Mercurial Mercurial > public > mercurial-scm > hg / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/hgweb/protocol.py
author Gregory Szorc <gregory.szorc@gmail.com>
Tue, 20 Feb 2018 18:55:58 -0800
branchstable
changeset 36755 ff4bc0ab6740
parent 35750 a39a9df7ecca
permissions -rw-r--r--
wireproto: check permissions when executing "batch" command (BC) (SEC) For as long as the "batch" command has existed (introduced by bd88561afb4b and first released as part of Mercurial 1.9), that command (like most wire commands introduced after 2008) lacked an entry in the hgweb permissions table. And since we don't verify permissions if an entry is missing from the permissions table, this meant that executing a command via "batch" would bypass all permissions checks. The security implications are significant: a Mercurial HTTP server would allow writes via "batch" wire protocol commands as long as the HTTP request were processed by Mercurial and the process running the Mercurial HTTP server had write access to the repository. The Mercurial defaults of servers being read-only and the various web.* config options to define access control were bypassed. In addition, "batch" could be used to exfiltrate data from servers that were configured to not allow read access. Both forms of permissions bypass could be mitigated to some extent by using HTTP authentication. This would prevent HTTP requests from hitting Mercurial's server logic. However, any authenticated request would still be able to bypass permissions checks via "batch" commands. The easiest exploit was to send "pushkey" commands via "batch" and modify the state of bookmarks, phases, and obsolescence markers. However, I suspect a well-crafted HTTP request could trick the server into running the "unbundle" wire protocol command, effectively performing a full `hg push` to create new changesets on the remote. This commit plugs this gaping security hole by having the "batch" command perform permissions checking on each sub-command that is being batched. We do this by threading a permissions checking callable all the way to the protocol handler. The threading is a bit hacky from a code perspective. But it preserves API compatibility, which is the proper thing to do on the stable branch. One of the subtle things we do is assume that a command with an undefined permission is a "push" command. This is the safest thing to do from a security perspective: we don't want to take chances that a command could perform a write even though the server is configured to not allow writes. As the test changes demonstrate, it is no longer possible to bypass permissions via the "batch" wire protocol command. .. bc:: The "batch" wire protocol command now enforces permissions of each invoked sub-command. Wire protocol commands must define their operation type or the "batch" command will assume they can write data and will prevent their execution on HTTP servers unless the HTTP request method is POST, the server is configured to allow pushes, and the (possibly authenticated) HTTP user is authorized to perform a push.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
5598
d534ba1c4eb4 separate the wire protocol commands from the user interface commands
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
diff changeset 
     1
 
#
d534ba1c4eb4 separate the wire protocol commands from the user interface commands
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
diff changeset 
     2
 
# Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>
d534ba1c4eb4 separate the wire protocol commands from the user interface commands
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
diff changeset 
     3
 
# Copyright 2005-2007 Matt Mackall <mpm@selenic.com>
d534ba1c4eb4 separate the wire protocol commands from the user interface commands
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
diff changeset 
     4
 
#
8225
46293a0c7e9f updated license to be explicit about GPL version 2
Martin Geisler <mg@lazybytes.net>
parents: 8109
diff changeset 
     5
 
# This software may be used and distributed according to the terms of the
10263
25e572394f5c Update license to GPLv2+
Matt Mackall <mpm@selenic.com>
parents: 9713
diff changeset 
     6
 
# GNU General Public License version 2 or any later version.
5598
d534ba1c4eb4 separate the wire protocol commands from the user interface commands
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
diff changeset 
     7
 







27046






37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




     8


from __future__ import absolute_import













37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




     9














37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




    10


import cgi








30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




    11


import struct








27046






37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




    12














37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




    13


from .common import (













37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




    14


    HTTP_OK,













37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




    15


)













37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




    16














37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




    17


from .. import (








34509






e21f274cccea
hgweb: in protocol adapter, avoid control reaching end of non-void function



Augie Fackler <augie@google.com>


parents: 
33821

diff
changeset




    18


    error,








34742






5a9cad0dfddb
hgweb: when unpacking args from request form, convert to bytes



Augie Fackler <augie@google.com>


parents: 
34740

diff
changeset




    19


    pycompat,








27046






37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




    20


    util,













37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




    21


    wireproto,













37fcfe52c68c
hgweb: use absolute_import



Yuya Nishihara <yuya@tcha.org>


parents: 
20903

diff
changeset




    22


)








