317 adding file changes |
317 adding file changes |
318 added 1 changesets with 1 changes to 1 files |
318 added 1 changesets with 1 changes to 1 files |
319 |
319 |
320 SEC: check for unsafe ssh url |
320 SEC: check for unsafe ssh url |
321 |
321 |
|
322 $ cat >> $HGRCPATH << EOF |
|
323 > [ui] |
|
324 > ssh = sh -c "read l; read l; read l" |
|
325 > EOF |
|
326 |
322 $ hg -R test-revflag push 'ssh://-oProxyCommand=touch${IFS}owned/path' |
327 $ hg -R test-revflag push 'ssh://-oProxyCommand=touch${IFS}owned/path' |
323 pushing to ssh://-oProxyCommand%3Dtouch%24%7BIFS%7Downed/path |
328 pushing to ssh://-oProxyCommand%3Dtouch%24%7BIFS%7Downed/path |
324 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path' |
329 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path' |
325 [255] |
330 [255] |
326 $ hg -R test-revflag push 'ssh://%2DoProxyCommand=touch${IFS}owned/path' |
331 $ hg -R test-revflag push 'ssh://%2DoProxyCommand=touch${IFS}owned/path' |
327 pushing to ssh://-oProxyCommand%3Dtouch%24%7BIFS%7Downed/path |
332 pushing to ssh://-oProxyCommand%3Dtouch%24%7BIFS%7Downed/path |
328 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path' |
333 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path' |
329 [255] |
334 [255] |
330 $ hg -R test-revflag push 'ssh://fakehost|shellcommand/path' |
335 $ hg -R test-revflag push 'ssh://fakehost|touch${IFS}owned/path' |
331 pushing to ssh://fakehost%7Cshellcommand/path |
336 pushing to ssh://fakehost%7Ctouch%24%7BIFS%7Downed/path |
332 abort: potentially unsafe url: 'ssh://fakehost|shellcommand/path' |
337 abort: no suitable response from remote hg! |
333 [255] |
338 [255] |
334 $ hg -R test-revflag push 'ssh://fakehost%7Cshellcommand/path' |
339 $ hg -R test-revflag push 'ssh://fakehost%7Ctouch%20owned/path' |
335 pushing to ssh://fakehost%7Cshellcommand/path |
340 pushing to ssh://fakehost%7Ctouch%20owned/path |
336 abort: potentially unsafe url: 'ssh://fakehost|shellcommand/path' |
341 abort: no suitable response from remote hg! |
337 [255] |
342 [255] |
|
343 |
|
344 $ [ ! -f owned ] || echo 'you got owned' |