##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

sslutil: require TLS 1.1+ when supported...
Gregory Szorc -
r29560:303e9300 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,2189 +1,2197 b''
1 The Mercurial system uses a set of configuration files to control
1 The Mercurial system uses a set of configuration files to control
2 aspects of its behavior.
2 aspects of its behavior.
3
3
4 Troubleshooting
4 Troubleshooting
5 ===============
5 ===============
6
6
7 If you're having problems with your configuration,
7 If you're having problems with your configuration,
8 :hg:`config --debug` can help you understand what is introducing
8 :hg:`config --debug` can help you understand what is introducing
9 a setting into your environment.
9 a setting into your environment.
10
10
11 See :hg:`help config.syntax` and :hg:`help config.files`
11 See :hg:`help config.syntax` and :hg:`help config.files`
12 for information about how and where to override things.
12 for information about how and where to override things.
13
13
14 Structure
14 Structure
15 =========
15 =========
16
16
17 The configuration files use a simple ini-file format. A configuration
17 The configuration files use a simple ini-file format. A configuration
18 file consists of sections, led by a ``[section]`` header and followed
18 file consists of sections, led by a ``[section]`` header and followed
19 by ``name = value`` entries::
19 by ``name = value`` entries::
20
20
21 [ui]
21 [ui]
22 username = Firstname Lastname <firstname.lastname@example.net>
22 username = Firstname Lastname <firstname.lastname@example.net>
23 verbose = True
23 verbose = True
24
24
25 The above entries will be referred to as ``ui.username`` and
25 The above entries will be referred to as ``ui.username`` and
26 ``ui.verbose``, respectively. See :hg:`help config.syntax`.
26 ``ui.verbose``, respectively. See :hg:`help config.syntax`.
27
27
28 Files
28 Files
29 =====
29 =====
30
30
31 Mercurial reads configuration data from several files, if they exist.
31 Mercurial reads configuration data from several files, if they exist.
32 These files do not exist by default and you will have to create the
32 These files do not exist by default and you will have to create the
33 appropriate configuration files yourself:
33 appropriate configuration files yourself:
34
34
35 Local configuration is put into the per-repository ``<repo>/.hg/hgrc`` file.
35 Local configuration is put into the per-repository ``<repo>/.hg/hgrc`` file.
36
36
37 Global configuration like the username setting is typically put into:
37 Global configuration like the username setting is typically put into:
38
38
39 .. container:: windows
39 .. container:: windows
40
40
41 - ``%USERPROFILE%\mercurial.ini`` (on Windows)
41 - ``%USERPROFILE%\mercurial.ini`` (on Windows)
42
42
43 .. container:: unix.plan9
43 .. container:: unix.plan9
44
44
45 - ``$HOME/.hgrc`` (on Unix, Plan9)
45 - ``$HOME/.hgrc`` (on Unix, Plan9)
46
46
47 The names of these files depend on the system on which Mercurial is
47 The names of these files depend on the system on which Mercurial is
48 installed. ``*.rc`` files from a single directory are read in
48 installed. ``*.rc`` files from a single directory are read in
49 alphabetical order, later ones overriding earlier ones. Where multiple
49 alphabetical order, later ones overriding earlier ones. Where multiple
50 paths are given below, settings from earlier paths override later
50 paths are given below, settings from earlier paths override later
51 ones.
51 ones.
52
52
53 .. container:: verbose.unix
53 .. container:: verbose.unix
54
54
55 On Unix, the following files are consulted:
55 On Unix, the following files are consulted:
56
56
57 - ``<repo>/.hg/hgrc`` (per-repository)
57 - ``<repo>/.hg/hgrc`` (per-repository)
58 - ``$HOME/.hgrc`` (per-user)
58 - ``$HOME/.hgrc`` (per-user)
59 - ``<install-root>/etc/mercurial/hgrc`` (per-installation)
59 - ``<install-root>/etc/mercurial/hgrc`` (per-installation)
60 - ``<install-root>/etc/mercurial/hgrc.d/*.rc`` (per-installation)
60 - ``<install-root>/etc/mercurial/hgrc.d/*.rc`` (per-installation)
61 - ``/etc/mercurial/hgrc`` (per-system)
61 - ``/etc/mercurial/hgrc`` (per-system)
62 - ``/etc/mercurial/hgrc.d/*.rc`` (per-system)
62 - ``/etc/mercurial/hgrc.d/*.rc`` (per-system)
63 - ``<internal>/default.d/*.rc`` (defaults)
63 - ``<internal>/default.d/*.rc`` (defaults)
64
64
65 .. container:: verbose.windows
65 .. container:: verbose.windows
66
66
67 On Windows, the following files are consulted:
67 On Windows, the following files are consulted:
68
68
69 - ``<repo>/.hg/hgrc`` (per-repository)
69 - ``<repo>/.hg/hgrc`` (per-repository)
70 - ``%USERPROFILE%\.hgrc`` (per-user)
70 - ``%USERPROFILE%\.hgrc`` (per-user)
71 - ``%USERPROFILE%\Mercurial.ini`` (per-user)
71 - ``%USERPROFILE%\Mercurial.ini`` (per-user)
72 - ``%HOME%\.hgrc`` (per-user)
72 - ``%HOME%\.hgrc`` (per-user)
73 - ``%HOME%\Mercurial.ini`` (per-user)
73 - ``%HOME%\Mercurial.ini`` (per-user)
74 - ``HKEY_LOCAL_MACHINE\SOFTWARE\Mercurial`` (per-installation)
74 - ``HKEY_LOCAL_MACHINE\SOFTWARE\Mercurial`` (per-installation)
75 - ``<install-dir>\hgrc.d\*.rc`` (per-installation)
75 - ``<install-dir>\hgrc.d\*.rc`` (per-installation)
76 - ``<install-dir>\Mercurial.ini`` (per-installation)
76 - ``<install-dir>\Mercurial.ini`` (per-installation)
77 - ``<internal>/default.d/*.rc`` (defaults)
77 - ``<internal>/default.d/*.rc`` (defaults)
78
78
79 .. note::
79 .. note::
80
80
81 The registry key ``HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mercurial``
81 The registry key ``HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mercurial``
82 is used when running 32-bit Python on 64-bit Windows.
82 is used when running 32-bit Python on 64-bit Windows.
83
83
84 .. container:: windows
84 .. container:: windows
85
85
86 On Windows 9x, ``%HOME%`` is replaced by ``%APPDATA%``.
86 On Windows 9x, ``%HOME%`` is replaced by ``%APPDATA%``.
87
87
88 .. container:: verbose.plan9
88 .. container:: verbose.plan9
89
89
90 On Plan9, the following files are consulted:
90 On Plan9, the following files are consulted:
91
91
92 - ``<repo>/.hg/hgrc`` (per-repository)
92 - ``<repo>/.hg/hgrc`` (per-repository)
93 - ``$home/lib/hgrc`` (per-user)
93 - ``$home/lib/hgrc`` (per-user)
94 - ``<install-root>/lib/mercurial/hgrc`` (per-installation)
94 - ``<install-root>/lib/mercurial/hgrc`` (per-installation)
95 - ``<install-root>/lib/mercurial/hgrc.d/*.rc`` (per-installation)
95 - ``<install-root>/lib/mercurial/hgrc.d/*.rc`` (per-installation)
96 - ``/lib/mercurial/hgrc`` (per-system)
96 - ``/lib/mercurial/hgrc`` (per-system)
97 - ``/lib/mercurial/hgrc.d/*.rc`` (per-system)
97 - ``/lib/mercurial/hgrc.d/*.rc`` (per-system)
98 - ``<internal>/default.d/*.rc`` (defaults)
98 - ``<internal>/default.d/*.rc`` (defaults)
99
99
100 Per-repository configuration options only apply in a
100 Per-repository configuration options only apply in a
101 particular repository. This file is not version-controlled, and
101 particular repository. This file is not version-controlled, and
102 will not get transferred during a "clone" operation. Options in
102 will not get transferred during a "clone" operation. Options in
103 this file override options in all other configuration files.
103 this file override options in all other configuration files.
104
104
105 .. container:: unix.plan9
105 .. container:: unix.plan9
106
106
107 On Plan 9 and Unix, most of this file will be ignored if it doesn't
107 On Plan 9 and Unix, most of this file will be ignored if it doesn't
108 belong to a trusted user or to a trusted group. See
108 belong to a trusted user or to a trusted group. See
109 :hg:`help config.trusted` for more details.
109 :hg:`help config.trusted` for more details.
110
110
111 Per-user configuration file(s) are for the user running Mercurial. Options
111 Per-user configuration file(s) are for the user running Mercurial. Options
112 in these files apply to all Mercurial commands executed by this user in any
112 in these files apply to all Mercurial commands executed by this user in any
113 directory. Options in these files override per-system and per-installation
113 directory. Options in these files override per-system and per-installation
114 options.
114 options.
115
115
116 Per-installation configuration files are searched for in the
116 Per-installation configuration files are searched for in the
117 directory where Mercurial is installed. ``<install-root>`` is the
117 directory where Mercurial is installed. ``<install-root>`` is the
118 parent directory of the **hg** executable (or symlink) being run.
118 parent directory of the **hg** executable (or symlink) being run.
119
119
120 .. container:: unix.plan9
120 .. container:: unix.plan9
121
121
122 For example, if installed in ``/shared/tools/bin/hg``, Mercurial
122 For example, if installed in ``/shared/tools/bin/hg``, Mercurial
123 will look in ``/shared/tools/etc/mercurial/hgrc``. Options in these
123 will look in ``/shared/tools/etc/mercurial/hgrc``. Options in these
124 files apply to all Mercurial commands executed by any user in any
124 files apply to all Mercurial commands executed by any user in any
125 directory.
125 directory.
126
126
127 Per-installation configuration files are for the system on
127 Per-installation configuration files are for the system on
128 which Mercurial is running. Options in these files apply to all
128 which Mercurial is running. Options in these files apply to all
129 Mercurial commands executed by any user in any directory. Registry
129 Mercurial commands executed by any user in any directory. Registry
130 keys contain PATH-like strings, every part of which must reference
130 keys contain PATH-like strings, every part of which must reference
131 a ``Mercurial.ini`` file or be a directory where ``*.rc`` files will
131 a ``Mercurial.ini`` file or be a directory where ``*.rc`` files will
132 be read. Mercurial checks each of these locations in the specified
132 be read. Mercurial checks each of these locations in the specified
133 order until one or more configuration files are detected.
133 order until one or more configuration files are detected.
134
134
135 Per-system configuration files are for the system on which Mercurial
135 Per-system configuration files are for the system on which Mercurial
136 is running. Options in these files apply to all Mercurial commands
136 is running. Options in these files apply to all Mercurial commands
137 executed by any user in any directory. Options in these files
137 executed by any user in any directory. Options in these files
138 override per-installation options.
138 override per-installation options.
139
139
140 Mercurial comes with some default configuration. The default configuration
140 Mercurial comes with some default configuration. The default configuration
141 files are installed with Mercurial and will be overwritten on upgrades. Default
141 files are installed with Mercurial and will be overwritten on upgrades. Default
142 configuration files should never be edited by users or administrators but can
142 configuration files should never be edited by users or administrators but can
143 be overridden in other configuration files. So far the directory only contains
143 be overridden in other configuration files. So far the directory only contains
144 merge tool configuration but packagers can also put other default configuration
144 merge tool configuration but packagers can also put other default configuration
145 there.
145 there.
146
146
147 Syntax
147 Syntax
148 ======
148 ======
149
149
150 A configuration file consists of sections, led by a ``[section]`` header
150 A configuration file consists of sections, led by a ``[section]`` header
151 and followed by ``name = value`` entries (sometimes called
151 and followed by ``name = value`` entries (sometimes called
152 ``configuration keys``)::
152 ``configuration keys``)::
153
153
154 [spam]
154 [spam]
155 eggs=ham
155 eggs=ham
156 green=
156 green=
157 eggs
157 eggs
158
158
159 Each line contains one entry. If the lines that follow are indented,
159 Each line contains one entry. If the lines that follow are indented,
160 they are treated as continuations of that entry. Leading whitespace is
160 they are treated as continuations of that entry. Leading whitespace is
161 removed from values. Empty lines are skipped. Lines beginning with
161 removed from values. Empty lines are skipped. Lines beginning with
162 ``#`` or ``;`` are ignored and may be used to provide comments.
162 ``#`` or ``;`` are ignored and may be used to provide comments.
163
163
164 Configuration keys can be set multiple times, in which case Mercurial
164 Configuration keys can be set multiple times, in which case Mercurial
165 will use the value that was configured last. As an example::
165 will use the value that was configured last. As an example::
166
166
167 [spam]
167 [spam]
168 eggs=large
168 eggs=large
169 ham=serrano
169 ham=serrano
170 eggs=small
170 eggs=small
171
171
172 This would set the configuration key named ``eggs`` to ``small``.
172 This would set the configuration key named ``eggs`` to ``small``.
173
173
174 It is also possible to define a section multiple times. A section can
174 It is also possible to define a section multiple times. A section can
175 be redefined on the same and/or on different configuration files. For
175 be redefined on the same and/or on different configuration files. For
176 example::
176 example::
177
177
178 [foo]
178 [foo]
179 eggs=large
179 eggs=large
180 ham=serrano
180 ham=serrano
181 eggs=small
181 eggs=small
182
182
183 [bar]
183 [bar]
184 eggs=ham
184 eggs=ham
185 green=
185 green=
186 eggs
186 eggs
187
187
188 [foo]
188 [foo]
189 ham=prosciutto
189 ham=prosciutto
190 eggs=medium
190 eggs=medium
191 bread=toasted
191 bread=toasted
192
192
193 This would set the ``eggs``, ``ham``, and ``bread`` configuration keys
193 This would set the ``eggs``, ``ham``, and ``bread`` configuration keys
194 of the ``foo`` section to ``medium``, ``prosciutto``, and ``toasted``,
194 of the ``foo`` section to ``medium``, ``prosciutto``, and ``toasted``,
195 respectively. As you can see there only thing that matters is the last
195 respectively. As you can see there only thing that matters is the last
196 value that was set for each of the configuration keys.
196 value that was set for each of the configuration keys.
197
197
198 If a configuration key is set multiple times in different
198 If a configuration key is set multiple times in different
199 configuration files the final value will depend on the order in which
199 configuration files the final value will depend on the order in which
200 the different configuration files are read, with settings from earlier
200 the different configuration files are read, with settings from earlier
201 paths overriding later ones as described on the ``Files`` section
201 paths overriding later ones as described on the ``Files`` section
202 above.
202 above.
203
203
204 A line of the form ``%include file`` will include ``file`` into the
204 A line of the form ``%include file`` will include ``file`` into the
205 current configuration file. The inclusion is recursive, which means
205 current configuration file. The inclusion is recursive, which means
206 that included files can include other files. Filenames are relative to
206 that included files can include other files. Filenames are relative to
207 the configuration file in which the ``%include`` directive is found.
207 the configuration file in which the ``%include`` directive is found.
208 Environment variables and ``~user`` constructs are expanded in
208 Environment variables and ``~user`` constructs are expanded in
209 ``file``. This lets you do something like::
209 ``file``. This lets you do something like::
210
210
211 %include ~/.hgrc.d/$HOST.rc
211 %include ~/.hgrc.d/$HOST.rc
212
212
213 to include a different configuration file on each computer you use.
213 to include a different configuration file on each computer you use.
214
214
215 A line with ``%unset name`` will remove ``name`` from the current
215 A line with ``%unset name`` will remove ``name`` from the current
216 section, if it has been set previously.
216 section, if it has been set previously.
217
217
218 The values are either free-form text strings, lists of text strings,
218 The values are either free-form text strings, lists of text strings,
219 or Boolean values. Boolean values can be set to true using any of "1",
219 or Boolean values. Boolean values can be set to true using any of "1",
220 "yes", "true", or "on" and to false using "0", "no", "false", or "off"
220 "yes", "true", or "on" and to false using "0", "no", "false", or "off"
221 (all case insensitive).
221 (all case insensitive).
222
222
223 List values are separated by whitespace or comma, except when values are
223 List values are separated by whitespace or comma, except when values are
224 placed in double quotation marks::
224 placed in double quotation marks::
225
225
226 allow_read = "John Doe, PhD", brian, betty
226 allow_read = "John Doe, PhD", brian, betty
227
227
228 Quotation marks can be escaped by prefixing them with a backslash. Only
228 Quotation marks can be escaped by prefixing them with a backslash. Only
229 quotation marks at the beginning of a word is counted as a quotation
229 quotation marks at the beginning of a word is counted as a quotation
230 (e.g., ``foo"bar baz`` is the list of ``foo"bar`` and ``baz``).
230 (e.g., ``foo"bar baz`` is the list of ``foo"bar`` and ``baz``).
231
231
232 Sections
232 Sections
233 ========
233 ========
234
234
235 This section describes the different sections that may appear in a
235 This section describes the different sections that may appear in a
236 Mercurial configuration file, the purpose of each section, its possible
236 Mercurial configuration file, the purpose of each section, its possible
237 keys, and their possible values.
237 keys, and their possible values.
238
238
239 ``alias``
239 ``alias``
240 ---------
240 ---------
241
241
242 Defines command aliases.
242 Defines command aliases.
243
243
244 Aliases allow you to define your own commands in terms of other
244 Aliases allow you to define your own commands in terms of other
245 commands (or aliases), optionally including arguments. Positional
245 commands (or aliases), optionally including arguments. Positional
246 arguments in the form of ``$1``, ``$2``, etc. in the alias definition
246 arguments in the form of ``$1``, ``$2``, etc. in the alias definition
247 are expanded by Mercurial before execution. Positional arguments not
247 are expanded by Mercurial before execution. Positional arguments not
248 already used by ``$N`` in the definition are put at the end of the
248 already used by ``$N`` in the definition are put at the end of the
249 command to be executed.
249 command to be executed.
250
250
251 Alias definitions consist of lines of the form::
251 Alias definitions consist of lines of the form::
252
252
253 <alias> = <command> [<argument>]...
253 <alias> = <command> [<argument>]...
254
254
255 For example, this definition::
255 For example, this definition::
256
256
257 latest = log --limit 5
257 latest = log --limit 5
258
258
259 creates a new command ``latest`` that shows only the five most recent
259 creates a new command ``latest`` that shows only the five most recent
260 changesets. You can define subsequent aliases using earlier ones::
260 changesets. You can define subsequent aliases using earlier ones::
261
261
262 stable5 = latest -b stable
262 stable5 = latest -b stable
263
263
264 .. note::
264 .. note::
265
265
266 It is possible to create aliases with the same names as
266 It is possible to create aliases with the same names as
267 existing commands, which will then override the original
267 existing commands, which will then override the original
268 definitions. This is almost always a bad idea!
268 definitions. This is almost always a bad idea!
269
269
270 An alias can start with an exclamation point (``!``) to make it a
270 An alias can start with an exclamation point (``!``) to make it a
271 shell alias. A shell alias is executed with the shell and will let you
271 shell alias. A shell alias is executed with the shell and will let you
272 run arbitrary commands. As an example, ::
272 run arbitrary commands. As an example, ::
273
273
274 echo = !echo $@
274 echo = !echo $@
275
275
276 will let you do ``hg echo foo`` to have ``foo`` printed in your
276 will let you do ``hg echo foo`` to have ``foo`` printed in your
277 terminal. A better example might be::
277 terminal. A better example might be::
278
278
279 purge = !$HG status --no-status --unknown -0 re: | xargs -0 rm
279 purge = !$HG status --no-status --unknown -0 re: | xargs -0 rm
280
280
281 which will make ``hg purge`` delete all unknown files in the
281 which will make ``hg purge`` delete all unknown files in the
282 repository in the same manner as the purge extension.
282 repository in the same manner as the purge extension.
283
283
284 Positional arguments like ``$1``, ``$2``, etc. in the alias definition
284 Positional arguments like ``$1``, ``$2``, etc. in the alias definition
285 expand to the command arguments. Unmatched arguments are
285 expand to the command arguments. Unmatched arguments are
286 removed. ``$0`` expands to the alias name and ``$@`` expands to all
286 removed. ``$0`` expands to the alias name and ``$@`` expands to all
287 arguments separated by a space. ``"$@"`` (with quotes) expands to all
287 arguments separated by a space. ``"$@"`` (with quotes) expands to all
288 arguments quoted individually and separated by a space. These expansions
288 arguments quoted individually and separated by a space. These expansions
289 happen before the command is passed to the shell.
289 happen before the command is passed to the shell.
290
290
291 Shell aliases are executed in an environment where ``$HG`` expands to
291 Shell aliases are executed in an environment where ``$HG`` expands to
292 the path of the Mercurial that was used to execute the alias. This is
292 the path of the Mercurial that was used to execute the alias. This is
293 useful when you want to call further Mercurial commands in a shell
293 useful when you want to call further Mercurial commands in a shell
294 alias, as was done above for the purge alias. In addition,
294 alias, as was done above for the purge alias. In addition,
295 ``$HG_ARGS`` expands to the arguments given to Mercurial. In the ``hg
295 ``$HG_ARGS`` expands to the arguments given to Mercurial. In the ``hg
296 echo foo`` call above, ``$HG_ARGS`` would expand to ``echo foo``.
296 echo foo`` call above, ``$HG_ARGS`` would expand to ``echo foo``.
297
297
298 .. note::
298 .. note::
299
299
300 Some global configuration options such as ``-R`` are
300 Some global configuration options such as ``-R`` are
301 processed before shell aliases and will thus not be passed to
301 processed before shell aliases and will thus not be passed to
302 aliases.
302 aliases.
303
303
304
304
305 ``annotate``
305 ``annotate``
306 ------------
306 ------------
307
307
308 Settings used when displaying file annotations. All values are
308 Settings used when displaying file annotations. All values are
309 Booleans and default to False. See :hg:`help config.diff` for
309 Booleans and default to False. See :hg:`help config.diff` for
310 related options for the diff command.
310 related options for the diff command.
311
311
312 ``ignorews``
312 ``ignorews``
313 Ignore white space when comparing lines.
313 Ignore white space when comparing lines.
314
314
315 ``ignorewsamount``
315 ``ignorewsamount``
316 Ignore changes in the amount of white space.
316 Ignore changes in the amount of white space.
317
317
318 ``ignoreblanklines``
318 ``ignoreblanklines``
319 Ignore changes whose lines are all blank.
319 Ignore changes whose lines are all blank.
320
320
321
321
322 ``auth``
322 ``auth``
323 --------
323 --------
324
324
325 Authentication credentials for HTTP authentication. This section
325 Authentication credentials for HTTP authentication. This section
326 allows you to store usernames and passwords for use when logging
326 allows you to store usernames and passwords for use when logging
327 *into* HTTP servers. See :hg:`help config.web` if
327 *into* HTTP servers. See :hg:`help config.web` if
328 you want to configure *who* can login to your HTTP server.
328 you want to configure *who* can login to your HTTP server.
329
329
330 Each line has the following format::
330 Each line has the following format::
331
331
332 <name>.<argument> = <value>
332 <name>.<argument> = <value>
333
333
334 where ``<name>`` is used to group arguments into authentication
334 where ``<name>`` is used to group arguments into authentication
335 entries. Example::
335 entries. Example::
336
336
337 foo.prefix = hg.intevation.de/mercurial
337 foo.prefix = hg.intevation.de/mercurial
338 foo.username = foo
338 foo.username = foo
339 foo.password = bar
339 foo.password = bar
340 foo.schemes = http https
340 foo.schemes = http https
341
341
342 bar.prefix = secure.example.org
342 bar.prefix = secure.example.org
343 bar.key = path/to/file.key
343 bar.key = path/to/file.key
344 bar.cert = path/to/file.cert
344 bar.cert = path/to/file.cert
345 bar.schemes = https
345 bar.schemes = https
346
346
347 Supported arguments:
347 Supported arguments:
348
348
349 ``prefix``
349 ``prefix``
350 Either ``*`` or a URI prefix with or without the scheme part.
350 Either ``*`` or a URI prefix with or without the scheme part.
351 The authentication entry with the longest matching prefix is used
351 The authentication entry with the longest matching prefix is used
352 (where ``*`` matches everything and counts as a match of length
352 (where ``*`` matches everything and counts as a match of length
353 1). If the prefix doesn't include a scheme, the match is performed
353 1). If the prefix doesn't include a scheme, the match is performed
354 against the URI with its scheme stripped as well, and the schemes
354 against the URI with its scheme stripped as well, and the schemes
355 argument, q.v., is then subsequently consulted.
355 argument, q.v., is then subsequently consulted.
356
356
357 ``username``
357 ``username``
358 Optional. Username to authenticate with. If not given, and the
358 Optional. Username to authenticate with. If not given, and the
359 remote site requires basic or digest authentication, the user will
359 remote site requires basic or digest authentication, the user will
360 be prompted for it. Environment variables are expanded in the
360 be prompted for it. Environment variables are expanded in the
361 username letting you do ``foo.username = $USER``. If the URI
361 username letting you do ``foo.username = $USER``. If the URI
362 includes a username, only ``[auth]`` entries with a matching
362 includes a username, only ``[auth]`` entries with a matching
363 username or without a username will be considered.
363 username or without a username will be considered.
364
364
365 ``password``
365 ``password``
366 Optional. Password to authenticate with. If not given, and the
366 Optional. Password to authenticate with. If not given, and the
367 remote site requires basic or digest authentication, the user
367 remote site requires basic or digest authentication, the user
368 will be prompted for it.
368 will be prompted for it.
369
369
370 ``key``
370 ``key``
371 Optional. PEM encoded client certificate key file. Environment
371 Optional. PEM encoded client certificate key file. Environment
372 variables are expanded in the filename.
372 variables are expanded in the filename.
373
373
374 ``cert``
374 ``cert``
375 Optional. PEM encoded client certificate chain file. Environment
375 Optional. PEM encoded client certificate chain file. Environment
376 variables are expanded in the filename.
376 variables are expanded in the filename.
377
377
378 ``schemes``
378 ``schemes``
379 Optional. Space separated list of URI schemes to use this
379 Optional. Space separated list of URI schemes to use this
380 authentication entry with. Only used if the prefix doesn't include
380 authentication entry with. Only used if the prefix doesn't include
381 a scheme. Supported schemes are http and https. They will match
381 a scheme. Supported schemes are http and https. They will match
382 static-http and static-https respectively, as well.
382 static-http and static-https respectively, as well.
383 (default: https)
383 (default: https)
384
384
385 If no suitable authentication entry is found, the user is prompted
385 If no suitable authentication entry is found, the user is prompted
386 for credentials as usual if required by the remote.
386 for credentials as usual if required by the remote.
387
387
388
388
389 ``committemplate``
389 ``committemplate``
390 ------------------
390 ------------------
391
391
392 ``changeset``
392 ``changeset``
393 String: configuration in this section is used as the template to
393 String: configuration in this section is used as the template to
394 customize the text shown in the editor when committing.
394 customize the text shown in the editor when committing.
395
395
396 In addition to pre-defined template keywords, commit log specific one
396 In addition to pre-defined template keywords, commit log specific one
397 below can be used for customization:
397 below can be used for customization:
398
398
399 ``extramsg``
399 ``extramsg``
400 String: Extra message (typically 'Leave message empty to abort
400 String: Extra message (typically 'Leave message empty to abort
401 commit.'). This may be changed by some commands or extensions.
401 commit.'). This may be changed by some commands or extensions.
402
402
403 For example, the template configuration below shows as same text as
403 For example, the template configuration below shows as same text as
404 one shown by default::
404 one shown by default::
405
405
406 [committemplate]
406 [committemplate]
407 changeset = {desc}\n\n
407 changeset = {desc}\n\n
408 HG: Enter commit message. Lines beginning with 'HG:' are removed.
408 HG: Enter commit message. Lines beginning with 'HG:' are removed.
409 HG: {extramsg}
409 HG: {extramsg}
410 HG: --
410 HG: --
411 HG: user: {author}\n{ifeq(p2rev, "-1", "",
411 HG: user: {author}\n{ifeq(p2rev, "-1", "",
412 "HG: branch merge\n")
412 "HG: branch merge\n")
413 }HG: branch '{branch}'\n{if(activebookmark,
413 }HG: branch '{branch}'\n{if(activebookmark,
414 "HG: bookmark '{activebookmark}'\n") }{subrepos %
414 "HG: bookmark '{activebookmark}'\n") }{subrepos %
415 "HG: subrepo {subrepo}\n" }{file_adds %
415 "HG: subrepo {subrepo}\n" }{file_adds %
416 "HG: added {file}\n" }{file_mods %
416 "HG: added {file}\n" }{file_mods %
417 "HG: changed {file}\n" }{file_dels %
417 "HG: changed {file}\n" }{file_dels %
418 "HG: removed {file}\n" }{if(files, "",
418 "HG: removed {file}\n" }{if(files, "",
419 "HG: no files changed\n")}
419 "HG: no files changed\n")}
420
420
421 .. note::
421 .. note::
422
422
423 For some problematic encodings (see :hg:`help win32mbcs` for
423 For some problematic encodings (see :hg:`help win32mbcs` for
424 detail), this customization should be configured carefully, to
424 detail), this customization should be configured carefully, to
425 avoid showing broken characters.
425 avoid showing broken characters.
426
426
427 For example, if a multibyte character ending with backslash (0x5c) is
427 For example, if a multibyte character ending with backslash (0x5c) is
428 followed by the ASCII character 'n' in the customized template,
428 followed by the ASCII character 'n' in the customized template,
429 the sequence of backslash and 'n' is treated as line-feed unexpectedly
429 the sequence of backslash and 'n' is treated as line-feed unexpectedly
430 (and the multibyte character is broken, too).