28861






86db5cb55d46
pycompat: switch to util.stringio for py3 compat



timeless <timeless@mozdev.org>


parents: 
28530

diff
changeset




    23


stringio = util.stringio








5963






5be210afe1b8
hgweb: explicitly check if requested command exists



Dirkjan Ochtman <dirkjan@ochtman.nl>


parents: 
5915

diff
changeset




    24









28883






032c4c2f802a
pycompat: switch to util.urlreq/util.urlerr for py3 compat



timeless <timeless@mozdev.org>


parents: 
28861

diff
changeset




    25


urlerr = util.urlerr













032c4c2f802a
pycompat: switch to util.urlreq/util.urlerr for py3 compat



timeless <timeless@mozdev.org>


parents: 
28861

diff
changeset




    26


urlreq = util.urlreq













032c4c2f802a
pycompat: switch to util.urlreq/util.urlerr for py3 compat



timeless <timeless@mozdev.org>


parents: 
28861

diff
changeset




    27









5993






948a41e77902
hgweb: explicit response status



Dirkjan Ochtman <dirkjan@ochtman.nl>


parents: 
5963

diff
changeset




    28


HGTYPE = 'application/mercurial-0.1'








30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




    29


HGTYPE2 = 'application/mercurial-0.2'








15017






f4522df38c65
wireproto: add out-of-band error class to allow remote repo to report errors



Andrew Pritchard <andrewp@fogcreek.com>


parents: 
14614

diff
changeset




    30


HGERRTYPE = 'application/hg-error'








11595






368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    31









30759






3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    32


def decodevaluefromheaders(req, headerprefix):








34744






0a2ef612ad50
hgweb: fix decodevaluefromheaders to always return a bytes value



Augie Fackler <augie@google.com>


parents: 
34743

diff
changeset




    33


    """Decode a long value from multiple HTTP request headers.













0a2ef612ad50
hgweb: fix decodevaluefromheaders to always return a bytes value



Augie Fackler <augie@google.com>


parents: 
34743

diff
changeset




    34














0a2ef612ad50
hgweb: fix decodevaluefromheaders to always return a bytes value



Augie Fackler <augie@google.com>


parents: 
34743

diff
changeset




    35


    Returns the value as a bytes, not a str.













0a2ef612ad50
hgweb: fix decodevaluefromheaders to always return a bytes value



Augie Fackler <augie@google.com>


parents: 
34743

diff
changeset




    36


    """








30759






3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    37


    chunks = []













3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    38


    i = 1








34744






0a2ef612ad50
hgweb: fix decodevaluefromheaders to always return a bytes value



Augie Fackler <augie@google.com>


parents: 
34743

diff
changeset




    39


    prefix = headerprefix.upper().replace(r'-', r'_')








30759






3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    40


    while True:








34744






0a2ef612ad50
hgweb: fix decodevaluefromheaders to always return a bytes value



Augie Fackler <augie@google.com>


parents: 
34743

diff
changeset




    41


        v = req.env.get(r'HTTP_%s_%d' % (prefix, i))








30759






3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    42


        if v is None:













3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    43


            break








34744






0a2ef612ad50
hgweb: fix decodevaluefromheaders to always return a bytes value



Augie Fackler <augie@google.com>


parents: 
34743

diff
changeset




    44


        chunks.append(pycompat.bytesurl(v))








30759






3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    45


        i += 1













3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    46














3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    47


    return ''.join(chunks)













3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    48









20903






8d477543882b
wireproto: introduce an abstractserverproto class



Pierre-Yves David <pierre-yves.david@fb.com>


parents: 
18352

diff
changeset




    49


class webproto(wireproto.abstractserverproto):








14614






afccc64eea73
ui: use I/O descriptors internally



Idan Kamara <idankk86@gmail.com>


parents: 
14494

diff
changeset




    50


    def __init__(self, req, ui):








11595






368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    51


        self.req = req













368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    52


        self.response = ''








14614






afccc64eea73
ui: use I/O descriptors internally



Idan Kamara <idankk86@gmail.com>


parents: 
14494

diff
changeset




    53


        self.ui = ui








30562






b3a9ef3d30e8
protocol: declare transport protocol name



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30466

diff
changeset




    54


        self.name = 'http'








36755






ff4bc0ab6740
wireproto: check permissions when executing "batch" command (BC) (SEC)



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
35750

diff
changeset




    55


        self.checkperm = req.checkperm








30562






b3a9ef3d30e8
protocol: declare transport protocol name



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30466

diff
changeset




    56









11595






368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    57


    def getargs(self, args):








