for support for ':' in filenames and " "...
r16974 #if eol-in-paths
Adrian Buehlmann
test-init: enable for Windows...
r16915 /* " " is not a valid name for a directory on Windows */
$ hg init " "
$ test -d " "
$ test -d " /.hg"
#endif
Nicolas Dumazet
tests: unify test-init
r11786
creating 'local/sub/repo'
$ hg init local/sub/repo
$ checknewrepo local/sub/repo
store created
00changelog.i created
Mads Kiilerich
localrepo: store requirements sorted
r18356 dotencode
Andrew Pritchard
localrepo: make requirements attribute of newly-created repos contain a set...
r14905 fncache
Pierre-Yves David
tests: test generaldelta configuration in test-init.t...
r26921 generaldelta
Mads Kiilerich
localrepo: store requirements sorted
r18356 revlogv1
Nicolas Dumazet
tests: unify test-init
r11786 store
Mads Kiilerich
init: expand destination url as a configured paths...
r12584
prepare test of init of url configured from paths
$ echo '[paths]' >> $HGRCPATH
$ echo "somewhere = `pwd`/url from paths" >> $HGRCPATH
$ echo "elsewhere = `pwd`/another paths url" >> $HGRCPATH
init should (for consistency with clone) expand the url
$ hg init somewhere
$ checknewrepo "url from paths"
store created
00changelog.i created
Mads Kiilerich
localrepo: store requirements sorted
r18356 dotencode
Andrew Pritchard
localrepo: make requirements attribute of newly-created repos contain a set...
r14905 fncache
Pierre-Yves David
tests: test generaldelta configuration in test-init.t...
r26921 generaldelta
Mads Kiilerich
localrepo: store requirements sorted
r18356 revlogv1
Mads Kiilerich
init: expand destination url as a configured paths...
r12584 store
verify that clone also expand urls
$ hg clone somewhere elsewhere
updating to branch default
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ checknewrepo "another paths url"
store created
00changelog.i created
Mads Kiilerich
localrepo: store requirements sorted
r18356 dotencode
Andrew Pritchard
localrepo: make requirements attribute of newly-created repos contain a set...
r14905 fncache
Pierre-Yves David
tests: test generaldelta configuration in test-init.t...
r26921 generaldelta
Mads Kiilerich
localrepo: store requirements sorted
r18356 revlogv1
Mads Kiilerich
init: expand destination url as a configured paths...
r12584 store
David Soria Parra
hg: add support for cloning bookmarks
r13604
clone bookmarks
$ hg -R local bookmark test
$ hg -R local bookmarks
* test 0:08b9e9f63b32
Matt Harbison
tests: restore 'python' and '$TESTDIR/' for dummyssh invocation...
r25495 $ hg clone -e "python \"$TESTDIR/dummyssh\"" local ssh://user@dummy/remote-bookmarks
David Soria Parra
hg: add support for cloning bookmarks
r13604 searching for changes
remote: adding changesets
remote: adding manifests
remote: adding file changes
remote: added 1 changesets with 1 changes to 1 files
Pierre-Yves David
clone: explicitly push bookmarks when cloning from local to remote...
r22647 exporting bookmark test
David Soria Parra
hg: add support for cloning bookmarks
r13604 $ hg -R remote-bookmarks bookmarks
test 0:08b9e9f63b32