430 (and the multibyte character is broken, too).
431
431
432 Customized template is used for commands below (``--edit`` may be
432 Customized template is used for commands below (``--edit`` may be
433 required):
433 required):
434
434
435 - :hg:`backout`
435 - :hg:`backout`
436 - :hg:`commit`
436 - :hg:`commit`
437 - :hg:`fetch` (for merge commit only)
437 - :hg:`fetch` (for merge commit only)
438 - :hg:`graft`
438 - :hg:`graft`
439 - :hg:`histedit`
439 - :hg:`histedit`
440 - :hg:`import`
440 - :hg:`import`
441 - :hg:`qfold`, :hg:`qnew` and :hg:`qrefresh`
441 - :hg:`qfold`, :hg:`qnew` and :hg:`qrefresh`
442 - :hg:`rebase`
442 - :hg:`rebase`
443 - :hg:`shelve`
443 - :hg:`shelve`
444 - :hg:`sign`
444 - :hg:`sign`
445 - :hg:`tag`
445 - :hg:`tag`
446 - :hg:`transplant`
446 - :hg:`transplant`
447
447
448 Configuring items below instead of ``changeset`` allows showing
448 Configuring items below instead of ``changeset`` allows showing
449 customized message only for specific actions, or showing different
449 customized message only for specific actions, or showing different
450 messages for each action.
450 messages for each action.
451
451
452 - ``changeset.backout`` for :hg:`backout`
452 - ``changeset.backout`` for :hg:`backout`
453 - ``changeset.commit.amend.merge`` for :hg:`commit --amend` on merges
453 - ``changeset.commit.amend.merge`` for :hg:`commit --amend` on merges
454 - ``changeset.commit.amend.normal`` for :hg:`commit --amend` on other
454 - ``changeset.commit.amend.normal`` for :hg:`commit --amend` on other
455 - ``changeset.commit.normal.merge`` for :hg:`commit` on merges
455 - ``changeset.commit.normal.merge`` for :hg:`commit` on merges
456 - ``changeset.commit.normal.normal`` for :hg:`commit` on other
456 - ``changeset.commit.normal.normal`` for :hg:`commit` on other
457 - ``changeset.fetch`` for :hg:`fetch` (impling merge commit)
457 - ``changeset.fetch`` for :hg:`fetch` (impling merge commit)
458 - ``changeset.gpg.sign`` for :hg:`sign`
458 - ``changeset.gpg.sign`` for :hg:`sign`
459 - ``changeset.graft`` for :hg:`graft`
459 - ``changeset.graft`` for :hg:`graft`
460 - ``changeset.histedit.edit`` for ``edit`` of :hg:`histedit`
460 - ``changeset.histedit.edit`` for ``edit`` of :hg:`histedit`
461 - ``changeset.histedit.fold`` for ``fold`` of :hg:`histedit`
461 - ``changeset.histedit.fold`` for ``fold`` of :hg:`histedit`
462 - ``changeset.histedit.mess`` for ``mess`` of :hg:`histedit`
462 - ``changeset.histedit.mess`` for ``mess`` of :hg:`histedit`
463 - ``changeset.histedit.pick`` for ``pick`` of :hg:`histedit`
463 - ``changeset.histedit.pick`` for ``pick`` of :hg:`histedit`
464 - ``changeset.import.bypass`` for :hg:`import --bypass`
464 - ``changeset.import.bypass`` for :hg:`import --bypass`
465 - ``changeset.import.normal.merge`` for :hg:`import` on merges
465 - ``changeset.import.normal.merge`` for :hg:`import` on merges
466 - ``changeset.import.normal.normal`` for :hg:`import` on other
466 - ``changeset.import.normal.normal`` for :hg:`import` on other
467 - ``changeset.mq.qnew`` for :hg:`qnew`
467 - ``changeset.mq.qnew`` for :hg:`qnew`
468 - ``changeset.mq.qfold`` for :hg:`qfold`
468 - ``changeset.mq.qfold`` for :hg:`qfold`
469 - ``changeset.mq.qrefresh`` for :hg:`qrefresh`
469 - ``changeset.mq.qrefresh`` for :hg:`qrefresh`
470 - ``changeset.rebase.collapse`` for :hg:`rebase --collapse`
470 - ``changeset.rebase.collapse`` for :hg:`rebase --collapse`
471 - ``changeset.rebase.merge`` for :hg:`rebase` on merges
471 - ``changeset.rebase.merge`` for :hg:`rebase` on merges
472 - ``changeset.rebase.normal`` for :hg:`rebase` on other
472 - ``changeset.rebase.normal`` for :hg:`rebase` on other
473 - ``changeset.shelve.shelve`` for :hg:`shelve`
473 - ``changeset.shelve.shelve`` for :hg:`shelve`
474 - ``changeset.tag.add`` for :hg:`tag` without ``--remove``
474 - ``changeset.tag.add`` for :hg:`tag` without ``--remove``
475 - ``changeset.tag.remove`` for :hg:`tag --remove`
475 - ``changeset.tag.remove`` for :hg:`tag --remove`
476 - ``changeset.transplant.merge`` for :hg:`transplant` on merges
476 - ``changeset.transplant.merge`` for :hg:`transplant` on merges
477 - ``changeset.transplant.normal`` for :hg:`transplant` on other
477 - ``changeset.transplant.normal`` for :hg:`transplant` on other
478
478
479 These dot-separated lists of names are treated as hierarchical ones.
479 These dot-separated lists of names are treated as hierarchical ones.
480 For example, ``changeset.tag.remove`` customizes the commit message
480 For example, ``changeset.tag.remove`` customizes the commit message
481 only for :hg:`tag --remove`, but ``changeset.tag`` customizes the
481 only for :hg:`tag --remove`, but ``changeset.tag`` customizes the
482 commit message for :hg:`tag` regardless of ``--remove`` option.
482 commit message for :hg:`tag` regardless of ``--remove`` option.
483
483
484 When the external editor is invoked for a commit, the corresponding
484 When the external editor is invoked for a commit, the corresponding
485 dot-separated list of names without the ``changeset.`` prefix
485 dot-separated list of names without the ``changeset.`` prefix
486 (e.g. ``commit.normal.normal``) is in the ``HGEDITFORM`` environment
486 (e.g. ``commit.normal.normal``) is in the ``HGEDITFORM`` environment
487 variable.
487 variable.
488
488
489 In this section, items other than ``changeset`` can be referred from
489 In this section, items other than ``changeset`` can be referred from
490 others. For example, the configuration to list committed files up
490 others. For example, the configuration to list committed files up
491 below can be referred as ``{listupfiles}``::
491 below can be referred as ``{listupfiles}``::
492
492
493 [committemplate]
493 [committemplate]
494 listupfiles = {file_adds %
494 listupfiles = {file_adds %
495 "HG: added {file}\n" }{file_mods %
495 "HG: added {file}\n" }{file_mods %
496 "HG: changed {file}\n" }{file_dels %
496 "HG: changed {file}\n" }{file_dels %
497 "HG: removed {file}\n" }{if(files, "",
497 "HG: removed {file}\n" }{if(files, "",
498 "HG: no files changed\n")}
498 "HG: no files changed\n")}
499
499
500 ``decode/encode``
500 ``decode/encode``
501 -----------------
501 -----------------
502
502
503 Filters for transforming files on checkout/checkin. This would
503 Filters for transforming files on checkout/checkin. This would
504 typically be used for newline processing or other
504 typically be used for newline processing or other
505 localization/canonicalization of files.
505 localization/canonicalization of files.
506
506
507 Filters consist of a filter pattern followed by a filter command.
507 Filters consist of a filter pattern followed by a filter command.
508 Filter patterns are globs by default, rooted at the repository root.
508 Filter patterns are globs by default, rooted at the repository root.
509 For example, to match any file ending in ``.txt`` in the root
509 For example, to match any file ending in ``.txt`` in the root
510 directory only, use the pattern ``*.txt``. To match any file ending
510 directory only, use the pattern ``*.txt``. To match any file ending
511 in ``.c`` anywhere in the repository, use the pattern ``**.c``.
511 in ``.c`` anywhere in the repository, use the pattern ``**.c``.
512 For each file only the first matching filter applies.
512 For each file only the first matching filter applies.
513
513
514 The filter command can start with a specifier, either ``pipe:`` or
514 The filter command can start with a specifier, either ``pipe:`` or
515 ``tempfile:``. If no specifier is given, ``pipe:`` is used by default.
515 ``tempfile:``. If no specifier is given, ``pipe:`` is used by default.
516
516
517 A ``pipe:`` command must accept data on stdin and return the transformed
517 A ``pipe:`` command must accept data on stdin and return the transformed
518 data on stdout.
518 data on stdout.
519
519
520 Pipe example::
520 Pipe example::
521
521
522 [encode]
522 [encode]
523 # uncompress gzip files on checkin to improve delta compression
523 # uncompress gzip files on checkin to improve delta compression
524 # note: not necessarily a good idea, just an example
524 # note: not necessarily a good idea, just an example
525 *.gz = pipe: gunzip
525 *.gz = pipe: gunzip
526
526
527 [decode]
527 [decode]
528 # recompress gzip files when writing them to the working dir (we
528 # recompress gzip files when writing them to the working dir (we
529 # can safely omit "pipe:", because it's the default)
529 # can safely omit "pipe:", because it's the default)
530 *.gz = gzip
530 *.gz = gzip
531
531
532 A ``tempfile:`` command is a template. The string ``INFILE`` is replaced
532 A ``tempfile:`` command is a template. The string ``INFILE`` is replaced
533 with the name of a temporary file that contains the data to be
533 with the name of a temporary file that contains the data to be
534 filtered by the command. The string ``OUTFILE`` is replaced with the name
534 filtered by the command. The string ``OUTFILE`` is replaced with the name
535 of an empty temporary file, where the filtered data must be written by
535 of an empty temporary file, where the filtered data must be written by
536 the command.
536 the command.
537
537
538 .. container:: windows
538 .. container:: windows
539
539
540 .. note::
540 .. note::
541
541
542 The tempfile mechanism is recommended for Windows systems,
542 The tempfile mechanism is recommended for Windows systems,
543 where the standard shell I/O redirection operators often have
543 where the standard shell I/O redirection operators often have
544 strange effects and may corrupt the contents of your files.
544 strange effects and may corrupt the contents of your files.
545
545
546 This filter mechanism is used internally by the ``eol`` extension to
546 This filter mechanism is used internally by the ``eol`` extension to
547 translate line ending characters between Windows (CRLF) and Unix (LF)
547 translate line ending characters between Windows (CRLF) and Unix (LF)
548 format. We suggest you use the ``eol`` extension for convenience.
548 format. We suggest you use the ``eol`` extension for convenience.
549
549
550
550
551 ``defaults``
551 ``defaults``
552 ------------
552 ------------
553
553
554 (defaults are deprecated. Don't use them. Use aliases instead.)
554 (defaults are deprecated. Don't use them. Use aliases instead.)
555
555
556 Use the ``[defaults]`` section to define command defaults, i.e. the
556 Use the ``[defaults]`` section to define command defaults, i.e. the
557 default options/arguments to pass to the specified commands.
557 default options/arguments to pass to the specified commands.
558
558
559 The following example makes :hg:`log` run in verbose mode, and
559 The following example makes :hg:`log` run in verbose mode, and
560 :hg:`status` show only the modified files, by default::
560 :hg:`status` show only the modified files, by default::
561
561
562 [defaults]
562 [defaults]
563 log = -v
563 log = -v
564 status = -m
564 status = -m
565
565
566 The actual commands, instead of their aliases, must be used when
566 The actual commands, instead of their aliases, must be used when
567 defining command defaults. The command defaults will also be applied
567 defining command defaults. The command defaults will also be applied
568 to the aliases of the commands defined.
568 to the aliases of the commands defined.
569
569
570
570
571 ``diff``
571 ``diff``
572 --------
572 --------
573
573
574 Settings used when displaying diffs. Everything except for ``unified``
574 Settings used when displaying diffs. Everything except for ``unified``
575 is a Boolean and defaults to False. See :hg:`help config.annotate`
575 is a Boolean and defaults to False. See :hg:`help config.annotate`
576 for related options for the annotate command.
576 for related options for the annotate command.
577
577
578 ``git``
578 ``git``
579 Use git extended diff format.
579 Use git extended diff format.
580
580
581 ``nobinary``
581 ``nobinary``
582 Omit git binary patches.
582 Omit git binary patches.
583
583
584 ``nodates``
584 ``nodates``
585 Don't include dates in diff headers.
585 Don't include dates in diff headers.
586
586
587 ``noprefix``
587 ``noprefix``
588 Omit 'a/' and 'b/' prefixes from filenames. Ignored in plain mode.
588 Omit 'a/' and 'b/' prefixes from filenames. Ignored in plain mode.
589
589
590 ``showfunc``
590 ``showfunc``
591 Show which function each change is in.
591 Show which function each change is in.
592
592
593 ``ignorews``
593 ``ignorews``
594 Ignore white space when comparing lines.
594 Ignore white space when comparing lines.
595
595
596 ``ignorewsamount``
596 ``ignorewsamount``
597 Ignore changes in the amount of white space.
597 Ignore changes in the amount of white space.
598
598
599 ``ignoreblanklines``
599 ``ignoreblanklines``
600 Ignore changes whose lines are all blank.
600 Ignore changes whose lines are all blank.
601
601
602 ``unified``
602 ``unified``
603 Number of lines of context to show.
603 Number of lines of context to show.
604
604
605 ``email``
605 ``email``
606 ---------
606 ---------
607
607
608 Settings for extensions that send email messages.
608 Settings for extensions that send email messages.
609
609
610 ``from``
610 ``from``
611 Optional. Email address to use in "From" header and SMTP envelope
611 Optional. Email address to use in "From" header and SMTP envelope
612 of outgoing messages.
612 of outgoing messages.
613
613
614 ``to``
614 ``to``
615 Optional. Comma-separated list of recipients' email addresses.
615 Optional. Comma-separated list of recipients' email addresses.
616
616
617 ``cc``
617 ``cc``
618 Optional. Comma-separated list of carbon copy recipients'
618 Optional. Comma-separated list of carbon copy recipients'
619 email addresses.
619 email addresses.
620
620
621 ``bcc``
621 ``bcc``
622 Optional. Comma-separated list of blind carbon copy recipients'
622 Optional. Comma-separated list of blind carbon copy recipients'
623 email addresses.
623 email addresses.
624
624
625 ``method``
625 ``method``
626 Optional. Method to use to send email messages. If value is ``smtp``
626 Optional. Method to use to send email messages. If value is ``smtp``
627 (default), use SMTP (see the ``[smtp]`` section for configuration).
627 (default), use SMTP (see the ``[smtp]`` section for configuration).
628 Otherwise, use as name of program to run that acts like sendmail
628 Otherwise, use as name of program to run that acts like sendmail
629 (takes ``-f`` option for sender, list of recipients on command line,
629 (takes ``-f`` option for sender, list of recipients on command line,
630 message on stdin). Normally, setting this to ``sendmail`` or
630 message on stdin). Normally, setting this to ``sendmail`` or
631 ``/usr/sbin/sendmail`` is enough to use sendmail to send messages.
631 ``/usr/sbin/sendmail`` is enough to use sendmail to send messages.
632
632
633 ``charsets``
633 ``charsets``
634 Optional. Comma-separated list of character sets considered
634 Optional. Comma-separated list of character sets considered
635 convenient for recipients. Addresses, headers, and parts not
635 convenient for recipients. Addresses, headers, and parts not
636 containing patches of outgoing messages will be encoded in the
636 containing patches of outgoing messages will be encoded in the
637 first character set to which conversion from local encoding
637 first character set to which conversion from local encoding
638 (``$HGENCODING``, ``ui.fallbackencoding``) succeeds. If correct
638 (``$HGENCODING``, ``ui.fallbackencoding``) succeeds. If correct
639 conversion fails, the text in question is sent as is.
639 conversion fails, the text in question is sent as is.
640 (default: '')
640 (default: '')
641
641
642 Order of outgoing email character sets:
642 Order of outgoing email character sets:
643
643
644 1. ``us-ascii``: always first, regardless of settings
644 1. ``us-ascii``: always first, regardless of settings
645 2. ``email.charsets``: in order given by user
645 2. ``email.charsets``: in order given by user
646 3. ``ui.fallbackencoding``: if not in email.charsets
646 3. ``ui.fallbackencoding``: if not in email.charsets
647 4. ``$HGENCODING``: if not in email.charsets
647 4. ``$HGENCODING``: if not in email.charsets
648 5. ``utf-8``: always last, regardless of settings
648 5. ``utf-8``: always last, regardless of settings
649
649
650 Email example::
650 Email example::
651
651
652 [email]
652 [email]
653 from = Joseph User <joe.user@example.com>
653 from = Joseph User <joe.user@example.com>
654 method = /usr/sbin/sendmail
654 method = /usr/sbin/sendmail
655 # charsets for western Europeans
655 # charsets for western Europeans
656 # us-ascii, utf-8 omitted, as they are tried first and last
656 # us-ascii, utf-8 omitted, as they are tried first and last
657 charsets = iso-8859-1, iso-8859-15, windows-1252
657 charsets = iso-8859-1, iso-8859-15, windows-1252
658
658
659
659
660 ``extensions``
660 ``extensions``
661 --------------
661 --------------
662
662
663 Mercurial has an extension mechanism for adding new features. To
663 Mercurial has an extension mechanism for adding new features. To
664 enable an extension, create an entry for it in this section.
664 enable an extension, create an entry for it in this section.
665
665
666 If you know that the extension is already in Python's search path,
666 If you know that the extension is already in Python's search path,
667 you can give the name of the module, followed by ``=``, with nothing
667 you can give the name of the module, followed by ``=``, with nothing
668 after the ``=``.
668 after the ``=``.
669
669
670 Otherwise, give a name that you choose, followed by ``=``, followed by
670 Otherwise, give a name that you choose, followed by ``=``, followed by
671 the path to the ``.py`` file (including the file name extension) that
671 the path to the ``.py`` file (including the file name extension) that
672 defines the extension.
672 defines the extension.
673
673
674 To explicitly disable an extension that is enabled in an hgrc of
674 To explicitly disable an extension that is enabled in an hgrc of
675 broader scope, prepend its path with ``!``, as in ``foo = !/ext/path``
675 broader scope, prepend its path with ``!``, as in ``foo = !/ext/path``
676 or ``foo = !`` when path is not supplied.
676 or ``foo = !`` when path is not supplied.
677
677
678 Example for ``~/.hgrc``::
678 Example for ``~/.hgrc``::
679
679
680 [extensions]
680 [extensions]
681 # (the color extension will get loaded from Mercurial's path)
681 # (the color extension will get loaded from Mercurial's path)
682 color =
682 color =
683 # (this extension will get loaded from the file specified)
683 # (this extension will get loaded from the file specified)
684 myfeature = ~/.hgext/myfeature.py
684 myfeature = ~/.hgext/myfeature.py
685
685
686
686
687 ``format``
687 ``format``
688 ----------
688 ----------
689
689
690 ``usegeneraldelta``
690 ``usegeneraldelta``
691 Enable or disable the "generaldelta" repository format which improves
691 Enable or disable the "generaldelta" repository format which improves
692 repository compression by allowing "revlog" to store delta against arbitrary
692 repository compression by allowing "revlog" to store delta against arbitrary
693 revision instead of the previous stored one. This provides significant
693 revision instead of the previous stored one. This provides significant
694 improvement for repositories with branches.
694 improvement for repositories with branches.
695
695
696 Repositories with this on-disk format require Mercurial version 1.9.
696 Repositories with this on-disk format require Mercurial version 1.9.
697
697
698 Enabled by default.
698 Enabled by default.
699
699
700 ``dotencode``
700 ``dotencode``
701 Enable or disable the "dotencode" repository format which enhances
701 Enable or disable the "dotencode" repository format which enhances
702 the "fncache" repository format (which has to be enabled to use
702 the "fncache" repository format (which has to be enabled to use
703 dotencode) to avoid issues with filenames starting with ._ on
703 dotencode) to avoid issues with filenames starting with ._ on
704 Mac OS X and spaces on Windows.
704 Mac OS X and spaces on Windows.
705
705
706 Repositories with this on-disk format require Mercurial version 1.7.
706 Repositories with this on-disk format require Mercurial version 1.7.
707
707
708 Enabled by default.
708 Enabled by default.
709
709
710 ``usefncache``
710 ``usefncache``
711 Enable or disable the "fncache" repository format which enhances
711 Enable or disable the "fncache" repository format which enhances
712 the "store" repository format (which has to be enabled to use
712 the "store" repository format (which has to be enabled to use
713 fncache) to allow longer filenames and avoids using Windows
713 fncache) to allow longer filenames and avoids using Windows
714 reserved names, e.g. "nul".
714 reserved names, e.g. "nul".
715
715
716 Repositories with this on-disk format require Mercurial version 1.1.
716 Repositories with this on-disk format require Mercurial version 1.1.
717
717
718 Enabled by default.
718 Enabled by default.
719
719
720 ``usestore``
720 ``usestore``
721 Enable or disable the "store" repository format which improves
721 Enable or disable the "store" repository format which improves
722 compatibility with systems that fold case or otherwise mangle
722 compatibility with systems that fold case or otherwise mangle
723 filenames. Disabling this option will allow you to store longer filenames
723 filenames. Disabling this option will allow you to store longer filenames
724 in some situations at the expense of compatibility.
724 in some situations at the expense of compatibility.
725
725
726 Repositories with this on-disk format require Mercurial version 0.9.4.
726 Repositories with this on-disk format require Mercurial version 0.9.4.
727
727
728 Enabled by default.
728 Enabled by default.
729
729
730 ``graph``
730 ``graph``
731 ---------
731 ---------
732
732
733 Web graph view configuration. This section let you change graph
733 Web graph view configuration. This section let you change graph
734 elements display properties by branches, for instance to make the
734 elements display properties by branches, for instance to make the
735 ``default`` branch stand out.
735 ``default`` branch stand out.
736
736
737 Each line has the following format::
737 Each line has the following format::
738
738
739 <branch>.<argument> = <value>
739 <branch>.<argument> = <value>
740
740
741 where ``<branch>`` is the name of the branch being
741 where ``<branch>`` is the name of the branch being
742 customized. Example::
742 customized. Example::
743
743
744 [graph]
744 [graph]
745 # 2px width
745 # 2px width
746 default.width = 2
746 default.width = 2
747 # red color
747 # red color
748 default.color = FF0000
748 default.color = FF0000
749
749
750 Supported arguments:
750 Supported arguments:
751
751
752 ``width``
752 ``width``
753 Set branch edges width in pixels.
753 Set branch edges width in pixels.
754
754
755 ``color``
755 ``color``
756 Set branch edges color in hexadecimal RGB notation.
756 Set branch edges color in hexadecimal RGB notation.
757
757
758 ``hooks``
758 ``hooks``
759 ---------
759 ---------
760
760
761 Commands or Python functions that get automatically executed by
761 Commands or Python functions that get automatically executed by
762 various actions such as starting or finishing a commit. Multiple
762 various actions such as starting or finishing a commit. Multiple
763 hooks can be run for the same action by appending a suffix to the
763 hooks can be run for the same action by appending a suffix to the
764 action. Overriding a site-wide hook can be done by changing its
764 action. Overriding a site-wide hook can be done by changing its
765 value or setting it to an empty string. Hooks can be prioritized
765 value or setting it to an empty string. Hooks can be prioritized
766 by adding a prefix of ``priority.`` to the hook name on a new line
766 by adding a prefix of ``priority.`` to the hook name on a new line
767 and setting the priority. The default priority is 0.
767 and setting the priority. The default priority is 0.
768
768
769 Example ``.hg/hgrc``::
769 Example ``.hg/hgrc``::
770
770
771 [hooks]
771 [hooks]
772 # update working directory after adding changesets
772 # update working directory after adding changesets
773 changegroup.update = hg update
773 changegroup.update = hg update
774 # do not use the site-wide hook
774 # do not use the site-wide hook
775 incoming =
775 incoming =
776 incoming.email = /my/email/hook
776 incoming.email = /my/email/hook
777 incoming.autobuild = /my/build/hook
777 incoming.autobuild = /my/build/hook
778 # force autobuild hook to run before other incoming hooks
778 # force autobuild hook to run before other incoming hooks
779 priority.incoming.autobuild = 1
779 priority.incoming.autobuild = 1
780
780
781 Most hooks are run with environment variables set that give useful
781 Most hooks are run with environment variables set that give useful
782 additional information. For each hook below, the environment
782 additional information. For each hook below, the environment
783 variables it is passed are listed with names of the form ``$HG_foo``.
783 variables it is passed are listed with names of the form ``$HG_foo``.
784
784
785 ``changegroup``
785 ``changegroup``
786 Run after a changegroup has been added via push, pull or unbundle. ID of the
786 Run after a changegroup has been added via push, pull or unbundle. ID of the
787 first new changeset is in ``$HG_NODE`` and last in ``$HG_NODE_LAST``. URL
787 first new changeset is in ``$HG_NODE`` and last in ``$HG_NODE_LAST``. URL
788 from which changes came is in ``$HG_URL``.
788 from which changes came is in ``$HG_URL``.
789
789
790 ``commit``
790 ``commit``
791 Run after a changeset has been created in the local repository. ID
791 Run after a changeset has been created in the local repository. ID
792 of the newly created changeset is in ``$HG_NODE``. Parent changeset
792 of the newly created changeset is in ``$HG_NODE``. Parent changeset
793 IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
793 IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
794
794
795 ``incoming``
795 ``incoming``
796 Run after a changeset has been pulled, pushed, or unbundled into
796 Run after a changeset has been pulled, pushed, or unbundled into
797 the local repository. The ID of the newly arrived changeset is in
797 the local repository. The ID of the newly arrived changeset is in
798 ``$HG_NODE``. URL that was source of changes came is in ``$HG_URL``.
798 ``$HG_NODE``. URL that was source of changes came is in ``$HG_URL``.
799
799
800 ``outgoing``
800 ``outgoing``
801 Run after sending changes from local repository to another. ID of
801 Run after sending changes from local repository to another. ID of
802 first changeset sent is in ``$HG_NODE``. Source of operation is in
802 first changeset sent is in ``$HG_NODE``. Source of operation is in
803 ``$HG_SOURCE``; Also see :hg:`help config.hooks.preoutgoing` hook.
803 ``$HG_SOURCE``; Also see :hg:`help config.hooks.preoutgoing` hook.
804
804
805 ``post-<command>``
805 ``post-<command>``
806 Run after successful invocations of the associated command. The
806 Run after successful invocations of the associated command. The
807 contents of the command line are passed as ``$HG_ARGS`` and the result
807 contents of the command line are passed as ``$HG_ARGS`` and the result
808 code in ``$HG_RESULT``. Parsed command line arguments are passed as
808 code in ``$HG_RESULT``. Parsed command line arguments are passed as
809 ``$HG_PATS`` and ``$HG_OPTS``. These contain string representations of
809 ``$HG_PATS`` and ``$HG_OPTS``. These contain string representations of
810 the python data internally passed to <command>. ``$HG_OPTS`` is a
810 the python data internally passed to <command>. ``$HG_OPTS`` is a
811 dictionary of options (with unspecified options set to their defaults).
811 dictionary of options (with unspecified options set to their defaults).
812 ``$HG_PATS`` is a list of arguments. Hook failure is ignored.
812 ``$HG_PATS`` is a list of arguments. Hook failure is ignored.
813
813
814 ``fail-<command>``
814 ``fail-<command>``
815 Run after a failed invocation of an associated command. The contents
815 Run after a failed invocation of an associated command. The contents
816 of the command line are passed as ``$HG_ARGS``. Parsed command line
816 of the command line are passed as ``$HG_ARGS``. Parsed command line
817 arguments are passed as ``$HG_PATS`` and ``$HG_OPTS``. These contain
817 arguments are passed as ``$HG_PATS`` and ``$HG_OPTS``. These contain
818 string representations of the python data internally passed to
818 string representations of the python data internally passed to
819 <command>. ``$HG_OPTS`` is a dictionary of options (with unspecified
819 <command>. ``$HG_OPTS`` is a dictionary of options (with unspecified
820 options set to their defaults). ``$HG_PATS`` is a list of arguments.
820 options set to their defaults). ``$HG_PATS`` is a list of arguments.
821 Hook failure is ignored.
821 Hook failure is ignored.
822
822
823 ``pre-<command>``
823 ``pre-<command>``
824 Run before executing the associated command. The contents of the
824 Run before executing the associated command. The contents of the
825 command line are passed as ``$HG_ARGS``. Parsed command line arguments
825 command line are passed as ``$HG_ARGS``. Parsed command line arguments
826 are passed as ``$HG_PATS`` and ``$HG_OPTS``. These contain string
826 are passed as ``$HG_PATS`` and ``$HG_OPTS``. These contain string
827 representations of the data internally passed to <command>. ``$HG_OPTS``
827 representations of the data internally passed to <command>. ``$HG_OPTS``
828 is a dictionary of options (with unspecified options set to their
828 is a dictionary of options (with unspecified options set to their
829 defaults). ``$HG_PATS`` is a list of arguments. If the hook returns
829 defaults). ``$HG_PATS`` is a list of arguments. If the hook returns
830 failure, the command doesn't execute and Mercurial returns the failure
830 failure, the command doesn't execute and Mercurial returns the failure
831 code.
831 code.
832
832
833 ``prechangegroup``
833 ``prechangegroup``
834 Run before a changegroup is added via push, pull or unbundle. Exit
834 Run before a changegroup is added via push, pull or unbundle. Exit
835 status 0 allows the changegroup to proceed. Non-zero status will
835 status 0 allows the changegroup to proceed. Non-zero status will
836 cause the push, pull or unbundle to fail. URL from which changes
836 cause the push, pull or unbundle to fail. URL from which changes
837 will come is in ``$HG_URL``.
