1098 updating working directory |
1098 updating working directory |
1099 1 files updated, 0 files merged, 0 files removed, 0 files unresolved |
1099 1 files updated, 0 files merged, 0 files removed, 0 files unresolved |
1100 |
1100 |
1101 SEC: check for unsafe ssh url |
1101 SEC: check for unsafe ssh url |
1102 |
1102 |
|
1103 $ cat >> $HGRCPATH << EOF |
|
1104 > [ui] |
|
1105 > ssh = sh -c "read l; read l; read l" |
|
1106 > EOF |
|
1107 |
1103 $ hg clone 'ssh://-oProxyCommand=touch${IFS}owned/path' |
1108 $ hg clone 'ssh://-oProxyCommand=touch${IFS}owned/path' |
1104 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path' |
1109 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path' |
1105 [255] |
1110 [255] |
1106 $ hg clone 'ssh://%2DoProxyCommand=touch${IFS}owned/path' |
1111 $ hg clone 'ssh://%2DoProxyCommand=touch${IFS}owned/path' |
1107 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path' |
1112 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path' |
1114 [255] |
1119 [255] |
1115 |
1120 |
1116 $ hg clone 'ssh://-oProxyCommand=touch owned%20foo@example.com/nonexistent/path' |
1121 $ hg clone 'ssh://-oProxyCommand=touch owned%20foo@example.com/nonexistent/path' |
1117 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch owned foo@example.com/nonexistent/path' |
1122 abort: potentially unsafe url: 'ssh://-oProxyCommand=touch owned foo@example.com/nonexistent/path' |
1118 [255] |
1123 [255] |
|
1124 |
|
1125 #if windows |
|
1126 $ hg clone "ssh://%26touch%20owned%20/" --debug |
|
1127 running sh -c "read l; read l; read l" "&touch owned " "hg -R . serve --stdio" |
|
1128 sending hello command |
|
1129 sending between command |
|
1130 abort: no suitable response from remote hg! |
|
1131 [255] |
|
1132 $ hg clone "ssh://example.com:%26touch%20owned%20/" --debug |
|
1133 running sh -c "read l; read l; read l" -p "&touch owned " example.com "hg -R . serve --stdio" |
|
1134 sending hello command |
|
1135 sending between command |
|
1136 abort: no suitable response from remote hg! |
|
1137 [255] |
|
1138 #else |
|
1139 $ hg clone "ssh://%3btouch%20owned%20/" --debug |
|
1140 running sh -c "read l; read l; read l" ';touch owned ' 'hg -R . serve --stdio' |
|
1141 sending hello command |
|
1142 sending between command |
|
1143 abort: no suitable response from remote hg! |
|
1144 [255] |
|
1145 $ hg clone "ssh://example.com:%3btouch%20owned%20/" --debug |
|
1146 running sh -c "read l; read l; read l" -p ';touch owned ' example.com 'hg -R . serve --stdio' |
|
1147 sending hello command |
|
1148 sending between command |
|
1149 abort: no suitable response from remote hg! |
|
1150 [255] |
|
1151 #endif |
|
1152 |
|
1153 $ hg clone "ssh://v-alid.example.com/" --debug |
|
1154 running sh -c "read l; read l; read l" v-alid\.example\.com ['"]hg -R \. serve --stdio['"] (re) |
|
1155 sending hello command |
|
1156 sending between command |
|
1157 abort: no suitable response from remote hg! |
|
1158 [255] |
|
1159 |
1119 We should not have created a file named owned - if it exists, the |
1160 We should not have created a file named owned - if it exists, the |
1120 attack succeeded. |
1161 attack succeeded. |
1121 $ if test -f owned; then echo 'you got owned'; fi |
1162 $ if test -f owned; then echo 'you got owned'; fi |