14093






ce99d887585f
httprepo: long arguments support (issue2126)



Steven Brown <StevenGBrown@gmail.com>


parents: 
13721

diff
changeset




    58


        knownargs = self._args()








11595






368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    59


        data = {}













368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    60


        keys = args.split()













368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    61


        for k in keys:













368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    62


            if k == '*':













368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    63


                star = {}








14093






ce99d887585f
httprepo: long arguments support (issue2126)



Steven Brown <StevenGBrown@gmail.com>


parents: 
13721

diff
changeset




    64


                for key in knownargs.keys():








13721






3458c15ab2f0
wireproto: fix handling of '*' args for HTTP and SSH



Peter Arrenbrecht <peter.arrenbrecht@gmail.com>


parents: 
12704

diff
changeset




    65


                    if key != 'cmd' and key not in keys:








14093






ce99d887585f
httprepo: long arguments support (issue2126)



Steven Brown <StevenGBrown@gmail.com>


parents: 
13721

diff
changeset




    66


                        star[key] = knownargs[key][0]








11595






368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    67


                data['*'] = star













368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    68


            else:








14093






ce99d887585f
httprepo: long arguments support (issue2126)



Steven Brown <StevenGBrown@gmail.com>


parents: 
13721

diff
changeset




    69


                data[k] = knownargs[k][0]








11595






368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




    70


        return [data[k] for k in keys]








14093






ce99d887585f
httprepo: long arguments support (issue2126)



Steven Brown <StevenGBrown@gmail.com>


parents: 
13721

diff
changeset




    71


    def _args(self):













ce99d887585f
httprepo: long arguments support (issue2126)



Steven Brown <StevenGBrown@gmail.com>


parents: 
13721

diff
changeset




    72


        args = self.req.form.copy()








34742






5a9cad0dfddb
hgweb: when unpacking args from request form, convert to bytes



Augie Fackler <augie@google.com>


parents: 
34740

diff
changeset




    73


        if pycompat.ispy3:













5a9cad0dfddb
hgweb: when unpacking args from request form, convert to bytes



Augie Fackler <augie@google.com>


parents: 
34740

diff
changeset




    74


            args = {k.encode('ascii'): [v.encode('ascii') for v in vs]













5a9cad0dfddb
hgweb: when unpacking args from request form, convert to bytes



Augie Fackler <augie@google.com>


parents: 
34740

diff
changeset




    75


                    for k, vs in args.items()}








34743






dc2bf7074147
hgweb: more "headers are native strs" cleanup



Augie Fackler <augie@google.com>


parents: 
34742

diff
changeset




    76


        postlen = int(self.req.env.get(r'HTTP_X_HGARGS_POST', 0))








28530






fd2acc5046f6
http: support sending hgargs via POST body instead of in GET or headers



Augie Fackler <augie@google.com>


parents: 
27046

diff
changeset




    77


        if postlen:













fd2acc5046f6
http: support sending hgargs via POST body instead of in GET or headers



Augie Fackler <augie@google.com>


parents: 
27046

diff
changeset




    78


            args.update(cgi.parse_qs(













fd2acc5046f6
http: support sending hgargs via POST body instead of in GET or headers



Augie Fackler <augie@google.com>


parents: 
27046

diff
changeset




    79


                self.req.read(postlen), keep_blank_values=True))













fd2acc5046f6
http: support sending hgargs via POST body instead of in GET or headers



Augie Fackler <augie@google.com>


parents: 
27046

diff
changeset




    80


            return args








30759






3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    81









34743






dc2bf7074147
hgweb: more "headers are native strs" cleanup



Augie Fackler <augie@google.com>


parents: 
34742

diff
changeset




    82


        argvalue = decodevaluefromheaders(self.req, r'X-HgArg')








30759






3f5f0c98cd18
httppeer: extract code for HTTP header spanning



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30562

diff
changeset




    83


        args.update(cgi.parse_qs(argvalue, keep_blank_values=True))








14093






ce99d887585f
httprepo: long arguments support (issue2126)



Steven Brown <StevenGBrown@gmail.com>


parents: 
13721

diff
changeset




    84


        return args








11621






e46a8b2331a6
protocol: shuffle server methods to group send methods



Dirkjan Ochtman <dirkjan@ochtman.nl>


parents: 
11618

diff
changeset




    85


    def getfile(self, fp):








