# HG changeset patch # User Martin Geisler # Date 1281689590 -7200 # Node ID e329c250b0bac3685720c8de12d4e40234487a97 # Parent 11035185b619ebb6bc8b01f12d254be6ee44a554 url: limit expansion to safe auth keys (Issue2328) Mads Kiilerich pointed out that 7c9beccb0533 was too eager since the prefix and password keys may contain $-signs. So this only add the username to the list of keys that are expanded. This also updates the documentation to match. diff -r 11035185b619 -r e329c250b0ba doc/hgrc.5.txt --- a/doc/hgrc.5.txt Fri Aug 13 10:10:11 2010 +0200 +++ b/doc/hgrc.5.txt Fri Aug 13 10:53:10 2010 +0200 @@ -232,16 +232,19 @@ argument, q.v., is then subsequently consulted. ``username`` Optional. Username to authenticate with. If not given, and the - remote site requires basic or digest authentication, the user - will be prompted for it. + remote site requires basic or digest authentication, the user will + be prompted for it. Environment variables are expanded in the + username letting you do ``foo.username = $USER``. ``password`` Optional. Password to authenticate with. If not given, and the remote site requires basic or digest authentication, the user will be prompted for it. ``key`` - Optional. PEM encoded client certificate key file. + Optional. PEM encoded client certificate key file. Environment + variables are expanded in the filename. ``cert`` - Optional. PEM encoded client certificate chain file. + Optional. PEM encoded client certificate chain file. Environment + variables are expanded in the filename. ``schemes`` Optional. Space separated list of URI schemes to use this authentication entry with. Only used if the prefix doesn't include diff -r 11035185b619 -r e329c250b0ba mercurial/url.py --- a/mercurial/url.py Fri Aug 13 10:10:11 2010 +0200 +++ b/mercurial/url.py Fri Aug 13 10:53:10 2010 +0200 @@ -156,7 +156,8 @@ continue group, setting = key.split('.', 1) gdict = config.setdefault(group, dict()) - val = util.expandpath(val) + if setting in ('username', 'cert', 'key'): + val = util.expandpath(val) gdict[setting] = val # Find the best match