##// END OF EJS Templates
sslutil: per-host config option to define certificates...
sslutil: per-host config option to define certificates Recent work has introduced the [hostsecurity] config section for defining per-host security settings. This patch builds on top of this foundation and implements the ability to define a per-host path to a file containing certificates used for verifying the server certificate. It is logically a per-host web.cacerts setting. This patch also introduces a warning when both per-host certificates and fingerprints are defined. These are mutually exclusive for host verification and I think the user should be alerted when security settings are ambiguous because, well, security is important. Tests validating the new behavior have been added. I decided against putting "ca" in the option name because a non-CA certificate can be specified and used to validate the server certificate (commonly this will be the exact public certificate used by the server). It's worth noting that the underlying Python API used is load_verify_locations(cafile=X) and it calls into OpenSSL's SSL_CTX_load_verify_locations(). Even OpenSSL's documentation seems to omit that the file can contain a non-CA certificate if it matches the server's certificate exactly. I thought a CA certificate was a special kind of x509 certificate. Perhaps I'm wrong and any x509 certificate can be used as a CA certificate [as far as OpenSSL is concerned]. In any case, I thought it best to drop "ca" from the name because this reflects reality.

File last commit:

r26587:56b2bcea default
r29334:ecc9b788 default
Show More
sshserver.py
134 lines | 3.6 KiB | text/x-python | PythonLexer
Vadim Gelfer
fix comment.
r2399 # sshserver.py - ssh protocol server support for mercurial
Vadim Gelfer
refactor ssh server.
r2396 #
Thomas Arendsen Hein
Updated copyright notices and add "and others" to "hg version"
r4635 # Copyright 2005-2007 Matt Mackall <mpm@selenic.com>
Vadim Gelfer
update copyrights.
r2859 # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
Vadim Gelfer
refactor ssh server.
r2396 #
Martin Geisler
updated license to be explicit about GPL version 2
r8225 # This software may be used and distributed according to the terms of the
Matt Mackall
Update license to GPLv2+
r10263 # GNU General Public License version 2 or any later version.
Vadim Gelfer
refactor ssh server.
r2396
Gregory Szorc
sshserver: use absolute_import
r25976 from __future__ import absolute_import
import os
import sys
from . import (
Pierre-Yves David
error: get Abort from 'error' instead of 'util'...
r26587 error,
Gregory Szorc
sshserver: use absolute_import
r25976 hook,
util,
wireproto,
)
Vadim Gelfer
refactor ssh server.
r2396
Pierre-Yves David
wireproto: introduce an abstractserverproto class...
r20903 class sshserver(wireproto.abstractserverproto):
Vadim Gelfer
refactor ssh server.
r2396 def __init__(self, ui, repo):
self.ui = ui
self.repo = repo
self.lock = None
Idan Kamara
ui: use I/O descriptors internally...
r14614 self.fin = ui.fin
self.fout = ui.fout
Vadim Gelfer
refactor ssh server.
r2396
Matt Mackall
hook: redirect stdout to stderr for ssh and http servers
r5833 hook.redirect(True)
Idan Kamara
ui: use I/O descriptors internally...
r14614 ui.fout = repo.ui.fout = ui.ferr
Vadim Gelfer
refactor ssh server.
r2396
# Prevent insertion/deletion of CRs
Adrian Buehlmann
rename util.set_binary to setbinary
r14233 util.setbinary(self.fin)
util.setbinary(self.fout)
Vadim Gelfer
refactor ssh server.
r2396
Matt Mackall
protocol: add ssh getargs...
r11579 def getargs(self, args):
data = {}
keys = args.split()
for n in xrange(len(keys)):
argline = self.fin.readline()[:-1]
arg, l = argline.split()
if arg not in keys:
Pierre-Yves David
error: get Abort from 'error' instead of 'util'...
r26587 raise error.Abort("unexpected parameter %r" % arg)
Matt Mackall
protocol: add ssh getargs...
r11579 if arg == '*':
star = {}
Peter Arrenbrecht
wireproto: fix handling of '*' args for HTTP and SSH
r13721 for k in xrange(int(l)):
argline = self.fin.readline()[:-1]
Matt Mackall
protocol: add ssh getargs...
r11579 arg, l = argline.split()
val = self.fin.read(int(l))
star[arg] = val
data['*'] = star
else:
Peter Arrenbrecht
wireproto: fix handling of '*' args for HTTP and SSH
r13721 val = self.fin.read(int(l))
Matt Mackall
protocol: add ssh getargs...
r11579 data[arg] = val
return [data[k] for k in keys]
def getarg(self, name):
return self.getargs(name)[0]
Vadim Gelfer
refactor ssh server.