34740






b2601c5977a4
hgweb: more "http headers are native strs" cleanup



Augie Fackler <augie@google.com>


parents: 
34510

diff
changeset




    86


        length = int(self.req.env[r'CONTENT_LENGTH'])








33821






3c91cc0c5fde
httppeer: add support for httppostargs when we're sending a file



Augie Fackler <augie@google.com>


parents: 
33228

diff
changeset




    87


        # If httppostargs is used, we need to read Content-Length













3c91cc0c5fde
httppeer: add support for httppostargs when we're sending a file



Augie Fackler <augie@google.com>


parents: 
33228

diff
changeset




    88


        # minus the amount that was consumed by args.








34740






b2601c5977a4
hgweb: more "http headers are native strs" cleanup



Augie Fackler <augie@google.com>


parents: 
34510

diff
changeset




    89


        length -= int(self.req.env.get(r'HTTP_X_HGARGS_POST', 0))








11621






e46a8b2331a6
protocol: shuffle server methods to group send methods



Dirkjan Ochtman <dirkjan@ochtman.nl>


parents: 
11618

diff
changeset




    90


        for s in util.filechunkiter(self.req, limit=length):













e46a8b2331a6
protocol: shuffle server methods to group send methods



Dirkjan Ochtman <dirkjan@ochtman.nl>


parents: 
11618

diff
changeset




    91


            fp.write(s)













e46a8b2331a6
protocol: shuffle server methods to group send methods



Dirkjan Ochtman <dirkjan@ochtman.nl>


parents: 
11618

diff
changeset




    92


    def redirect(self):








14614






afccc64eea73
ui: use I/O descriptors internally



Idan Kamara <idankk86@gmail.com>


parents: 
14494

diff
changeset




    93


        self.oldio = self.ui.fout, self.ui.ferr








28861






86db5cb55d46
pycompat: switch to util.stringio for py3 compat



timeless <timeless@mozdev.org>


parents: 
28530

diff
changeset




    94


        self.ui.ferr = self.ui.fout = stringio()








14614






afccc64eea73
ui: use I/O descriptors internally



Idan Kamara <idankk86@gmail.com>


parents: 
14494

diff
changeset




    95


    def restore(self):













afccc64eea73
ui: use I/O descriptors internally



Idan Kamara <idankk86@gmail.com>


parents: 
14494

diff
changeset




    96


        val = self.ui.fout.getvalue()













afccc64eea73
ui: use I/O descriptors internally



Idan Kamara <idankk86@gmail.com>


parents: 
14494

diff
changeset




    97


        self.ui.ferr, self.ui.fout = self.oldio













afccc64eea73
ui: use I/O descriptors internally



Idan Kamara <idankk86@gmail.com>


parents: 
14494

diff
changeset




    98


        return val








30206






d105195436c0
wireproto: compress data from a generator



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30014

diff
changeset




    99









11595






368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




   100


    def _client(self):













368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




   101


        return 'remote:%s:%s:%s' % (













368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




   102


            self.req.env.get('wsgi.url_scheme') or 'http',








28883






032c4c2f802a
pycompat: switch to util.urlreq/util.urlerr for py3 compat



timeless <timeless@mozdev.org>


parents: 
28861

diff
changeset




   103


            urlreq.quote(self.req.env.get('REMOTE_HOST', '')),













032c4c2f802a
pycompat: switch to util.urlreq/util.urlerr for py3 compat



timeless <timeless@mozdev.org>


parents: 
28861

diff
changeset




   104


            urlreq.quote(self.req.env.get('REMOTE_USER', '')))








11595






368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




   105









35750






a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   106


    def responsetype(self, prefer_uncompressed):








30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   107


        """Determine the appropriate response type and compression settings.













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   108














e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   109


        Returns a tuple of (mediatype, compengine, engineopts).













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   110


        """













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   111


        # Determine the response media type and compression engine based













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   112


        # on the request parameters.








34743






dc2bf7074147
hgweb: more "headers are native strs" cleanup



Augie Fackler <augie@google.com>


parents: 
34742

diff
changeset




   113


        protocaps = decodevaluefromheaders(self.req, r'X-HgProto').split(' ')








30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   114














e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   115


        if '0.2' in protocaps:








35750






a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   116


            # All clients are expected to support uncompressed data.













a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   117


            if prefer_uncompressed:













a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   118


                return HGTYPE2, util._noopengine(), {}













a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   119









30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   120


            # Default as defined by wire protocol spec.













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   121


            compformats = ['zlib', 'none']













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   122


            for cap in protocaps:













