diff options
| author | James E. Blair <jeblair@redhat.com> | 2019-10-11 08:51:17 -0700 |
|---|---|---|
| committer | James E. Blair <jeblair@redhat.com> | 2019-10-11 09:54:00 -0700 |
| commit | b768ece2c0ecd235c418fe910b84ff88f69860d6 (patch) | |
| tree | c4028f67b23e3f8b09675427919eaed701bde6af | |
| parent | 63805571119084877d7510885de5fb270c0d13da (diff) | |
| download | zuul-b768ece2c0ecd235c418fe910b84ff88f69860d6.tar.gz | |
URL quote username/password in gerrit
When constructing a git url for a project, urlquote the username
and password component, taking particular care to escape '/' which
is not quoted by default in urllib.parse.quote (it is the only
'safe' character by default, but it's not safe here).
Change-Id: Ia7515acc63e7258e327948bfa621cccd60491baa
| -rw-r--r-- | tests/unit/test_gerrit.py | 17 | ||||
| -rw-r--r-- | zuul/driver/gerrit/gerritconnection.py | 7 |
2 files changed, 23 insertions, 1 deletions
diff --git a/tests/unit/test_gerrit.py b/tests/unit/test_gerrit.py index af8e1cc3d..2230d6327 100644 --- a/tests/unit/test_gerrit.py +++ b/tests/unit/test_gerrit.py @@ -109,6 +109,23 @@ class TestGerrit(BaseTestCase): GerritConnection._checkRefFormat(ref), ref + ' shall be ' + ('accepted' if accepted else 'rejected')) + def test_getGitURL(self): + gerrit_config = { + 'user': 'gerrit', + 'server': 'localhost', + 'password': '1/badpassword', + } + # The 1/ in the password ensures we test the url encoding + # path; this is the format of password we get from + # googlesource.com. + driver = GerritDriver() + gerrit = GerritConnection(driver, 'review_gerrit', gerrit_config) + project = gerrit.source.getProject('org/project') + url = gerrit.source.getGitUrl(project) + self.assertEqual( + 'https://gerrit:1%2Fbadpassword@localhost/org/project', + url) + class TestGerritWeb(ZuulTestCase): config_file = 'zuul-gerrit-web.conf' diff --git a/zuul/driver/gerrit/gerritconnection.py b/zuul/driver/gerrit/gerritconnection.py index 2350efb96..03e948a61 100644 --- a/zuul/driver/gerrit/gerritconnection.py +++ b/zuul/driver/gerrit/gerritconnection.py @@ -1296,7 +1296,12 @@ class GerritConnection(BaseConnection): def getGitUrl(self, project: Project) -> str: if self.session: baseurl = list(urllib.parse.urlparse(self.baseurl)) - baseurl[1] = '%s:%s@%s' % (self.user, self.password, baseurl[1]) + # Make sure we escape '/' symbols, otherwise git's url + # parser will think the username is a hostname. + baseurl[1] = '%s:%s@%s' % ( + urllib.parse.quote(self.user, safe=''), + urllib.parse.quote(self.password, safe=''), + baseurl[1]) baseurl = urllib.parse.urlunparse(baseurl) url = ('%s/%s' % (baseurl, project.name)) else: |