url: limit expansion to safe auth keys (Issue2328)
Mads Kiilerich pointed out that
7c9beccb0533 was too eager since the
prefix and password keys may contain $-signs. So this only add the
username to the list of keys that are expanded.
This also updates the documentation to match.
--- a/doc/hgrc.5.txt Fri Aug 13 10:28:59 2010 +0200
+++ b/doc/hgrc.5.txt Fri Aug 13 10:53:10 2010 +0200
@@ -232,16 +232,19 @@
argument, q.v., is then subsequently consulted.
``username``
Optional. Username to authenticate with. If not given, and the
- remote site requires basic or digest authentication, the user
- will be prompted for it.
+ remote site requires basic or digest authentication, the user will
+ be prompted for it. Environment variables are expanded in the
+ username letting you do ``foo.username = $USER``.
``password``
Optional. Password to authenticate with. If not given, and the
remote site requires basic or digest authentication, the user
will be prompted for it.
``key``
- Optional. PEM encoded client certificate key file.
+ Optional. PEM encoded client certificate key file. Environment
+ variables are expanded in the filename.
``cert``
- Optional. PEM encoded client certificate chain file.
+ Optional. PEM encoded client certificate chain file. Environment
+ variables are expanded in the filename.
``schemes``
Optional. Space separated list of URI schemes to use this
authentication entry with. Only used if the prefix doesn't include
--- a/mercurial/url.py Fri Aug 13 10:28:59 2010 +0200
+++ b/mercurial/url.py Fri Aug 13 10:53:10 2010 +0200
@@ -156,7 +156,8 @@
continue
group, setting = key.split('.', 1)
gdict = config.setdefault(group, dict())
- val = util.expandpath(val)
+ if setting in ('username', 'cert', 'key'):
+ val = util.expandpath(val)
gdict[setting] = val
# Find the best match