837 will come is in ``$HG_URL``.
838
838
839 ``precommit``
839 ``precommit``
840 Run before starting a local commit. Exit status 0 allows the
840 Run before starting a local commit. Exit status 0 allows the
841 commit to proceed. Non-zero status will cause the commit to fail.
841 commit to proceed. Non-zero status will cause the commit to fail.
842 Parent changeset IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
842 Parent changeset IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
843
843
844 ``prelistkeys``
844 ``prelistkeys``
845 Run before listing pushkeys (like bookmarks) in the
845 Run before listing pushkeys (like bookmarks) in the
846 repository. Non-zero status will cause failure. The key namespace is
846 repository. Non-zero status will cause failure. The key namespace is
847 in ``$HG_NAMESPACE``.
847 in ``$HG_NAMESPACE``.
848
848
849 ``preoutgoing``
849 ``preoutgoing``
850 Run before collecting changes to send from the local repository to
850 Run before collecting changes to send from the local repository to
851 another. Non-zero status will cause failure. This lets you prevent
851 another. Non-zero status will cause failure. This lets you prevent
852 pull over HTTP or SSH. Also prevents against local pull, push
852 pull over HTTP or SSH. Also prevents against local pull, push
853 (outbound) or bundle commands, but not effective, since you can
853 (outbound) or bundle commands, but not effective, since you can
854 just copy files instead then. Source of operation is in
854 just copy files instead then. Source of operation is in
855 ``$HG_SOURCE``. If "serve", operation is happening on behalf of remote
855 ``$HG_SOURCE``. If "serve", operation is happening on behalf of remote
856 SSH or HTTP repository. If "push", "pull" or "bundle", operation
856 SSH or HTTP repository. If "push", "pull" or "bundle", operation
857 is happening on behalf of repository on same system.
857 is happening on behalf of repository on same system.
858
858
859 ``prepushkey``
859 ``prepushkey``
860 Run before a pushkey (like a bookmark) is added to the
860 Run before a pushkey (like a bookmark) is added to the
861 repository. Non-zero status will cause the key to be rejected. The
861 repository. Non-zero status will cause the key to be rejected. The
862 key namespace is in ``$HG_NAMESPACE``, the key is in ``$HG_KEY``,
862 key namespace is in ``$HG_NAMESPACE``, the key is in ``$HG_KEY``,
863 the old value (if any) is in ``$HG_OLD``, and the new value is in
863 the old value (if any) is in ``$HG_OLD``, and the new value is in
864 ``$HG_NEW``.
864 ``$HG_NEW``.
865
865
866 ``pretag``
866 ``pretag``
867 Run before creating a tag. Exit status 0 allows the tag to be
867 Run before creating a tag. Exit status 0 allows the tag to be
868 created. Non-zero status will cause the tag to fail. ID of
868 created. Non-zero status will cause the tag to fail. ID of
869 changeset to tag is in ``$HG_NODE``. Name of tag is in ``$HG_TAG``. Tag is
869 changeset to tag is in ``$HG_NODE``. Name of tag is in ``$HG_TAG``. Tag is
870 local if ``$HG_LOCAL=1``, in repository if ``$HG_LOCAL=0``.
870 local if ``$HG_LOCAL=1``, in repository if ``$HG_LOCAL=0``.
871
871
872 ``pretxnopen``
872 ``pretxnopen``
873 Run before any new repository transaction is open. The reason for the
873 Run before any new repository transaction is open. The reason for the
874 transaction will be in ``$HG_TXNNAME`` and a unique identifier for the
874 transaction will be in ``$HG_TXNNAME`` and a unique identifier for the
875 transaction will be in ``HG_TXNID``. A non-zero status will prevent the
875 transaction will be in ``HG_TXNID``. A non-zero status will prevent the
876 transaction from being opened.
876 transaction from being opened.
877
877
878 ``pretxnclose``
878 ``pretxnclose``
879 Run right before the transaction is actually finalized. Any repository change
879 Run right before the transaction is actually finalized. Any repository change
880 will be visible to the hook program. This lets you validate the transaction
880 will be visible to the hook program. This lets you validate the transaction
881 content or change it. Exit status 0 allows the commit to proceed. Non-zero
881 content or change it. Exit status 0 allows the commit to proceed. Non-zero
882 status will cause the transaction to be rolled back. The reason for the
882 status will cause the transaction to be rolled back. The reason for the
883 transaction opening will be in ``$HG_TXNNAME`` and a unique identifier for
883 transaction opening will be in ``$HG_TXNNAME`` and a unique identifier for
884 the transaction will be in ``HG_TXNID``. The rest of the available data will
884 the transaction will be in ``HG_TXNID``. The rest of the available data will
885 vary according the transaction type. New changesets will add ``$HG_NODE`` (id
885 vary according the transaction type. New changesets will add ``$HG_NODE`` (id
886 of the first added changeset), ``$HG_NODE_LAST`` (id of the last added
886 of the first added changeset), ``$HG_NODE_LAST`` (id of the last added
887 changeset), ``$HG_URL`` and ``$HG_SOURCE`` variables, bookmarks and phases
887 changeset), ``$HG_URL`` and ``$HG_SOURCE`` variables, bookmarks and phases
888 changes will set ``HG_BOOKMARK_MOVED`` and ``HG_PHASES_MOVED`` to ``1``, etc.
888 changes will set ``HG_BOOKMARK_MOVED`` and ``HG_PHASES_MOVED`` to ``1``, etc.
889
889
890 ``txnclose``
890 ``txnclose``
891 Run after any repository transaction has been committed. At this
891 Run after any repository transaction has been committed. At this
892 point, the transaction can no longer be rolled back. The hook will run
892 point, the transaction can no longer be rolled back. The hook will run
893 after the lock is released. See :hg:`help config.hooks.pretxnclose` docs for
893 after the lock is released. See :hg:`help config.hooks.pretxnclose` docs for
894 details about available variables.
894 details about available variables.
895
895
896 ``txnabort``
896 ``txnabort``
897 Run when a transaction is aborted. See :hg:`help config.hooks.pretxnclose`
897 Run when a transaction is aborted. See :hg:`help config.hooks.pretxnclose`
898 docs for details about available variables.
898 docs for details about available variables.
899
899
900 ``pretxnchangegroup``
900 ``pretxnchangegroup``
901 Run after a changegroup has been added via push, pull or unbundle, but before
901 Run after a changegroup has been added via push, pull or unbundle, but before
902 the transaction has been committed. Changegroup is visible to hook program.
902 the transaction has been committed. Changegroup is visible to hook program.
903 This lets you validate incoming changes before accepting them. Passed the ID
903 This lets you validate incoming changes before accepting them. Passed the ID
904 of the first new changeset in ``$HG_NODE`` and last in ``$HG_NODE_LAST``.
904 of the first new changeset in ``$HG_NODE`` and last in ``$HG_NODE_LAST``.
905 Exit status 0 allows the transaction to commit. Non-zero status will cause
905 Exit status 0 allows the transaction to commit. Non-zero status will cause
906 the transaction to be rolled back and the push, pull or unbundle will fail.
906 the transaction to be rolled back and the push, pull or unbundle will fail.
907 URL that was source of changes is in ``$HG_URL``.
907 URL that was source of changes is in ``$HG_URL``.
908
908
909 ``pretxncommit``
909 ``pretxncommit``
910 Run after a changeset has been created but the transaction not yet
910 Run after a changeset has been created but the transaction not yet
911 committed. Changeset is visible to hook program. This lets you
911 committed. Changeset is visible to hook program. This lets you
912 validate commit message and changes. Exit status 0 allows the
912 validate commit message and changes. Exit status 0 allows the
913 commit to proceed. Non-zero status will cause the transaction to
913 commit to proceed. Non-zero status will cause the transaction to
914 be rolled back. ID of changeset is in ``$HG_NODE``. Parent changeset
914 be rolled back. ID of changeset is in ``$HG_NODE``. Parent changeset
915 IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
915 IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
916
916
917 ``preupdate``
917 ``preupdate``
918 Run before updating the working directory. Exit status 0 allows
918 Run before updating the working directory. Exit status 0 allows
919 the update to proceed. Non-zero status will prevent the update.
919 the update to proceed. Non-zero status will prevent the update.
920 Changeset ID of first new parent is in ``$HG_PARENT1``. If merge, ID
920 Changeset ID of first new parent is in ``$HG_PARENT1``. If merge, ID
921 of second new parent is in ``$HG_PARENT2``.
921 of second new parent is in ``$HG_PARENT2``.
922
922
923 ``listkeys``
923 ``listkeys``
924 Run after listing pushkeys (like bookmarks) in the repository. The
924 Run after listing pushkeys (like bookmarks) in the repository. The
925 key namespace is in ``$HG_NAMESPACE``. ``$HG_VALUES`` is a
925 key namespace is in ``$HG_NAMESPACE``. ``$HG_VALUES`` is a
926 dictionary containing the keys and values.
926 dictionary containing the keys and values.
927
927
928 ``pushkey``
928 ``pushkey``
929 Run after a pushkey (like a bookmark) is added to the
929 Run after a pushkey (like a bookmark) is added to the
930 repository. The key namespace is in ``$HG_NAMESPACE``, the key is in
930 repository. The key namespace is in ``$HG_NAMESPACE``, the key is in
931 ``$HG_KEY``, the old value (if any) is in ``$HG_OLD``, and the new
931 ``$HG_KEY``, the old value (if any) is in ``$HG_OLD``, and the new
932 value is in ``$HG_NEW``.
932 value is in ``$HG_NEW``.
933
933
934 ``tag``
934 ``tag``
935 Run after a tag is created. ID of tagged changeset is in ``$HG_NODE``.
935 Run after a tag is created. ID of tagged changeset is in ``$HG_NODE``.
936 Name of tag is in ``$HG_TAG``. Tag is local if ``$HG_LOCAL=1``, in
936 Name of tag is in ``$HG_TAG``. Tag is local if ``$HG_LOCAL=1``, in
937 repository if ``$HG_LOCAL=0``.
937 repository if ``$HG_LOCAL=0``.
938
938
939 ``update``
939 ``update``
940 Run after updating the working directory. Changeset ID of first
940 Run after updating the working directory. Changeset ID of first
941 new parent is in ``$HG_PARENT1``. If merge, ID of second new parent is
941 new parent is in ``$HG_PARENT1``. If merge, ID of second new parent is
942 in ``$HG_PARENT2``. If the update succeeded, ``$HG_ERROR=0``. If the
942 in ``$HG_PARENT2``. If the update succeeded, ``$HG_ERROR=0``. If the
943 update failed (e.g. because conflicts not resolved), ``$HG_ERROR=1``.
943 update failed (e.g. because conflicts not resolved), ``$HG_ERROR=1``.
944
944
945 .. note::
945 .. note::
946
946
947 It is generally better to use standard hooks rather than the
947 It is generally better to use standard hooks rather than the
948 generic pre- and post- command hooks as they are guaranteed to be
948 generic pre- and post- command hooks as they are guaranteed to be
949 called in the appropriate contexts for influencing transactions.
949 called in the appropriate contexts for influencing transactions.
950 Also, hooks like "commit" will be called in all contexts that
950 Also, hooks like "commit" will be called in all contexts that
951 generate a commit (e.g. tag) and not just the commit command.
951 generate a commit (e.g. tag) and not just the commit command.
952
952
953 .. note::
953 .. note::
954
954
955 Environment variables with empty values may not be passed to
955 Environment variables with empty values may not be passed to
956 hooks on platforms such as Windows. As an example, ``$HG_PARENT2``
956 hooks on platforms such as Windows. As an example, ``$HG_PARENT2``
957 will have an empty value under Unix-like platforms for non-merge
957 will have an empty value under Unix-like platforms for non-merge
958 changesets, while it will not be available at all under Windows.
958 changesets, while it will not be available at all under Windows.
959
959
960 The syntax for Python hooks is as follows::
960 The syntax for Python hooks is as follows::
961
961
962 hookname = python:modulename.submodule.callable
962 hookname = python:modulename.submodule.callable
963 hookname = python:/path/to/python/module.py:callable
963 hookname = python:/path/to/python/module.py:callable
964
964
965 Python hooks are run within the Mercurial process. Each hook is
965 Python hooks are run within the Mercurial process. Each hook is
966 called with at least three keyword arguments: a ui object (keyword
966 called with at least three keyword arguments: a ui object (keyword
967 ``ui``), a repository object (keyword ``repo``), and a ``hooktype``
967 ``ui``), a repository object (keyword ``repo``), and a ``hooktype``
968 keyword that tells what kind of hook is used. Arguments listed as
968 keyword that tells what kind of hook is used. Arguments listed as
969 environment variables above are passed as keyword arguments, with no
969 environment variables above are passed as keyword arguments, with no
970 ``HG_`` prefix, and names in lower case.
970 ``HG_`` prefix, and names in lower case.
971
971
972 If a Python hook returns a "true" value or raises an exception, this
972 If a Python hook returns a "true" value or raises an exception, this
973 is treated as a failure.
973 is treated as a failure.
974
974
975
975
976 ``hostfingerprints``
976 ``hostfingerprints``
977 --------------------
977 --------------------
978
978
979 (Deprecated. Use ``[hostsecurity]``'s ``fingerprints`` options instead.)
979 (Deprecated. Use ``[hostsecurity]``'s ``fingerprints`` options instead.)
980
980
981 Fingerprints of the certificates of known HTTPS servers.
981 Fingerprints of the certificates of known HTTPS servers.
982
982
983 A HTTPS connection to a server with a fingerprint configured here will
983 A HTTPS connection to a server with a fingerprint configured here will
984 only succeed if the servers certificate matches the fingerprint.
984 only succeed if the servers certificate matches the fingerprint.
985 This is very similar to how ssh known hosts works.
985 This is very similar to how ssh known hosts works.
986
986
987 The fingerprint is the SHA-1 hash value of the DER encoded certificate.
987 The fingerprint is the SHA-1 hash value of the DER encoded certificate.
988 Multiple values can be specified (separated by spaces or commas). This can
988 Multiple values can be specified (separated by spaces or commas). This can
989 be used to define both old and new fingerprints while a host transitions
989 be used to define both old and new fingerprints while a host transitions
990 to a new certificate.
990 to a new certificate.
991
991
992 The CA chain and web.cacerts is not used for servers with a fingerprint.
992 The CA chain and web.cacerts is not used for servers with a fingerprint.
993
993
994 For example::
994 For example::
995
995
996 [hostfingerprints]
996 [hostfingerprints]
997 hg.intevation.de = fc:e2:8d:d9:51:cd:cb:c1:4d:18:6b:b7:44:8d:49:72:57:e6:cd:33
997 hg.intevation.de = fc:e2:8d:d9:51:cd:cb:c1:4d:18:6b:b7:44:8d:49:72:57:e6:cd:33
998 hg.intevation.org = fc:e2:8d:d9:51:cd:cb:c1:4d:18:6b:b7:44:8d:49:72:57:e6:cd:33
998 hg.intevation.org = fc:e2:8d:d9:51:cd:cb:c1:4d:18:6b:b7:44:8d:49:72:57:e6:cd:33
999
999
1000 ``hostsecurity``
1000 ``hostsecurity``
1001 ----------------
1001 ----------------
1002
1002
1003 Used to specify global and per-host security settings for connecting to
1003 Used to specify global and per-host security settings for connecting to
1004 other machines.
1004 other machines.
1005
1005
1006 The following options control default behavior for all hosts.
1006 The following options control default behavior for all hosts.
1007
1007
1008 ``minimumprotocol``
1008 ``minimumprotocol``
1009 Defines the minimum channel encryption protocol to use.
1009 Defines the minimum channel encryption protocol to use.
1010
1010
1011 By default, the highest version of TLS - 1.0 or greater - supported by
1011 By default, the highest version of TLS supported by both client and server
1012 both client and server is used.
1012 is used.
1013
1013
1014 Allowed values are: ``tls1.0`` (the default), ``tls1.1``, ``tls1.2``.
1014 Allowed values are: ``tls1.0``, ``tls1.1``, ``tls1.2``.
1015
1016 When running on an old Python version, only ``tls1.0`` is allowed since
1017 old versions of Python only support up to TLS 1.0.
1018
1019 When running a Python that supports modern TLS versions, the default is
1020 ``tls1.1``. ``tls1.0`` can still be used to allow TLS 1.0. However, this
1021 weakens security and should only be used as a feature of last resort if
1022 a server does not support TLS 1.1+.
1015
1023
1016 Options in the ``[hostsecurity]`` section can have the form
1024 Options in the ``[hostsecurity]`` section can have the form
1017 ``hostname``:``setting``. This allows multiple settings to be defined on a
1025 ``hostname``:``setting``. This allows multiple settings to be defined on a
1018 per-host basis.
1026 per-host basis.
1019
1027
1020 The following per-host settings can be defined.
1028 The following per-host settings can be defined.
1021
1029
1022 ``fingerprints``
1030 ``fingerprints``
1023 A list of hashes of the DER encoded peer/remote certificate. Values have
1031 A list of hashes of the DER encoded peer/remote certificate. Values have
1024 the form ``algorithm``:``fingerprint``. e.g.
1032 the form ``algorithm``:``fingerprint``. e.g.
1025 ``sha256:c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2``.
1033 ``sha256:c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2``.
1026
1034
1027 The following algorithms/prefixes are supported: ``sha1``, ``sha256``,
1035 The following algorithms/prefixes are supported: ``sha1``, ``sha256``,
1028 ``sha512``.
1036 ``sha512``.
1029
1037
1030 Use of ``sha256`` or ``sha512`` is preferred.
1038 Use of ``sha256`` or ``sha512`` is preferred.
1031
1039
1032 If a fingerprint is specified, the CA chain is not validated for this
1040 If a fingerprint is specified, the CA chain is not validated for this
1033 host and Mercurial will require the remote certificate to match one
1041 host and Mercurial will require the remote certificate to match one
1034 of the fingerprints specified. This means if the server updates its
1042 of the fingerprints specified. This means if the server updates its
1035 certificate, Mercurial will abort until a new fingerprint is defined.
1043 certificate, Mercurial will abort until a new fingerprint is defined.
1036 This can provide stronger security than traditional CA-based validation
1044 This can provide stronger security than traditional CA-based validation
1037 at the expense of convenience.
1045 at the expense of convenience.
1038
1046
1039 This option takes precedence over ``verifycertsfile``.
1047 This option takes precedence over ``verifycertsfile``.
1040
1048
1041 ``minimumprotocol``
1049 ``minimumprotocol``
1042 This behaves like ``minimumprotocol`` as described above except it
1050 This behaves like ``minimumprotocol`` as described above except it
1043 only applies to the host on which it is defined.
1051 only applies to the host on which it is defined.
1044
1052
1045 ``verifycertsfile``
1053 ``verifycertsfile``
1046 Path to file a containing a list of PEM encoded certificates used to
1054 Path to file a containing a list of PEM encoded certificates used to
1047 verify the server certificate. Environment variables and ``~user``
1055 verify the server certificate. Environment variables and ``~user``
1048 constructs are expanded in the filename.
1056 constructs are expanded in the filename.
1049
1057
1050 The server certificate or the certificate's certificate authority (CA)
1058 The server certificate or the certificate's certificate authority (CA)
1051 must match a certificate from this file or certificate verification
1059 must match a certificate from this file or certificate verification
1052 will fail and connections to the server will be refused.
1060 will fail and connections to the server will be refused.
1053
1061
1054 If defined, only certificates provided by this file will be used:
1062 If defined, only certificates provided by this file will be used:
1055 ``web.cacerts`` and any system/default certificates will not be
1063 ``web.cacerts`` and any system/default certificates will not be
1056 used.
1064 used.
1057
1065
1058 This option has no effect if the per-host ``fingerprints`` option
1066 This option has no effect if the per-host ``fingerprints`` option
1059 is set.
1067 is set.
1060
1068
1061 The format of the file is as follows:
1069 The format of the file is as follows:
1062
1070
1063 -----BEGIN CERTIFICATE-----
1071 -----BEGIN CERTIFICATE-----
1064 ... (certificate in base64 PEM encoding) ...
1072 ... (certificate in base64 PEM encoding) ...
1065 -----END CERTIFICATE-----
1073 -----END CERTIFICATE-----
1066 -----BEGIN CERTIFICATE-----
1074 -----BEGIN CERTIFICATE-----
1067 ... (certificate in base64 PEM encoding) ...
1075 ... (certificate in base64 PEM encoding) ...
1068 -----END CERTIFICATE-----
1076 -----END CERTIFICATE-----
1069
1077
1070 For example::
1078 For example::
1071
1079
1072 [hostsecurity]
1080 [hostsecurity]
1073 hg.example.com:fingerprints = sha256:c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2
1081 hg.example.com:fingerprints = sha256:c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2
1074 hg2.example.com:fingerprints = sha1:914f1aff87249c09b6859b88b1906d30756491ca, sha1:fc:e2:8d:d9:51:cd:cb:c1:4d:18:6b:b7:44:8d:49:72:57:e6:cd:33
1082 hg2.example.com:fingerprints = sha1:914f1aff87249c09b6859b88b1906d30756491ca, sha1:fc:e2:8d:d9:51:cd:cb:c1:4d:18:6b:b7:44:8d:49:72:57:e6:cd:33
1075 foo.example.com:verifycertsfile = /etc/ssl/trusted-ca-certs.pem
1083 foo.example.com:verifycertsfile = /etc/ssl/trusted-ca-certs.pem
1076
1084
1077 To change the default minimum protocol version to TLS 1.2 but to allow TLS 1.1
1085 To change the default minimum protocol version to TLS 1.2 but to allow TLS 1.1
1078 when connecting to ``hg.example.com``::
1086 when connecting to ``hg.example.com``::
1079
1087
1080 [hostsecurity]
1088 [hostsecurity]
1081 minimumprotocol = tls1.2
1089 minimumprotocol = tls1.2
1082 hg.example.com:minimumprotocol = tls1.1
1090 hg.example.com:minimumprotocol = tls1.1
1083
1091
1084 ``http_proxy``
1092 ``http_proxy``
1085 --------------
1093 --------------
1086
1094
1087 Used to access web-based Mercurial repositories through a HTTP
1095 Used to access web-based Mercurial repositories through a HTTP
1088 proxy.
1096 proxy.
1089
1097
1090 ``host``
1098 ``host``
1091 Host name and (optional) port of the proxy server, for example
1099 Host name and (optional) port of the proxy server, for example
1092 "myproxy:8000".
1100 "myproxy:8000".
1093
1101
1094 ``no``
1102 ``no``
1095 Optional. Comma-separated list of host names that should bypass
1103 Optional. Comma-separated list of host names that should bypass
1096 the proxy.
1104 the proxy.
1097
1105
1098 ``passwd``
1106 ``passwd``
1099 Optional. Password to authenticate with at the proxy server.
1107 Optional. Password to authenticate with at the proxy server.
1100
1108
1101 ``user``
1109 ``user``
1102 Optional. User name to authenticate with at the proxy server.
1110 Optional. User name to authenticate with at the proxy server.
1103
1111
1104 ``always``
1112 ``always``
1105 Optional. Always use the proxy, even for localhost and any entries
1113 Optional. Always use the proxy, even for localhost and any entries
1106 in ``http_proxy.no``. (default: False)
1114 in ``http_proxy.no``. (default: False)
1107
1115
1108 ``merge``
1116 ``merge``
1109 ---------
1117 ---------
1110
1118
1111 This section specifies behavior during merges and updates.
1119 This section specifies behavior during merges and updates.
1112
1120
1113 ``checkignored``
1121 ``checkignored``
1114 Controls behavior when an ignored file on disk has the same name as a tracked
1122 Controls behavior when an ignored file on disk has the same name as a tracked
1115 file in the changeset being merged or updated to, and has different
1123 file in the changeset being merged or updated to, and has different
1116 contents. Options are ``abort``, ``warn`` and ``ignore``. With ``abort``,
1124 contents. Options are ``abort``, ``warn`` and ``ignore``. With ``abort``,
1117 abort on such files. With ``warn``, warn on such files and back them up as
1125 abort on such files. With ``warn``, warn on such files and back them up as
1118 ``.orig``. With ``ignore``, don't print a warning and back them up as
1126 ``.orig``. With ``ignore``, don't print a warning and back them up as
1119 ``.orig``. (default: ``abort``)
1127 ``.orig``. (default: ``abort``)
1120
1128
1121 ``checkunknown``
1129 ``checkunknown``
1122 Controls behavior when an unknown file that isn't ignored has the same name
1130 Controls behavior when an unknown file that isn't ignored has the same name
1123 as a tracked file in the changeset being merged or updated to, and has
1131 as a tracked file in the changeset being merged or updated to, and has
1124 different contents. Similar to ``merge.checkignored``, except for files that
1132 different contents. Similar to ``merge.checkignored``, except for files that
1125 are not ignored. (default: ``abort``)
1133 are not ignored. (default: ``abort``)
1126
1134
1127 ``merge-patterns``
1135 ``merge-patterns``
1128 ------------------
1136 ------------------
1129
1137
1130 This section specifies merge tools to associate with particular file
1138 This section specifies merge tools to associate with particular file
1131 patterns. Tools matched here will take precedence over the default
1139 patterns. Tools matched here will take precedence over the default
1132 merge tool. Patterns are globs by default, rooted at the repository
1140 merge tool. Patterns are globs by default, rooted at the repository
1133 root.
1141 root.
1134
1142
1135 Example::
1143 Example::
1136
1144
1137 [merge-patterns]
1145 [merge-patterns]
1138 **.c = kdiff3
1146 **.c = kdiff3
1139 **.jpg = myimgmerge
1147 **.jpg = myimgmerge
1140
1148
1141 ``merge-tools``
1149 ``merge-tools``
1142 ---------------
1150 ---------------
1143
1151
1144 This section configures external merge tools to use for file-level
1152 This section configures external merge tools to use for file-level
1145 merges. This section has likely been preconfigured at install time.
1153 merges. This section has likely been preconfigured at install time.
1146 Use :hg:`config merge-tools` to check the existing configuration.
1154 Use :hg:`config merge-tools` to check the existing configuration.
1147 Also see :hg:`help merge-tools` for more details.
1155 Also see :hg:`help merge-tools` for more details.
1148
1156
1149 Example ``~/.hgrc``::
1157 Example ``~/.hgrc``::
1150
1158
1151 [merge-tools]
1159 [merge-tools]
1152 # Override stock tool location
1160 # Override stock tool location
1153 kdiff3.executable = ~/bin/kdiff3
1161 kdiff3.executable = ~/bin/kdiff3
1154 # Specify command line
1162 # Specify command line
1155 kdiff3.args = $base $local $other -o $output
1163 kdiff3.args = $base $local $other -o $output
1156 # Give higher priority
1164 # Give higher priority
1157 kdiff3.priority = 1
1165 kdiff3.priority = 1
1158
1166
1159 # Changing the priority of preconfigured tool
1167 # Changing the priority of preconfigured tool
1160 meld.priority = 0
1168 meld.priority = 0
1161
1169
1162 # Disable a preconfigured tool
1170 # Disable a preconfigured tool
1163 vimdiff.disabled = yes
1171 vimdiff.disabled = yes
1164
1172
1165 # Define new tool
1173 # Define new tool
1166 myHtmlTool.args = -m $local $other $base $output
1174 myHtmlTool.args = -m $local $other $base $output
1167 myHtmlTool.regkey = Software\FooSoftware\HtmlMerge
1175 myHtmlTool.regkey = Software\FooSoftware\HtmlMerge
1168 myHtmlTool.priority = 1
1176 myHtmlTool.priority = 1
1169
1177
1170 Supported arguments:
1178 Supported arguments:
1171
1179
1172 ``priority``
1180 ``priority``
1173 The priority in which to evaluate this tool.
1181 The priority in which to evaluate this tool.
1174 (default: 0)
1182 (default: 0)
1175
1183
1176 ``executable``
1184 ``executable``
1177 Either just the name of the executable or its pathname.
1185 Either just the name of the executable or its pathname.
1178
1186
1179 .. container:: windows
1187 .. container:: windows
1180
1188
1181 On Windows, the path can use environment variables with ${ProgramFiles}
1189 On Windows, the path can use environment variables with ${ProgramFiles}
1182 syntax.
1190 syntax.
1183
1191
1184 (default: the tool name)
1192 (default: the tool name)
1185
1193
1186 ``args``
1194 ``args``
1187 The arguments to pass to the tool executable. You can refer to the
1195 The arguments to pass to the tool executable. You can refer to the
1188 files being merged as well as the output file through these
1196 files being merged as well as the output file through these
1189 variables: ``$base``, ``$local``, ``$other``, ``$output``. The meaning
1197 variables: ``$base``, ``$local``, ``$other``, ``$output``. The meaning
1190 of ``$local`` and ``$other`` can vary depending on which action is being
1198 of ``$local`` and ``$other`` can vary depending on which action is being
1191 performed. During and update or merge, ``$local`` represents the original
1199 performed. During and update or merge, ``$local`` represents the original
1192 state of the file, while ``$other`` represents the commit you are updating
1200 state of the file, while ``$other`` represents the commit you are updating
1193 to or the commit you are merging with. During a rebase ``$local``
1201 to or the commit you are merging with. During a rebase ``$local``
1194 represents the destination of the rebase, and ``$other`` represents the
1202 represents the destination of the rebase, and ``$other`` represents the
1195 commit being rebased.
1203 commit being rebased.
