use untrusted settings in hgweb
The only exceptions are web.static and web.templates, since they can
be used to get any file that is readable by the user running the CGI
script.
Other options can be (ab)used to increase the use of the cpu
(allow_bz2) or of the bandwidth (server.uncompressed), but they're
trusted anyway.
#!/bin/sh
hg init test
cd test
echo a > a
hg ci -Ama
cd ..
hg clone test test2
cd test2
echo a >> a
hg ci -mb
cd ../test
echo % expect ssl error
hg serve -p 20059 -d --pid-file=hg.pid
cat hg.pid >> $DAEMON_PIDS
hg --cwd ../test2 push http://localhost:20059/
kill `cat hg.pid`
echo % expect authorization error
echo '[web]' > .hg/hgrc
echo 'push_ssl = false' >> .hg/hgrc
hg serve -p 20059 -d --pid-file=hg.pid
cat hg.pid >> $DAEMON_PIDS
hg --cwd ../test2 push http://localhost:20059/
kill `cat hg.pid`
echo % expect authorization error: must have authorized user
echo 'allow_push = unperson' >> .hg/hgrc
hg serve -p 20059 -d --pid-file=hg.pid
cat hg.pid >> $DAEMON_PIDS
hg --cwd ../test2 push http://localhost:20059/
kill `cat hg.pid`
echo % expect success
echo 'allow_push = *' >> .hg/hgrc
echo '[hooks]' >> .hg/hgrc
echo 'changegroup = echo changegroup: u=$HG_URL >> $HGTMP/urls' >> .hg/hgrc
hg serve -p 20059 -d --pid-file=hg.pid
cat hg.pid >> $DAEMON_PIDS
hg --cwd ../test2 push http://localhost:20059/
kill `cat hg.pid`
hg rollback
sed 's/\(remote:http.*\):.*/\1/' $HGTMP/urls
echo % expect authorization error: all users denied
echo '[web]' > .hg/hgrc
echo 'push_ssl = false' >> .hg/hgrc
echo 'deny_push = *' >> .hg/hgrc
hg serve -p 20059 -d --pid-file=hg.pid
cat hg.pid >> $DAEMON_PIDS
hg --cwd ../test2 push http://localhost:20059/
kill `cat hg.pid`
echo % expect authorization error: some users denied, users must be authenticated
echo 'deny_push = unperson' >> .hg/hgrc
hg serve -p 20059 -d --pid-file=hg.pid
cat hg.pid >> $DAEMON_PIDS
hg --cwd ../test2 push http://localhost:20059/
kill `cat hg.pid`