r2396
Dirkjan Ochtman
protocol: shuffle server methods to group send methods
r11621 def getfile(self, fpout):
Dirkjan Ochtman
protocol: rename send methods to get grouping by prefix
r11622 self.sendresponse('')
Dirkjan Ochtman
protocol: shuffle server methods to group send methods
r11621 count = int(self.fin.readline())
while count:
fpout.write(self.fin.read(count))
count = int(self.fin.readline())
def redirect(self):
pass
Dirkjan Ochtman
protocol: extract compression from streaming mechanics
r11623 def groupchunks(self, changegroup):
Matt Mackall
protocol: unify changegroup commands...
r11584 while True:
d = changegroup.read(4096)
if not d:
break
Dirkjan Ochtman
protocol: extract compression from streaming mechanics
r11623 yield d
Matt Mackall
protocol: unify changegroup commands...
r11584
Dirkjan Ochtman
protocol: extract compression from streaming mechanics
r11623 def sendresponse(self, v):
self.fout.write("%d\n" % len(v))
self.fout.write(v)
Matt Mackall
protocol: unify changegroup commands...
r11584 self.fout.flush()
Matt Mackall
protocol: unify stream_out command
r11585 def sendstream(self, source):
Bryan O'Sullivan
sshserver: avoid a multi-dot attribute lookup in a hot loop...
r17563 write = self.fout.write
Dirkjan Ochtman
protocol: wrap non-string protocol responses in classes
r11625 for chunk in source.gen:
Bryan O'Sullivan
sshserver: avoid a multi-dot attribute lookup in a hot loop...
r17563 write(chunk)
Matt Mackall
protocol: unify stream_out command
r11585 self.fout.flush()
Dirkjan Ochtman
protocol: wrap non-string protocol responses in classes
r11625 def sendpushresponse(self, rsp):
Dirkjan Ochtman
protocol: rename send methods to get grouping by prefix
r11622 self.sendresponse('')
Dirkjan Ochtman
protocol: wrap non-string protocol responses in classes
r11625 self.sendresponse(str(rsp.res))
Matt Mackall
protocol: unify unbundle on the server side
r11593
Benoit Boissinot
wireproto: introduce pusherr() to deal with "unsynced changes" error...
r12703 def sendpusherror(self, rsp):
self.sendresponse(rsp.res)
Andrew Pritchard
wireproto: add out-of-band error class to allow remote repo to report errors...
r15017 def sendooberror(self, rsp):
self.ui.ferr.write('%s\n-\n' % rsp.message)
self.ui.ferr.flush()
self.fout.write('\n')
self.fout.flush()
Vadim Gelfer
refactor ssh server.
r2396 def serve_forever(self):
Ronny Pfannschmidt
switch lock releasing in the core from gc to explicit
r8109 try:
Matt Mackall
many, many trivial check-code fixups
r10282 while self.serve_one():
pass
Ronny Pfannschmidt
switch lock releasing in the core from gc to explicit
r8109 finally:
if self.lock is not None:
self.lock.release()
Vadim Gelfer
refactor ssh server.
r2396 sys.exit(0)
Dirkjan Ochtman
protocol: wrap non-string protocol responses in classes
r11625 handlers = {
str: sendresponse,
wireproto.streamres: sendstream,
wireproto.pushres: sendpushresponse,
Benoit Boissinot
wireproto: introduce pusherr() to deal with "unsynced changes" error...
r12703 wireproto.pusherr: sendpusherror,
Andrew Pritchard
wireproto: add out-of-band error class to allow remote repo to report errors...
r15017 wireproto.ooberror: sendooberror,
Dirkjan Ochtman
protocol: wrap non-string protocol responses in classes
r11625 }
Vadim Gelfer
refactor ssh server.
r2396 def serve_one(self):
cmd = self.fin.readline()[:-1]
Dirkjan Ochtman
protocol: command must be checked before passing in
r11618 if cmd and cmd in wireproto.commands:
Dirkjan Ochtman
protocol: wrap non-string protocol responses in classes
r11625 rsp = wireproto.dispatch(self.repo, self, cmd)
self.handlers[rsp.__class__](self, rsp)
Dirkjan Ochtman
protocol: command must be checked before passing in
r11618 elif cmd:
Vadim Gelfer
refactor ssh server.
r2396 impl = getattr(self, 'do_' + cmd, None)
Matt Mackall
many, many trivial check-code fixups
r10282 if impl:
Matt Mackall
protocol: move most ssh responses to returns
r11580 r = impl()
if r is not None:
Dirkjan Ochtman
protocol: rename send methods to get grouping by prefix
r11622 self.sendresponse(r)
else: self.sendresponse("")
Vadim Gelfer
refactor ssh server.
r2396 return cmd != ''
Matt Mackall
protocol: unify unbundle on the server side
r11593 def _client(self):
Vadim Gelfer
hooks: add url to changegroup, incoming, prechangegroup, pretxnchangegroup hooks...
r2673 client = os.environ.get('SSH_CLIENT', '').split(' ', 1)[0]
return 'remote:ssh:' + client