1196 (default: ``$local $base $other``)
1204 (default: ``$local $base $other``)
1197
1205
1198 ``premerge``
1206 ``premerge``
1199 Attempt to run internal non-interactive 3-way merge tool before
1207 Attempt to run internal non-interactive 3-way merge tool before
1200 launching external tool. Options are ``true``, ``false``, ``keep`` or
1208 launching external tool. Options are ``true``, ``false``, ``keep`` or
1201 ``keep-merge3``. The ``keep`` option will leave markers in the file if the
1209 ``keep-merge3``. The ``keep`` option will leave markers in the file if the
1202 premerge fails. The ``keep-merge3`` will do the same but include information
1210 premerge fails. The ``keep-merge3`` will do the same but include information
1203 about the base of the merge in the marker (see internal :merge3 in
1211 about the base of the merge in the marker (see internal :merge3 in
1204 :hg:`help merge-tools`).
1212 :hg:`help merge-tools`).
1205 (default: True)
1213 (default: True)
1206
1214
1207 ``binary``
1215 ``binary``
1208 This tool can merge binary files. (default: False, unless tool
1216 This tool can merge binary files. (default: False, unless tool
1209 was selected by file pattern match)
1217 was selected by file pattern match)
1210
1218
1211 ``symlink``
1219 ``symlink``
1212 This tool can merge symlinks. (default: False)
1220 This tool can merge symlinks. (default: False)
1213
1221
1214 ``check``
1222 ``check``
1215 A list of merge success-checking options:
1223 A list of merge success-checking options:
1216
1224
1217 ``changed``
1225 ``changed``
1218 Ask whether merge was successful when the merged file shows no changes.
1226 Ask whether merge was successful when the merged file shows no changes.
1219 ``conflicts``
1227 ``conflicts``
1220 Check whether there are conflicts even though the tool reported success.
1228 Check whether there are conflicts even though the tool reported success.
1221 ``prompt``
1229 ``prompt``
1222 Always prompt for merge success, regardless of success reported by tool.
1230 Always prompt for merge success, regardless of success reported by tool.
1223
1231
1224 ``fixeol``
1232 ``fixeol``
1225 Attempt to fix up EOL changes caused by the merge tool.
1233 Attempt to fix up EOL changes caused by the merge tool.
1226 (default: False)
1234 (default: False)
1227
1235
1228 ``gui``
1236 ``gui``
1229 This tool requires a graphical interface to run. (default: False)
1237 This tool requires a graphical interface to run. (default: False)
1230
1238
1231 .. container:: windows
1239 .. container:: windows
1232
1240
1233 ``regkey``
1241 ``regkey``
1234 Windows registry key which describes install location of this
1242 Windows registry key which describes install location of this
1235 tool. Mercurial will search for this key first under
1243 tool. Mercurial will search for this key first under
1236 ``HKEY_CURRENT_USER`` and then under ``HKEY_LOCAL_MACHINE``.
1244 ``HKEY_CURRENT_USER`` and then under ``HKEY_LOCAL_MACHINE``.
1237 (default: None)
1245 (default: None)
1238
1246
1239 ``regkeyalt``
1247 ``regkeyalt``
1240 An alternate Windows registry key to try if the first key is not
1248 An alternate Windows registry key to try if the first key is not
1241 found. The alternate key uses the same ``regname`` and ``regappend``
1249 found. The alternate key uses the same ``regname`` and ``regappend``
1242 semantics of the primary key. The most common use for this key
1250 semantics of the primary key. The most common use for this key
1243 is to search for 32bit applications on 64bit operating systems.
1251 is to search for 32bit applications on 64bit operating systems.
1244 (default: None)
1252 (default: None)
1245
1253
1246 ``regname``
1254 ``regname``
1247 Name of value to read from specified registry key.
1255 Name of value to read from specified registry key.
1248 (default: the unnamed (default) value)
1256 (default: the unnamed (default) value)
1249
1257
1250 ``regappend``
1258 ``regappend``
1251 String to append to the value read from the registry, typically
1259 String to append to the value read from the registry, typically
1252 the executable name of the tool.
1260 the executable name of the tool.
1253 (default: None)
1261 (default: None)
1254
1262
1255
1263
1256 ``patch``
1264 ``patch``
1257 ---------
1265 ---------
1258
1266
1259 Settings used when applying patches, for instance through the 'import'
1267 Settings used when applying patches, for instance through the 'import'
1260 command or with Mercurial Queues extension.
1268 command or with Mercurial Queues extension.
1261
1269
1262 ``eol``
1270 ``eol``
1263 When set to 'strict' patch content and patched files end of lines
1271 When set to 'strict' patch content and patched files end of lines
1264 are preserved. When set to ``lf`` or ``crlf``, both files end of
1272 are preserved. When set to ``lf`` or ``crlf``, both files end of
1265 lines are ignored when patching and the result line endings are
1273 lines are ignored when patching and the result line endings are
1266 normalized to either LF (Unix) or CRLF (Windows). When set to
1274 normalized to either LF (Unix) or CRLF (Windows). When set to
1267 ``auto``, end of lines are again ignored while patching but line
1275 ``auto``, end of lines are again ignored while patching but line
1268 endings in patched files are normalized to their original setting
1276 endings in patched files are normalized to their original setting
1269 on a per-file basis. If target file does not exist or has no end
1277 on a per-file basis. If target file does not exist or has no end
1270 of line, patch line endings are preserved.
1278 of line, patch line endings are preserved.
1271 (default: strict)
1279 (default: strict)
1272
1280
1273 ``fuzz``
1281 ``fuzz``
1274 The number of lines of 'fuzz' to allow when applying patches. This
1282 The number of lines of 'fuzz' to allow when applying patches. This
1275 controls how much context the patcher is allowed to ignore when
1283 controls how much context the patcher is allowed to ignore when
1276 trying to apply a patch.
1284 trying to apply a patch.
1277 (default: 2)
1285 (default: 2)
1278
1286
1279 ``paths``
1287 ``paths``
1280 ---------
1288 ---------
1281
1289
1282 Assigns symbolic names and behavior to repositories.
1290 Assigns symbolic names and behavior to repositories.
1283
1291
1284 Options are symbolic names defining the URL or directory that is the
1292 Options are symbolic names defining the URL or directory that is the
1285 location of the repository. Example::
1293 location of the repository. Example::
1286
1294
1287 [paths]
1295 [paths]
1288 my_server = https://example.com/my_repo
1296 my_server = https://example.com/my_repo
1289 local_path = /home/me/repo
1297 local_path = /home/me/repo
1290
1298
1291 These symbolic names can be used from the command line. To pull
1299 These symbolic names can be used from the command line. To pull
1292 from ``my_server``: :hg:`pull my_server`. To push to ``local_path``:
1300 from ``my_server``: :hg:`pull my_server`. To push to ``local_path``:
1293 :hg:`push local_path`.
1301 :hg:`push local_path`.
1294
1302
1295 Options containing colons (``:``) denote sub-options that can influence
1303 Options containing colons (``:``) denote sub-options that can influence
1296 behavior for that specific path. Example::
1304 behavior for that specific path. Example::
1297
1305
1298 [paths]
1306 [paths]
1299 my_server = https://example.com/my_path
1307 my_server = https://example.com/my_path
1300 my_server:pushurl = ssh://example.com/my_path
1308 my_server:pushurl = ssh://example.com/my_path
1301
1309
1302 The following sub-options can be defined:
1310 The following sub-options can be defined:
1303
1311
1304 ``pushurl``
1312 ``pushurl``
1305 The URL to use for push operations. If not defined, the location
1313 The URL to use for push operations. If not defined, the location
1306 defined by the path's main entry is used.
1314 defined by the path's main entry is used.
1307
1315
1308 ``pushrev``
1316 ``pushrev``
1309 A revset defining which revisions to push by default.
1317 A revset defining which revisions to push by default.
1310
1318
1311 When :hg:`push` is executed without a ``-r`` argument, the revset
1319 When :hg:`push` is executed without a ``-r`` argument, the revset
1312 defined by this sub-option is evaluated to determine what to push.
1320 defined by this sub-option is evaluated to determine what to push.
1313
1321
1314 For example, a value of ``.`` will push the working directory's
1322 For example, a value of ``.`` will push the working directory's
1315 revision by default.
1323 revision by default.
1316
1324
1317 Revsets specifying bookmarks will not result in the bookmark being
1325 Revsets specifying bookmarks will not result in the bookmark being
1318 pushed.
1326 pushed.
1319
1327
1320 The following special named paths exist:
1328 The following special named paths exist:
1321
1329
1322 ``default``
1330 ``default``
1323 The URL or directory to use when no source or remote is specified.
1331 The URL or directory to use when no source or remote is specified.
1324
1332
1325 :hg:`clone` will automatically define this path to the location the
1333 :hg:`clone` will automatically define this path to the location the
1326 repository was cloned from.
1334 repository was cloned from.
1327
1335
1328 ``default-push``
1336 ``default-push``
1329 (deprecated) The URL or directory for the default :hg:`push` location.
1337 (deprecated) The URL or directory for the default :hg:`push` location.
1330 ``default:pushurl`` should be used instead.
1338 ``default:pushurl`` should be used instead.
1331
1339
1332 ``phases``
1340 ``phases``
1333 ----------
1341 ----------
1334
1342
1335 Specifies default handling of phases. See :hg:`help phases` for more
1343 Specifies default handling of phases. See :hg:`help phases` for more
1336 information about working with phases.
1344 information about working with phases.
1337
1345
1338 ``publish``
1346 ``publish``
1339 Controls draft phase behavior when working as a server. When true,
1347 Controls draft phase behavior when working as a server. When true,
1340 pushed changesets are set to public in both client and server and
1348 pushed changesets are set to public in both client and server and
1341 pulled or cloned changesets are set to public in the client.
1349 pulled or cloned changesets are set to public in the client.
1342 (default: True)
1350 (default: True)
1343
1351
1344 ``new-commit``
1352 ``new-commit``
1345 Phase of newly-created commits.
1353 Phase of newly-created commits.
1346 (default: draft)
1354 (default: draft)
1347
1355
1348 ``checksubrepos``
1356 ``checksubrepos``
1349 Check the phase of the current revision of each subrepository. Allowed
1357 Check the phase of the current revision of each subrepository. Allowed
1350 values are "ignore", "follow" and "abort". For settings other than
1358 values are "ignore", "follow" and "abort". For settings other than
1351 "ignore", the phase of the current revision of each subrepository is
1359 "ignore", the phase of the current revision of each subrepository is
1352 checked before committing the parent repository. If any of those phases is
1360 checked before committing the parent repository. If any of those phases is
1353 greater than the phase of the parent repository (e.g. if a subrepo is in a
1361 greater than the phase of the parent repository (e.g. if a subrepo is in a
1354 "secret" phase while the parent repo is in "draft" phase), the commit is
1362 "secret" phase while the parent repo is in "draft" phase), the commit is
1355 either aborted (if checksubrepos is set to "abort") or the higher phase is
1363 either aborted (if checksubrepos is set to "abort") or the higher phase is
1356 used for the parent repository commit (if set to "follow").
1364 used for the parent repository commit (if set to "follow").
1357 (default: follow)
1365 (default: follow)
1358
1366
1359
1367
1360 ``profiling``
1368 ``profiling``
1361 -------------
1369 -------------
1362
1370
1363 Specifies profiling type, format, and file output. Two profilers are
1371 Specifies profiling type, format, and file output. Two profilers are
1364 supported: an instrumenting profiler (named ``ls``), and a sampling
1372 supported: an instrumenting profiler (named ``ls``), and a sampling
1365 profiler (named ``stat``).
1373 profiler (named ``stat``).
1366
1374
1367 In this section description, 'profiling data' stands for the raw data
1375 In this section description, 'profiling data' stands for the raw data
1368 collected during profiling, while 'profiling report' stands for a
1376 collected during profiling, while 'profiling report' stands for a
1369 statistical text report generated from the profiling data. The
1377 statistical text report generated from the profiling data. The
1370 profiling is done using lsprof.
1378 profiling is done using lsprof.
1371
1379
1372 ``type``
1380 ``type``
1373 The type of profiler to use.
1381 The type of profiler to use.
1374 (default: ls)
1382 (default: ls)
1375
1383
1376 ``ls``
1384 ``ls``
1377 Use Python's built-in instrumenting profiler. This profiler
1385 Use Python's built-in instrumenting profiler. This profiler
1378 works on all platforms, but each line number it reports is the
1386 works on all platforms, but each line number it reports is the
1379 first line of a function. This restriction makes it difficult to
1387 first line of a function. This restriction makes it difficult to
1380 identify the expensive parts of a non-trivial function.
1388 identify the expensive parts of a non-trivial function.
1381 ``stat``
1389 ``stat``
1382 Use a third-party statistical profiler, statprof. This profiler
1390 Use a third-party statistical profiler, statprof. This profiler
1383 currently runs only on Unix systems, and is most useful for
1391 currently runs only on Unix systems, and is most useful for
1384 profiling commands that run for longer than about 0.1 seconds.
1392 profiling commands that run for longer than about 0.1 seconds.
1385
1393
1386 ``format``
1394 ``format``
1387 Profiling format. Specific to the ``ls`` instrumenting profiler.
1395 Profiling format. Specific to the ``ls`` instrumenting profiler.
1388 (default: text)
1396 (default: text)
1389
1397
1390 ``text``
1398 ``text``
1391 Generate a profiling report. When saving to a file, it should be
1399 Generate a profiling report. When saving to a file, it should be
1392 noted that only the report is saved, and the profiling data is
1400 noted that only the report is saved, and the profiling data is
1393 not kept.
1401 not kept.
1394 ``kcachegrind``
1402 ``kcachegrind``
1395 Format profiling data for kcachegrind use: when saving to a
1403 Format profiling data for kcachegrind use: when saving to a
1396 file, the generated file can directly be loaded into
1404 file, the generated file can directly be loaded into
1397 kcachegrind.
1405 kcachegrind.
1398
1406
1399 ``frequency``
1407 ``frequency``
1400 Sampling frequency. Specific to the ``stat`` sampling profiler.
1408 Sampling frequency. Specific to the ``stat`` sampling profiler.
1401 (default: 1000)
1409 (default: 1000)
1402
1410
1403 ``output``
1411 ``output``
1404 File path where profiling data or report should be saved. If the
1412 File path where profiling data or report should be saved. If the
1405 file exists, it is replaced. (default: None, data is printed on
1413 file exists, it is replaced. (default: None, data is printed on
1406 stderr)
1414 stderr)
1407
1415
1408 ``sort``
1416 ``sort``
1409 Sort field. Specific to the ``ls`` instrumenting profiler.
1417 Sort field. Specific to the ``ls`` instrumenting profiler.
1410 One of ``callcount``, ``reccallcount``, ``totaltime`` and
1418 One of ``callcount``, ``reccallcount``, ``totaltime`` and
1411 ``inlinetime``.
1419 ``inlinetime``.
1412 (default: inlinetime)
1420 (default: inlinetime)
1413
1421
1414 ``limit``
1422 ``limit``
1415 Number of lines to show. Specific to the ``ls`` instrumenting profiler.
1423 Number of lines to show. Specific to the ``ls`` instrumenting profiler.
1416 (default: 30)
1424 (default: 30)
1417
1425
1418 ``nested``
1426 ``nested``
1419 Show at most this number of lines of drill-down info after each main entry.
1427 Show at most this number of lines of drill-down info after each main entry.
1420 This can help explain the difference between Total and Inline.
1428 This can help explain the difference between Total and Inline.
1421 Specific to the ``ls`` instrumenting profiler.
1429 Specific to the ``ls`` instrumenting profiler.
1422 (default: 5)
1430 (default: 5)
1423
1431
1424 ``progress``
1432 ``progress``
1425 ------------
1433 ------------
1426
1434
1427 Mercurial commands can draw progress bars that are as informative as
1435 Mercurial commands can draw progress bars that are as informative as
1428 possible. Some progress bars only offer indeterminate information, while others
1436 possible. Some progress bars only offer indeterminate information, while others
1429 have a definite end point.
1437 have a definite end point.
1430
1438
1431 ``delay``
1439 ``delay``
1432 Number of seconds (float) before showing the progress bar. (default: 3)
1440 Number of seconds (float) before showing the progress bar. (default: 3)
1433
1441
1434 ``changedelay``
1442 ``changedelay``
1435 Minimum delay before showing a new topic. When set to less than 3 * refresh,
1443 Minimum delay before showing a new topic. When set to less than 3 * refresh,
1436 that value will be used instead. (default: 1)
1444 that value will be used instead. (default: 1)
1437
1445
1438 ``refresh``
1446 ``refresh``
1439 Time in seconds between refreshes of the progress bar. (default: 0.1)
1447 Time in seconds between refreshes of the progress bar. (default: 0.1)
1440
1448
1441 ``format``
1449 ``format``
1442 Format of the progress bar.
1450 Format of the progress bar.
1443
1451
1444 Valid entries for the format field are ``topic``, ``bar``, ``number``,
1452 Valid entries for the format field are ``topic``, ``bar``, ``number``,
1445 ``unit``, ``estimate``, ``speed``, and ``item``. ``item`` defaults to the
1453 ``unit``, ``estimate``, ``speed``, and ``item``. ``item`` defaults to the
1446 last 20 characters of the item, but this can be changed by adding either
1454 last 20 characters of the item, but this can be changed by adding either
1447 ``-<num>`` which would take the last num characters, or ``+<num>`` for the
1455 ``-<num>`` which would take the last num characters, or ``+<num>`` for the
1448 first num characters.
1456 first num characters.
1449
1457
1450 (default: topic bar number estimate)
1458 (default: topic bar number estimate)
1451
1459
1452 ``width``
1460 ``width``
1453 If set, the maximum width of the progress information (that is, min(width,
1461 If set, the maximum width of the progress information (that is, min(width,
1454 term width) will be used).
1462 term width) will be used).
1455
1463
1456 ``clear-complete``
1464 ``clear-complete``
1457 Clear the progress bar after it's done. (default: True)
1465 Clear the progress bar after it's done. (default: True)
1458
1466
1459 ``disable``
1467 ``disable``
1460 If true, don't show a progress bar.
1468 If true, don't show a progress bar.
1461
1469
1462 ``assume-tty``
1470 ``assume-tty``
1463 If true, ALWAYS show a progress bar, unless disable is given.
1471 If true, ALWAYS show a progress bar, unless disable is given.
1464
1472
1465 ``rebase``
1473 ``rebase``
1466 ----------
1474 ----------
1467
1475
1468 ``allowdivergence``
1476 ``allowdivergence``
1469 Default to False, when True allow creating divergence when performing
1477 Default to False, when True allow creating divergence when performing
1470 rebase of obsolete changesets.
1478 rebase of obsolete changesets.
1471
1479
1472 ``revsetalias``
1480 ``revsetalias``
1473 ---------------
1481 ---------------
1474
1482
1475 Alias definitions for revsets. See :hg:`help revsets` for details.
1483 Alias definitions for revsets. See :hg:`help revsets` for details.
1476
1484
1477 ``server``
1485 ``server``
1478 ----------
1486 ----------
1479
1487
1480 Controls generic server settings.
1488 Controls generic server settings.
1481
1489
1482 ``uncompressed``
1490 ``uncompressed``
1483 Whether to allow clients to clone a repository using the
1491 Whether to allow clients to clone a repository using the
1484 uncompressed streaming protocol. This transfers about 40% more
1492 uncompressed streaming protocol. This transfers about 40% more
1485 data than a regular clone, but uses less memory and CPU on both
1493 data than a regular clone, but uses less memory and CPU on both
1486 server and client. Over a LAN (100 Mbps or better) or a very fast
1494 server and client. Over a LAN (100 Mbps or better) or a very fast
1487 WAN, an uncompressed streaming clone is a lot faster (~10x) than a
1495 WAN, an uncompressed streaming clone is a lot faster (~10x) than a
1488 regular clone. Over most WAN connections (anything slower than
1496 regular clone. Over most WAN connections (anything slower than
1489 about 6 Mbps), uncompressed streaming is slower, because of the
1497 about 6 Mbps), uncompressed streaming is slower, because of the
1490 extra data transfer overhead. This mode will also temporarily hold
1498 extra data transfer overhead. This mode will also temporarily hold
1491 the write lock while determining what data to transfer.
1499 the write lock while determining what data to transfer.
1492 (default: True)
1500 (default: True)
1493
1501
1494 ``preferuncompressed``
1502 ``preferuncompressed``
1495 When set, clients will try to use the uncompressed streaming
1503 When set, clients will try to use the uncompressed streaming
1496 protocol. (default: False)
1504 protocol. (default: False)
1497
1505
1498 ``validate``
1506 ``validate``
1499 Whether to validate the completeness of pushed changesets by
1507 Whether to validate the completeness of pushed changesets by
1500 checking that all new file revisions specified in manifests are
1508 checking that all new file revisions specified in manifests are
1501 present. (default: False)
1509 present. (default: False)
1502
1510
1503 ``maxhttpheaderlen``
1511 ``maxhttpheaderlen``
1504 Instruct HTTP clients not to send request headers longer than this
1512 Instruct HTTP clients not to send request headers longer than this
1505 many bytes. (default: 1024)
1513 many bytes. (default: 1024)
1506
1514
1507 ``bundle1``
1515 ``bundle1``
1508 Whether to allow clients to push and pull using the legacy bundle1
1516 Whether to allow clients to push and pull using the legacy bundle1
1509 exchange format. (default: True)
1517 exchange format. (default: True)
1510
1518
1511 ``bundle1gd``
1519 ``bundle1gd``
1512 Like ``bundle1`` but only used if the repository is using the
1520 Like ``bundle1`` but only used if the repository is using the
1513 *generaldelta* storage format. (default: True)
1521 *generaldelta* storage format. (default: True)
1514
1522
1515 ``bundle1.push``
1523 ``bundle1.push``
1516 Whether to allow clients to push using the legacy bundle1 exchange
1524 Whether to allow clients to push using the legacy bundle1 exchange
1517 format. (default: True)
1525 format. (default: True)
1518
1526
1519 ``bundle1gd.push``
1527 ``bundle1gd.push``
1520 Like ``bundle1.push`` but only used if the repository is using the
1528 Like ``bundle1.push`` but only used if the repository is using the
1521 *generaldelta* storage format. (default: True)
1529 *generaldelta* storage format. (default: True)
1522
1530
1523 ``bundle1.pull``
1531 ``bundle1.pull``
1524 Whether to allow clients to pull using the legacy bundle1 exchange
1532 Whether to allow clients to pull using the legacy bundle1 exchange
1525 format. (default: True)
1533 format. (default: True)
1526
1534
1527 ``bundle1gd.pull``
1535 ``bundle1gd.pull``
1528 Like ``bundle1.pull`` but only used if the repository is using the
1536 Like ``bundle1.pull`` but only used if the repository is using the
1529 *generaldelta* storage format. (default: True)
1537 *generaldelta* storage format. (default: True)
1530
1538
1531 Large repositories using the *generaldelta* storage format should
1539 Large repositories using the *generaldelta* storage format should
1532 consider setting this option because converting *generaldelta*
1540 consider setting this option because converting *generaldelta*
1533 repositories to the exchange format required by the bundle1 data
1541 repositories to the exchange format required by the bundle1 data
1534 format can consume a lot of CPU.
1542 format can consume a lot of CPU.
1535
1543
1536 ``smtp``
1544 ``smtp``
1537 --------
1545 --------
1538
1546
1539 Configuration for extensions that need to send email messages.
1547 Configuration for extensions that need to send email messages.
1540
1548
1541 ``host``
1549 ``host``
1542 Host name of mail server, e.g. "mail.example.com".
1550 Host name of mail server, e.g. "mail.example.com".
1543
1551
1544 ``port``
1552 ``port``
1545 Optional. Port to connect to on mail server. (default: 465 if
1553 Optional. Port to connect to on mail server. (default: 465 if
1546 ``tls`` is smtps; 25 otherwise)
1554 ``tls`` is smtps; 25 otherwise)
1547
1555
1548 ``tls``
1556 ``tls``
1549 Optional. Method to enable TLS when connecting to mail server: starttls,
1557 Optional. Method to enable TLS when connecting to mail server: starttls,
1550 smtps or none. (default: none)
1558 smtps or none. (default: none)
1551
1559
1552 ``username``
1560 ``username``
1553 Optional. User name for authenticating with the SMTP server.
1561 Optional. User name for authenticating with the SMTP server.
1554 (default: None)
1562 (default: None)
1555
1563
1556 ``password``
1564 ``password``
1557 Optional. Password for authenticating with the SMTP server. If not
1565 Optional. Password for authenticating with the SMTP server. If not
1558 specified, interactive sessions will prompt the user for a
1566 specified, interactive sessions will prompt the user for a
1559 password; non-interactive sessions will fail. (default: None)
1567 password; non-interactive sessions will fail. (default: None)
1560
1568
1561 ``local_hostname``
1569 ``local_hostname``
1562 Optional. The hostname that the sender can use to identify
1570 Optional. The hostname that the sender can use to identify
1563 itself to the MTA.
1571 itself to the MTA.
1564
1572
1565
1573
1566 ``subpaths``
1574 ``subpaths``
1567 ------------
1575 ------------
1568
1576
1569 Subrepository source URLs can go stale if a remote server changes name
1577 Subrepository source URLs can go stale if a remote server changes name
1570 or becomes temporarily unavailable. This section lets you define
1578 or becomes temporarily unavailable. This section lets you define
1571 rewrite rules of the form::
1579 rewrite rules of the form::
1572
1580
1573 <pattern> = <replacement>
1581 <pattern> = <replacement>
1574
1582
1575 where ``pattern`` is a regular expression matching a subrepository
1583 where ``pattern`` is a regular expression matching a subrepository
1576 source URL and ``replacement`` is the replacement string used to
1584 source URL and ``replacement`` is the replacement string used to
1577 rewrite it. Groups can be matched in ``pattern`` and referenced in
1585 rewrite it. Groups can be matched in ``pattern`` and referenced in
1578 ``replacements``. For instance::
1586 ``replacements``. For instance::
1579
1587
1580 http://server/(.*)-hg/ = http://hg.server/\1/
1588 http://server/(.*)-hg/ = http://hg.server/\1/
1581
1589
1582 rewrites ``http://server/foo-hg/`` into ``http://hg.server/foo/``.
1590 rewrites ``http://server/foo-hg/`` into ``http://hg.server/foo/``.
1583
1591
1584 Relative subrepository paths are first made absolute, and the
1592 Relative subrepository paths are first made absolute, and the
1585 rewrite rules are then applied on the full (absolute) path. If ``pattern``
1593 rewrite rules are then applied on the full (absolute) path. If ``pattern``
1586 doesn't match the full path, an attempt is made to apply it on the
1594 doesn't match the full path, an attempt is made to apply it on the
1587 relative path alone. The rules are applied in definition order.
1595 relative path alone. The rules are applied in definition order.
1588
1596
1589 ``templatealias``
1597 ``templatealias``
1590 -----------------
1598 -----------------
1591
1599
1592 Alias definitions for templates. See :hg:`help templates` for details.
1600 Alias definitions for templates. See :hg:`help templates` for details.
1593
1601
1594 ``trusted``
1602 ``trusted``
1595 -----------
1603 -----------
1596
1604
1597 Mercurial will not use the settings in the
1605 Mercurial will not use the settings in the
1598 ``.hg/hgrc`` file from a repository if it doesn't belong to a trusted
1606 ``.hg/hgrc`` file from a repository if it doesn't belong to a trusted
1599 user or to a trusted group, as various hgrc features allow arbitrary
1607 user or to a trusted group, as various hgrc features allow arbitrary
1600 commands to be run. This issue is often encountered when configuring
1608 commands to be run. This issue is often encountered when configuring
1601 hooks or extensions for shared repositories or servers. However,
1609 hooks or extensions for shared repositories or servers. However,
1602 the web interface will use some safe settings from the ``[web]``
1610 the web interface will use some safe settings from the ``[web]``
1603 section.
1611 section.
1604
1612
1605 This section specifies what users and groups are trusted. The
1613 This section specifies what users and groups are trusted. The
1606 current user is always trusted. To trust everybody, list a user or a
1614 current user is always trusted. To trust everybody, list a user or a
1607 group with name ``*``. These settings must be placed in an
1615 group with name ``*``. These settings must be placed in an
1608 *already-trusted file* to take effect, such as ``$HOME/.hgrc`` of the
1616 *already-trusted file* to take effect, such as ``$HOME/.hgrc`` of the
1609 user or service running Mercurial.
1617 user or service running Mercurial.
1610
1618
1611 ``users``
1619 ``users``
1612 Comma-separated list of trusted users.
1620 Comma-separated list of trusted users.
1613
1621
1614 ``groups``
1622 ``groups``
1615 Comma-separated list of trusted groups.
1623 Comma-separated list of trusted groups.
1616
1624
1617
1625
1618 ``ui``
1626 ``ui``
1619 ------
1627 ------
1620
1628
1621 User interface controls.
1629 User interface controls.
1622
1630
1623 ``archivemeta``
1631 ``archivemeta``
1624 Whether to include the .hg_archival.txt file containing meta data
1632 Whether to include the .hg_archival.txt file containing meta data
1625 (hashes for the repository base and for tip) in archives created
1633 (hashes for the repository base and for tip) in archives created
1626 by the :hg:`archive` command or downloaded via hgweb.
1634 by the :hg:`archive` command or downloaded via hgweb.
1627 (default: True)
1635 (default: True)
1628
1636
1629 ``askusername``
1637 ``askusername``
1630 Whether to prompt for a username when committing. If True, and
1638 Whether to prompt for a username when committing. If True, and
1631 neither ``$HGUSER`` nor ``$EMAIL`` has been specified, then the user will
1639 neither ``$HGUSER`` nor ``$EMAIL`` has been specified, then the user will
1632 be prompted to enter a username. If no username is entered, the
1640 be prompted to enter a username. If no username is entered, the
1633 default ``USER@HOST`` is used instead.
