Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

shell-escape supplied Subversion credentials #2017

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ gem "capistrano", github: "capistrano/capistrano", require: false
[master]: https://github.com/capistrano/capistrano/compare/v3.11.0...HEAD

* Your contribution here!
* [#2017](https://github.com/capistrano/capistrano/pull/2017): shell-escape supplied Subversion credentials

## [`3.11.0`] (2018-06-02)

Expand Down
11 changes: 6 additions & 5 deletions lib/capistrano/scm/svn.rb
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
require "capistrano/scm/plugin"
require "shellwords"

class Capistrano::SCM::Svn < Capistrano::SCM::Plugin
def register_hooks
Expand All @@ -13,9 +14,9 @@ def define_tasks

def svn(*args)
args.unshift(:svn)
args.push "--username #{fetch(:svn_username)}" if fetch(:svn_username)
args.push "--password #{fetch(:svn_password)}" if fetch(:svn_password)
args.push "--revision #{fetch(:svn_revision)}" if fetch(:svn_revision)
args.push "--username #{Shellwords.escape(fetch(:svn_username))}" if fetch(:svn_username)
args.push "--password #{Shellwords.escape(fetch(:svn_password))}" if fetch(:svn_password)
args.push "--revision #{Shellwords.escape(fetch(:svn_revision))}" if fetch(:svn_revision)
backend.execute(*args)
end

Expand All @@ -24,8 +25,8 @@ def repo_mirror_exists?
end

def check_repo_is_reachable
svn_username = fetch(:svn_username) ? "--username #{fetch(:svn_username)}" : ""
svn_password = fetch(:svn_password) ? "--password #{fetch(:svn_password)}" : ""
svn_username = fetch(:svn_username) ? "--username #{Shellwords.escape(fetch(:svn_username))}" : ""
svn_password = fetch(:svn_password) ? "--password #{Shellwords.escape(fetch(:svn_password))}" : ""
backend.test :svn, :info, repo_url, svn_username, svn_password
end

Expand Down
30 changes: 15 additions & 15 deletions spec/lib/capistrano/scm/svn_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,8 @@ module Capistrano
describe "#svn" do
it "should call execute svn in the context, with arguments" do
env.set(:svn_username, "someuser")
env.set(:svn_password, "somepassword")
backend.expects(:execute).with(:svn, :init, "--username someuser", "--password somepassword")
env.set(:svn_password, "some password")
backend.expects(:execute).with(:svn, :init, "--username someuser", "--password some\\ password")
subject.svn(:init)
end
end
Expand All @@ -49,8 +49,8 @@ module Capistrano
it "should test the repo url" do
env.set(:repo_url, :url)
env.set(:svn_username, "someuser")
env.set(:svn_password, "somepassword")
backend.expects(:test).with(:svn, :info, :url, "--username someuser", "--password somepassword").returns(true)
env.set(:svn_password, "some password")
backend.expects(:test).with(:svn, :info, :url, "--username someuser", "--password some\\ password").returns(true)

subject.check_repo_is_reachable
end
Expand All @@ -61,9 +61,9 @@ module Capistrano
env.set(:repo_url, :url)
env.set(:repo_path, "path")
env.set(:svn_username, "someuser")
env.set(:svn_password, "somepassword")
env.set(:svn_password, "some password")

backend.expects(:execute).with(:svn, :checkout, :url, "path", "--username someuser", "--password somepassword")
backend.expects(:execute).with(:svn, :checkout, :url, "path", "--username someuser", "--password some\\ password")

subject.clone_repo
end
Expand All @@ -76,8 +76,8 @@ module Capistrano
backend.expects(:capture).with(:svn, :info, "path").returns("URL: url\n")

env.set(:svn_username, "someuser")
env.set(:svn_password, "somepassword")
backend.expects(:execute).with(:svn, :update, "--username someuser", "--password somepassword")
env.set(:svn_password, "some password")
backend.expects(:execute).with(:svn, :update, "--username someuser", "--password some\\ password")

subject.update_mirror
end
Expand All @@ -89,9 +89,9 @@ module Capistrano
backend.expects(:capture).with(:svn, :info, "path").returns("URL: url\n")

env.set(:svn_username, "someuser")
env.set(:svn_password, "somepassword")
env.set(:svn_password, "some password")
env.set(:svn_revision, "12345")
backend.expects(:execute).with(:svn, :update, "--username someuser", "--password somepassword", "--revision 12345")
backend.expects(:execute).with(:svn, :update, "--username someuser", "--password some\\ password", "--revision 12345")

subject.update_mirror
end
Expand All @@ -103,9 +103,9 @@ module Capistrano
backend.expects(:capture).with(:svn, :info, "path").returns("URL: old_url\n")

env.set(:svn_username, "someuser")
env.set(:svn_password, "somepassword")
backend.expects(:execute).with(:svn, :switch, "url", "--username someuser", "--password somepassword")
backend.expects(:execute).with(:svn, :update, "--username someuser", "--password somepassword")
env.set(:svn_password, "some password")
backend.expects(:execute).with(:svn, :switch, "url", "--username someuser", "--password some\\ password")
backend.expects(:execute).with(:svn, :update, "--username someuser", "--password some\\ password")

subject.update_mirror
end
Expand All @@ -115,9 +115,9 @@ module Capistrano
it "should run svn export" do
env.set(:release_path, "path")
env.set(:svn_username, "someuser")
env.set(:svn_password, "somepassword")
env.set(:svn_password, "some password")

backend.expects(:execute).with(:svn, :export, "--force", ".", "path", "--username someuser", "--password somepassword")
backend.expects(:execute).with(:svn, :export, "--force", ".", "path", "--username someuser", "--password some\\ password")

subject.archive_to_release_path
end
Expand Down