##// END OF EJS Templates
dispatch: protect against malicious 'hg serve --stdio' invocations (sec)...
dispatch: protect against malicious 'hg serve --stdio' invocations (sec) Some shared-ssh installations assume that 'hg serve --stdio' is a safe command to run for minimally trusted users. Unfortunately, the messy implementation of argument parsing here meant that trying to access a repo named '--debugger' would give the user a pdb prompt, thereby sidestepping any hoped-for sandboxing. Serving repositories over HTTP(S) is unaffected. We're not currently hardening any subcommands other than 'serve'. If your service exposes other commands to users with arbitrary repository names, it is imperative that you defend against repository names of '--debugger' and anything starting with '--config'. The read-only mode of hg-ssh stopped working because it provided its hook configuration to "hg serve --stdio" via --config parameter. This is banned for security reasons now. This patch switches it to directly call ui.setconfig(). If your custom hosting infrastructure relies on passing --config to "hg serve --stdio", you'll need to find a different way to get that configuration into Mercurial, either by using ui.setconfig() as hg-ssh does in this patch, or by placing an hgrc file someplace where Mercurial will read it. mitrandir@fb.com provided some extra fixes for the dispatch code and for hg-ssh in places that I overlooked.

File last commit:

r26618:8e6d5b73 default
r32050:77eaf953 4.1.3 stable
Show More
test-merge9.t
94 lines | 1.7 KiB | text/troff | Tads3Lexer
test that we don't interrupt the merge session if
a file-level merge failed
$ hg init repo
$ cd repo
$ echo foo > foo
$ echo a > bar
$ hg ci -Am 'add foo'
adding bar
adding foo
$ hg mv foo baz
$ echo b >> bar
$ echo quux > quux1
$ hg ci -Am 'mv foo baz'
adding quux1
$ hg up -qC 0
$ echo >> foo
$ echo c >> bar
$ echo quux > quux2
$ hg ci -Am 'change foo'
adding quux2
created new head
test with the rename on the remote side
$ HGMERGE=false hg merge
merging bar
merging foo and baz to baz
merging bar failed!
1 files updated, 1 files merged, 0 files removed, 1 files unresolved
use 'hg resolve' to retry unresolved file merges or 'hg update -C .' to abandon
[1]
$ hg resolve -l
U bar
R baz
test with the rename on the local side
$ hg up -C 1
3 files updated, 0 files merged, 1 files removed, 0 files unresolved
$ HGMERGE=false hg merge
merging bar
merging baz and foo to baz
merging bar failed!
1 files updated, 1 files merged, 0 files removed, 1 files unresolved
use 'hg resolve' to retry unresolved file merges or 'hg update -C .' to abandon
[1]
show unresolved
$ hg resolve -l
U bar
R baz
unmark baz
$ hg resolve -u baz
show
$ hg resolve -l
U bar
U baz
$ hg st
M bar
M baz
M quux2
? bar.orig
re-resolve baz
$ hg resolve baz
merging baz and foo to baz
after resolve
$ hg resolve -l
U bar
R baz
resolve all warning
$ hg resolve
abort: no files or directories specified
(use --all to re-merge all unresolved files)
[255]
resolve all
$ hg resolve -a
merging bar
warning: conflicts while merging bar! (edit, then use 'hg resolve --mark')
[1]
after
$ hg resolve -l
U bar
R baz
$ cd ..