1641 default ``USER@HOST`` is used instead.
1634 (default: False)
1642 (default: False)
1635
1643
1636 ``clonebundles``
1644 ``clonebundles``
1637 Whether the "clone bundles" feature is enabled.
1645 Whether the "clone bundles" feature is enabled.
1638
1646
1639 When enabled, :hg:`clone` may download and apply a server-advertised
1647 When enabled, :hg:`clone` may download and apply a server-advertised
1640 bundle file from a URL instead of using the normal exchange mechanism.
1648 bundle file from a URL instead of using the normal exchange mechanism.
1641
1649
1642 This can likely result in faster and more reliable clones.
1650 This can likely result in faster and more reliable clones.
1643
1651
1644 (default: True)
1652 (default: True)
1645
1653
1646 ``clonebundlefallback``
1654 ``clonebundlefallback``
1647 Whether failure to apply an advertised "clone bundle" from a server
1655 Whether failure to apply an advertised "clone bundle" from a server
1648 should result in fallback to a regular clone.
1656 should result in fallback to a regular clone.
1649
1657
1650 This is disabled by default because servers advertising "clone
1658 This is disabled by default because servers advertising "clone
1651 bundles" often do so to reduce server load. If advertised bundles
1659 bundles" often do so to reduce server load. If advertised bundles
1652 start mass failing and clients automatically fall back to a regular
1660 start mass failing and clients automatically fall back to a regular
1653 clone, this would add significant and unexpected load to the server
1661 clone, this would add significant and unexpected load to the server
1654 since the server is expecting clone operations to be offloaded to
1662 since the server is expecting clone operations to be offloaded to
1655 pre-generated bundles. Failing fast (the default behavior) ensures
1663 pre-generated bundles. Failing fast (the default behavior) ensures
1656 clients don't overwhelm the server when "clone bundle" application
1664 clients don't overwhelm the server when "clone bundle" application
1657 fails.
1665 fails.
1658
1666
1659 (default: False)
1667 (default: False)
1660
1668
1661 ``clonebundleprefers``
1669 ``clonebundleprefers``
1662 Defines preferences for which "clone bundles" to use.
1670 Defines preferences for which "clone bundles" to use.
1663
1671
1664 Servers advertising "clone bundles" may advertise multiple available
1672 Servers advertising "clone bundles" may advertise multiple available
1665 bundles. Each bundle may have different attributes, such as the bundle
1673 bundles. Each bundle may have different attributes, such as the bundle
1666 type and compression format. This option is used to prefer a particular
1674 type and compression format. This option is used to prefer a particular
1667 bundle over another.
1675 bundle over another.
1668
1676
1669 The following keys are defined by Mercurial:
1677 The following keys are defined by Mercurial:
1670
1678
1671 BUNDLESPEC
1679 BUNDLESPEC
1672 A bundle type specifier. These are strings passed to :hg:`bundle -t`.
1680 A bundle type specifier. These are strings passed to :hg:`bundle -t`.
1673 e.g. ``gzip-v2`` or ``bzip2-v1``.
1681 e.g. ``gzip-v2`` or ``bzip2-v1``.
1674
1682
1675 COMPRESSION
1683 COMPRESSION
1676 The compression format of the bundle. e.g. ``gzip`` and ``bzip2``.
1684 The compression format of the bundle. e.g. ``gzip`` and ``bzip2``.
1677
1685
1678 Server operators may define custom keys.
1686 Server operators may define custom keys.
1679
1687
1680 Example values: ``COMPRESSION=bzip2``,
1688 Example values: ``COMPRESSION=bzip2``,
1681 ``BUNDLESPEC=gzip-v2, COMPRESSION=gzip``.
1689 ``BUNDLESPEC=gzip-v2, COMPRESSION=gzip``.
1682
1690
1683 By default, the first bundle advertised by the server is used.
1691 By default, the first bundle advertised by the server is used.
1684
1692
1685 ``commitsubrepos``
1693 ``commitsubrepos``
1686 Whether to commit modified subrepositories when committing the
1694 Whether to commit modified subrepositories when committing the
1687 parent repository. If False and one subrepository has uncommitted
1695 parent repository. If False and one subrepository has uncommitted
1688 changes, abort the commit.
1696 changes, abort the commit.
1689 (default: False)
1697 (default: False)
1690
1698
1691 ``debug``
1699 ``debug``
1692 Print debugging information. (default: False)
1700 Print debugging information. (default: False)
1693
1701
1694 ``editor``
1702 ``editor``
1695 The editor to use during a commit. (default: ``$EDITOR`` or ``vi``)
1703 The editor to use during a commit. (default: ``$EDITOR`` or ``vi``)
1696
1704
1697 ``fallbackencoding``
1705 ``fallbackencoding``
1698 Encoding to try if it's not possible to decode the changelog using
1706 Encoding to try if it's not possible to decode the changelog using
1699 UTF-8. (default: ISO-8859-1)
1707 UTF-8. (default: ISO-8859-1)
1700
1708
1701 ``graphnodetemplate``
1709 ``graphnodetemplate``
1702 The template used to print changeset nodes in an ASCII revision graph.
1710 The template used to print changeset nodes in an ASCII revision graph.
1703 (default: ``{graphnode}``)
1711 (default: ``{graphnode}``)
1704
1712
1705 ``ignore``
1713 ``ignore``
1706 A file to read per-user ignore patterns from. This file should be
1714 A file to read per-user ignore patterns from. This file should be
1707 in the same format as a repository-wide .hgignore file. Filenames
1715 in the same format as a repository-wide .hgignore file. Filenames
1708 are relative to the repository root. This option supports hook syntax,
1716 are relative to the repository root. This option supports hook syntax,
1709 so if you want to specify multiple ignore files, you can do so by
1717 so if you want to specify multiple ignore files, you can do so by
1710 setting something like ``ignore.other = ~/.hgignore2``. For details
1718 setting something like ``ignore.other = ~/.hgignore2``. For details
1711 of the ignore file format, see the ``hgignore(5)`` man page.
1719 of the ignore file format, see the ``hgignore(5)`` man page.
1712
1720
1713 ``interactive``
1721 ``interactive``
1714 Allow to prompt the user. (default: True)
1722 Allow to prompt the user. (default: True)
1715
1723
1716 ``interface``
1724 ``interface``
1717 Select the default interface for interactive features (default: text).
1725 Select the default interface for interactive features (default: text).
1718 Possible values are 'text' and 'curses'.
1726 Possible values are 'text' and 'curses'.
1719
1727
1720 ``interface.chunkselector``
1728 ``interface.chunkselector``
1721 Select the interface for change recording (e.g. :hg:`commit` -i).
1729 Select the interface for change recording (e.g. :hg:`commit` -i).
1722 Possible values are 'text' and 'curses'.
1730 Possible values are 'text' and 'curses'.
1723 This config overrides the interface specified by ui.interface.
1731 This config overrides the interface specified by ui.interface.
1724
1732
1725 ``logtemplate``
1733 ``logtemplate``
1726 Template string for commands that print changesets.
1734 Template string for commands that print changesets.
1727
1735
1728 ``merge``
1736 ``merge``
1729 The conflict resolution program to use during a manual merge.
1737 The conflict resolution program to use during a manual merge.
1730 For more information on merge tools see :hg:`help merge-tools`.
1738 For more information on merge tools see :hg:`help merge-tools`.
1731 For configuring merge tools see the ``[merge-tools]`` section.
1739 For configuring merge tools see the ``[merge-tools]`` section.
1732
1740
1733 ``mergemarkers``
1741 ``mergemarkers``
1734 Sets the merge conflict marker label styling. The ``detailed``
1742 Sets the merge conflict marker label styling. The ``detailed``
1735 style uses the ``mergemarkertemplate`` setting to style the labels.
1743 style uses the ``mergemarkertemplate`` setting to style the labels.
1736 The ``basic`` style just uses 'local' and 'other' as the marker label.
1744 The ``basic`` style just uses 'local' and 'other' as the marker label.
1737 One of ``basic`` or ``detailed``.
1745 One of ``basic`` or ``detailed``.
1738 (default: ``basic``)
1746 (default: ``basic``)
1739
1747
1740 ``mergemarkertemplate``
1748 ``mergemarkertemplate``
1741 The template used to print the commit description next to each conflict
1749 The template used to print the commit description next to each conflict
1742 marker during merge conflicts. See :hg:`help templates` for the template
1750 marker during merge conflicts. See :hg:`help templates` for the template
1743 format.
1751 format.
1744
1752
1745 Defaults to showing the hash, tags, branches, bookmarks, author, and
1753 Defaults to showing the hash, tags, branches, bookmarks, author, and
1746 the first line of the commit description.
1754 the first line of the commit description.
1747
1755
1748 If you use non-ASCII characters in names for tags, branches, bookmarks,
1756 If you use non-ASCII characters in names for tags, branches, bookmarks,
1749 authors, and/or commit descriptions, you must pay attention to encodings of
1757 authors, and/or commit descriptions, you must pay attention to encodings of
1750 managed files. At template expansion, non-ASCII characters use the encoding
1758 managed files. At template expansion, non-ASCII characters use the encoding
1751 specified by the ``--encoding`` global option, ``HGENCODING`` or other
1759 specified by the ``--encoding`` global option, ``HGENCODING`` or other
1752 environment variables that govern your locale. If the encoding of the merge
1760 environment variables that govern your locale. If the encoding of the merge
1753 markers is different from the encoding of the merged files,
1761 markers is different from the encoding of the merged files,
1754 serious problems may occur.
1762 serious problems may occur.
1755
1763
1756 ``origbackuppath``
1764 ``origbackuppath``
1757 The path to a directory used to store generated .orig files. If the path is
1765 The path to a directory used to store generated .orig files. If the path is
1758 not a directory, one will be created.
1766 not a directory, one will be created.
1759
1767
1760 ``patch``
1768 ``patch``
1761 An optional external tool that ``hg import`` and some extensions
1769 An optional external tool that ``hg import`` and some extensions
1762 will use for applying patches. By default Mercurial uses an
1770 will use for applying patches. By default Mercurial uses an
1763 internal patch utility. The external tool must work as the common
1771 internal patch utility. The external tool must work as the common
1764 Unix ``patch`` program. In particular, it must accept a ``-p``
1772 Unix ``patch`` program. In particular, it must accept a ``-p``
1765 argument to strip patch headers, a ``-d`` argument to specify the
1773 argument to strip patch headers, a ``-d`` argument to specify the
1766 current directory, a file name to patch, and a patch file to take
1774 current directory, a file name to patch, and a patch file to take
1767 from stdin.
1775 from stdin.
1768
1776
1769 It is possible to specify a patch tool together with extra
1777 It is possible to specify a patch tool together with extra
1770 arguments. For example, setting this option to ``patch --merge``
1778 arguments. For example, setting this option to ``patch --merge``
1771 will use the ``patch`` program with its 2-way merge option.
1779 will use the ``patch`` program with its 2-way merge option.
1772
1780
1773 ``portablefilenames``
1781 ``portablefilenames``
1774 Check for portable filenames. Can be ``warn``, ``ignore`` or ``abort``.
1782 Check for portable filenames. Can be ``warn``, ``ignore`` or ``abort``.
1775 (default: ``warn``)
1783 (default: ``warn``)
1776
1784
1777 ``warn``
1785 ``warn``
1778 Print a warning message on POSIX platforms, if a file with a non-portable
1786 Print a warning message on POSIX platforms, if a file with a non-portable
1779 filename is added (e.g. a file with a name that can't be created on
1787 filename is added (e.g. a file with a name that can't be created on
1780 Windows because it contains reserved parts like ``AUX``, reserved
1788 Windows because it contains reserved parts like ``AUX``, reserved
1781 characters like ``:``, or would cause a case collision with an existing
1789 characters like ``:``, or would cause a case collision with an existing
1782 file).
1790 file).
1783
1791
1784 ``ignore``
1792 ``ignore``
1785 Don't print a warning.
1793 Don't print a warning.
1786
1794
1787 ``abort``
1795 ``abort``
1788 The command is aborted.
1796 The command is aborted.
1789
1797
1790 ``true``
1798 ``true``
1791 Alias for ``warn``.
1799 Alias for ``warn``.
1792
1800
1793 ``false``
1801 ``false``
1794 Alias for ``ignore``.
1802 Alias for ``ignore``.
1795
1803
1796 .. container:: windows
1804 .. container:: windows
1797
1805
1798 On Windows, this configuration option is ignored and the command aborted.
1806 On Windows, this configuration option is ignored and the command aborted.
1799
1807
1800 ``quiet``
1808 ``quiet``
1801 Reduce the amount of output printed.
1809 Reduce the amount of output printed.
1802 (default: False)
1810 (default: False)
1803
1811
1804 ``remotecmd``
1812 ``remotecmd``
1805 Remote command to use for clone/push/pull operations.
1813 Remote command to use for clone/push/pull operations.
1806 (default: ``hg``)
1814 (default: ``hg``)
1807
1815
1808 ``report_untrusted``
1816 ``report_untrusted``
1809 Warn if a ``.hg/hgrc`` file is ignored due to not being owned by a
1817 Warn if a ``.hg/hgrc`` file is ignored due to not being owned by a
1810 trusted user or group.
1818 trusted user or group.
1811 (default: True)
1819 (default: True)
1812
1820
1813 ``slash``
1821 ``slash``
1814 Display paths using a slash (``/``) as the path separator. This
1822 Display paths using a slash (``/``) as the path separator. This
1815 only makes a difference on systems where the default path
1823 only makes a difference on systems where the default path
1816 separator is not the slash character (e.g. Windows uses the
1824 separator is not the slash character (e.g. Windows uses the
1817 backslash character (``\``)).
1825 backslash character (``\``)).
1818 (default: False)
1826 (default: False)
1819
1827
1820 ``statuscopies``
1828 ``statuscopies``
1821 Display copies in the status command.
1829 Display copies in the status command.
1822
1830
1823 ``ssh``
1831 ``ssh``
1824 Command to use for SSH connections. (default: ``ssh``)
1832 Command to use for SSH connections. (default: ``ssh``)
1825
1833
1826 ``strict``
1834 ``strict``
1827 Require exact command names, instead of allowing unambiguous
1835 Require exact command names, instead of allowing unambiguous
1828 abbreviations. (default: False)
1836 abbreviations. (default: False)
1829
1837
1830 ``style``
1838 ``style``
1831 Name of style to use for command output.
1839 Name of style to use for command output.
1832
1840
1833 ``supportcontact``
1841 ``supportcontact``
1834 A URL where users should report a Mercurial traceback. Use this if you are a
1842 A URL where users should report a Mercurial traceback. Use this if you are a
1835 large organisation with its own Mercurial deployment process and crash
1843 large organisation with its own Mercurial deployment process and crash
1836 reports should be addressed to your internal support.
1844 reports should be addressed to your internal support.
1837
1845
1838 ``textwidth``
1846 ``textwidth``
1839 Maximum width of help text. A longer line generated by ``hg help`` or
1847 Maximum width of help text. A longer line generated by ``hg help`` or
1840 ``hg subcommand --help`` will be broken after white space to get this
1848 ``hg subcommand --help`` will be broken after white space to get this
1841 width or the terminal width, whichever comes first.
1849 width or the terminal width, whichever comes first.
1842 A non-positive value will disable this and the terminal width will be
1850 A non-positive value will disable this and the terminal width will be
1843 used. (default: 78)
1851 used. (default: 78)
1844
1852
1845 ``timeout``
1853 ``timeout``
1846 The timeout used when a lock is held (in seconds), a negative value
1854 The timeout used when a lock is held (in seconds), a negative value
1847 means no timeout. (default: 600)
1855 means no timeout. (default: 600)
1848
1856
1849 ``traceback``
1857 ``traceback``
1850 Mercurial always prints a traceback when an unknown exception
1858 Mercurial always prints a traceback when an unknown exception
1851 occurs. Setting this to True will make Mercurial print a traceback
1859 occurs. Setting this to True will make Mercurial print a traceback
1852 on all exceptions, even those recognized by Mercurial (such as
1860 on all exceptions, even those recognized by Mercurial (such as
1853 IOError or MemoryError). (default: False)
1861 IOError or MemoryError). (default: False)
1854
1862
1855 ``username``
1863 ``username``
1856 The committer of a changeset created when running "commit".
1864 The committer of a changeset created when running "commit".
1857 Typically a person's name and email address, e.g. ``Fred Widget
1865 Typically a person's name and email address, e.g. ``Fred Widget
1858 <fred@example.com>``. Environment variables in the
1866 <fred@example.com>``. Environment variables in the
1859 username are expanded.
1867 username are expanded.
1860
1868
1861 (default: ``$EMAIL`` or ``username@hostname``. If the username in
1869 (default: ``$EMAIL`` or ``username@hostname``. If the username in
1862 hgrc is empty, e.g. if the system admin set ``username =`` in the
1870 hgrc is empty, e.g. if the system admin set ``username =`` in the
1863 system hgrc, it has to be specified manually or in a different
1871 system hgrc, it has to be specified manually or in a different
1864 hgrc file)
1872 hgrc file)
1865
1873
1866 ``verbose``
1874 ``verbose``
1867 Increase the amount of output printed. (default: False)
1875 Increase the amount of output printed. (default: False)
1868
1876
1869
1877
1870 ``web``
1878 ``web``
1871 -------
1879 -------
1872
1880
1873 Web interface configuration. The settings in this section apply to
1881 Web interface configuration. The settings in this section apply to
1874 both the builtin webserver (started by :hg:`serve`) and the script you
1882 both the builtin webserver (started by :hg:`serve`) and the script you
1875 run through a webserver (``hgweb.cgi`` and the derivatives for FastCGI
1883 run through a webserver (``hgweb.cgi`` and the derivatives for FastCGI
1876 and WSGI).
1884 and WSGI).
1877
1885
1878 The Mercurial webserver does no authentication (it does not prompt for
1886 The Mercurial webserver does no authentication (it does not prompt for
1879 usernames and passwords to validate *who* users are), but it does do
1887 usernames and passwords to validate *who* users are), but it does do
1880 authorization (it grants or denies access for *authenticated users*
1888 authorization (it grants or denies access for *authenticated users*
1881 based on settings in this section). You must either configure your
1889 based on settings in this section). You must either configure your
1882 webserver to do authentication for you, or disable the authorization
1890 webserver to do authentication for you, or disable the authorization
1883 checks.
1891 checks.
1884
1892
1885 For a quick setup in a trusted environment, e.g., a private LAN, where
1893 For a quick setup in a trusted environment, e.g., a private LAN, where
1886 you want it to accept pushes from anybody, you can use the following
1894 you want it to accept pushes from anybody, you can use the following
1887 command line::
1895 command line::
1888
1896
1889 $ hg --config web.allow_push=* --config web.push_ssl=False serve
1897 $ hg --config web.allow_push=* --config web.push_ssl=False serve
1890
1898
1891 Note that this will allow anybody to push anything to the server and
1899 Note that this will allow anybody to push anything to the server and
1892 that this should not be used for public servers.
1900 that this should not be used for public servers.
1893
1901
1894 The full set of options is:
1902 The full set of options is:
1895
1903
1896 ``accesslog``
1904 ``accesslog``
1897 Where to output the access log. (default: stdout)
1905 Where to output the access log. (default: stdout)
1898
1906
1899 ``address``
1907 ``address``
1900 Interface address to bind to. (default: all)
1908 Interface address to bind to. (default: all)
1901
1909
1902 ``allow_archive``
1910 ``allow_archive``
1903 List of archive format (bz2, gz, zip) allowed for downloading.
1911 List of archive format (bz2, gz, zip) allowed for downloading.
1904 (default: empty)
1912 (default: empty)
1905
1913
1906 ``allowbz2``
1914 ``allowbz2``
1907 (DEPRECATED) Whether to allow .tar.bz2 downloading of repository
1915 (DEPRECATED) Whether to allow .tar.bz2 downloading of repository
1908 revisions.
1916 revisions.
1909 (default: False)
1917 (default: False)
1910
1918
1911 ``allowgz``
1919 ``allowgz``
1912 (DEPRECATED) Whether to allow .tar.gz downloading of repository
1920 (DEPRECATED) Whether to allow .tar.gz downloading of repository
1913 revisions.
1921 revisions.
1914 (default: False)
1922 (default: False)
1915
1923
1916 ``allowpull``
1924 ``allowpull``
1917 Whether to allow pulling from the repository. (default: True)
1925 Whether to allow pulling from the repository. (default: True)
1918
1926
1919 ``allow_push``
1927 ``allow_push``
1920 Whether to allow pushing to the repository. If empty or not set,
1928 Whether to allow pushing to the repository. If empty or not set,
1921 pushing is not allowed. If the special value ``*``, any remote
1929 pushing is not allowed. If the special value ``*``, any remote
1922 user can push, including unauthenticated users. Otherwise, the
1930 user can push, including unauthenticated users. Otherwise, the
1923 remote user must have been authenticated, and the authenticated
1931 remote user must have been authenticated, and the authenticated
1924 user name must be present in this list. The contents of the
1932 user name must be present in this list. The contents of the
1925 allow_push list are examined after the deny_push list.
1933 allow_push list are examined after the deny_push list.
1926
1934
1927 ``allow_read``
1935 ``allow_read``
1928 If the user has not already been denied repository access due to
1936 If the user has not already been denied repository access due to
1929 the contents of deny_read, this list determines whether to grant
1937 the contents of deny_read, this list determines whether to grant
1930 repository access to the user. If this list is not empty, and the
1938 repository access to the user. If this list is not empty, and the
1931 user is unauthenticated or not present in the list, then access is
1939 user is unauthenticated or not present in the list, then access is
1932 denied for the user. If the list is empty or not set, then access
1940 denied for the user. If the list is empty or not set, then access
1933 is permitted to all users by default. Setting allow_read to the
1941 is permitted to all users by default. Setting allow_read to the
1934 special value ``*`` is equivalent to it not being set (i.e. access
1942 special value ``*`` is equivalent to it not being set (i.e. access
1935 is permitted to all users). The contents of the allow_read list are
1943 is permitted to all users). The contents of the allow_read list are
1936 examined after the deny_read list.
1944 examined after the deny_read list.
1937
1945
1938 ``allowzip``
1946 ``allowzip``
1939 (DEPRECATED) Whether to allow .zip downloading of repository
1947 (DEPRECATED) Whether to allow .zip downloading of repository
1940 revisions. This feature creates temporary files.
1948 revisions. This feature creates temporary files.
1941 (default: False)
1949 (default: False)
1942
1950
1943 ``archivesubrepos``
1951 ``archivesubrepos``
1944 Whether to recurse into subrepositories when archiving.
1952 Whether to recurse into subrepositories when archiving.
1945 (default: False)
1953 (default: False)
1946
1954
1947 ``baseurl``
1955 ``baseurl``
1948 Base URL to use when publishing URLs in other locations, so
1956 Base URL to use when publishing URLs in other locations, so
1949 third-party tools like email notification hooks can construct
1957 third-party tools like email notification hooks can construct
1950 URLs. Example: ``http://hgserver/repos/``.
1958 URLs. Example: ``http://hgserver/repos/``.
1951
1959
1952 ``cacerts``
1960 ``cacerts``
1953 Path to file containing a list of PEM encoded certificate
1961 Path to file containing a list of PEM encoded certificate
1954 authority certificates. Environment variables and ``~user``
1962 authority certificates. Environment variables and ``~user``
1955 constructs are expanded in the filename. If specified on the
1963 constructs are expanded in the filename. If specified on the
1956 client, then it will verify the identity of remote HTTPS servers
1964 client, then it will verify the identity of remote HTTPS servers
1957 with these certificates.
1965 with these certificates.
1958
1966
1959 To disable SSL verification temporarily, specify ``--insecure`` from
1967 To disable SSL verification temporarily, specify ``--insecure`` from
1960 command line.
1968 command line.
1961
1969
1962 You can use OpenSSL's CA certificate file if your platform has
1970 You can use OpenSSL's CA certificate file if your platform has
1963 one. On most Linux systems this will be
1971 one. On most Linux systems this will be
1964 ``/etc/ssl/certs/ca-certificates.crt``. Otherwise you will have to
1972 ``/etc/ssl/certs/ca-certificates.crt``. Otherwise you will have to
1965 generate this file manually. The form must be as follows::
1973 generate this file manually. The form must be as follows::
1966
1974
1967 -----BEGIN CERTIFICATE-----
1975 -----BEGIN CERTIFICATE-----
1968 ... (certificate in base64 PEM encoding) ...
1976 ... (certificate in base64 PEM encoding) ...
1969 -----END CERTIFICATE-----
1977 -----END CERTIFICATE-----
1970 -----BEGIN CERTIFICATE-----
1978 -----BEGIN CERTIFICATE-----
1971 ... (certificate in base64 PEM encoding) ...
1979 ... (certificate in base64 PEM encoding) ...
1972 -----END CERTIFICATE-----
1980 -----END CERTIFICATE-----
1973
1981
1974 ``cache``
1982 ``cache``
1975 Whether to support caching in hgweb. (default: True)
1983 Whether to support caching in hgweb. (default: True)
1976
1984
1977 ``certificate``
1985 ``certificate``
1978 Certificate to use when running :hg:`serve`.
1986 Certificate to use when running :hg:`serve`.
1979
1987
1980 ``collapse``
1988 ``collapse``
1981 With ``descend`` enabled, repositories in subdirectories are shown at
1989 With ``descend`` enabled, repositories in subdirectories are shown at
1982 a single level alongside repositories in the current path. With
1990 a single level alongside repositories in the current path. With
1983 ``collapse`` also enabled, repositories residing at a deeper level than
1991 ``collapse`` also enabled, repositories residing at a deeper level than
1984 the current path are grouped behind navigable directory entries that
1992 the current path are grouped behind navigable directory entries that
1985 lead to the locations of these repositories. In effect, this setting
1993 lead to the locations of these repositories. In effect, this setting
1986 collapses each collection of repositories found within a subdirectory
1994 collapses each collection of repositories found within a subdirectory
1987 into a single entry for that subdirectory. (default: False)
1995 into a single entry for that subdirectory. (default: False)
1988
1996
1989 ``comparisoncontext``
1997 ``comparisoncontext``
1990 Number of lines of context to show in side-by-side file comparison. If
1998 Number of lines of context to show in side-by-side file comparison. If
1991 negative or the value ``full``, whole files are shown. (default: 5)
1999 negative or the value ``full``, whole files are shown. (default: 5)
1992
2000
1993 This setting can be overridden by a ``context`` request parameter to the
2001 This setting can be overridden by a ``context`` request parameter to the
1994 ``comparison`` command, taking the same values.
2002 ``comparison`` command, taking the same values.
1995
2003
1996 ``contact``
2004 ``contact``
1997 Name or email address of the person in charge of the repository.
2005 Name or email address of the person in charge of the repository.
1998 (default: ui.username or ``$EMAIL`` or "unknown" if unset or empty)
2006 (default: ui.username or ``$EMAIL`` or "unknown" if unset or empty)
1999
2007
2000 ``deny_push``
2008 ``deny_push``
2001 Whether to deny pushing to the repository. If empty or not set,
2009 Whether to deny pushing to the repository. If empty or not set,
2002 push is not denied. If the special value ``*``, all remote users are
2010 push is not denied. If the special value ``*``, all remote users are
2003 denied push. Otherwise, unauthenticated users are all denied, and
2011 denied push. Otherwise, unauthenticated users are all denied, and
2004 any authenticated user name present in this list is also denied. The
2012 any authenticated user name present in this list is also denied. The
2005 contents of the deny_push list are examined before the allow_push list.
2013 contents of the deny_push list are examined before the allow_push list.
2006
2014
2007 ``deny_read``
2015 ``deny_read``
2008 Whether to deny reading/viewing of the repository. If this list is
2016 Whether to deny reading/viewing of the repository. If this list is
2009 not empty, unauthenticated users are all denied, and any
2017 not empty, unauthenticated users are all denied, and any
2010 authenticated user name present in this list is also denied access to
2018 authenticated user name present in this list is also denied access to
2011 the repository. If set to the special value ``*``, all remote users
2019 the repository. If set to the special value ``*``, all remote users
2012 are denied access (rarely needed ;). If deny_read is empty or not set,
2020 are denied access (rarely needed ;). If deny_read is empty or not set,
2013 the determination of repository access depends on the presence and
2021 the determination of repository access depends on the presence and
2014 content of the allow_read list (see description). If both
2022 content of the allow_read list (see description). If both
2015 deny_read and allow_read are empty or not set, then access is
2023 deny_read and allow_read are empty or not set, then access is
2016 permitted to all users by default. If the repository is being
2024 permitted to all users by default. If the repository is being
2017 served via hgwebdir, denied users will not be able to see it in
2025 served via hgwebdir, denied users will not be able to see it in
2018 the list of repositories. The contents of the deny_read list have
2026 the list of repositories. The contents of the deny_read list have
2019 priority over (are examined before) the contents of the allow_read
2027 priority over (are examined before) the contents of the allow_read
2020 list.
2028 list.
2021
2029
2022 ``descend``
2030 ``descend``
2023 hgwebdir indexes will not descend into subdirectories. Only repositories
2031 hgwebdir indexes will not descend into subdirectories. Only repositories
2024 directly in the current path will be shown (other repositories are still
2032 directly in the current path will be shown (other repositories are still
2025 available from the index corresponding to their containing path).
2033 available from the index corresponding to their containing path).
