Mercurial > hg > hg-git
changeset 1045:c35751c248c3
ssh: unban the use of pipe character in hostname
The test changes demonstrate that the hostname gets URL-encoded before
being passed to ssh(1).
author | Kevin Bullock <kbullock@ringworld.org> |
---|---|
date | Thu, 10 Aug 2017 14:19:04 -0400 |
parents | 9b09dd0a6308 |
children | c560ed4d5a55 |
files | hggit/util.py tests/test-git-clone.t tests/test-pull.t tests/test-push.t |
diffstat | 4 files changed, 46 insertions(+), 32 deletions(-) [+] |
line wrap: on
line diff
--- a/hggit/util.py +++ b/hggit/util.py @@ -135,6 +135,6 @@ Raises an error.Abort when the url is unsafe. """ host = urllib.unquote(host) - if host.startswith('-') or '|' in host: + if host.startswith('-'): raise error.Abort(_('potentially unsafe hostname: %r') % (host,))
--- a/tests/test-git-clone.t +++ b/tests/test-git-clone.t @@ -39,15 +39,20 @@ test for ssh vulnerability - $ hg clone 'git+ssh://-oProxyCommand=rm${IFS}nonexistent/path' | grep -v 'destination\|pulling from' - abort: potentially unsafe hostname: '-oProxyCommand=rm${IFS}nonexistent' - [1] - $ hg clone 'git+ssh://%2DoProxyCommand=rm${IFS}nonexistent/path' | grep -v 'destination\|pulling from' + $ cat >> $HGRCPATH << EOF + > [ui] + > ssh = ssh -o ConnectTimeout=1 + > EOF + + $ hg clone 'git+ssh://-oProxyCommand=rm${IFS}nonexistent/path' 2>&1 >/dev/null abort: potentially unsafe hostname: '-oProxyCommand=rm${IFS}nonexistent' - [1] - $ hg clone 'git+ssh://fakehost|shellcommand/path' | grep -v 'destination\|pulling from' - abort: potentially unsafe hostname: 'fakehost|shellcommand' - [1] - $ hg clone 'git+ssh://fakehost%7Cshellcommand/path' | grep -v 'destination\|pulling from' - abort: potentially unsafe hostname: 'fakehost|shellcommand' - [1] + [255] + $ hg clone 'git+ssh://%2DoProxyCommand=rm${IFS}nonexistent/path' 2>&1 >/dev/null + abort: potentially unsafe hostname: '-oProxyCommand=rm${IFS}nonexistent' + [255] + $ hg clone 'git+ssh://fakehost|rm${IFS}nonexistent/path' 2>&1 >/dev/null | grep -v ^devel-warn: + ssh: connect to host fakehost%7crm%24%7bifs%7dnonexistent port 22: * (glob) + abort: git remote error: The remote server unexpectedly closed the connection. + $ hg clone 'git+ssh://fakehost%7Crm${IFS}nonexistent/path' 2>&1 >/dev/null | grep -v ^devel-warn: + ssh: connect to host fakehost%7crm%24%7bifs%7dnonexistent port 22: * (glob) + abort: git remote error: The remote server unexpectedly closed the connection.
--- a/tests/test-pull.t +++ b/tests/test-pull.t @@ -352,17 +352,22 @@ test for ssh vulnerability + $ cat >> $HGRCPATH << EOF + > [ui] + > ssh = ssh -o ConnectTimeout=1 + > EOF + $ hg init a $ cd a - $ hg pull 'git+ssh://-oProxyCommand=rm${IFS}nonexistent/path' | grep -v 'destination\|pulling from' + $ hg pull 'git+ssh://-oProxyCommand=rm${IFS}nonexistent/path' 2>&1 >/dev/null abort: potentially unsafe hostname: '-oProxyCommand=rm${IFS}nonexistent' - [1] - $ hg pull 'git+ssh://-oProxyCommand=rm%20nonexistent/path' | grep -v 'destination\|pulling from' + [255] + $ hg pull 'git+ssh://-oProxyCommand=rm%20nonexistent/path' 2>&1 >/dev/null abort: potentially unsafe hostname: '-oProxyCommand=rm nonexistent' - [1] - $ hg pull 'git+ssh://fakehost|shellcommand/path' | grep -v 'destination\|pulling from' - abort: potentially unsafe hostname: 'fakehost|shellcommand' - [1] - $ hg pull 'git+ssh://fakehost%7Cshellcommand/path' | grep -v 'destination\|pulling from' - abort: potentially unsafe hostname: 'fakehost|shellcommand' - [1] + [255] + $ hg pull 'git+ssh://fakehost|shellcommand/path' 2>&1 >/dev/null | grep -v ^devel-warn: + ssh: connect to host fakehost%7cshellcommand port 22: * (glob) + abort: git remote error: The remote server unexpectedly closed the connection. + $ hg pull 'git+ssh://fakehost%7Cshellcommand/path' 2>&1 >/dev/null | grep -v ^devel-warn: + ssh: connect to host fakehost%7cshellcommand port 22: * (glob) + abort: git remote error: The remote server unexpectedly closed the connection.
--- a/tests/test-push.t +++ b/tests/test-push.t @@ -200,15 +200,19 @@ test for ssh vulnerability - $ hg push 'git+ssh://-oProxyCommand=rm${IFS}nonexistent/path' | grep -v 'pushing to' + $ cat >> $HGRCPATH << EOF + > [ui] + > ssh = ssh -o ConnectTimeout=1 + > EOF + $ hg push 'git+ssh://-oProxyCommand=rm${IFS}nonexistent/path' 2>&1 >/dev/null abort: potentially unsafe hostname: '-oProxyCommand=rm${IFS}nonexistent' - [1] - $ hg push 'git+ssh://-oProxyCommand=rm%20nonexistent/path' | grep -v 'pushing to' + [255] + $ hg push 'git+ssh://-oProxyCommand=rm%20nonexistent/path' 2>&1 >/dev/null abort: potentially unsafe hostname: '-oProxyCommand=rm nonexistent' - [1] - $ hg push 'git+ssh://fakehost|shellcommand/path' | grep -v 'pushing to' - abort: potentially unsafe hostname: 'fakehost|shellcommand' - [1] - $ hg push 'git+ssh://fakehost%7Cshellcommand/path' | grep -v 'pushing to' - abort: potentially unsafe hostname: 'fakehost|shellcommand' - [1] + [255] + $ hg push 'git+ssh://fakehost|rm%20nonexistent/path' 2>&1 >/dev/null | grep -v ^devel-warn: + ssh: connect to host fakehost%7crm%20nonexistent port 22: * (glob) + abort: git remote error: The remote server unexpectedly closed the connection. + $ hg push 'git+ssh://fakehost%7Crm%20nonexistent/path' 2>&1 >/dev/null | grep -v ^devel-warn: + ssh: connect to host fakehost%7crm%20nonexistent port 22: * (glob) + abort: git remote error: The remote server unexpectedly closed the connection.