Mercurial > kallithea
changeset 8148:7163feda7140 stable
ssh: ignore trailing '/' after repo name in URLs (Issue #352)
Make SSH URLs similar to how HTTP URLs are handled in simplehg.py / simplegit.py .
We will consistently use the stripped repo name, so there should be no security
or ambiguities or reliability concerns.
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Sat, 25 Jan 2020 21:26:01 +0100 |
parents | fe93c67afc4d |
children | ecef27ac1ffa |
files | kallithea/lib/vcs/backends/ssh.py kallithea/tests/other/test_vcs_operations.py |
diffstat | 2 files changed, 10 insertions(+), 16 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/lib/vcs/backends/ssh.py Sat Jan 25 21:04:50 2020 +0100 +++ b/kallithea/lib/vcs/backends/ssh.py Sat Jan 25 21:26:01 2020 +0100 @@ -56,7 +56,7 @@ raise NotImplementedError def __init__(self, repo_name): - self.repo_name = repo_name + self.repo_name = repo_name.rstrip('/') def serve(self, user_id, key_id, client_ip): """Verify basic sanity of the repository, and that the user is
--- a/kallithea/tests/other/test_vcs_operations.py Sat Jan 25 21:04:50 2020 +0100 +++ b/kallithea/tests/other/test_vcs_operations.py Sat Jan 25 21:26:01 2020 +0100 @@ -425,25 +425,19 @@ else: assert issubclass(vt, SshVcsTest) if vt.repo_type == 'git': - assert "abort: Access to './%s/' denied" % vt.repo_name in stderr + assert "abort: Access to './%s' denied" % vt.repo_name in stderr else: - assert "abort: Access to './%s/' denied" % vt.repo_name in stdout + assert "abort: Access to './%s' denied" % vt.repo_name in stdout stdout, stderr = Command(dest_dir).execute(vt.repo_type, 'pull', clone_url.replace('/' + vt.repo_name, '/%s/' % vt.repo_name), ignoreReturnCode=True) - if issubclass(vt, HttpVcsTest): - if vt.repo_type == 'git': - assert 'Already up to date.' in stdout - else: - assert vt.repo_type == 'hg' - assert "no changes found" in stdout - assert "denied" not in stderr - assert "denied" not in stdout - assert "404" not in stdout + if vt.repo_type == 'git': + assert 'Already up to date.' in stdout else: - if vt.repo_type == 'git': - assert "denied" in stderr - else: - assert "denied" in stdout + assert vt.repo_type == 'hg' + assert "no changes found" in stdout + assert "denied" not in stderr + assert "denied" not in stdout + assert "404" not in stdout @parametrize_vcs_test def test_push_invalidates_cache(self, webserver, testfork, vt):