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   123


                if cap.startswith('comp='):













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   124


                    compformats = cap[5:].split(',')













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   125


                    break













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   126














e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   127


            # Now find an agreed upon compression format.













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   128


            for engine in wireproto.supportedcompengines(self.ui, self,













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   129


                                                         util.SERVERROLE):













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   130


                if engine.wireprotosupport().name in compformats:













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   131


                    opts = {}













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   132


                    level = self.ui.configint('server',













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   133


                                              '%slevel' % engine.name())













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   134


                    if level is not None:













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   135


                        opts['level'] = level













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   136














e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   137


                    return HGTYPE2, engine, opts













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   138














e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   139


            # No mutually supported compression format. Fall back to the













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   140


            # legacy protocol.













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   141














e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   142


        # Don't allow untrusted settings because disabling compression or













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   143


        # setting a very high compression level could lead to flooding













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   144


        # the server's network or CPU.








33228






35c233975b78
configitems: register the 'server.zliblevel' config



Pierre-Yves David <pierre-yves.david@octobus.net>


parents: 
30764

diff
changeset




   145


        opts = {'level': self.ui.configint('server', 'zliblevel')}








30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   146


        return HGTYPE, util.compengines['zlib'], opts













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   147









11595






368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




   148


def iscmd(cmd):













368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




   149


    return cmd in wireproto.commands













368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




   150














368cd5325348
protocol: move hgweb protocol support back into protocol.py



Matt Mackall <mpm@selenic.com>


parents: 
11594

diff
changeset




   151


def call(repo, req, cmd):








14614






afccc64eea73
ui: use I/O descriptors internally



Idan Kamara <idankk86@gmail.com>


parents: 
14494

diff
changeset




   152


    p = webproto(req, repo.ui)








30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   153









35750






a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   154


    def genversion2(gen, engine, engineopts):








30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   155


        # application/mercurial-0.2 always sends a payload header













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   156


        # identifying the compression engine.













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   157


        name = engine.wireprotosupport().name













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   158


        assert 0 < len(name) < 256













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   159


        yield struct.pack('B', len(name))













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   160


        yield name













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   161









35750






a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   162


        for chunk in gen:













a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   163


            yield chunk








30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   164









11625






cdeb861335d5
protocol: wrap non-string protocol responses in classes



Dirkjan Ochtman <dirkjan@ochtman.nl>


parents: 
11623

diff
changeset




   165


    rsp = wireproto.dispatch(repo, p, cmd)








34510






c23fa3103925
hgweb: in protocol adapter, look for bytes instances, not str



Augie Fackler <augie@google.com>


parents: 
34509

diff
changeset




   166


    if isinstance(rsp, bytes):








18352






e33b9b92a200
hgweb: pass the actual response body to request.response, not just the length



Mads Kiilerich <mads@kiilerich.com>


parents: 
18346

diff
changeset




   167


        req.respond(HTTP_OK, HGTYPE, body=rsp)













e33b9b92a200
hgweb: pass the actual response body to request.response, not just the length



Mads Kiilerich <mads@kiilerich.com>


parents: 
18346

diff
changeset




   168


        return []








35750






a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   169


    elif isinstance(rsp, wireproto.streamres_legacy):













a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   170


        gen = rsp.gen













a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   171


        req.respond(HTTP_OK, HGTYPE)













a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   172


        return gen








11626






2f8adc60e013
protocol: use generators instead of req.write() for hgweb stream responses



Dirkjan Ochtman <dirkjan@ochtman.nl>


parents: 
11625

diff
changeset




   173


    elif isinstance(rsp, wireproto.streamres):








35705






8cdb671dbd0b
wireproto: drop support for reader interface from streamres (API)



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
34744

diff
changeset




   174


        gen = rsp.gen








30466






2add671bf55b
wireproto: perform chunking and compression at protocol layer (API)



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30366

diff
changeset




   175









30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   176


        # This code for compression should not be streamres specific. It













e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   177


        # is here because we only compress streamres at the moment.








35750






a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   178


        mediatype, engine, engineopts = p.responsetype(rsp.prefer_uncompressed)













a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   179


        gen = engine.compressstream(gen, engineopts)








30466






2add671bf55b
wireproto: perform chunking and compression at protocol layer (API)



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30366

diff
changeset




   180









35750






a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   181


        if mediatype == HGTYPE2:













a39a9df7ecca
wireproto: split streamres into legacy and modern case



Joerg Sonnenberger <joerg@bec.de>


parents: 
35705

diff
changeset




   182


            gen = genversion2(gen, engine, engineopts)








