hg-git: tests/test-pull.t comparison

ssh: unban the use of pipe character in hostname The test changes demonstrate that the hostname gets URL-encoded before being passed to ssh(1).

author	Kevin Bullock <kbullock@ringworld.org>
date	Thu, 10 Aug 2017 14:19:04 -0400
parents	9b09dd0a6308
children	312c4bb96e68

comparison

equal deleted inserted replaced

-:9b09dd0a6308
+:c35751c248c3
 summary:     add delta
 test for ssh vulnerability
+$ cat >> $HGRCPATH << EOF
+> [ui]
+> ssh = ssh -o ConnectTimeout=1
+> EOF
 $ hg init a
 $ cd a
-$ hg pull 'git+ssh://-oProxyCommand=rm${IFS}nonexistent/path' | grep -v 'destination\|pulling from'
+$ hg pull 'git+ssh://-oProxyCommand=rm${IFS}nonexistent/path' 2>&1 >/dev/null
 abort: potentially unsafe hostname: '-oProxyCommand=rm${IFS}nonexistent'
-[1]
+[255]
-$ hg pull 'git+ssh://-oProxyCommand=rm%20nonexistent/path' | grep -v 'destination\|pulling from'
+$ hg pull 'git+ssh://-oProxyCommand=rm%20nonexistent/path' 2>&1 >/dev/null
 abort: potentially unsafe hostname: '-oProxyCommand=rm nonexistent'
-[1]
+[255]
-$ hg pull 'git+ssh://fakehost|shellcommand/path' | grep -v 'destination\|pulling from'
+$ hg pull 'git+ssh://fakehost|shellcommand/path' 2>&1 >/dev/null | grep -v ^devel-warn:
-abort: potentially unsafe hostname: 'fakehost|shellcommand'
+ssh: connect to host fakehost%7cshellcommand port 22: * (glob)
-[1]
+abort: git remote error: The remote server unexpectedly closed the connection.
-$ hg pull 'git+ssh://fakehost%7Cshellcommand/path' | grep -v 'destination\|pulling from'
+$ hg pull 'git+ssh://fakehost%7Cshellcommand/path' 2>&1 >/dev/null | grep -v ^devel-warn:
-abort: potentially unsafe hostname: 'fakehost|shellcommand'
+ssh: connect to host fakehost%7cshellcommand port 22: * (glob)
-[1]
+abort: git remote error: The remote server unexpectedly closed the connection.

Mercurial > hg > hg-git