diff --git a/mercurial/hgweb/server.py b/mercurial/hgweb/server.py --- a/mercurial/hgweb/server.py +++ b/mercurial/hgweb/server.py @@ -58,7 +58,7 @@ class _httprequesthandler(BaseHTTPServer url_scheme = 'http' @staticmethod - def preparehttpserver(httpserver, ssl_cert): + def preparehttpserver(httpserver, ui): """Prepare .socket of new HTTPServer instance""" pass @@ -222,15 +222,17 @@ class _httprequesthandlerssl(_httpreques url_scheme = 'https' @staticmethod - def preparehttpserver(httpserver, ssl_cert): + def preparehttpserver(httpserver, ui): try: import ssl ssl.wrap_socket except ImportError: raise error.Abort(_("SSL support is unavailable")) + + certfile = ui.config('web', 'certificate') httpserver.socket = ssl.wrap_socket( httpserver.socket, server_side=True, - certfile=ssl_cert, ssl_version=ssl.PROTOCOL_TLSv1) + certfile=certfile, ssl_version=ssl.PROTOCOL_TLSv1) def setup(self): self.connection = self.request @@ -264,7 +266,7 @@ class MercurialHTTPServer(object, _mixin self.daemon_threads = True self.application = app - handler.preparehttpserver(self, ui.config('web', 'certificate')) + handler.preparehttpserver(self, ui) prefix = ui.config('web', 'prefix', '') if prefix: diff --git a/tests/test-https.t b/tests/test-https.t --- a/tests/test-https.t +++ b/tests/test-https.t @@ -404,12 +404,13 @@ Start patched hgweb that requires client > from mercurial.hgweb import server > class _httprequesthandlersslclientcert(server._httprequesthandlerssl): > @staticmethod - > def preparehttpserver(httpserver, ssl_cert): + > def preparehttpserver(httpserver, ui): + > certfile = ui.config('web', 'certificate') > sslcontext = ssl.SSLContext(ssl.PROTOCOL_TLSv1) > sslcontext.verify_mode = ssl.CERT_REQUIRED - > sslcontext.load_cert_chain(ssl_cert) + > sslcontext.load_cert_chain(certfile) > # verify clients by server certificate - > sslcontext.load_verify_locations(ssl_cert) + > sslcontext.load_verify_locations(certfile) > httpserver.socket = sslcontext.wrap_socket(httpserver.socket, > server_side=True) > server._httprequesthandlerssl = _httprequesthandlersslclientcert