30764






e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   183














e75463e3179f
protocol: send application/mercurial-0.2 responses to capable clients



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30759

diff
changeset




   184


        req.respond(HTTP_OK, mediatype)








30466






2add671bf55b
wireproto: perform chunking and compression at protocol layer (API)



Gregory Szorc <gregory.szorc@gmail.com>


parents: 
30366

diff
changeset




   185


        return gen








11626






2f8adc60e013
protocol: use generators instead of req.write() for hgweb stream responses



Dirkjan Ochtman <dirkjan@ochtman.nl>


parents: 
11625

diff
changeset




   186


    elif isinstance(rsp, wireproto.pushres):








14614






afccc64eea73
ui: use I/O descriptors internally



Idan Kamara <idankk86@gmail.com>


parents: 
14494

diff
changeset




   187


        val = p.restore()








18346






6c2563b2c1c6
hgweb: use Content-Length for pushres



Mads Kiilerich <mads@kiilerich.com>


parents: 
15017

diff
changeset




   188


        rsp = '%d\n%s' % (rsp.res, val)








18352






e33b9b92a200
hgweb: pass the actual response body to request.response, not just the length



Mads Kiilerich <mads@kiilerich.com>


parents: 
18346

diff
changeset




   189


        req.respond(HTTP_OK, HGTYPE, body=rsp)













e33b9b92a200
hgweb: pass the actual response body to request.response, not just the length



Mads Kiilerich <mads@kiilerich.com>


parents: 
18346

diff
changeset




   190


        return []








12703






40bb5853fc4b
wireproto: introduce pusherr() to deal with "unsynced changes" error



Benoit Boissinot <benoit.boissinot@ens-lyon.org>


parents: 
11626

diff
changeset




   191


    elif isinstance(rsp, wireproto.pusherr):








12704






ca6e2adc3e4d
wireproto/http: drain the incoming bundle in case of errors



Benoit Boissinot <benoit.boissinot@ens-lyon.org>


parents: 
12703

diff
changeset




   192


        # drain the incoming bundle













ca6e2adc3e4d
wireproto/http: drain the incoming bundle in case of errors



Benoit Boissinot <benoit.boissinot@ens-lyon.org>


parents: 
12703

diff
changeset




   193


        req.drain()








14614






afccc64eea73
ui: use I/O descriptors internally



Idan Kamara <idankk86@gmail.com>


parents: 
14494

diff
changeset




   194


        p.restore()








12703






40bb5853fc4b
wireproto: introduce pusherr() to deal with "unsynced changes" error



Benoit Boissinot <benoit.boissinot@ens-lyon.org>


parents: 
11626

diff
changeset




   195


        rsp = '0\n%s\n' % rsp.res








18352






e33b9b92a200
hgweb: pass the actual response body to request.response, not just the length



Mads Kiilerich <mads@kiilerich.com>


parents: 
18346

diff
changeset




   196


        req.respond(HTTP_OK, HGTYPE, body=rsp)













e33b9b92a200
hgweb: pass the actual response body to request.response, not just the length



Mads Kiilerich <mads@kiilerich.com>


parents: 
18346

diff
changeset




   197


        return []








15017






f4522df38c65
wireproto: add out-of-band error class to allow remote repo to report errors



Andrew Pritchard <andrewp@fogcreek.com>


parents: 
14614

diff
changeset




   198


    elif isinstance(rsp, wireproto.ooberror):













f4522df38c65
wireproto: add out-of-band error class to allow remote repo to report errors



Andrew Pritchard <andrewp@fogcreek.com>


parents: 
14614

diff
changeset




   199


        rsp = rsp.message








18352






e33b9b92a200
hgweb: pass the actual response body to request.response, not just the length



Mads Kiilerich <mads@kiilerich.com>


parents: 
18346

diff
changeset




   200


        req.respond(HTTP_OK, HGERRTYPE, body=rsp)













e33b9b92a200
hgweb: pass the actual response body to request.response, not just the length



Mads Kiilerich <mads@kiilerich.com>


parents: 
18346

diff
changeset




   201


        return []








34509






e21f274cccea
hgweb: in protocol adapter, avoid control reaching end of non-void function



Augie Fackler <augie@google.com>


parents: 
33821

diff
changeset




   202


    raise error.ProgrammingError('hgweb.protocol internal failure', rsp)















mercurial-scm/hg