##// END OF EJS Templates
push: add tests for unsafe ssh url (SEC)
Sean Farley -
r33728:48d520fd stable
parent child Browse files
Show More
@@ -1,318 +1,337 b''
1 1 ==================================
2 2 Basic testing for the push command
3 3 ==================================
4 4
5 5 Testing of the '--rev' flag
6 6 ===========================
7 7
8 8 $ hg init test-revflag
9 9 $ hg -R test-revflag unbundle "$TESTDIR/bundles/remote.hg"
10 10 adding changesets
11 11 adding manifests
12 12 adding file changes
13 13 added 9 changesets with 7 changes to 4 files (+1 heads)
14 14 (run 'hg heads' to see heads, 'hg merge' to merge)
15 15
16 16 $ for i in 0 1 2 3 4 5 6 7 8; do
17 17 > echo
18 18 > hg init test-revflag-"$i"
19 19 > hg -R test-revflag push -r "$i" test-revflag-"$i"
20 20 > hg -R test-revflag-"$i" verify
21 21 > done
22 22
23 23 pushing to test-revflag-0
24 24 searching for changes
25 25 adding changesets
26 26 adding manifests
27 27 adding file changes
28 28 added 1 changesets with 1 changes to 1 files
29 29 checking changesets
30 30 checking manifests
31 31 crosschecking files in changesets and manifests
32 32 checking files
33 33 1 files, 1 changesets, 1 total revisions
34 34
35 35 pushing to test-revflag-1
36 36 searching for changes
37 37 adding changesets
38 38 adding manifests
39 39 adding file changes
40 40 added 2 changesets with 2 changes to 1 files
41 41 checking changesets
42 42 checking manifests
43 43 crosschecking files in changesets and manifests
44 44 checking files
45 45 1 files, 2 changesets, 2 total revisions
46 46
47 47 pushing to test-revflag-2
48 48 searching for changes
49 49 adding changesets
50 50 adding manifests
51 51 adding file changes
52 52 added 3 changesets with 3 changes to 1 files
53 53 checking changesets
54 54 checking manifests
55 55 crosschecking files in changesets and manifests
56 56 checking files
57 57 1 files, 3 changesets, 3 total revisions
58 58
59 59 pushing to test-revflag-3
60 60 searching for changes
61 61 adding changesets
62 62 adding manifests
63 63 adding file changes
64 64 added 4 changesets with 4 changes to 1 files
65 65 checking changesets
66 66 checking manifests
67 67 crosschecking files in changesets and manifests
68 68 checking files
69 69 1 files, 4 changesets, 4 total revisions
70 70
71 71 pushing to test-revflag-4
72 72 searching for changes
73 73 adding changesets
74 74 adding manifests
75 75 adding file changes
76 76 added 2 changesets with 2 changes to 1 files
77 77 checking changesets
78 78 checking manifests
79 79 crosschecking files in changesets and manifests
80 80 checking files
81 81 1 files, 2 changesets, 2 total revisions
82 82
83 83 pushing to test-revflag-5
84 84 searching for changes
85 85 adding changesets
86 86 adding manifests
87 87 adding file changes
88 88 added 3 changesets with 3 changes to 1 files
89 89 checking changesets
90 90 checking manifests
91 91 crosschecking files in changesets and manifests
92 92 checking files
93 93 1 files, 3 changesets, 3 total revisions
94 94
95 95 pushing to test-revflag-6
96 96 searching for changes
97 97 adding changesets
98 98 adding manifests
99 99 adding file changes
100 100 added 4 changesets with 5 changes to 2 files
101 101 checking changesets
102 102 checking manifests
103 103 crosschecking files in changesets and manifests
104 104 checking files
105 105 2 files, 4 changesets, 5 total revisions
106 106
107 107 pushing to test-revflag-7
108 108 searching for changes
109 109 adding changesets
110 110 adding manifests
111 111 adding file changes
112 112 added 5 changesets with 6 changes to 3 files
113 113 checking changesets
114 114 checking manifests
115 115 crosschecking files in changesets and manifests
116 116 checking files
117 117 3 files, 5 changesets, 6 total revisions
118 118
119 119 pushing to test-revflag-8
120 120 searching for changes
121 121 adding changesets
122 122 adding manifests
123 123 adding file changes
124 124 added 5 changesets with 5 changes to 2 files
125 125 checking changesets
126 126 checking manifests
127 127 crosschecking files in changesets and manifests
128 128 checking files
129 129 2 files, 5 changesets, 5 total revisions
130 130
131 131 $ cd test-revflag-8
132 132
133 133 $ hg pull ../test-revflag-7
134 134 pulling from ../test-revflag-7
135 135 searching for changes
136 136 adding changesets
137 137 adding manifests
138 138 adding file changes
139 139 added 4 changesets with 2 changes to 3 files (+1 heads)
140 140 (run 'hg heads' to see heads, 'hg merge' to merge)
141 141
142 142 $ hg verify
143 143 checking changesets
144 144 checking manifests
145 145 crosschecking files in changesets and manifests
146 146 checking files
147 147 4 files, 9 changesets, 7 total revisions
148 148
149 149 $ cd ..
