Mercurial > hg-git
diff tests/test-git-clone.t @ 1044:c35751c248c3
ssh: unban the use of pipe character in hostname
The test changes demonstrate that the hostname gets URL-encoded before
being passed to ssh(1).
author | Kevin Bullock <kbullock@ringworld.org> |
---|---|
date | Thu, 10 Aug 2017 14:19:04 -0400 |
parents | 9b09dd0a6308 |
children | 312c4bb96e68 |
line wrap: on
line diff
--- a/tests/test-git-clone.t Wed Aug 09 21:34:15 2017 -0400 +++ b/tests/test-git-clone.t Thu Aug 10 14:19:04 2017 -0400 @@ -39,15 +39,20 @@ test for ssh vulnerability - $ hg clone 'git+ssh://-oProxyCommand=rm${IFS}nonexistent/path' | grep -v 'destination\|pulling from' - abort: potentially unsafe hostname: '-oProxyCommand=rm${IFS}nonexistent' - [1] - $ hg clone 'git+ssh://%2DoProxyCommand=rm${IFS}nonexistent/path' | grep -v 'destination\|pulling from' + $ cat >> $HGRCPATH << EOF + > [ui] + > ssh = ssh -o ConnectTimeout=1 + > EOF + + $ hg clone 'git+ssh://-oProxyCommand=rm${IFS}nonexistent/path' 2>&1 >/dev/null abort: potentially unsafe hostname: '-oProxyCommand=rm${IFS}nonexistent' - [1] - $ hg clone 'git+ssh://fakehost|shellcommand/path' | grep -v 'destination\|pulling from' - abort: potentially unsafe hostname: 'fakehost|shellcommand' - [1] - $ hg clone 'git+ssh://fakehost%7Cshellcommand/path' | grep -v 'destination\|pulling from' - abort: potentially unsafe hostname: 'fakehost|shellcommand' - [1] + [255] + $ hg clone 'git+ssh://%2DoProxyCommand=rm${IFS}nonexistent/path' 2>&1 >/dev/null + abort: potentially unsafe hostname: '-oProxyCommand=rm${IFS}nonexistent' + [255] + $ hg clone 'git+ssh://fakehost|rm${IFS}nonexistent/path' 2>&1 >/dev/null | grep -v ^devel-warn: + ssh: connect to host fakehost%7crm%24%7bifs%7dnonexistent port 22: * (glob) + abort: git remote error: The remote server unexpectedly closed the connection. + $ hg clone 'git+ssh://fakehost%7Crm${IFS}nonexistent/path' 2>&1 >/dev/null | grep -v ^devel-warn: + ssh: connect to host fakehost%7crm%24%7bifs%7dnonexistent port 22: * (glob) + abort: git remote error: The remote server unexpectedly closed the connection.