2026
2034
2027 ``description``
2035 ``description``
2028 Textual description of the repository's purpose or contents.
2036 Textual description of the repository's purpose or contents.
2029 (default: "unknown")
2037 (default: "unknown")
2030
2038
2031 ``encoding``
2039 ``encoding``
2032 Character encoding name. (default: the current locale charset)
2040 Character encoding name. (default: the current locale charset)
2033 Example: "UTF-8".
2041 Example: "UTF-8".
2034
2042
2035 ``errorlog``
2043 ``errorlog``
2036 Where to output the error log. (default: stderr)
2044 Where to output the error log. (default: stderr)
2037
2045
2038 ``guessmime``
2046 ``guessmime``
2039 Control MIME types for raw download of file content.
2047 Control MIME types for raw download of file content.
2040 Set to True to let hgweb guess the content type from the file
2048 Set to True to let hgweb guess the content type from the file
2041 extension. This will serve HTML files as ``text/html`` and might
2049 extension. This will serve HTML files as ``text/html`` and might
2042 allow cross-site scripting attacks when serving untrusted
2050 allow cross-site scripting attacks when serving untrusted
2043 repositories. (default: False)
2051 repositories. (default: False)
2044
2052
2045 ``hidden``
2053 ``hidden``
2046 Whether to hide the repository in the hgwebdir index.
2054 Whether to hide the repository in the hgwebdir index.
2047 (default: False)
2055 (default: False)
2048
2056
2049 ``ipv6``
2057 ``ipv6``
2050 Whether to use IPv6. (default: False)
2058 Whether to use IPv6. (default: False)
2051
2059
2052 ``labels``
2060 ``labels``
2053 List of string *labels* associated with the repository.
2061 List of string *labels* associated with the repository.
2054
2062
2055 Labels are exposed as a template keyword and can be used to customize
2063 Labels are exposed as a template keyword and can be used to customize
2056 output. e.g. the ``index`` template can group or filter repositories
2064 output. e.g. the ``index`` template can group or filter repositories
2057 by labels and the ``summary`` template can display additional content
2065 by labels and the ``summary`` template can display additional content
2058 if a specific label is present.
2066 if a specific label is present.
2059
2067
2060 ``logoimg``
2068 ``logoimg``
2061 File name of the logo image that some templates display on each page.
2069 File name of the logo image that some templates display on each page.
2062 The file name is relative to ``staticurl``. That is, the full path to
2070 The file name is relative to ``staticurl``. That is, the full path to
2063 the logo image is "staticurl/logoimg".
2071 the logo image is "staticurl/logoimg".
2064 If unset, ``hglogo.png`` will be used.
2072 If unset, ``hglogo.png`` will be used.
2065
2073
2066 ``logourl``
2074 ``logourl``
2067 Base URL to use for logos. If unset, ``https://mercurial-scm.org/``
2075 Base URL to use for logos. If unset, ``https://mercurial-scm.org/``
2068 will be used.
2076 will be used.
2069
2077
2070 ``maxchanges``
2078 ``maxchanges``
2071 Maximum number of changes to list on the changelog. (default: 10)
2079 Maximum number of changes to list on the changelog. (default: 10)
2072
2080
2073 ``maxfiles``
2081 ``maxfiles``
2074 Maximum number of files to list per changeset. (default: 10)
2082 Maximum number of files to list per changeset. (default: 10)
2075
2083
2076 ``maxshortchanges``
2084 ``maxshortchanges``
2077 Maximum number of changes to list on the shortlog, graph or filelog
2085 Maximum number of changes to list on the shortlog, graph or filelog
2078 pages. (default: 60)
2086 pages. (default: 60)
2079
2087
2080 ``name``
2088 ``name``
2081 Repository name to use in the web interface.
2089 Repository name to use in the web interface.
2082 (default: current working directory)
2090 (default: current working directory)
2083
2091
2084 ``port``
2092 ``port``
2085 Port to listen on. (default: 8000)
2093 Port to listen on. (default: 8000)
2086
2094
2087 ``prefix``
2095 ``prefix``
2088 Prefix path to serve from. (default: '' (server root))
2096 Prefix path to serve from. (default: '' (server root))
2089
2097
2090 ``push_ssl``
2098 ``push_ssl``
2091 Whether to require that inbound pushes be transported over SSL to
2099 Whether to require that inbound pushes be transported over SSL to
2092 prevent password sniffing. (default: True)
2100 prevent password sniffing. (default: True)
2093
2101
2094 ``refreshinterval``
2102 ``refreshinterval``
2095 How frequently directory listings re-scan the filesystem for new
2103 How frequently directory listings re-scan the filesystem for new
2096 repositories, in seconds. This is relevant when wildcards are used
2104 repositories, in seconds. This is relevant when wildcards are used
2097 to define paths. Depending on how much filesystem traversal is
2105 to define paths. Depending on how much filesystem traversal is
2098 required, refreshing may negatively impact performance.
2106 required, refreshing may negatively impact performance.
2099
2107
2100 Values less than or equal to 0 always refresh.
2108 Values less than or equal to 0 always refresh.
2101 (default: 20)
2109 (default: 20)
2102
2110
2103 ``staticurl``
2111 ``staticurl``
2104 Base URL to use for static files. If unset, static files (e.g. the
2112 Base URL to use for static files. If unset, static files (e.g. the
2105 hgicon.png favicon) will be served by the CGI script itself. Use
2113 hgicon.png favicon) will be served by the CGI script itself. Use
2106 this setting to serve them directly with the HTTP server.
2114 this setting to serve them directly with the HTTP server.
2107 Example: ``http://hgserver/static/``.
2115 Example: ``http://hgserver/static/``.
2108
2116
2109 ``stripes``
2117 ``stripes``
2110 How many lines a "zebra stripe" should span in multi-line output.
2118 How many lines a "zebra stripe" should span in multi-line output.
2111 Set to 0 to disable. (default: 1)
2119 Set to 0 to disable. (default: 1)
2112
2120
2113 ``style``
2121 ``style``
2114 Which template map style to use. The available options are the names of
2122 Which template map style to use. The available options are the names of
2115 subdirectories in the HTML templates path. (default: ``paper``)
2123 subdirectories in the HTML templates path. (default: ``paper``)
2116 Example: ``monoblue``.
2124 Example: ``monoblue``.
2117
2125
2118 ``templates``
2126 ``templates``
2119 Where to find the HTML templates. The default path to the HTML templates
2127 Where to find the HTML templates. The default path to the HTML templates
2120 can be obtained from ``hg debuginstall``.
2128 can be obtained from ``hg debuginstall``.
2121
2129
2122 ``websub``
2130 ``websub``
2123 ----------
2131 ----------
2124
2132
2125 Web substitution filter definition. You can use this section to
2133 Web substitution filter definition. You can use this section to
2126 define a set of regular expression substitution patterns which
2134 define a set of regular expression substitution patterns which
2127 let you automatically modify the hgweb server output.
2135 let you automatically modify the hgweb server output.
2128
2136
2129 The default hgweb templates only apply these substitution patterns
2137 The default hgweb templates only apply these substitution patterns
2130 on the revision description fields. You can apply them anywhere
2138 on the revision description fields. You can apply them anywhere
2131 you want when you create your own templates by adding calls to the
2139 you want when you create your own templates by adding calls to the
2132 "websub" filter (usually after calling the "escape" filter).
2140 "websub" filter (usually after calling the "escape" filter).
2133
2141
2134 This can be used, for example, to convert issue references to links
2142 This can be used, for example, to convert issue references to links
2135 to your issue tracker, or to convert "markdown-like" syntax into
2143 to your issue tracker, or to convert "markdown-like" syntax into
2136 HTML (see the examples below).
2144 HTML (see the examples below).
2137
2145
2138 Each entry in this section names a substitution filter.
2146 Each entry in this section names a substitution filter.
2139 The value of each entry defines the substitution expression itself.
2147 The value of each entry defines the substitution expression itself.
2140 The websub expressions follow the old interhg extension syntax,
2148 The websub expressions follow the old interhg extension syntax,
2141 which in turn imitates the Unix sed replacement syntax::
2149 which in turn imitates the Unix sed replacement syntax::
2142
2150
2143 patternname = s/SEARCH_REGEX/REPLACE_EXPRESSION/[i]
2151 patternname = s/SEARCH_REGEX/REPLACE_EXPRESSION/[i]
2144
2152
2145 You can use any separator other than "/". The final "i" is optional
2153 You can use any separator other than "/". The final "i" is optional
2146 and indicates that the search must be case insensitive.
2154 and indicates that the search must be case insensitive.
2147
2155
2148 Examples::
2156 Examples::
2149
2157
2150 [websub]
2158 [websub]
2151 issues = s|issue(\d+)|<a href="http://bts.example.org/issue\1">issue\1</a>|i
2159 issues = s|issue(\d+)|<a href="http://bts.example.org/issue\1">issue\1</a>|i
2152 italic = s/\b_(\S+)_\b/<i>\1<\/i>/
2160 italic = s/\b_(\S+)_\b/<i>\1<\/i>/
2153 bold = s/\*\b(\S+)\b\*/<b>\1<\/b>/
2161 bold = s/\*\b(\S+)\b\*/<b>\1<\/b>/
2154
2162
2155 ``worker``
2163 ``worker``
2156 ----------
2164 ----------
2157
2165
2158 Parallel master/worker configuration. We currently perform working
2166 Parallel master/worker configuration. We currently perform working
2159 directory updates in parallel on Unix-like systems, which greatly
2167 directory updates in parallel on Unix-like systems, which greatly
2160 helps performance.
2168 helps performance.
2161
2169
2162 ``numcpus``
2170 ``numcpus``
2163 Number of CPUs to use for parallel operations. A zero or
2171 Number of CPUs to use for parallel operations. A zero or
2164 negative value is treated as ``use the default``.
2172 negative value is treated as ``use the default``.
2165 (default: 4 or the number of CPUs on the system, whichever is larger)
2173 (default: 4 or the number of CPUs on the system, whichever is larger)
2166
2174
2167 ``backgroundclose``
2175 ``backgroundclose``
2168 Whether to enable closing file handles on background threads during certain
2176 Whether to enable closing file handles on background threads during certain
2169 operations. Some platforms aren't very efficient at closing file
2177 operations. Some platforms aren't very efficient at closing file
2170 handles that have been written or appended to. By performing file closing
2178 handles that have been written or appended to. By performing file closing
2171 on background threads, file write rate can increase substantially.
2179 on background threads, file write rate can increase substantially.
2172 (default: true on Windows, false elsewhere)
2180 (default: true on Windows, false elsewhere)
2173
2181
2174 ``backgroundcloseminfilecount``
2182 ``backgroundcloseminfilecount``
2175 Minimum number of files required to trigger background file closing.
2183 Minimum number of files required to trigger background file closing.
2176 Operations not writing this many files won't start background close
2184 Operations not writing this many files won't start background close
2177 threads.
2185 threads.
2178 (default: 2048)
2186 (default: 2048)
2179
2187
2180 ``backgroundclosemaxqueue``
2188 ``backgroundclosemaxqueue``
2181 The maximum number of opened file handles waiting to be closed in the
2189 The maximum number of opened file handles waiting to be closed in the
2182 background. This option only has an effect if ``backgroundclose`` is
2190 background. This option only has an effect if ``backgroundclose`` is
2183 enabled.
2191 enabled.
2184 (default: 384)
2192 (default: 384)
2185
2193
2186 ``backgroundclosethreadcount``
2194 ``backgroundclosethreadcount``
2187 Number of threads to process background file closes. Only relevant if
2195 Number of threads to process background file closes. Only relevant if
2188 ``backgroundclose`` is enabled.
2196 ``backgroundclose`` is enabled.
2189 (default: 4)
2197 (default: 4)
Show file before | Show file after | Hide comments
@@ -1,733 +1,741 b''
1 # sslutil.py - SSL handling for mercurial
1 # sslutil.py - SSL handling for mercurial
2 #
2 #
3 # Copyright 2005, 2006, 2007, 2008 Matt Mackall <mpm@selenic.com>
3 # Copyright 2005, 2006, 2007, 2008 Matt Mackall <mpm@selenic.com>
4 # Copyright 2006, 2007 Alexis S. L. Carvalho <alexis@cecm.usp.br>
4 # Copyright 2006, 2007 Alexis S. L. Carvalho <alexis@cecm.usp.br>
5 # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
5 # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
6 #
6 #
7 # This software may be used and distributed according to the terms of the
7 # This software may be used and distributed according to the terms of the
8 # GNU General Public License version 2 or any later version.
8 # GNU General Public License version 2 or any later version.
9
9
10 from __future__ import absolute_import
10 from __future__ import absolute_import
11
11
12 import hashlib
12 import hashlib
13 import os
13 import os
14 import re
14 import re
15 import ssl
15 import ssl
16 import sys
16 import sys
17
17
18 from .i18n import _
18 from .i18n import _
19 from . import (
19 from . import (
20 error,
20 error,
21 util,
21 util,
22 )
22 )
23
23
24 # Python 2.7.9+ overhauled the built-in SSL/TLS features of Python. It added
24 # Python 2.7.9+ overhauled the built-in SSL/TLS features of Python. It added
25 # support for TLS 1.1, TLS 1.2, SNI, system CA stores, etc. These features are
25 # support for TLS 1.1, TLS 1.2, SNI, system CA stores, etc. These features are
26 # all exposed via the "ssl" module.
26 # all exposed via the "ssl" module.
27 #
27 #
28 # Depending on the version of Python being used, SSL/TLS support is either
28 # Depending on the version of Python being used, SSL/TLS support is either
29 # modern/secure or legacy/insecure. Many operations in this module have
29 # modern/secure or legacy/insecure. Many operations in this module have
30 # separate code paths depending on support in Python.
30 # separate code paths depending on support in Python.
31
31
32 configprotocols = set([
32 configprotocols = set([
33 'tls1.0',
33 'tls1.0',
34 'tls1.1',
34 'tls1.1',
35 'tls1.2',
35 'tls1.2',
36 ])
36 ])
37
37
38 hassni = getattr(ssl, 'HAS_SNI', False)
38 hassni = getattr(ssl, 'HAS_SNI', False)
39
39
40 try:
40 try:
41 # ssl.SSLContext was added in 2.7.9 and presence indicates modern
41 # ssl.SSLContext was added in 2.7.9 and presence indicates modern
42 # SSL/TLS features are available.
42 # SSL/TLS features are available.
43 SSLContext = ssl.SSLContext
43 SSLContext = ssl.SSLContext
44 modernssl = True
44 modernssl = True
45 _canloaddefaultcerts = util.safehasattr(SSLContext, 'load_default_certs')
45 _canloaddefaultcerts = util.safehasattr(SSLContext, 'load_default_certs')
46 except AttributeError:
46 except AttributeError:
47 modernssl = False
47 modernssl = False
48 _canloaddefaultcerts = False
48 _canloaddefaultcerts = False
49
49
50 # We implement SSLContext using the interface from the standard library.
50 # We implement SSLContext using the interface from the standard library.
51 class SSLContext(object):
51 class SSLContext(object):
52 # ssl.wrap_socket gained the "ciphers" named argument in 2.7.
52 # ssl.wrap_socket gained the "ciphers" named argument in 2.7.
53 _supportsciphers = sys.version_info >= (2, 7)
53 _supportsciphers = sys.version_info >= (2, 7)
54
54
55 def __init__(self, protocol):
55 def __init__(self, protocol):
56 # From the public interface of SSLContext
56 # From the public interface of SSLContext
57 self.protocol = protocol
57 self.protocol = protocol
58 self.check_hostname = False
58 self.check_hostname = False
59 self.options = 0
59 self.options = 0
60 self.verify_mode = ssl.CERT_NONE
60 self.verify_mode = ssl.CERT_NONE
61
61
62 # Used by our implementation.
62 # Used by our implementation.
63 self._certfile = None
63 self._certfile = None
64 self._keyfile = None
64 self._keyfile = None
65 self._certpassword = None
65 self._certpassword = None
66 self._cacerts = None
66 self._cacerts = None
67 self._ciphers = None
67 self._ciphers = None
68
68
69 def load_cert_chain(self, certfile, keyfile=None, password=None):
69 def load_cert_chain(self, certfile, keyfile=None, password=None):
70 self._certfile = certfile
70 self._certfile = certfile
71 self._keyfile = keyfile
71 self._keyfile = keyfile
72 self._certpassword = password
72 self._certpassword = password
73
73
74 def load_default_certs(self, purpose=None):
74 def load_default_certs(self, purpose=None):
75 pass
75 pass
76
76
77 def load_verify_locations(self, cafile=None, capath=None, cadata=None):
77 def load_verify_locations(self, cafile=None, capath=None, cadata=None):
78 if capath:
78 if capath:
79 raise error.Abort(_('capath not supported'))
79 raise error.Abort(_('capath not supported'))
80 if cadata:
80 if cadata:
81 raise error.Abort(_('cadata not supported'))
81 raise error.Abort(_('cadata not supported'))
82
82
83 self._cacerts = cafile
83 self._cacerts = cafile
84
84
85 def set_ciphers(self, ciphers):
85 def set_ciphers(self, ciphers):
86 if not self._supportsciphers:
86 if not self._supportsciphers:
87 raise error.Abort(_('setting ciphers not supported'))
87 raise error.Abort(_('setting ciphers not supported'))
88
88
89 self._ciphers = ciphers
89 self._ciphers = ciphers
90
90
91 def wrap_socket(self, socket, server_hostname=None, server_side=False):
91 def wrap_socket(self, socket, server_hostname=None, server_side=False):
92 # server_hostname is unique to SSLContext.wrap_socket and is used
92 # server_hostname is unique to SSLContext.wrap_socket and is used
93 # for SNI in that context. So there's nothing for us to do with it
93 # for SNI in that context. So there's nothing for us to do with it
94 # in this legacy code since we don't support SNI.
94 # in this legacy code since we don't support SNI.
95
95
96 args = {
96 args = {
97 'keyfile': self._keyfile,
97 'keyfile': self._keyfile,
98 'certfile': self._certfile,
98 'certfile': self._certfile,
99 'server_side': server_side,
99 'server_side': server_side,
100 'cert_reqs': self.verify_mode,
100 'cert_reqs': self.verify_mode,
101 'ssl_version': self.protocol,
101 'ssl_version': self.protocol,
102 'ca_certs': self._cacerts,
102 'ca_certs': self._cacerts,
103 }
103 }
104
104
105 if self._supportsciphers:
105 if self._supportsciphers:
106 args['ciphers'] = self._ciphers
106 args['ciphers'] = self._ciphers
107
107
108 return ssl.wrap_socket(socket, **args)
108 return ssl.wrap_socket(socket, **args)
109
109
110 def _hostsettings(ui, hostname):
110 def _hostsettings(ui, hostname):
111 """Obtain security settings for a hostname.
111 """Obtain security settings for a hostname.
112
112
113 Returns a dict of settings relevant to that hostname.
113 Returns a dict of settings relevant to that hostname.
114 """
114 """
115 s = {
115 s = {
116 # Whether we should attempt to load default/available CA certs
116 # Whether we should attempt to load default/available CA certs
117 # if an explicit ``cafile`` is not defined.
117 # if an explicit ``cafile`` is not defined.
118 'allowloaddefaultcerts': True,
118 'allowloaddefaultcerts': True,
119 # List of 2-tuple of (hash algorithm, hash).
119 # List of 2-tuple of (hash algorithm, hash).
120 'certfingerprints': [],
120 'certfingerprints': [],
121 # Path to file containing concatenated CA certs. Used by
121 # Path to file containing concatenated CA certs. Used by
122 # SSLContext.load_verify_locations().
122 # SSLContext.load_verify_locations().
123 'cafile': None,
123 'cafile': None,
124 # Whether certificate verification should be disabled.
124 # Whether certificate verification should be disabled.
125 'disablecertverification': False,
125 'disablecertverification': False,
126 # Whether the legacy [hostfingerprints] section has data for this host.
126 # Whether the legacy [hostfingerprints] section has data for this host.
127 'legacyfingerprint': False,
127 'legacyfingerprint': False,
128 # PROTOCOL_* constant to use for SSLContext.__init__.
128 # PROTOCOL_* constant to use for SSLContext.__init__.
129 'protocol': None,
129 'protocol': None,
130 # ssl.CERT_* constant used by SSLContext.verify_mode.
130 # ssl.CERT_* constant used by SSLContext.verify_mode.
131 'verifymode': None,
131 'verifymode': None,
132 # Defines extra ssl.OP* bitwise options to set.
132 # Defines extra ssl.OP* bitwise options to set.
133 'ctxoptions': None,
133 'ctxoptions': None,
134 }
134 }
135
135
136 # Despite its name, PROTOCOL_SSLv23 selects the highest protocol
136 # Despite its name, PROTOCOL_SSLv23 selects the highest protocol
137 # that both ends support, including TLS protocols. On legacy stacks,
137 # that both ends support, including TLS protocols. On legacy stacks,
138 # the highest it likely goes is TLS 1.0. On modern stacks, it can
138 # the highest it likely goes is TLS 1.0. On modern stacks, it can
139 # support TLS 1.2.
139 # support TLS 1.2.
140 #
140 #
141 # The PROTOCOL_TLSv* constants select a specific TLS version
141 # The PROTOCOL_TLSv* constants select a specific TLS version
142 # only (as opposed to multiple versions). So the method for
142 # only (as opposed to multiple versions). So the method for
143 # supporting multiple TLS versions is to use PROTOCOL_SSLv23 and
143 # supporting multiple TLS versions is to use PROTOCOL_SSLv23 and
144 # disable protocols via SSLContext.options and OP_NO_* constants.
144 # disable protocols via SSLContext.options and OP_NO_* constants.
145 # However, SSLContext.options doesn't work unless we have the
145 # However, SSLContext.options doesn't work unless we have the
146 # full/real SSLContext available to us.
146 # full/real SSLContext available to us.
147
147
148 # Allow minimum TLS protocol to be specified in the config.
148 # Allow minimum TLS protocol to be specified in the config.
149 def validateprotocol(protocol, key):
149 def validateprotocol(protocol, key):
150 if protocol not in configprotocols:
150 if protocol not in configprotocols:
151 raise error.Abort(
151 raise error.Abort(
152 _('unsupported protocol from hostsecurity.%s: %s') %
152 _('unsupported protocol from hostsecurity.%s: %s') %
153 (key, protocol),
153 (key, protocol),
154 hint=_('valid protocols: %s') %
154 hint=_('valid protocols: %s') %
155 ' '.join(sorted(configprotocols)))
155 ' '.join(sorted(configprotocols)))
156
156
157 # Legacy Python can only do TLS 1.0. We default to TLS 1.1+ where we
158 # can because TLS 1.0 has known vulnerabilities (like BEAST and POODLE).
159 # We allow users to downgrade to TLS 1.0+ via config options in case a
160 # legacy server is encountered.
161 if modernssl:
162 defaultprotocol = 'tls1.1'
163 else:
164 defaultprotocol = 'tls1.0'
165
157 key = 'minimumprotocol'
166 key = 'minimumprotocol'
158 # Default to TLS 1.0+ as that is what browsers are currently doing.
167 protocol = ui.config('hostsecurity', key, defaultprotocol)
159 protocol = ui.config('hostsecurity', key, 'tls1.0')
160 validateprotocol(protocol, key)
168 validateprotocol(protocol, key)
161
169
162 key = '%s:minimumprotocol' % hostname
170 key = '%s:minimumprotocol' % hostname
163 protocol = ui.config('hostsecurity', key, protocol)
171 protocol = ui.config('hostsecurity', key, protocol)
164 validateprotocol(protocol, key)
172 validateprotocol(protocol, key)
165
173
166 s['protocol'], s['ctxoptions'] = protocolsettings(protocol)
174 s['protocol'], s['ctxoptions'] = protocolsettings(protocol)
167
175
168 # Look for fingerprints in [hostsecurity] section. Value is a list
176 # Look for fingerprints in [hostsecurity] section. Value is a list
169 # of <alg>:<fingerprint> strings.
177 # of <alg>:<fingerprint> strings.
170 fingerprints = ui.configlist('hostsecurity', '%s:fingerprints' % hostname,
178 fingerprints = ui.configlist('hostsecurity', '%s:fingerprints' % hostname,
171 [])
179 [])
172 for fingerprint in fingerprints:
180 for fingerprint in fingerprints:
173 if not (fingerprint.startswith(('sha1:', 'sha256:', 'sha512:'))):
181 if not (fingerprint.startswith(('sha1:', 'sha256:', 'sha512:'))):
174 raise error.Abort(_('invalid fingerprint for %s: %s') % (
182 raise error.Abort(_('invalid fingerprint for %s: %s') % (
175 hostname, fingerprint),
183 hostname, fingerprint),
176 hint=_('must begin with "sha1:", "sha256:", '
184 hint=_('must begin with "sha1:", "sha256:", '
177 'or "sha512:"'))
185 'or "sha512:"'))
178
186
179 alg, fingerprint = fingerprint.split(':', 1)
187 alg, fingerprint = fingerprint.split(':', 1)
180 fingerprint = fingerprint.replace(':', '').lower()
188 fingerprint = fingerprint.replace(':', '').lower()
181 s['certfingerprints'].append((alg, fingerprint))
189 s['certfingerprints'].append((alg, fingerprint))
182
190
183 # Fingerprints from [hostfingerprints] are always SHA-1.
191 # Fingerprints from [hostfingerprints] are always SHA-1.
184 for fingerprint in ui.configlist('hostfingerprints', hostname, []):
192 for fingerprint in ui.configlist('hostfingerprints', hostname, []):
185 fingerprint = fingerprint.replace(':', '').lower()
193 fingerprint = fingerprint.replace(':', '').lower()
186 s['certfingerprints'].append(('sha1', fingerprint))
194 s['certfingerprints'].append(('sha1', fingerprint))
187 s['legacyfingerprint'] = True
195 s['legacyfingerprint'] = True
188
196
189 # If a host cert fingerprint is defined, it is the only thing that
197 # If a host cert fingerprint is defined, it is the only thing that
190 # matters. No need to validate CA certs.
198 # matters. No need to validate CA certs.
191 if s['certfingerprints']:
199 if s['certfingerprints']:
192 s['verifymode'] = ssl.CERT_NONE
200 s['verifymode'] = ssl.CERT_NONE
193 s['allowloaddefaultcerts'] = False
201 s['allowloaddefaultcerts'] = False
194
202
195 # If --insecure is used, don't take CAs into consideration.
203 # If --insecure is used, don't take CAs into consideration.
196 elif ui.insecureconnections:
204 elif ui.insecureconnections:
197 s['disablecertverification'] = True
205 s['disablecertverification'] = True
198 s['verifymode'] = ssl.CERT_NONE
206 s['verifymode'] = ssl.CERT_NONE
199 s['allowloaddefaultcerts'] = False
207 s['allowloaddefaultcerts'] = False
200
208
201 if ui.configbool('devel', 'disableloaddefaultcerts'):
209 if ui.configbool('devel', 'disableloaddefaultcerts'):
202 s['allowloaddefaultcerts'] = False
210 s['allowloaddefaultcerts'] = False
203
211
204 # If both fingerprints and a per-host ca file are specified, issue a warning
212 # If both fingerprints and a per-host ca file are specified, issue a warning
205 # because users should not be surprised about what security is or isn't
213 # because users should not be surprised about what security is or isn't
206 # being performed.
214 # being performed.
207 cafile = ui.config('hostsecurity', '%s:verifycertsfile' % hostname)
215 cafile = ui.config('hostsecurity', '%s:verifycertsfile' % hostname)
208 if s['certfingerprints'] and cafile:
216 if s['certfingerprints'] and cafile:
209 ui.warn(_('(hostsecurity.%s:verifycertsfile ignored when host '
217 ui.warn(_('(hostsecurity.%s:verifycertsfile ignored when host '
210 'fingerprints defined; using host fingerprints for '
218 'fingerprints defined; using host fingerprints for '
211 'verification)\n') % hostname)
219 'verification)\n') % hostname)
212
220
213 # Try to hook up CA certificate validation unless something above
221 # Try to hook up CA certificate validation unless something above
214 # makes it not necessary.
222 # makes it not necessary.
215 if s['verifymode'] is None:
223 if s['verifymode'] is None:
216 # Look at per-host ca file first.
224 # Look at per-host ca file first.
217 if cafile:
225 if cafile:
218 cafile = util.expandpath(cafile)
226 cafile = util.expandpath(cafile)
219 if not os.path.exists(cafile):
227 if not os.path.exists(cafile):
220 raise error.Abort(_('path specified by %s does not exist: %s') %
228 raise error.Abort(_('path specified by %s does not exist: %s') %
221 ('hostsecurity.%s:verifycertsfile' % hostname,
229 ('hostsecurity.%s:verifycertsfile' % hostname,
222 cafile))
230 cafile))
223 s['cafile'] = cafile
231 s['cafile'] = cafile
224 else:
232 else:
225 # Find global certificates file in config.
233 # Find global certificates file in config.
226 cafile = ui.config('web', 'cacerts')
234 cafile = ui.config('web', 'cacerts')
227
235
228 if cafile:
236 if cafile:
229 cafile = util.expandpath(cafile)
237 cafile = util.expandpath(cafile)
230 if not os.path.exists(cafile):
238 if not os.path.exists(cafile):
231 raise error.Abort(_('could not find web.cacerts: %s') %
239 raise error.Abort(_('could not find web.cacerts: %s') %
232 cafile)
240 cafile)
233 elif s['allowloaddefaultcerts']:
241 elif s['allowloaddefaultcerts']:
234 # CAs not defined in config. Try to find system bundles.
242 # CAs not defined in config. Try to find system bundles.