150 150
151 151 Test server side validation during push
152 152 =======================================
153 153
154 154 $ hg init test-validation
155 155 $ cd test-validation
156 156
157 157 $ cat > .hg/hgrc <<EOF
158 158 > [server]
159 159 > validate=1
160 160 > EOF
161 161
162 162 $ echo alpha > alpha
163 163 $ echo beta > beta
164 164 $ hg addr
165 165 adding alpha
166 166 adding beta
167 167 $ hg ci -m 1
168 168
169 169 $ cd ..
170 170 $ hg clone test-validation test-validation-clone
171 171 updating to branch default
172 172 2 files updated, 0 files merged, 0 files removed, 0 files unresolved
173 173
174 174 Test spurious filelog entries:
175 175
176 176 $ cd test-validation-clone
177 177 $ echo blah >> beta
178 178 $ cp .hg/store/data/beta.i tmp1
179 179 $ hg ci -m 2
180 180 $ cp .hg/store/data/beta.i tmp2
181 181 $ hg -q rollback
182 182 $ mv tmp2 .hg/store/data/beta.i
183 183 $ echo blah >> beta
184 184 $ hg ci -m '2 (corrupt)'
185 185
186 186 Expected to fail:
187 187
188 188 $ hg verify
189 189 checking changesets
190 190 checking manifests
191 191 crosschecking files in changesets and manifests
192 192 checking files
193 193 beta@1: dddc47b3ba30 not in manifests
194 194 2 files, 2 changesets, 4 total revisions
195 195 1 integrity errors encountered!
196 196 (first damaged changeset appears to be 1)
197 197 [1]
198 198
199 199 $ hg push
200 200 pushing to $TESTTMP/test-validation (glob)
201 201 searching for changes
202 202 adding changesets
203 203 adding manifests
204 204 adding file changes
205 205 transaction abort!
206 206 rollback completed
207 207 abort: received spurious file revlog entry
208 208 [255]
209 209
210 210 $ hg -q rollback
211 211 $ mv tmp1 .hg/store/data/beta.i
212 212 $ echo beta > beta
213 213
214 214 Test missing filelog entries:
215 215
216 216 $ cp .hg/store/data/beta.i tmp
217 217 $ echo blah >> beta
218 218 $ hg ci -m '2 (corrupt)'
219 219 $ mv tmp .hg/store/data/beta.i
220 220
221 221 Expected to fail:
222 222
223 223 $ hg verify
224 224 checking changesets
225 225 checking manifests
226 226 crosschecking files in changesets and manifests
227 227 checking files
228 228 beta@1: manifest refers to unknown revision dddc47b3ba30
229 229 2 files, 2 changesets, 2 total revisions
230 230 1 integrity errors encountered!
231 231 (first damaged changeset appears to be 1)
232 232 [1]
233 233
234 234 $ hg push
235 235 pushing to $TESTTMP/test-validation (glob)
236 236 searching for changes
237 237 adding changesets
238 238 adding manifests
239 239 adding file changes
240 240 transaction abort!
241 241 rollback completed
242 242 abort: missing file data for beta:dddc47b3ba30e54484720ce0f4f768a0f4b6efb9 - run hg verify
243 243 [255]
244 244
245 245 $ cd ..
