From ecfc40629f1e9e266b190f54da264f31b153cdb3 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Fri, 19 Oct 2007 17:59:59 +0000 Subject: [PATCH] Quote subversion username and password in svn commands. git-svn-id: http://redmine.rubyforge.org/svn/trunk@852 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- lib/redmine/scm/adapters/abstract_adapter.rb | 8 ++++++++ .../scm/adapters/subversion_adapter.rb | 19 ++++++++++++++----- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/lib/redmine/scm/adapters/abstract_adapter.rb b/lib/redmine/scm/adapters/abstract_adapter.rb index 04f1d5308..4b524c538 100644 --- a/lib/redmine/scm/adapters/abstract_adapter.rb +++ b/lib/redmine/scm/adapters/abstract_adapter.rb @@ -81,6 +81,14 @@ module Redmine path ||= '' (path[0,1]!="/") ? "/#{path}" : path end + + def shell_quote(str) + if RUBY_PLATFORM =~ /mswin/ + '"' + str.gsub(/"/, '\\"') + '"' + else + "'" + str.gsub(/'/, "'\"'\"'") + "'" + end + end private def retrieve_root_url diff --git a/lib/redmine/scm/adapters/subversion_adapter.rb b/lib/redmine/scm/adapters/subversion_adapter.rb index c9a73ddda..9e8acce4c 100644 --- a/lib/redmine/scm/adapters/subversion_adapter.rb +++ b/lib/redmine/scm/adapters/subversion_adapter.rb @@ -29,7 +29,7 @@ module Redmine # Get info about the svn repository def info cmd = "#{SVN_BIN} info --xml #{target('')}" - cmd << " --username #{@login} --password #{@password}" if @login + cmd << credentials_string info = nil shellout(cmd) do |io| begin @@ -65,7 +65,7 @@ module Redmine identifier = 'HEAD' unless identifier and identifier > 0 entries = Entries.new cmd = "#{SVN_BIN} list --xml #{target(path)}@#{identifier}" - cmd << " --username #{@login} --password #{@password}" if @login + cmd << credentials_string cmd << " 2>&1" shellout(cmd) do |io| output = io.read @@ -101,7 +101,7 @@ module Redmine identifier_to = 1 unless identifier_to and identifier_to.to_i > 0 revisions = Revisions.new cmd = "#{SVN_BIN} log --xml -r #{identifier_from}:#{identifier_to}" - cmd << " --username #{@login} --password #{@password}" if @login + cmd << credentials_string cmd << " --verbose " if options[:with_paths] cmd << target(path) shellout(cmd) do |io| @@ -145,7 +145,7 @@ module Redmine cmd << "#{identifier_to}:" cmd << "#{identifier_from}" cmd << "#{target(path)}@#{identifier_from}" - cmd << " --username #{@login} --password #{@password}" if @login + cmd << credentials_string diff = [] shellout(cmd) do |io| io.each_line do |line| @@ -161,7 +161,7 @@ module Redmine def cat(path, identifier=nil) identifier = (identifier and identifier.to_i > 0) ? identifier.to_i : "HEAD" cmd = "#{SVN_BIN} cat #{target(path)}@#{identifier}" - cmd << " --username #{@login} --password #{@password}" if @login + cmd << credentials_string cat = nil shellout(cmd) do |io| io.binmode @@ -172,6 +172,15 @@ module Redmine rescue Errno::ENOENT => e raise CommandFailed end + + private + + def credentials_string + str = '' + str << " --username #{shell_quote(@login)}" unless @login.blank? + str << " --password #{shell_quote(@password)}" unless @login.blank? || @password.blank? + str + end end end end -- 2.39.5