ssh: unban the use of pipe character in user@host:port string
This vulnerability was fixed by the previous patch and there were more ways
to exploit than using '|shellcmd'. So it doesn't make sense to reject only
pipe character.
Test cases are updated to actually try to exploit the bug. As the SSH bridge
of git/svn subrepos are not managed by our code, the tests for non-hg subrepos
are just removed.
This may be folded into the original patches.
# extension to emulate invoking 'patch.internalpatch()' at the time
# specified by '[fakepatchtime] fakenow'
from __future__ import absolute_import
from mercurial import (
extensions,
patch as patchmod,
util,
)
def internalpatch(orig, ui, repo, patchobj, strip,
prefix='', files=None,
eolmode='strict', similarity=0):
if files is None:
files = set()
r = orig(ui, repo, patchobj, strip,
prefix=prefix, files=files,
eolmode=eolmode, similarity=similarity)
fakenow = ui.config('fakepatchtime', 'fakenow')
if fakenow:
# parsing 'fakenow' in YYYYmmddHHMM format makes comparison between
# 'fakenow' value and 'touch -t YYYYmmddHHMM' argument easy
fakenow = util.parsedate(fakenow, ['%Y%m%d%H%M'])[0]
for f in files:
repo.wvfs.utime(f, (fakenow, fakenow))
return r
def extsetup(ui):
extensions.wrapfunction(patchmod, 'internalpatch', internalpatch)