246 246
247 247 Test push hook locking
248 248 =====================
249 249
250 250 $ hg init 1
251 251
252 252 $ echo '[ui]' >> 1/.hg/hgrc
253 253 $ echo 'timeout = 10' >> 1/.hg/hgrc
254 254
255 255 $ echo foo > 1/foo
256 256 $ hg --cwd 1 ci -A -m foo
257 257 adding foo
258 258
259 259 $ hg clone 1 2
260 260 updating to branch default
261 261 1 files updated, 0 files merged, 0 files removed, 0 files unresolved
262 262
263 263 $ hg clone 2 3
264 264 updating to branch default
265 265 1 files updated, 0 files merged, 0 files removed, 0 files unresolved
266 266
267 267 $ cat <<EOF > $TESTTMP/debuglocks-pretxn-hook.sh
268 268 > hg debuglocks
269 269 > true
270 270 > EOF
271 271 $ echo '[hooks]' >> 2/.hg/hgrc
272 272 $ echo "pretxnchangegroup.a = sh $TESTTMP/debuglocks-pretxn-hook.sh" >> 2/.hg/hgrc
273 273 $ echo 'changegroup.push = hg push -qf ../1' >> 2/.hg/hgrc
274 274
275 275 $ echo bar >> 3/foo
276 276 $ hg --cwd 3 ci -m bar
277 277
278 278 $ hg --cwd 3 push ../2 --config devel.legacy.exchange=bundle1
279 279 pushing to ../2
280 280 searching for changes
281 281 adding changesets
282 282 adding manifests
283 283 adding file changes
284 284 added 1 changesets with 1 changes to 1 files
285 285 lock: user *, process * (*s) (glob)
286 286 wlock: free
287 287
288 288 $ hg --cwd 1 --config extensions.strip= strip tip -q
289 289 $ hg --cwd 2 --config extensions.strip= strip tip -q
290 290 $ hg --cwd 3 push ../2 # bundle2+
291 291 pushing to ../2
292 292 searching for changes
293 293 adding changesets
294 294 adding manifests
295 295 adding file changes
296 296 added 1 changesets with 1 changes to 1 files
297 297 lock: user *, process * (*s) (glob)
298 298 wlock: user *, process * (*s) (glob)
299 299
300 300 Test bare push with multiple race checking options
301 301 --------------------------------------------------
302 302
303 303 $ hg init test-bare-push-no-concurrency
304 304 $ hg init test-bare-push-unrelated-concurrency
305 305 $ hg -R test-revflag push -r 0 test-bare-push-no-concurrency --config server.concurrent-push-mode=strict
306 306 pushing to test-bare-push-no-concurrency
307 307 searching for changes
308 308 adding changesets
309 309 adding manifests
310 310 adding file changes
311 311 added 1 changesets with 1 changes to 1 files
312 312 $ hg -R test-revflag push -r 0 test-bare-push-unrelated-concurrency --config server.concurrent-push-mode=check-related
313 313 pushing to test-bare-push-unrelated-concurrency
314 314 searching for changes
315 315 adding changesets
316 316 adding manifests
317 317 adding file changes
318 318 added 1 changesets with 1 changes to 1 files
319
320 SEC: check for unsafe ssh url
321
322 $ hg -R test-revflag push 'ssh://-oProxyCommand=touch${IFS}owned/path'
323 pushing to ssh://-oProxyCommand%3Dtouch%24%7BIFS%7Downed/path
324 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path'
325 [255]
326 $ hg -R test-revflag push 'ssh://%2DoProxyCommand=touch${IFS}owned/path'
327 pushing to ssh://-oProxyCommand%3Dtouch%24%7BIFS%7Downed/path
328 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path'
329 [255]
330 $ hg -R test-revflag push 'ssh://fakehost|shellcommand/path'
331 pushing to ssh://fakehost%7Cshellcommand/path
332 abort: potentially unsafe url: 'ssh://fakehost|shellcommand/path'
333 [255]
334 $ hg -R test-revflag push 'ssh://fakehost%7Cshellcommand/path'
335 pushing to ssh://fakehost%7Cshellcommand/path
336 abort: potentially unsafe url: 'ssh://fakehost|shellcommand/path'
337 [255]
General Comments 0
You need to be logged in to leave comments. Login now