grim/hgkeeper

Deny invalid path

12 months ago, aklitzing
5a19892df841
Deny invalid path

If an authenticated user calls `hg init hg.host.com/dummy/../../../etc`
it will create the repository in another root directory if the process of
hgkeeper has permissions for this.
This could be an attack to the server.

Also hgkeeper admin repository can be overriden like this.
`hg init ssh://hg.host.com/dummy/../hgkeeper/keys`

Reviewed at https://reviews.imfreedom.org/r/2422/
environment:
- VERSION=1.1.0
- REPO=rwgrim/hgkeeper
- TAG=latest
- REGISTRY=docker.io
- REGISTRY_USERNAME
- REGISTRY_PASSWORD
- GO_IMAGE=docker.io/golang:1.18-bullseye
tasks:
import:
type: docker/import
files: .:.
binaries-export:
type: docker/export
files:
- hgkeeper-${VERSION}-darwin-amd64
- hgkeeper-${VERSION}-darwin-amd64.sha256sum
- hgkeeper-${VERSION}-freebsd-amd64
- hgkeeper-${VERSION}-freebsd-amd64.sha256sum
- hgkeeper-${VERSION}-linux-amd64
- hgkeeper-${VERSION}-linux-amd64.sha256sum
- hgkeeper-${VERSION}-windows-amd64.exe
- hgkeeper-${VERSION}-windows-amd64.exe.sha256sum
binaries-clean:
type: convey/clean
files:
- hgkeeper-${VERSION}-darwin-amd64*
- hgkeeper-${VERSION}-freebsd-amd64*
- hgkeeper-${VERSION}-linux-amd64*
- hgkeeper-${VERSION}-windows-amd64.exe*
build-darwin-amd64:
type: docker/run
image: ${GO_IMAGE}
workdir: ${CONVEY_WORKSPACE}
environment:
- GOOS=darwin
- GOARCH=amd64
- OUTPUT=hgkeeper-${VERSION}-${GOOS}-${GOARCH}
script:
- go build -o ${OUTPUT} -ldflags "-X keep.imfreedom.org/grim/hgkeeper/version.Commit=${COMMIT_SHORT}"
- sha256sum ${OUTPUT} | tee ${OUTPUT}.sha256sum
build-freebsd-amd64:
type: docker/run
image: ${GO_IMAGE}
workdir: ${CONVEY_WORKSPACE}
environment:
- GOOS=freebsd
- GOARCH=amd64
- OUTPUT=hgkeeper-${VERSION}-${GOOS}-${GOARCH}
script:
- go build -o ${OUTPUT} -ldflags "-X keep.imfreedom.org/grim/hgkeeper/version.Commit=${COMMIT_SHORT}"
- sha256sum ${OUTPUT} | tee ${OUTPUT}.sha256sum
build-linux-amd64:
type: docker/run
image: ${GO_IMAGE}
workdir: ${CONVEY_WORKSPACE}
environment:
- GOOS=linux
- GOARCH=amd64
- OUTPUT=hgkeeper-${VERSION}-${GOOS}-${GOARCH}
script:
- go build -o ${OUTPUT} -ldflags "-X keep.imfreedom.org/grim/hgkeeper/version.Commit=${COMMIT_SHORT}"
- sha256sum ${OUTPUT} | tee ${OUTPUT}.sha256sum
build-windows-amd64:
type: docker/run
image: ${GO_IMAGE}
workdir: ${CONVEY_WORKSPACE}
environment:
- GOOS=windows
- GOARCH=amd64
- OUTPUT=hgkeeper-${VERSION}-${GOOS}-${GOARCH}.exe
script:
- go build -o ${OUTPUT} -ldflags "-X keep.imfreedom.org/grim/hgkeeper/version.Commit=${COMMIT_SHORT}"
- sha256sum ${OUTPUT} | tee ${OUTPUT}.sha256sum
- sha256sum ${OUTPUT} | tee ${OUTPUT}.sha256sum
build-image:
type: docker/build
dockerfile: Dockerfile
tag: ${REGISTRY}/${REPO}:${TAG}
files: .:.
login:
type: docker/login
username: ${REGISTRY_USERNAME}
password: ${REGISTRY_PASSWORD}
server: ${REGISTRY}
logout:
type: docker/logout
server: ${REGISTRY}
push:
type: docker/push
images: ${REGISTRY}/${REPO}:${TAG}
docs-clean:
type: convey/clean
files: site
docs-import:
type: docker/import
files: .:.
# we explicitly call out jinja2==3.0.3 because 3.1.0 breaks mkdocs
# https://github.com/mkdocs/mkdocs/issues/2799
docs-build:
type: docker/run
image: docker.io/python:3-alpine
workdir: ${CONVEY_WORKSPACE}/docs
script:
- python3 -m pip install mkdocs mkdocs-include-markdown-plugin jinja2==3.0.3
- mkdocs build
docs-export:
type: docker/export
files: docs/site:site
plans:
default:
stages:
- tasks: [import, build-image]
binaries:
stages:
- tasks: import
- concurrent: true
tasks:
- build-darwin-amd64
- build-freebsd-amd64
- build-linux-amd64
- build-windows-amd64
- tasks: binaries-export
ci:
stages:
- tasks: [import, build-image, login, push]
- tasks: [logout]
run: always
docs:
stages:
- tasks: [docs-clean]
- tasks: [docs-import, docs-build, docs-export]
clean:
stages:
- tasks:
- docs-clean
- binaries-clean