HomePhabricator

Provide an explicit "-R" flag to "hg serve"

Authored by epriestley on Sep 15 2017, 12:46 PM.

Description

Provide an explicit "-R" flag to "hg serve"

Summary:
See https://discourse.phabricator-community.org/t/unable-to-use-current-mercurial-on-debian-stretch/391.

The Mercurial commit is helpful in particular: https://www.mercurial-scm.org/repo/hg/rev/77eaf9539499

We weren't vulnerable to the security issue (users can not control any part of the command) but pass the working directory explicitly to get past the new safety check.

I left setCWD() in place (a few lines below) just because it can't hurt, and in some other contexts it sometimes matter (for example, if commit hooks execute, they might inherit the parent CWD here or in other VCSes).

Test Plan:

  • Cloned from a Mercurial repo locally over HTTP.
  • Verified that SSH cloning already uses -R (it does, see DiffusionMercurialServeSSHWorkflow).
  • Did not actually upgrade to Mercurial 4.0/4.1.3 to completely verify this, but a user in the Discourse thread asserted that a substantially similar fix worked correctly.

Reviewers: amckinley

Reviewed By: amckinley

Differential Revision: https://secure.phabricator.com/D18611

Details

Committed
epriestleySep 15 2017, 3:57 PM
Pushed
epriestleySep 15 2017, 3:57 PM
Reviewer
amckinley
Differential Revision
D18611: Provide an explicit "-R" flag to "hg serve"
Parents
rP5ae3af6691ca: Fix an outdated HTML anchor link in Diffusion table of contents
Branches
Unknown
Tags
Unknown
Build Status
Buildable 18467
Build 24868: Run Core Tests