235 cafile = _defaultcacerts(ui)
243 cafile = _defaultcacerts(ui)
236 if cafile:
244 if cafile:
237 ui.debug('using %s for CA file\n' % cafile)
245 ui.debug('using %s for CA file\n' % cafile)
238
246
239 s['cafile'] = cafile
247 s['cafile'] = cafile
240
248
241 # Require certificate validation if CA certs are being loaded and
249 # Require certificate validation if CA certs are being loaded and
242 # verification hasn't been disabled above.
250 # verification hasn't been disabled above.
243 if cafile or (_canloaddefaultcerts and s['allowloaddefaultcerts']):
251 if cafile or (_canloaddefaultcerts and s['allowloaddefaultcerts']):
244 s['verifymode'] = ssl.CERT_REQUIRED
252 s['verifymode'] = ssl.CERT_REQUIRED
245 else:
253 else:
246 # At this point we don't have a fingerprint, aren't being
254 # At this point we don't have a fingerprint, aren't being
247 # explicitly insecure, and can't load CA certs. Connecting
255 # explicitly insecure, and can't load CA certs. Connecting
248 # is insecure. We allow the connection and abort during
256 # is insecure. We allow the connection and abort during
249 # validation (once we have the fingerprint to print to the
257 # validation (once we have the fingerprint to print to the
250 # user).
258 # user).
251 s['verifymode'] = ssl.CERT_NONE
259 s['verifymode'] = ssl.CERT_NONE
252
260
253 assert s['protocol'] is not None
261 assert s['protocol'] is not None
254 assert s['ctxoptions'] is not None
262 assert s['ctxoptions'] is not None
255 assert s['verifymode'] is not None
263 assert s['verifymode'] is not None
256
264
257 return s
265 return s
258
266
259 def protocolsettings(protocol):
267 def protocolsettings(protocol):
260 """Resolve the protocol and context options for a config value."""
268 """Resolve the protocol and context options for a config value."""
261 if protocol not in configprotocols:
269 if protocol not in configprotocols:
262 raise ValueError('protocol value not supported: %s' % protocol)
270 raise ValueError('protocol value not supported: %s' % protocol)
263
271
264 # Legacy ssl module only supports up to TLS 1.0. Ideally we'd use
272 # Legacy ssl module only supports up to TLS 1.0. Ideally we'd use
265 # PROTOCOL_SSLv23 and options to disable SSLv2 and SSLv3. However,
273 # PROTOCOL_SSLv23 and options to disable SSLv2 and SSLv3. However,
266 # SSLContext.options doesn't work in our implementation since we use
274 # SSLContext.options doesn't work in our implementation since we use
267 # a fake SSLContext on these Python versions.
275 # a fake SSLContext on these Python versions.
268 if not modernssl:
276 if not modernssl:
269 if protocol != 'tls1.0':
277 if protocol != 'tls1.0':
270 raise error.Abort(_('current Python does not support protocol '
278 raise error.Abort(_('current Python does not support protocol '
271 'setting %s') % protocol,
279 'setting %s') % protocol,
272 hint=_('upgrade Python or disable setting since '
280 hint=_('upgrade Python or disable setting since '
273 'only TLS 1.0 is supported'))
281 'only TLS 1.0 is supported'))
274
282
275 return ssl.PROTOCOL_TLSv1, 0
283 return ssl.PROTOCOL_TLSv1, 0
276
284
277 # WARNING: returned options don't work unless the modern ssl module
285 # WARNING: returned options don't work unless the modern ssl module
278 # is available. Be careful when adding options here.
286 # is available. Be careful when adding options here.
279
287
280 # SSLv2 and SSLv3 are broken. We ban them outright.
288 # SSLv2 and SSLv3 are broken. We ban them outright.
281 options = ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3
289 options = ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3
282
290
283 if protocol == 'tls1.0':
291 if protocol == 'tls1.0':
284 # Defaults above are to use TLS 1.0+
292 # Defaults above are to use TLS 1.0+
285 pass
293 pass
286 elif protocol == 'tls1.1':
294 elif protocol == 'tls1.1':
287 options |= ssl.OP_NO_TLSv1
295 options |= ssl.OP_NO_TLSv1
288 elif protocol == 'tls1.2':
296 elif protocol == 'tls1.2':
289 options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1
297 options |= ssl.OP_NO_TLSv1 | ssl.OP_NO_TLSv1_1
290 else:
298 else:
291 raise error.Abort(_('this should not happen'))
299 raise error.Abort(_('this should not happen'))
292
300
293 # Prevent CRIME.
301 # Prevent CRIME.
294 # There is no guarantee this attribute is defined on the module.
302 # There is no guarantee this attribute is defined on the module.
295 options |= getattr(ssl, 'OP_NO_COMPRESSION', 0)
303 options |= getattr(ssl, 'OP_NO_COMPRESSION', 0)
296
304
297 return ssl.PROTOCOL_SSLv23, options
305 return ssl.PROTOCOL_SSLv23, options
298
306
299 def wrapsocket(sock, keyfile, certfile, ui, serverhostname=None):
307 def wrapsocket(sock, keyfile, certfile, ui, serverhostname=None):
300 """Add SSL/TLS to a socket.
308 """Add SSL/TLS to a socket.
301
309
302 This is a glorified wrapper for ``ssl.wrap_socket()``. It makes sane
310 This is a glorified wrapper for ``ssl.wrap_socket()``. It makes sane
303 choices based on what security options are available.
311 choices based on what security options are available.
304
312
305 In addition to the arguments supported by ``ssl.wrap_socket``, we allow
313 In addition to the arguments supported by ``ssl.wrap_socket``, we allow
306 the following additional arguments:
314 the following additional arguments:
307
315
308 * serverhostname - The expected hostname of the remote server. If the
316 * serverhostname - The expected hostname of the remote server. If the
309 server (and client) support SNI, this tells the server which certificate
317 server (and client) support SNI, this tells the server which certificate
310 to use.
318 to use.
311 """
319 """
312 if not serverhostname:
320 if not serverhostname:
313 raise error.Abort(_('serverhostname argument is required'))
321 raise error.Abort(_('serverhostname argument is required'))
314
322
315 settings = _hostsettings(ui, serverhostname)
323 settings = _hostsettings(ui, serverhostname)
316
324
317 # We can't use ssl.create_default_context() because it calls
325 # We can't use ssl.create_default_context() because it calls
318 # load_default_certs() unless CA arguments are passed to it. We want to
326 # load_default_certs() unless CA arguments are passed to it. We want to
319 # have explicit control over CA loading because implicitly loading
327 # have explicit control over CA loading because implicitly loading
320 # CAs may undermine the user's intent. For example, a user may define a CA
328 # CAs may undermine the user's intent. For example, a user may define a CA
321 # bundle with a specific CA cert removed. If the system/default CA bundle
329 # bundle with a specific CA cert removed. If the system/default CA bundle
322 # is loaded and contains that removed CA, you've just undone the user's
330 # is loaded and contains that removed CA, you've just undone the user's
323 # choice.
331 # choice.
324 sslcontext = SSLContext(settings['protocol'])
332 sslcontext = SSLContext(settings['protocol'])
325
333
326 # This is a no-op unless using modern ssl.
334 # This is a no-op unless using modern ssl.
327 sslcontext.options |= settings['ctxoptions']
335 sslcontext.options |= settings['ctxoptions']
328
336
329 # This still works on our fake SSLContext.
337 # This still works on our fake SSLContext.
330 sslcontext.verify_mode = settings['verifymode']
338 sslcontext.verify_mode = settings['verifymode']
331
339
332 if certfile is not None:
340 if certfile is not None:
333 def password():
341 def password():
334 f = keyfile or certfile
342 f = keyfile or certfile
335 return ui.getpass(_('passphrase for %s: ') % f, '')
343 return ui.getpass(_('passphrase for %s: ') % f, '')
336 sslcontext.load_cert_chain(certfile, keyfile, password)
344 sslcontext.load_cert_chain(certfile, keyfile, password)
337
345
338 if settings['cafile'] is not None:
346 if settings['cafile'] is not None:
339 try:
347 try:
340 sslcontext.load_verify_locations(cafile=settings['cafile'])
348 sslcontext.load_verify_locations(cafile=settings['cafile'])
341 except ssl.SSLError as e:
349 except ssl.SSLError as e:
342 raise error.Abort(_('error loading CA file %s: %s') % (
350 raise error.Abort(_('error loading CA file %s: %s') % (
343 settings['cafile'], e.args[1]),
351 settings['cafile'], e.args[1]),
344 hint=_('file is empty or malformed?'))
352 hint=_('file is empty or malformed?'))
345 caloaded = True
353 caloaded = True
346 elif settings['allowloaddefaultcerts']:
354 elif settings['allowloaddefaultcerts']:
347 # This is a no-op on old Python.
355 # This is a no-op on old Python.
348 sslcontext.load_default_certs()
356 sslcontext.load_default_certs()
349 caloaded = True
357 caloaded = True
350 else:
358 else:
351 caloaded = False
359 caloaded = False
352
360
353 try:
361 try:
354 sslsocket = sslcontext.wrap_socket(sock, server_hostname=serverhostname)
362 sslsocket = sslcontext.wrap_socket(sock, server_hostname=serverhostname)
355 except ssl.SSLError as e:
363 except ssl.SSLError as e:
356 # If we're doing certificate verification and no CA certs are loaded,
364 # If we're doing certificate verification and no CA certs are loaded,
357 # that is almost certainly the reason why verification failed. Provide
365 # that is almost certainly the reason why verification failed. Provide
358 # a hint to the user.
366 # a hint to the user.
359 # Only modern ssl module exposes SSLContext.get_ca_certs() so we can
367 # Only modern ssl module exposes SSLContext.get_ca_certs() so we can
360 # only show this warning if modern ssl is available.
368 # only show this warning if modern ssl is available.
361 if (caloaded and settings['verifymode'] == ssl.CERT_REQUIRED and
369 if (caloaded and settings['verifymode'] == ssl.CERT_REQUIRED and
362 modernssl and not sslcontext.get_ca_certs()):
370 modernssl and not sslcontext.get_ca_certs()):
363 ui.warn(_('(an attempt was made to load CA certificates but none '
371 ui.warn(_('(an attempt was made to load CA certificates but none '
364 'were loaded; see '
372 'were loaded; see '
365 'https://mercurial-scm.org/wiki/SecureConnections for '
373 'https://mercurial-scm.org/wiki/SecureConnections for '
366 'how to configure Mercurial to avoid this error)\n'))
374 'how to configure Mercurial to avoid this error)\n'))
367 # Try to print more helpful error messages for known failures.
375 # Try to print more helpful error messages for known failures.
368 if util.safehasattr(e, 'reason'):
376 if util.safehasattr(e, 'reason'):
369 if e.reason == 'UNSUPPORTED_PROTOCOL':
377 if e.reason == 'UNSUPPORTED_PROTOCOL':
370 ui.warn(_('(could not negotiate a common protocol; see '
378 ui.warn(_('(could not negotiate a common protocol; see '
371 'https://mercurial-scm.org/wiki/SecureConnections '
379 'https://mercurial-scm.org/wiki/SecureConnections '
372 'for how to configure Mercurial to avoid this '
380 'for how to configure Mercurial to avoid this '
373 'error)\n'))
381 'error)\n'))
374 raise
382 raise
375
383
376 # check if wrap_socket failed silently because socket had been
384 # check if wrap_socket failed silently because socket had been
377 # closed
385 # closed
378 # - see http://bugs.python.org/issue13721
386 # - see http://bugs.python.org/issue13721
379 if not sslsocket.cipher():
387 if not sslsocket.cipher():
380 raise error.Abort(_('ssl connection failed'))
388 raise error.Abort(_('ssl connection failed'))
381
389
382 sslsocket._hgstate = {
390 sslsocket._hgstate = {
383 'caloaded': caloaded,
391 'caloaded': caloaded,
384 'hostname': serverhostname,
392 'hostname': serverhostname,
385 'settings': settings,
393 'settings': settings,
386 'ui': ui,
394 'ui': ui,
387 }
395 }
388
396
389 return sslsocket
397 return sslsocket
390
398
391 def wrapserversocket(sock, ui, certfile=None, keyfile=None, cafile=None,
399 def wrapserversocket(sock, ui, certfile=None, keyfile=None, cafile=None,
392 requireclientcert=False):
400 requireclientcert=False):
393 """Wrap a socket for use by servers.
401 """Wrap a socket for use by servers.
394
402
395 ``certfile`` and ``keyfile`` specify the files containing the certificate's
403 ``certfile`` and ``keyfile`` specify the files containing the certificate's
396 public and private keys, respectively. Both keys can be defined in the same
404 public and private keys, respectively. Both keys can be defined in the same
397 file via ``certfile`` (the private key must come first in the file).
405 file via ``certfile`` (the private key must come first in the file).
398
406
399 ``cafile`` defines the path to certificate authorities.
407 ``cafile`` defines the path to certificate authorities.
400
408
401 ``requireclientcert`` specifies whether to require client certificates.
409 ``requireclientcert`` specifies whether to require client certificates.
402
410
403 Typically ``cafile`` is only defined if ``requireclientcert`` is true.
411 Typically ``cafile`` is only defined if ``requireclientcert`` is true.
404 """
412 """
405 protocol, options = protocolsettings('tls1.0')
413 protocol, options = protocolsettings('tls1.0')
406
414
407 # This config option is intended for use in tests only. It is a giant
415 # This config option is intended for use in tests only. It is a giant
408 # footgun to kill security. Don't define it.
416 # footgun to kill security. Don't define it.
409 exactprotocol = ui.config('devel', 'serverexactprotocol')
417 exactprotocol = ui.config('devel', 'serverexactprotocol')
410 if exactprotocol == 'tls1.0':
418 if exactprotocol == 'tls1.0':
411 protocol = ssl.PROTOCOL_TLSv1
419 protocol = ssl.PROTOCOL_TLSv1
412 elif exactprotocol == 'tls1.1':
420 elif exactprotocol == 'tls1.1':
413 protocol = ssl.PROTOCOL_TLSv1_1
421 protocol = ssl.PROTOCOL_TLSv1_1
414 elif exactprotocol == 'tls1.2':
422 elif exactprotocol == 'tls1.2':
415 protocol = ssl.PROTOCOL_TLSv1_2
423 protocol = ssl.PROTOCOL_TLSv1_2
416 elif exactprotocol:
424 elif exactprotocol:
417 raise error.Abort(_('invalid value for serverexactprotocol: %s') %
425 raise error.Abort(_('invalid value for serverexactprotocol: %s') %
418 exactprotocol)
426 exactprotocol)
419
427
420 if modernssl:
428 if modernssl:
421 # We /could/ use create_default_context() here since it doesn't load
429 # We /could/ use create_default_context() here since it doesn't load
422 # CAs when configured for client auth. However, it is hard-coded to
430 # CAs when configured for client auth. However, it is hard-coded to
423 # use ssl.PROTOCOL_SSLv23 which may not be appropriate here.
431 # use ssl.PROTOCOL_SSLv23 which may not be appropriate here.
424 sslcontext = SSLContext(protocol)
432 sslcontext = SSLContext(protocol)
425 sslcontext.options |= options
433 sslcontext.options |= options
426
434
427 # Improve forward secrecy.
435 # Improve forward secrecy.
428 sslcontext.options |= getattr(ssl, 'OP_SINGLE_DH_USE', 0)
436 sslcontext.options |= getattr(ssl, 'OP_SINGLE_DH_USE', 0)
429 sslcontext.options |= getattr(ssl, 'OP_SINGLE_ECDH_USE', 0)
437 sslcontext.options |= getattr(ssl, 'OP_SINGLE_ECDH_USE', 0)
430
438
431 # Use the list of more secure ciphers if found in the ssl module.
439 # Use the list of more secure ciphers if found in the ssl module.
432 if util.safehasattr(ssl, '_RESTRICTED_SERVER_CIPHERS'):
440 if util.safehasattr(ssl, '_RESTRICTED_SERVER_CIPHERS'):
433 sslcontext.options |= getattr(ssl, 'OP_CIPHER_SERVER_PREFERENCE', 0)
441 sslcontext.options |= getattr(ssl, 'OP_CIPHER_SERVER_PREFERENCE', 0)
434 sslcontext.set_ciphers(ssl._RESTRICTED_SERVER_CIPHERS)
442 sslcontext.set_ciphers(ssl._RESTRICTED_SERVER_CIPHERS)
435 else:
443 else:
436 sslcontext = SSLContext(ssl.PROTOCOL_TLSv1)
444 sslcontext = SSLContext(ssl.PROTOCOL_TLSv1)
437
445
438 if requireclientcert:
446 if requireclientcert:
439 sslcontext.verify_mode = ssl.CERT_REQUIRED
447 sslcontext.verify_mode = ssl.CERT_REQUIRED
440 else:
448 else:
441 sslcontext.verify_mode = ssl.CERT_NONE
449 sslcontext.verify_mode = ssl.CERT_NONE
442
450
443 if certfile or keyfile:
451 if certfile or keyfile:
444 sslcontext.load_cert_chain(certfile=certfile, keyfile=keyfile)
452 sslcontext.load_cert_chain(certfile=certfile, keyfile=keyfile)
445
453
446 if cafile:
454 if cafile:
447 sslcontext.load_verify_locations(cafile=cafile)
455 sslcontext.load_verify_locations(cafile=cafile)
448
456
449 return sslcontext.wrap_socket(sock, server_side=True)
457 return sslcontext.wrap_socket(sock, server_side=True)
450
458
451 class wildcarderror(Exception):
459 class wildcarderror(Exception):
452 """Represents an error parsing wildcards in DNS name."""
460 """Represents an error parsing wildcards in DNS name."""
453
461
454 def _dnsnamematch(dn, hostname, maxwildcards=1):
462 def _dnsnamematch(dn, hostname, maxwildcards=1):
455 """Match DNS names according RFC 6125 section 6.4.3.
463 """Match DNS names according RFC 6125 section 6.4.3.
456
464
457 This code is effectively copied from CPython's ssl._dnsname_match.
465 This code is effectively copied from CPython's ssl._dnsname_match.
458
466
459 Returns a bool indicating whether the expected hostname matches
467 Returns a bool indicating whether the expected hostname matches
460 the value in ``dn``.
468 the value in ``dn``.
461 """
469 """
462 pats = []
470 pats = []
463 if not dn:
471 if not dn:
464 return False
472 return False
465
473
466 pieces = dn.split(r'.')
474 pieces = dn.split(r'.')
467 leftmost = pieces[0]
475 leftmost = pieces[0]
468 remainder = pieces[1:]
476 remainder = pieces[1:]
469 wildcards = leftmost.count('*')
477 wildcards = leftmost.count('*')
470 if wildcards > maxwildcards:
478 if wildcards > maxwildcards:
471 raise wildcarderror(
479 raise wildcarderror(
472 _('too many wildcards in certificate DNS name: %s') % dn)
480 _('too many wildcards in certificate DNS name: %s') % dn)
473
481
474 # speed up common case w/o wildcards
482 # speed up common case w/o wildcards
475 if not wildcards:
483 if not wildcards:
476 return dn.lower() == hostname.lower()
484 return dn.lower() == hostname.lower()
477
485
478 # RFC 6125, section 6.4.3, subitem 1.
486 # RFC 6125, section 6.4.3, subitem 1.
479 # The client SHOULD NOT attempt to match a presented identifier in which
487 # The client SHOULD NOT attempt to match a presented identifier in which
480 # the wildcard character comprises a label other than the left-most label.
488 # the wildcard character comprises a label other than the left-most label.
481 if leftmost == '*':
489 if leftmost == '*':
482 # When '*' is a fragment by itself, it matches a non-empty dotless
490 # When '*' is a fragment by itself, it matches a non-empty dotless
483 # fragment.
491 # fragment.
484 pats.append('[^.]+')
492 pats.append('[^.]+')
485 elif leftmost.startswith('xn--') or hostname.startswith('xn--'):
493 elif leftmost.startswith('xn--') or hostname.startswith('xn--'):
486 # RFC 6125, section 6.4.3, subitem 3.
494 # RFC 6125, section 6.4.3, subitem 3.
487 # The client SHOULD NOT attempt to match a presented identifier
495 # The client SHOULD NOT attempt to match a presented identifier
488 # where the wildcard character is embedded within an A-label or
496 # where the wildcard character is embedded within an A-label or
489 # U-label of an internationalized domain name.
497 # U-label of an internationalized domain name.
490 pats.append(re.escape(leftmost))
498 pats.append(re.escape(leftmost))
491 else:
499 else:
492 # Otherwise, '*' matches any dotless string, e.g. www*
500 # Otherwise, '*' matches any dotless string, e.g. www*
493 pats.append(re.escape(leftmost).replace(r'\*', '[^.]*'))
501 pats.append(re.escape(leftmost).replace(r'\*', '[^.]*'))
494
502
495 # add the remaining fragments, ignore any wildcards
503 # add the remaining fragments, ignore any wildcards
496 for frag in remainder:
504 for frag in remainder:
497 pats.append(re.escape(frag))
505 pats.append(re.escape(frag))
498
506
499 pat = re.compile(r'\A' + r'\.'.join(pats) + r'\Z', re.IGNORECASE)
507 pat = re.compile(r'\A' + r'\.'.join(pats) + r'\Z', re.IGNORECASE)
500 return pat.match(hostname) is not None
508 return pat.match(hostname) is not None
501
509
502 def _verifycert(cert, hostname):
510 def _verifycert(cert, hostname):
503 '''Verify that cert (in socket.getpeercert() format) matches hostname.
511 '''Verify that cert (in socket.getpeercert() format) matches hostname.
504 CRLs is not handled.
512 CRLs is not handled.
505
513
506 Returns error message if any problems are found and None on success.
514 Returns error message if any problems are found and None on success.
507 '''
515 '''
508 if not cert:
516 if not cert:
509 return _('no certificate received')
517 return _('no certificate received')
510
518
511 dnsnames = []
519 dnsnames = []
512 san = cert.get('subjectAltName', [])
520 san = cert.get('subjectAltName', [])
513 for key, value in san:
521 for key, value in san:
514 if key == 'DNS':
522 if key == 'DNS':
515 try:
523 try:
516 if _dnsnamematch(value, hostname):
524 if _dnsnamematch(value, hostname):
517 return
525 return
518 except wildcarderror as e:
526 except wildcarderror as e:
519 return e.args[0]
527 return e.args[0]
520
528
521 dnsnames.append(value)
529 dnsnames.append(value)
522
530
523 if not dnsnames:
531 if not dnsnames:
524 # The subject is only checked when there is no DNS in subjectAltName.
532 # The subject is only checked when there is no DNS in subjectAltName.
525 for sub in cert.get('subject', []):
533 for sub in cert.get('subject', []):
526 for key, value in sub:
534 for key, value in sub:
527 # According to RFC 2818 the most specific Common Name must
535 # According to RFC 2818 the most specific Common Name must
528 # be used.
536 # be used.
529 if key == 'commonName':
537 if key == 'commonName':
530 # 'subject' entries are unicide.
538 # 'subject' entries are unicide.
531 try:
539 try:
532 value = value.encode('ascii')
540 value = value.encode('ascii')
533 except UnicodeEncodeError:
541 except UnicodeEncodeError:
534 return _('IDN in certificate not supported')
542 return _('IDN in certificate not supported')
535
543
536 try:
544 try:
537 if _dnsnamematch(value, hostname):
545 if _dnsnamematch(value, hostname):
538 return
546 return
539 except wildcarderror as e:
547 except wildcarderror as e:
540 return e.args[0]
548 return e.args[0]
541
549
542 dnsnames.append(value)
550 dnsnames.append(value)
543
551
544 if len(dnsnames) > 1:
552 if len(dnsnames) > 1:
545 return _('certificate is for %s') % ', '.join(dnsnames)
553 return _('certificate is for %s') % ', '.join(dnsnames)
546 elif len(dnsnames) == 1:
554 elif len(dnsnames) == 1:
547 return _('certificate is for %s') % dnsnames[0]
555 return _('certificate is for %s') % dnsnames[0]
548 else:
556 else:
549 return _('no commonName or subjectAltName found in certificate')
557 return _('no commonName or subjectAltName found in certificate')
550
558
551 def _plainapplepython():
559 def _plainapplepython():
552 """return true if this seems to be a pure Apple Python that
560 """return true if this seems to be a pure Apple Python that
553 * is unfrozen and presumably has the whole mercurial module in the file
561 * is unfrozen and presumably has the whole mercurial module in the file
554 system
562 system
555 * presumably is an Apple Python that uses Apple OpenSSL which has patches
563 * presumably is an Apple Python that uses Apple OpenSSL which has patches
556 for using system certificate store CAs in addition to the provided
564 for using system certificate store CAs in addition to the provided
557 cacerts file
565 cacerts file
558 """
566 """
559 if sys.platform != 'darwin' or util.mainfrozen() or not sys.executable:
567 if sys.platform != 'darwin' or util.mainfrozen() or not sys.executable:
560 return False
568 return False
561 exe = os.path.realpath(sys.executable).lower()
569 exe = os.path.realpath(sys.executable).lower()
562 return (exe.startswith('/usr/bin/python') or
570 return (exe.startswith('/usr/bin/python') or
563 exe.startswith('/system/library/frameworks/python.framework/'))
571 exe.startswith('/system/library/frameworks/python.framework/'))
564
572
565 _systemcacertpaths = [
573 _systemcacertpaths = [
566 # RHEL, CentOS, and Fedora
574 # RHEL, CentOS, and Fedora
567 '/etc/pki/tls/certs/ca-bundle.trust.crt',
575 '/etc/pki/tls/certs/ca-bundle.trust.crt',
568 # Debian, Ubuntu, Gentoo
576 # Debian, Ubuntu, Gentoo
569 '/etc/ssl/certs/ca-certificates.crt',
577 '/etc/ssl/certs/ca-certificates.crt',
570 ]
578 ]
571
579
572 def _defaultcacerts(ui):
580 def _defaultcacerts(ui):
573 """return path to default CA certificates or None.
581 """return path to default CA certificates or None.
574
582
575 It is assumed this function is called when the returned certificates
583 It is assumed this function is called when the returned certificates
576 file will actually be used to validate connections. Therefore this
584 file will actually be used to validate connections. Therefore this
577 function may print warnings or debug messages assuming this usage.
585 function may print warnings or debug messages assuming this usage.
578
586
579 We don't print a message when the Python is able to load default
587 We don't print a message when the Python is able to load default
580 CA certs because this scenario is detected at socket connect time.
588 CA certs because this scenario is detected at socket connect time.
581 """
589 """
582 # The "certifi" Python package provides certificates. If it is installed,
590 # The "certifi" Python package provides certificates. If it is installed,
583 # assume the user intends it to be used and use it.
591 # assume the user intends it to be used and use it.
584 try:
592 try:
585 import certifi
593 import certifi
586 certs = certifi.where()
594 certs = certifi.where()
587 ui.debug('using ca certificates from certifi\n')
595 ui.debug('using ca certificates from certifi\n')
588 return certs
596 return certs
589 except ImportError:
597 except ImportError:
590 pass
598 pass
591
599
592 # On Windows, only the modern ssl module is capable of loading the system
600 # On Windows, only the modern ssl module is capable of loading the system
593 # CA certificates. If we're not capable of doing that, emit a warning
601 # CA certificates. If we're not capable of doing that, emit a warning
594 # because we'll get a certificate verification error later and the lack
602 # because we'll get a certificate verification error later and the lack
595 # of loaded CA certificates will be the reason why.
603 # of loaded CA certificates will be the reason why.
596 # Assertion: this code is only called if certificates are being verified.
604 # Assertion: this code is only called if certificates are being verified.
597 if os.name == 'nt':
605 if os.name == 'nt':
598 if not _canloaddefaultcerts:
606 if not _canloaddefaultcerts:
599 ui.warn(_('(unable to load Windows CA certificates; see '
607 ui.warn(_('(unable to load Windows CA certificates; see '
600 'https://mercurial-scm.org/wiki/SecureConnections for '
608 'https://mercurial-scm.org/wiki/SecureConnections for '
601 'how to configure Mercurial to avoid this message)\n'))
609 'how to configure Mercurial to avoid this message)\n'))
602
610
603 return None
611 return None
604
612
605 # Apple's OpenSSL has patches that allow a specially constructed certificate
613 # Apple's OpenSSL has patches that allow a specially constructed certificate
606 # to load the system CA store. If we're running on Apple Python, use this
614 # to load the system CA store. If we're running on Apple Python, use this
607 # trick.
615 # trick.
608 if _plainapplepython():
616 if _plainapplepython():
609 dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem')
617 dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem')
610 if os.path.exists(dummycert):
618 if os.path.exists(dummycert):
611 return dummycert
619 return dummycert
612
620
613 # The Apple OpenSSL trick isn't available to us. If Python isn't able to
621 # The Apple OpenSSL trick isn't available to us. If Python isn't able to
614 # load system certs, we're out of luck.
622 # load system certs, we're out of luck.
615 if sys.platform == 'darwin':
623 if sys.platform == 'darwin':
616 # FUTURE Consider looking for Homebrew or MacPorts installed certs
624 # FUTURE Consider looking for Homebrew or MacPorts installed certs
617 # files. Also consider exporting the keychain certs to a file during
625 # files. Also consider exporting the keychain certs to a file during
618 # Mercurial install.
626 # Mercurial install.
619 if not _canloaddefaultcerts:
627 if not _canloaddefaultcerts:
620 ui.warn(_('(unable to load CA certificates; see '
628 ui.warn(_('(unable to load CA certificates; see '
621 'https://mercurial-scm.org/wiki/SecureConnections for '
629 'https://mercurial-scm.org/wiki/SecureConnections for '
622 'how to configure Mercurial to avoid this message)\n'))
630 'how to configure Mercurial to avoid this message)\n'))
623 return None
631 return None
624
632
625 # / is writable on Windows. Out of an abundance of caution make sure
633 # / is writable on Windows. Out of an abundance of caution make sure
626 # we're not on Windows because paths from _systemcacerts could be installed
634 # we're not on Windows because paths from _systemcacerts could be installed
627 # by non-admin users.
