##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r17708:4f2f0f36 default
r32050:77eaf953 4.1.3 stable
Show More
test-mq-qqueue.t
188 lines | 2.7 KiB | text/troff | Tads3Lexer
Adrian Buehlmann
tests: unify some of test-mq*
r12324 $ echo "[extensions]" >> $HGRCPATH
$ echo "mq=" >> $HGRCPATH
$ hg init foo
$ cd foo
$ echo a > a
$ hg ci -qAm a
Default queue:
$ hg qqueue
patches (active)
$ echo b > a
$ hg qnew -fgDU somestuff
Applied patches in default queue:
$ hg qap
somestuff
Try to change patch (create succeeds, switch fails):
$ hg qqueue foo --create
Bryan O'Sullivan
mq: improve qqueue message with patches applied (issue3036)
r17708 abort: new queue created, but cannot make active as patches are applied
Adrian Buehlmann
tests: unify some of test-mq*
r12324 [255]
$ hg qqueue
foo
patches (active)
Empty default queue:
$ hg qpop
popping somestuff
patch queue now empty
Switch queue:
$ hg qqueue foo
$ hg qqueue
foo (active)
patches
List queues, quiet:
$ hg qqueue --quiet
foo
patches
Fail creating queue with already existing name:
$ hg qqueue --create foo
abort: queue "foo" already exists
[255]
$ hg qqueue
foo (active)
patches
Create new queue for rename:
$ hg qqueue --create bar
$ hg qqueue
bar (active)
foo
patches
Rename queue, same name:
$ hg qqueue --rename bar
abort: can't rename "bar" to its current name
[255]
Rename queue to existing:
$ hg qqueue --rename foo
abort: queue "foo" already exists
[255]
Rename queue:
$ hg qqueue --rename buz
$ hg qqueue
buz (active)
foo
patches
Switch back to previous queue:
$ hg qqueue foo
$ hg qqueue --delete buz
$ hg qqueue
foo (active)
patches
Create queue for purge:
$ hg qqueue --create purge-me
$ hg qqueue
foo
patches
purge-me (active)
Create patch for purge:
$ hg qnew patch-purge-me
$ ls -1d .hg/patches-purge-me 2>/dev/null || true
.hg/patches-purge-me
$ hg qpop -a
popping patch-purge-me
patch queue now empty
Purge queue:
$ hg qqueue foo
$ hg qqueue --purge purge-me
$ hg qqueue
foo (active)
patches
$ ls -1d .hg/patches-purge-me 2>/dev/null || true
Unapplied patches:
$ hg qun
$ echo c > a
$ hg qnew -fgDU otherstuff
Fail switching back:
$ hg qqueue patches
Bryan O'Sullivan
mq: improve qqueue message with patches applied (issue3036)
r17708 abort: new queue created, but cannot make active as patches are applied
Adrian Buehlmann
tests: unify some of test-mq*
r12324 [255]
Fail deleting current:
$ hg qqueue foo --delete
abort: cannot delete currently active queue
[255]
Switch back and delete foo:
$ hg qpop -a
popping otherstuff
patch queue now empty
$ hg qqueue patches
$ hg qqueue foo --delete
$ hg qqueue
patches (active)
Tricky cases:
$ hg qqueue store --create
$ hg qnew journal
$ hg qqueue
patches
store (active)
$ hg qpop -a
popping journal
patch queue now empty
$ hg qqueue patches
$ hg qun
somestuff
Invalid names:
$ hg qqueue test/../../bar --create
abort: invalid queue name, may not contain the characters ":\/."
[255]
$ hg qqueue . --create
abort: invalid queue name, may not contain the characters ":\/."
[255]
$ cd ..