[PATCH STABLE] subrepo: mask out passwords embedded in the messages displaying a URL
Matt Harbison
mharbison72 at gmail.com
Tue Sep 11 22:18:05 UTC 2018
# HG changeset patch
# User Matt Harbison <matt_harbison at yahoo.com>
# Date 1536688337 14400
# Tue Sep 11 13:52:17 2018 -0400
# Branch stable
# Node ID 41ac8ea1bdd751303e49d5a98def025f78dbbf0c
# Parent 6af7765bdb7c88da8393cdddbe836989852b5a5f
subrepo: mask out passwords embedded in the messages displaying a URL
I noticed the password in maintenance logs for the "no changes since last push"
and "pushing to" messages when pushing with an explicit path. But the test case
here with :pushurl was also affected. I didn't see that cloning or pulling
subrepos on demand had this problem, but it seems safer to just mask that too.
There's a bit of a disconnect here, because it looks like clone is slicing off
the password (makes sense not to store it in the hgrc in cleartext). But not
shearing it off of an explicit path causes the subrepo not to realize that it
already pushed the latest stuff. This is the easiest fix, however.
diff --git a/mercurial/subrepo.py b/mercurial/subrepo.py
--- a/mercurial/subrepo.py
+++ b/mercurial/subrepo.py
@@ -655,7 +655,7 @@ class hgsubrepo(abstractsubrepo):
shareopts = {}
self.ui.status(_('cloning subrepo %s from %s\n')
- % (subrelpath(self), srcurl))
+ % (subrelpath(self), util.hidepassword(srcurl)))
other, cloned = hg.clone(self._repo._subparent.baseui, {},
other, self._repo.root,
update=False, shareopts=shareopts)
@@ -664,7 +664,7 @@ class hgsubrepo(abstractsubrepo):
self._cachestorehash(srcurl)
else:
self.ui.status(_('pulling subrepo %s from %s\n')
- % (subrelpath(self), srcurl))
+ % (subrelpath(self), util.hidepassword(srcurl)))
cleansub = self.storeclean(srcurl)
exchange.pull(self._repo, other)
if cleansub:
@@ -735,10 +735,10 @@ class hgsubrepo(abstractsubrepo):
if self.storeclean(dsturl):
self.ui.status(
_('no changes made to subrepo %s since last push to %s\n')
- % (subrelpath(self), dsturl))
+ % (subrelpath(self), util.hidepassword(dsturl)))
return None
self.ui.status(_('pushing subrepo %s to %s\n') %
- (subrelpath(self), dsturl))
+ (subrelpath(self), util.hidepassword(dsturl)))
other = hg.peer(self._repo, {'ssh': ssh}, dsturl)
res = exchange.push(self._repo, other, force, newbranch=newbranch)
diff --git a/tests/test-subrepo-relative-path.t b/tests/test-subrepo-relative-path.t
--- a/tests/test-subrepo-relative-path.t
+++ b/tests/test-subrepo-relative-path.t
@@ -39,7 +39,7 @@ Serving them both using hgweb
Clone main from hgweb
- $ hg clone "http://localhost:$HGPORT/main" cloned
+ $ hg clone "http://user:pass@localhost:$HGPORT/main" cloned
requesting all changes
adding changesets
adding manifests
@@ -47,7 +47,7 @@ Clone main from hgweb
added 1 changesets with 3 changes to 3 files
new changesets fdfeeb3e979e
updating to branch default
- cloning subrepo sub from http://localhost:$HGPORT/sub
+ cloning subrepo sub from http://user@localhost:$HGPORT/sub
requesting all changes
adding changesets
adding manifests
@@ -60,21 +60,28 @@ Ensure that subrepos pay attention to de
$ cat > cloned/.hg/hgrc << EOF
> [paths]
- > default:pushurl = http://localhost:$HGPORT/main
+ > default:pushurl = http://user:pass@localhost:$HGPORT/main
> EOF
$ hg -R cloned out -S --config paths.default=bogus://invalid
- comparing with http://localhost:$HGPORT/main
+ comparing with http://user:***@localhost:$HGPORT/main
searching for changes
no changes found
- comparing with http://localhost:$HGPORT/sub
+ comparing with http://user:***@localhost:$HGPORT/sub
searching for changes
no changes found
[1]
+TODO: Figure out why, if the password is left out of the default:pushurl URL,
+this says "no changes made to subrepo sub since last push". It looks like from
+the original clone command above, the password is getting stripped off, not
+just masked out, and that would make the hashed URL different.
+
$ hg -R cloned push --config paths.default=bogus://invalid
- pushing to http://localhost:$HGPORT/main
- no changes made to subrepo sub since last push to http://localhost:$HGPORT/sub
+ pushing to http://user:***@localhost:$HGPORT/main
+ pushing subrepo sub to http://user:***@localhost:$HGPORT/sub
+ searching for changes
+ no changes found
searching for changes
no changes found
abort: HTTP Error 403: ssl required
More information about the Mercurial-devel
mailing list