102102# git & url (no #rev)
103103regex_repo_url = r'^(git\://|file\://|ssh\://|https?\://|)(([^/:@]+)(\:([^/:@]+))?@)?([^/:]{3,})(\:\d+)?[:/](.+?)(\.git|\.hg|\/?)$'
104104# mbed url is subset of hg. mbed doesn't support ssh transport though so https? urls cannot be converted to ssh
105- regex_mbed_url = r'^(https?)://([\ w\-\.]*mbed\.(co\.uk|org|com))/(users|teams)/([\w\-]{1,32})/(repos|code)/([\w\-]+ )/?$'
105+ regex_mbed_url = r'^(https?)://(([^/:@]+)(\:([^/:@]+))?@)?([\ w\-\.]*mbed\.(co\.uk|org|com))(\:\d+)?[:/](.+? )/?$'
106106# mbed sdk builds url are treated specially
107107regex_build_url = r'^(https?://([\w\-\.]*mbed\.(co\.uk|org|com))/(users|teams)/([\w\-]{1,32})/(repos|code)/([\w\-]+))/builds/?([\w\-]{6,40}|tip)?/?$'
108108
@@ -1090,6 +1090,11 @@ def revtype(self, rev=None, ret_type=True, ret_rev=True, fmt=3):
10901090 def isurl (cls , url ):
10911091 return re .match (regex_url_ref , url .strip ().replace ('\\ ' , '/' ))
10921092
1093+ @classmethod
1094+ def isinsecure (cls , url ):
1095+ up = urlparse (url , 'https' )
1096+ return not up or not up .scheme or up .scheme not in 'http' , 'https' , 'ssh' , 'git' ] or (up .port and int (up .port ) not in 22 , 80 , 443 ])
1097+
10931098 @property
10941099 def lib (self ):
10951100 return self .path + '.' + ('bld' if self .is_build else 'lib' )
@@ -1709,9 +1714,9 @@ def formaturl(url, format="default"):
17091714 m = re .match (regex_mbed_url , url )
17101715 if m :
17111716 if format == "http" : # mbed urls doesn't convert to ssh - only http and https
1712- url = 'http://%s/%s/ %s/%s/%s ' % (m .group (2 ), m . group ( 4 ) , m .group (5 ), m .group (6 ) , m .group (7 ))
1717+ url = 'http://%s%s %s/%s' % (m .group (2 ) or '' , m .group (6 ), m .group (8 ) or '' , m .group (9 ))
17131718 else :
1714- url = 'https://%s/%s/ %s/%s/%s ' % (m .group (2 ), m . group ( 4 ) , m .group (5 ), m .group (6 ) , m .group (7 ))
1719+ url = 'https://%s%s %s/%s' % (m .group (2 ) or '' , m .group (6 ), m .group (8 ) or '' , m .group (9 ))
17151720 else :
17161721 m = re .match (regex_repo_url , url )
17171722 if m and m .
group (
1 )
== '' :
# no protocol specified, probably ssh string like "[email protected] :ARMmbed/mbed-os.git" @@ -1720,11 +1725,11 @@ def formaturl(url, format="default"):
17201725
17211726 if m :
17221727 if format == "ssh" :
1723- url = 'ssh://%s%s%s/%s' % (m .group (2 ) or 'git@' , m .group (6 ), m .group (7 ), m .group (8 ))
1728+ url = 'ssh://%s%s%s/%s' % (m .group (2 ) or 'git@' , m .group (6 ), m .group (7 ) or '' , m .group (8 ))
17241729 elif format == "http" :
1725- url = 'http://%s%s%s/%s' % (m .group (2 ) if (m .group (2 ) and (m .group (5 ) or m .group (3 ) != 'git' )) else '' , m .group (6 ), m .group (7 ), m .group (8 ))
1730+ url = 'http://%s%s%s/%s' % (m .group (2 ) if (m .group (2 ) and (m .group (5 ) or m .group (3 ) != 'git' )) else '' , m .group (6 ), m .group (7 ) or '' , m .group (8 ))
17261731 elif format == "https" :
1727- url = 'https://%s%s%s/%s' % (m .group (2 ) if (m .group (2 ) and (m .group (5 ) or m .group (3 ) != 'git' )) else '' , m .group (6 ), m .group (7 ), m .group (8 ))
1732+ url = 'https://%s%s%s/%s' % (m .group (2 ) if (m .group (2 ) and (m .group (5 ) or m .group (3 ) != 'git' )) else '' , m .group (6 ), m .group (7 ) or '' , m .group (8 ))
17281733 return url
17291734
17301735
@@ -1898,7 +1903,11 @@ def import_(url, path=None, ignore=False, depth=None, protocol=None, insecure=Fa
18981903 error ("Cannot import program in the specified location \" %s\" because it's already part of a program \" %s\" .\n "
18991904 "Please change your working directory to a different location or use \" mbed add\" to import the URL as a library." % (os .path .abspath (repo .path ), p .name ), 1 )
19001905
1901- protocol = Program ().get_cfg ('PROTOCOL' , protocol )
1906+ protocol = protocol or Program ().get_cfg ('PROTOCOL' )
1907+ insecure = insecure or Program ().get_cfg ('INSECURE' )
1908+
1909+ if not insecure and Repo .isinsecure (url ):
1910+ error ("Cannot import \" %s\" in \" %s\" due to arbitrary service schema/port in the repository URL.\n Repositories are usually hosted on service port 443 (https), 80 (http) and 22 (ssh)\n You can use \" --insecure\" switch enable the use arbitrary repository URLs." % (repo .url , repo .path ), 255 )
19021911
19031912 if os .path .isdir (repo .path ) and len (os .listdir (repo .path )) > 1 :
19041913 error ("Directory \" %s\" is not empty. Please ensure that the destination folder is empty." % repo .path , 1 )
@@ -1908,7 +1917,7 @@ def import_(url, path=None, ignore=False, depth=None, protocol=None, insecure=Fa
19081917
19091918 text = "Importing program" if top else "Adding library"
19101919 action ("%s \" %s\" from \" %s\" %s" % (text , relpath (cwd_root , repo .path ), formaturl (repo .url , protocol ), ' at ' + (repo .revtype (repo .rev ))))
1911- if repo .clone (repo .url , repo .path , rev = repo .rev , depth = depth , protocol = protocol , insecure = insecure ):
1920+ if repo .clone (repo .url , repo .path , rev = repo .rev , depth = depth , protocol = protocol ):
19121921 with cd (repo .path ):
19131922 Program (repo .path ).set_root ()
19141923 try :
0 commit comments