You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by ol...@apache.org on 2012/08/29 00:47:16 UTC
svn commit: r1378373 - in
/maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src:
main/java/org/apache/maven/scm/provider/hg/HgUtils.java
test/java/org/apache/maven/scm/provider/hg/HgUtilsTest.java
Author: olamy
Date: Tue Aug 28 22:47:15 2012
New Revision: 1378373
URL: http://svn.apache.org/viewvc?rev=1378373&view=rev
Log:
[SCM-689] Mercurial provider writes the cleartext password in log entries
Submitted by Mads Mohr Christensen.
Modified:
maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src/main/java/org/apache/maven/scm/provider/hg/HgUtils.java
maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src/test/java/org/apache/maven/scm/provider/hg/HgUtilsTest.java
Modified: maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src/main/java/org/apache/maven/scm/provider/hg/HgUtils.java
URL: http://svn.apache.org/viewvc/maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src/main/java/org/apache/maven/scm/provider/hg/HgUtils.java?rev=1378373&r1=1378372&r2=1378373&view=diff
==============================================================================
--- maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src/main/java/org/apache/maven/scm/provider/hg/HgUtils.java (original)
+++ maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src/main/java/org/apache/maven/scm/provider/hg/HgUtils.java Tue Aug 28 22:47:15 2012
@@ -89,7 +89,7 @@ public final class HgUtils
Commandline cmd = buildCmd( workingDir, cmdAndArgs );
if ( logger.isInfoEnabled() )
{
- logger.info( "EXECUTING: " + cmd );
+ logger.info( "EXECUTING: " + HgUtils.cryptPassword( cmd ) );
}
//Execute command
@@ -323,4 +323,18 @@ public final class HgUtils
}
return false;
}
+
+ public static String cryptPassword( Commandline cl )
+ {
+ String clString = cl.toString();
+
+ int pos = clString.indexOf( "@" );
+
+ if ( pos > 0 )
+ {
+ clString = clString.replaceAll( ":\\w+@", ":*****@" );
+ }
+
+ return clString;
+ }
}
Modified: maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src/test/java/org/apache/maven/scm/provider/hg/HgUtilsTest.java
URL: http://svn.apache.org/viewvc/maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src/test/java/org/apache/maven/scm/provider/hg/HgUtilsTest.java?rev=1378373&r1=1378372&r2=1378373&view=diff
==============================================================================
--- maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src/test/java/org/apache/maven/scm/provider/hg/HgUtilsTest.java (original)
+++ maven/scm/trunk/maven-scm-providers/maven-scm-provider-hg/src/test/java/org/apache/maven/scm/provider/hg/HgUtilsTest.java Tue Aug 28 22:47:15 2012
@@ -20,6 +20,8 @@ package org.apache.maven.scm.provider.hg
*/
import static org.junit.Assert.*;
+
+import org.apache.maven.scm.provider.hg.command.HgCommandConstants;
import org.codehaus.plexus.util.cli.Commandline;
import org.junit.Test;
@@ -33,4 +35,17 @@ public class HgUtilsTest
Commandline cmd = HgUtils.buildCmd( null, new String[] {} );
assertEquals( null, cmd.getWorkingDirectory() );
}
+
+ @Test
+ public void testCryptPassword()
+ throws Exception
+ {
+ Commandline cmdHttps = HgUtils.buildCmd( null, new String[] {
+ HgCommandConstants.PUSH_CMD,
+ null,
+ "https://username:password@example.com/foobar"
+ } );
+ Commandline cmd = new Commandline( HgUtils.cryptPassword( cmdHttps ) );
+ assertEquals( "https://username:*****@example.com/foobar", cmd.getArguments()[3] );
+ }
}