changeset 12049:e329c250b0ba stable

url: limit expansion to safe auth keys (Issue2328) Mads Kiilerich pointed out that 7c9beccb0533 was too eager since the prefix and password keys may contain $-signs. So this only add the username to the list of keys that are expanded. This also updates the documentation to match.
author Martin Geisler <mg@aragost.com>
date Fri, 13 Aug 2010 10:53:10 +0200
parents 11035185b619
children c5fd25c1bc4a
files doc/hgrc.5.txt mercurial/url.py
diffstat 2 files changed, 9 insertions(+), 5 deletions(-) [+]
line wrap: on
line diff
--- a/doc/hgrc.5.txt	Fri Aug 13 10:10:11 2010 +0200
+++ b/doc/hgrc.5.txt	Fri Aug 13 10:53:10 2010 +0200
@@ -232,16 +232,19 @@
     argument, q.v., is then subsequently consulted.
 ``username``
     Optional. Username to authenticate with. If not given, and the
-    remote site requires basic or digest authentication, the user
-    will be prompted for it.
+    remote site requires basic or digest authentication, the user will
+    be prompted for it. Environment variables are expanded in the
+    username letting you do ``foo.username = $USER``.
 ``password``
     Optional. Password to authenticate with. If not given, and the
     remote site requires basic or digest authentication, the user
     will be prompted for it.
 ``key``
-    Optional. PEM encoded client certificate key file.
+    Optional. PEM encoded client certificate key file. Environment
+    variables are expanded in the filename.
 ``cert``
-    Optional. PEM encoded client certificate chain file.
+    Optional. PEM encoded client certificate chain file. Environment
+    variables are expanded in the filename.
 ``schemes``
     Optional. Space separated list of URI schemes to use this
     authentication entry with. Only used if the prefix doesn't include
--- a/mercurial/url.py	Fri Aug 13 10:10:11 2010 +0200
+++ b/mercurial/url.py	Fri Aug 13 10:53:10 2010 +0200
@@ -156,7 +156,8 @@
                 continue
             group, setting = key.split('.', 1)
             gdict = config.setdefault(group, dict())
-            val = util.expandpath(val)
+            if setting in ('username', 'cert', 'key'):
+                val = util.expandpath(val)
             gdict[setting] = val
 
         # Find the best match