subrepo: add tests for hg rogue ssh urls (SEC)
'ssh://' has an exploit that will pass the url blindly to the ssh
command, allowing a malicious person to have a subrepo with
'-oProxyCommand' which could run arbitrary code on a user's machine. In
addition, at least on Windows, a pipe '|' is able to execute arbitrary
commands.
When this happens, let's throw a big abort into the user's face so that
they can inspect what's going on.
#!/bin/bash -e
. $(dirname $0)/dockerlib.sh
BUILDDIR=$(dirname $0)
export ROOTDIR=$(cd $BUILDDIR/..; pwd)
checkdocker
PLATFORM="$1"
shift # extra params are passed to buildrpm
initcontainer $PLATFORM
RPMBUILDDIR=$ROOTDIR/packages/$PLATFORM
contrib/buildrpm --rpmbuilddir $RPMBUILDDIR --prepare $*
DSHARED=/mnt/shared
$DOCKER run -u $DBUILDUSER --rm -v $RPMBUILDDIR:$DSHARED $CONTAINER \
rpmbuild --define "_topdir $DSHARED" -ba $DSHARED/SPECS/mercurial.spec --clean
$DOCKER run -u $DBUILDUSER --rm -v $RPMBUILDDIR:$DSHARED $CONTAINER \
createrepo $DSHARED
cat << EOF > $RPMBUILDDIR/mercurial.repo
# Place this file in /etc/yum.repos.d/mercurial.repo
[mercurial]
name=Mercurial packages for $PLATFORM
# baseurl=file://$RPMBUILDDIR/
baseurl=http://hg.example.com/build/$PLATFORM/
skip_if_unavailable=True
gpgcheck=0
enabled=1
EOF
echo
echo "Build complete - results can be found in $RPMBUILDDIR"