635 # by non-admin users.
628 assert os.name != 'nt'
636 assert os.name != 'nt'
629
637
630 # Try to find CA certificates in well-known locations. We print a warning
638 # Try to find CA certificates in well-known locations. We print a warning
631 # when using a found file because we don't want too much silent magic
639 # when using a found file because we don't want too much silent magic
632 # for security settings. The expectation is that proper Mercurial
640 # for security settings. The expectation is that proper Mercurial
633 # installs will have the CA certs path defined at install time and the
641 # installs will have the CA certs path defined at install time and the
634 # installer/packager will make an appropriate decision on the user's
642 # installer/packager will make an appropriate decision on the user's
635 # behalf. We only get here and perform this setting as a feature of
643 # behalf. We only get here and perform this setting as a feature of
636 # last resort.
644 # last resort.
637 if not _canloaddefaultcerts:
645 if not _canloaddefaultcerts:
638 for path in _systemcacertpaths:
646 for path in _systemcacertpaths:
639 if os.path.isfile(path):
647 if os.path.isfile(path):
640 ui.warn(_('(using CA certificates from %s; if you see this '
648 ui.warn(_('(using CA certificates from %s; if you see this '
641 'message, your Mercurial install is not properly '
649 'message, your Mercurial install is not properly '
642 'configured; see '
650 'configured; see '
643 'https://mercurial-scm.org/wiki/SecureConnections '
651 'https://mercurial-scm.org/wiki/SecureConnections '
644 'for how to configure Mercurial to avoid this '
652 'for how to configure Mercurial to avoid this '
645 'message)\n') % path)
653 'message)\n') % path)
646 return path
654 return path
647
655
648 ui.warn(_('(unable to load CA certificates; see '
656 ui.warn(_('(unable to load CA certificates; see '
649 'https://mercurial-scm.org/wiki/SecureConnections for '
657 'https://mercurial-scm.org/wiki/SecureConnections for '
650 'how to configure Mercurial to avoid this message)\n'))
658 'how to configure Mercurial to avoid this message)\n'))
651
659
652 return None
660 return None
653
661
654 def validatesocket(sock):
662 def validatesocket(sock):
655 """Validate a socket meets security requiremnets.
663 """Validate a socket meets security requiremnets.
656
664
657 The passed socket must have been created with ``wrapsocket()``.
665 The passed socket must have been created with ``wrapsocket()``.
658 """
666 """
659 host = sock._hgstate['hostname']
667 host = sock._hgstate['hostname']
660 ui = sock._hgstate['ui']
668 ui = sock._hgstate['ui']
661 settings = sock._hgstate['settings']
669 settings = sock._hgstate['settings']
662
670
663 try:
671 try:
664 peercert = sock.getpeercert(True)
672 peercert = sock.getpeercert(True)
665 peercert2 = sock.getpeercert()
673 peercert2 = sock.getpeercert()
666 except AttributeError:
674 except AttributeError:
667 raise error.Abort(_('%s ssl connection error') % host)
675 raise error.Abort(_('%s ssl connection error') % host)
668
676
669 if not peercert:
677 if not peercert:
670 raise error.Abort(_('%s certificate error: '
678 raise error.Abort(_('%s certificate error: '
671 'no certificate received') % host)
679 'no certificate received') % host)
672
680
673 if settings['disablecertverification']:
681 if settings['disablecertverification']:
674 # We don't print the certificate fingerprint because it shouldn't
682 # We don't print the certificate fingerprint because it shouldn't
675 # be necessary: if the user requested certificate verification be
683 # be necessary: if the user requested certificate verification be
676 # disabled, they presumably already saw a message about the inability
684 # disabled, they presumably already saw a message about the inability
677 # to verify the certificate and this message would have printed the
685 # to verify the certificate and this message would have printed the
678 # fingerprint. So printing the fingerprint here adds little to no
686 # fingerprint. So printing the fingerprint here adds little to no
679 # value.
687 # value.
680 ui.warn(_('warning: connection security to %s is disabled per current '
688 ui.warn(_('warning: connection security to %s is disabled per current '
681 'settings; communication is susceptible to eavesdropping '
689 'settings; communication is susceptible to eavesdropping '
682 'and tampering\n') % host)
690 'and tampering\n') % host)
683 return
691 return
684
692
685 # If a certificate fingerprint is pinned, use it and only it to
693 # If a certificate fingerprint is pinned, use it and only it to
686 # validate the remote cert.
694 # validate the remote cert.
687 peerfingerprints = {
695 peerfingerprints = {
688 'sha1': hashlib.sha1(peercert).hexdigest(),
696 'sha1': hashlib.sha1(peercert).hexdigest(),
689 'sha256': hashlib.sha256(peercert).hexdigest(),
697 'sha256': hashlib.sha256(peercert).hexdigest(),
690 'sha512': hashlib.sha512(peercert).hexdigest(),
698 'sha512': hashlib.sha512(peercert).hexdigest(),
691 }
699 }
692
700
693 def fmtfingerprint(s):
701 def fmtfingerprint(s):
694 return ':'.join([s[x:x + 2] for x in range(0, len(s), 2)])
702 return ':'.join([s[x:x + 2] for x in range(0, len(s), 2)])
695
703
696 nicefingerprint = 'sha256:%s' % fmtfingerprint(peerfingerprints['sha256'])
704 nicefingerprint = 'sha256:%s' % fmtfingerprint(peerfingerprints['sha256'])
697
705
698 if settings['certfingerprints']:
706 if settings['certfingerprints']:
699 for hash, fingerprint in settings['certfingerprints']:
707 for hash, fingerprint in settings['certfingerprints']:
700 if peerfingerprints[hash].lower() == fingerprint:
708 if peerfingerprints[hash].lower() == fingerprint:
701 ui.debug('%s certificate matched fingerprint %s:%s\n' %
709 ui.debug('%s certificate matched fingerprint %s:%s\n' %
702 (host, hash, fmtfingerprint(fingerprint)))
710 (host, hash, fmtfingerprint(fingerprint)))
703 return
711 return
704
712
705 # Pinned fingerprint didn't match. This is a fatal error.
713 # Pinned fingerprint didn't match. This is a fatal error.
706 if settings['legacyfingerprint']:
714 if settings['legacyfingerprint']:
707 section = 'hostfingerprint'
715 section = 'hostfingerprint'
708 nice = fmtfingerprint(peerfingerprints['sha1'])
716 nice = fmtfingerprint(peerfingerprints['sha1'])
709 else:
717 else:
710 section = 'hostsecurity'
718 section = 'hostsecurity'
711 nice = '%s:%s' % (hash, fmtfingerprint(peerfingerprints[hash]))
719 nice = '%s:%s' % (hash, fmtfingerprint(peerfingerprints[hash]))
712 raise error.Abort(_('certificate for %s has unexpected '
720 raise error.Abort(_('certificate for %s has unexpected '
713 'fingerprint %s') % (host, nice),
721 'fingerprint %s') % (host, nice),
714 hint=_('check %s configuration') % section)
722 hint=_('check %s configuration') % section)
715
723
716 # Security is enabled but no CAs are loaded. We can't establish trust
724 # Security is enabled but no CAs are loaded. We can't establish trust
717 # for the cert so abort.
725 # for the cert so abort.
718 if not sock._hgstate['caloaded']:
726 if not sock._hgstate['caloaded']:
719 raise error.Abort(
727 raise error.Abort(
720 _('unable to verify security of %s (no loaded CA certificates); '
728 _('unable to verify security of %s (no loaded CA certificates); '
721 'refusing to connect') % host,
729 'refusing to connect') % host,
722 hint=_('see https://mercurial-scm.org/wiki/SecureConnections for '
730 hint=_('see https://mercurial-scm.org/wiki/SecureConnections for '
723 'how to configure Mercurial to avoid this error or set '
731 'how to configure Mercurial to avoid this error or set '
724 'hostsecurity.%s:fingerprints=%s to trust this server') %
732 'hostsecurity.%s:fingerprints=%s to trust this server') %
725 (host, nicefingerprint))
733 (host, nicefingerprint))
726
734
727 msg = _verifycert(peercert2, host)
735 msg = _verifycert(peercert2, host)
728 if msg:
736 if msg:
729 raise error.Abort(_('%s certificate error: %s') % (host, msg),
737 raise error.Abort(_('%s certificate error: %s') % (host, msg),
730 hint=_('set hostsecurity.%s:certfingerprints=%s '
738 hint=_('set hostsecurity.%s:certfingerprints=%s '
731 'config setting or use --insecure to connect '
739 'config setting or use --insecure to connect '
732 'insecurely') %
740 'insecurely') %
733 (host, nicefingerprint))
741 (host, nicefingerprint))
Show file before | Show file after | Hide comments
@@ -1,503 +1,508 b''
1 #require serve ssl
1 #require serve ssl
2
2
3 Proper https client requires the built-in ssl from Python 2.6.
3 Proper https client requires the built-in ssl from Python 2.6.
4
4
5 Make server certificates:
5 Make server certificates:
6
6
7 $ CERTSDIR="$TESTDIR/sslcerts"
7 $ CERTSDIR="$TESTDIR/sslcerts"
8 $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem
8 $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem
9 $ PRIV=`pwd`/server.pem
9 $ PRIV=`pwd`/server.pem
10 $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub-not-yet.pem" > server-not-yet.pem
10 $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub-not-yet.pem" > server-not-yet.pem
11 $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub-expired.pem" > server-expired.pem
11 $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub-expired.pem" > server-expired.pem
12
12
13 $ hg init test
13 $ hg init test
14 $ cd test
14 $ cd test
15 $ echo foo>foo
15 $ echo foo>foo
16 $ mkdir foo.d foo.d/bAr.hg.d foo.d/baR.d.hg
16 $ mkdir foo.d foo.d/bAr.hg.d foo.d/baR.d.hg
17 $ echo foo>foo.d/foo
17 $ echo foo>foo.d/foo
18 $ echo bar>foo.d/bAr.hg.d/BaR
18 $ echo bar>foo.d/bAr.hg.d/BaR
19 $ echo bar>foo.d/baR.d.hg/bAR
19 $ echo bar>foo.d/baR.d.hg/bAR
20 $ hg commit -A -m 1
20 $ hg commit -A -m 1
21 adding foo
21 adding foo
22 adding foo.d/bAr.hg.d/BaR
22 adding foo.d/bAr.hg.d/BaR
23 adding foo.d/baR.d.hg/bAR
23 adding foo.d/baR.d.hg/bAR
24 adding foo.d/foo
24 adding foo.d/foo
25 $ hg serve -p $HGPORT -d --pid-file=../hg0.pid --certificate=$PRIV
25 $ hg serve -p $HGPORT -d --pid-file=../hg0.pid --certificate=$PRIV
26 $ cat ../hg0.pid >> $DAEMON_PIDS
26 $ cat ../hg0.pid >> $DAEMON_PIDS
27
27
28 cacert not found
28 cacert not found
29
29
30 $ hg in --config web.cacerts=no-such.pem https://localhost:$HGPORT/
30 $ hg in --config web.cacerts=no-such.pem https://localhost:$HGPORT/
31 abort: could not find web.cacerts: no-such.pem
31 abort: could not find web.cacerts: no-such.pem
32 [255]
32 [255]
33
33
34 Test server address cannot be reused
34 Test server address cannot be reused
35
35
36 #if windows
36 #if windows
37 $ hg serve -p $HGPORT --certificate=$PRIV 2>&1
37 $ hg serve -p $HGPORT --certificate=$PRIV 2>&1
38 abort: cannot start server at ':$HGPORT':
38 abort: cannot start server at ':$HGPORT':
39 [255]
39 [255]
40 #else
40 #else
41 $ hg serve -p $HGPORT --certificate=$PRIV 2>&1
41 $ hg serve -p $HGPORT --certificate=$PRIV 2>&1
42 abort: cannot start server at ':$HGPORT': Address already in use
42 abort: cannot start server at ':$HGPORT': Address already in use
43 [255]
43 [255]
44 #endif
44 #endif
45 $ cd ..
45 $ cd ..
46
46
47 Our test cert is not signed by a trusted CA. It should fail to verify if
47 Our test cert is not signed by a trusted CA. It should fail to verify if
48 we are able to load CA certs.
48 we are able to load CA certs.
49
49
50 #if sslcontext defaultcacerts no-defaultcacertsloaded
50 #if sslcontext defaultcacerts no-defaultcacertsloaded
51 $ hg clone https://localhost:$HGPORT/ copy-pull
51 $ hg clone https://localhost:$HGPORT/ copy-pull
52 (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
52 (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
53 abort: error: *certificate verify failed* (glob)
53 abort: error: *certificate verify failed* (glob)
54 [255]
54 [255]
55 #endif
55 #endif
56
56
57 #if no-sslcontext defaultcacerts
57 #if no-sslcontext defaultcacerts
58 $ hg clone https://localhost:$HGPORT/ copy-pull
58 $ hg clone https://localhost:$HGPORT/ copy-pull
59 (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
59 (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
60 abort: error: *certificate verify failed* (glob)
60 abort: error: *certificate verify failed* (glob)
61 [255]
61 [255]
62 #endif
62 #endif
63
63
64 #if no-sslcontext windows
64 #if no-sslcontext windows
65 $ hg clone https://localhost:$HGPORT/ copy-pull
65 $ hg clone https://localhost:$HGPORT/ copy-pull
66 (unable to load Windows CA certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message)
66 (unable to load Windows CA certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message)
67 abort: error: *certificate verify failed* (glob)
67 abort: error: *certificate verify failed* (glob)
68 [255]
68 [255]
69 #endif
69 #endif
70
70
71 #if no-sslcontext osx
71 #if no-sslcontext osx
72 $ hg clone https://localhost:$HGPORT/ copy-pull
72 $ hg clone https://localhost:$HGPORT/ copy-pull
73 (unable to load CA certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message)
73 (unable to load CA certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message)
74 abort: localhost certificate error: no certificate received
74 abort: localhost certificate error: no certificate received
75 (set hostsecurity.localhost:certfingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e config setting or use --insecure to connect insecurely)
75 (set hostsecurity.localhost:certfingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e config setting or use --insecure to connect insecurely)
76 [255]
76 [255]
77 #endif
77 #endif
78
78
79 #if defaultcacertsloaded
79 #if defaultcacertsloaded
80 $ hg clone https://localhost:$HGPORT/ copy-pull
80 $ hg clone https://localhost:$HGPORT/ copy-pull
81 (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
81 (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
82 abort: error: *certificate verify failed* (glob)
82 abort: error: *certificate verify failed* (glob)
83 [255]
83 [255]
84 #endif
84 #endif
85
85
86 #if no-defaultcacerts
86 #if no-defaultcacerts
87 $ hg clone https://localhost:$HGPORT/ copy-pull
87 $ hg clone https://localhost:$HGPORT/ copy-pull
88 (unable to load * certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
88 (unable to load * certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
89 abort: localhost certificate error: no certificate received
89 abort: localhost certificate error: no certificate received
90 (set hostsecurity.localhost:certfingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e config setting or use --insecure to connect insecurely)
90 (set hostsecurity.localhost:certfingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e config setting or use --insecure to connect insecurely)
91 [255]
91 [255]
92 #endif
92 #endif
93
93
94 Specifying a per-host certificate file that doesn't exist will abort
94 Specifying a per-host certificate file that doesn't exist will abort
95
95
96 $ hg --config hostsecurity.localhost:verifycertsfile=/does/not/exist clone https://localhost:$HGPORT/
96 $ hg --config hostsecurity.localhost:verifycertsfile=/does/not/exist clone https://localhost:$HGPORT/
97 abort: path specified by hostsecurity.localhost:verifycertsfile does not exist: /does/not/exist
97 abort: path specified by hostsecurity.localhost:verifycertsfile does not exist: /does/not/exist
98 [255]
98 [255]
99
99
100 A malformed per-host certificate file will raise an error
100 A malformed per-host certificate file will raise an error
101
101
102 $ echo baddata > badca.pem
102 $ echo baddata > badca.pem
103 #if sslcontext
103 #if sslcontext
104 $ hg --config hostsecurity.localhost:verifycertsfile=badca.pem clone https://localhost:$HGPORT/
104 $ hg --config hostsecurity.localhost:verifycertsfile=badca.pem clone https://localhost:$HGPORT/
105 abort: error loading CA file badca.pem: * (glob)
105 abort: error loading CA file badca.pem: * (glob)
106 (file is empty or malformed?)
106 (file is empty or malformed?)
107 [255]
107 [255]
108 #else
108 #else
109 $ hg --config hostsecurity.localhost:verifycertsfile=badca.pem clone https://localhost:$HGPORT/
109 $ hg --config hostsecurity.localhost:verifycertsfile=badca.pem clone https://localhost:$HGPORT/
110 abort: error: * (glob)
110 abort: error: * (glob)
111 [255]
111 [255]
112 #endif
112 #endif
113
113
114 A per-host certificate mismatching the server will fail verification
114 A per-host certificate mismatching the server will fail verification
115
115
116 (modern ssl is able to discern whether the loaded cert is a CA cert)
116 (modern ssl is able to discern whether the loaded cert is a CA cert)
117 #if sslcontext
117 #if sslcontext
118 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/client-cert.pem" clone https://localhost:$HGPORT/
118 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/client-cert.pem" clone https://localhost:$HGPORT/
119 (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
119 (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
120 abort: error: *certificate verify failed* (glob)
120 abort: error: *certificate verify failed* (glob)
121 [255]
121 [255]
122 #else
122 #else
123 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/client-cert.pem" clone https://localhost:$HGPORT/
123 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/client-cert.pem" clone https://localhost:$HGPORT/
124 abort: error: *certificate verify failed* (glob)
124 abort: error: *certificate verify failed* (glob)
125 [255]
125 [255]
126 #endif
126 #endif
127
127
128 A per-host certificate matching the server's cert will be accepted
128 A per-host certificate matching the server's cert will be accepted
129
129
130 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/pub.pem" clone -U https://localhost:$HGPORT/ perhostgood1
130 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/pub.pem" clone -U https://localhost:$HGPORT/ perhostgood1
131 requesting all changes
131 requesting all changes
132 adding changesets
132 adding changesets
133 adding manifests
133 adding manifests
134 adding file changes
134 adding file changes
135 added 1 changesets with 4 changes to 4 files
135 added 1 changesets with 4 changes to 4 files
136
136
137 A per-host certificate with multiple certs and one matching will be accepted
137 A per-host certificate with multiple certs and one matching will be accepted
138
138
139 $ cat "$CERTSDIR/client-cert.pem" "$CERTSDIR/pub.pem" > perhost.pem
139 $ cat "$CERTSDIR/client-cert.pem" "$CERTSDIR/pub.pem" > perhost.pem
140 $ hg --config hostsecurity.localhost:verifycertsfile=perhost.pem clone -U https://localhost:$HGPORT/ perhostgood2
140 $ hg --config hostsecurity.localhost:verifycertsfile=perhost.pem clone -U https://localhost:$HGPORT/ perhostgood2
141 requesting all changes
141 requesting all changes
142 adding changesets
142 adding changesets
143 adding manifests
143 adding manifests
144 adding file changes
144 adding file changes
145 added 1 changesets with 4 changes to 4 files
145 added 1 changesets with 4 changes to 4 files
146
146
147 Defining both per-host certificate and a fingerprint will print a warning
147 Defining both per-host certificate and a fingerprint will print a warning
148
148
149 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/pub.pem" --config hostsecurity.localhost:fingerprints=sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03 clone -U https://localhost:$HGPORT/ caandfingerwarning
149 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/pub.pem" --config hostsecurity.localhost:fingerprints=sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03 clone -U https://localhost:$HGPORT/ caandfingerwarning
150 (hostsecurity.localhost:verifycertsfile ignored when host fingerprints defined; using host fingerprints for verification)
150 (hostsecurity.localhost:verifycertsfile ignored when host fingerprints defined; using host fingerprints for verification)
151 requesting all changes
151 requesting all changes
152 adding changesets
152 adding changesets
153 adding manifests
153 adding manifests
154 adding file changes
154 adding file changes
155 added 1 changesets with 4 changes to 4 files
155 added 1 changesets with 4 changes to 4 files
156
156
157 $ DISABLECACERTS="--config devel.disableloaddefaultcerts=true"
157 $ DISABLECACERTS="--config devel.disableloaddefaultcerts=true"
158
158
159 Inability to verify peer certificate will result in abort
159 Inability to verify peer certificate will result in abort
160
160
161 $ hg clone https://localhost:$HGPORT/ copy-pull $DISABLECACERTS
161 $ hg clone https://localhost:$HGPORT/ copy-pull $DISABLECACERTS
162 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
162 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
163 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
163 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
164 [255]
164 [255]
165
165
166 $ hg clone --insecure https://localhost:$HGPORT/ copy-pull
166 $ hg clone --insecure https://localhost:$HGPORT/ copy-pull
167 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
167 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
168 requesting all changes
168 requesting all changes
169 adding changesets
169 adding changesets
170 adding manifests
170 adding manifests
171 adding file changes
171 adding file changes
172 added 1 changesets with 4 changes to 4 files
172 added 1 changesets with 4 changes to 4 files
173 updating to branch default
173 updating to branch default
174 4 files updated, 0 files merged, 0 files removed, 0 files unresolved
174 4 files updated, 0 files merged, 0 files removed, 0 files unresolved
175 $ hg verify -R copy-pull
175 $ hg verify -R copy-pull
176 checking changesets
176 checking changesets
177 checking manifests
177 checking manifests
178 crosschecking files in changesets and manifests
178 crosschecking files in changesets and manifests
179 checking files
179 checking files
180 4 files, 1 changesets, 4 total revisions
180 4 files, 1 changesets, 4 total revisions
181 $ cd test
181 $ cd test
182 $ echo bar > bar
182 $ echo bar > bar
183 $ hg commit -A -d '1 0' -m 2
183 $ hg commit -A -d '1 0' -m 2
184 adding bar
184 adding bar
185 $ cd ..
185 $ cd ..
186
186
187 pull without cacert
187 pull without cacert
188
188
189 $ cd copy-pull
189 $ cd copy-pull
190 $ echo '[hooks]' >> .hg/hgrc
190 $ echo '[hooks]' >> .hg/hgrc
191 $ echo "changegroup = printenv.py changegroup" >> .hg/hgrc
191 $ echo "changegroup = printenv.py changegroup" >> .hg/hgrc
192 $ hg pull $DISABLECACERTS
192 $ hg pull $DISABLECACERTS
193 pulling from https://localhost:$HGPORT/
193 pulling from https://localhost:$HGPORT/
194 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
194 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
195 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
195 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
196 [255]
196 [255]
197
197
198 $ hg pull --insecure
198 $ hg pull --insecure
199 pulling from https://localhost:$HGPORT/
199 pulling from https://localhost:$HGPORT/
200 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
200 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
201 searching for changes
201 searching for changes
202 adding changesets
202 adding changesets
203 adding manifests
203 adding manifests
204 adding file changes
204 adding file changes
205 added 1 changesets with 1 changes to 1 files
205 added 1 changesets with 1 changes to 1 files
206 changegroup hook: HG_NODE=5fed3813f7f5e1824344fdc9cf8f63bb662c292d HG_NODE_LAST=5fed3813f7f5e1824344fdc9cf8f63bb662c292d HG_SOURCE=pull HG_TXNID=TXN:* HG_URL=https://localhost:$HGPORT/ (glob)
206 changegroup hook: HG_NODE=5fed3813f7f5e1824344fdc9cf8f63bb662c292d HG_NODE_LAST=5fed3813f7f5e1824344fdc9cf8f63bb662c292d HG_SOURCE=pull HG_TXNID=TXN:* HG_URL=https://localhost:$HGPORT/ (glob)
207 (run 'hg update' to get a working copy)
207 (run 'hg update' to get a working copy)
208 $ cd ..
208 $ cd ..
209
209
210 cacert configured in local repo
210 cacert configured in local repo
211
211
212 $ cp copy-pull/.hg/hgrc copy-pull/.hg/hgrc.bu
212 $ cp copy-pull/.hg/hgrc copy-pull/.hg/hgrc.bu
213 $ echo "[web]" >> copy-pull/.hg/hgrc
213 $ echo "[web]" >> copy-pull/.hg/hgrc
214 $ echo "cacerts=$CERTSDIR/pub.pem" >> copy-pull/.hg/hgrc
214 $ echo "cacerts=$CERTSDIR/pub.pem" >> copy-pull/.hg/hgrc
215 $ hg -R copy-pull pull --traceback
215 $ hg -R copy-pull pull --traceback
216 pulling from https://localhost:$HGPORT/
216 pulling from https://localhost:$HGPORT/
217 searching for changes
217 searching for changes
218 no changes found
218 no changes found
219 $ mv copy-pull/.hg/hgrc.bu copy-pull/.hg/hgrc
219 $ mv copy-pull/.hg/hgrc.bu copy-pull/.hg/hgrc
220
220
221 cacert configured globally, also testing expansion of environment
221 cacert configured globally, also testing expansion of environment
222 variables in the filename
222 variables in the filename
223
223
224 $ echo "[web]" >> $HGRCPATH
224 $ echo "[web]" >> $HGRCPATH
225 $ echo 'cacerts=$P/pub.pem' >> $HGRCPATH
225 $ echo 'cacerts=$P/pub.pem' >> $HGRCPATH
226 $ P="$CERTSDIR" hg -R copy-pull pull
226 $ P="$CERTSDIR" hg -R copy-pull pull
227 pulling from https://localhost:$HGPORT/
227 pulling from https://localhost:$HGPORT/
228 searching for changes
228 searching for changes
229 no changes found
229 no changes found
230 $ P="$CERTSDIR" hg -R copy-pull pull --insecure
230 $ P="$CERTSDIR" hg -R copy-pull pull --insecure
231 pulling from https://localhost:$HGPORT/
231 pulling from https://localhost:$HGPORT/
232 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
232 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
233 searching for changes
233 searching for changes
234 no changes found
234 no changes found
235
235
236 empty cacert file
236 empty cacert file
237
237
238 $ touch emptycafile
238 $ touch emptycafile
239
239
240 #if sslcontext
240 #if sslcontext
241 $ hg --config web.cacerts=emptycafile -R copy-pull pull
241 $ hg --config web.cacerts=emptycafile -R copy-pull pull
242 pulling from https://localhost:$HGPORT/
242 pulling from https://localhost:$HGPORT/
243 abort: error loading CA file emptycafile: * (glob)
243 abort: error loading CA file emptycafile: * (glob)
244 (file is empty or malformed?)
244 (file is empty or malformed?)
245 [255]
245 [255]
246 #else
246 #else
247 $ hg --config web.cacerts=emptycafile -R copy-pull pull
247 $ hg --config web.cacerts=emptycafile -R copy-pull pull
248 pulling from https://localhost:$HGPORT/
248 pulling from https://localhost:$HGPORT/
249 abort: error: * (glob)
249 abort: error: * (glob)
250 [255]
250 [255]
251 #endif
251 #endif
252
252
253 cacert mismatch
253 cacert mismatch
254
254
255 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub.pem" \
255 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub.pem" \
256 > https://127.0.0.1:$HGPORT/
256 > https://127.0.0.1:$HGPORT/
257 pulling from https://127.0.0.1:$HGPORT/ (glob)
257 pulling from https://127.0.0.1:$HGPORT/ (glob)
258 abort: 127.0.0.1 certificate error: certificate is for localhost (glob)
258 abort: 127.0.0.1 certificate error: certificate is for localhost (glob)
259 (set hostsecurity.127.0.0.1:certfingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e config setting or use --insecure to connect insecurely) (glob)
259 (set hostsecurity.127.0.0.1:certfingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e config setting or use --insecure to connect insecurely) (glob)
260 [255]
260 [255]
261 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub.pem" \
261 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub.pem" \
262 > https://127.0.0.1:$HGPORT/ --insecure
262 > https://127.0.0.1:$HGPORT/ --insecure
263 pulling from https://127.0.0.1:$HGPORT/ (glob)
263 pulling from https://127.0.0.1:$HGPORT/ (glob)
264 warning: connection security to 127.0.0.1 is disabled per current settings; communication is susceptible to eavesdropping and tampering (glob)
264 warning: connection security to 127.0.0.1 is disabled per current settings; communication is susceptible to eavesdropping and tampering (glob)
265 searching for changes
265 searching for changes
266 no changes found
266 no changes found
267 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-other.pem"
267 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-other.pem"
268 pulling from https://localhost:$HGPORT/
268 pulling from https://localhost:$HGPORT/
269 abort: error: *certificate verify failed* (glob)
269 abort: error: *certificate verify failed* (glob)
270 [255]
270 [255]
271 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-other.pem" \
271 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-other.pem" \
272 > --insecure
272 > --insecure
273 pulling from https://localhost:$HGPORT/
273 pulling from https://localhost:$HGPORT/
274 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
274 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
275 searching for changes
275 searching for changes
276 no changes found
276 no changes found
277
277
278 Test server cert which isn't valid yet
278 Test server cert which isn't valid yet
279
279
280 $ hg serve -R test -p $HGPORT1 -d --pid-file=hg1.pid --certificate=server-not-yet.pem
280 $ hg serve -R test -p $HGPORT1 -d --pid-file=hg1.pid --certificate=server-not-yet.pem
281 $ cat hg1.pid >> $DAEMON_PIDS
281 $ cat hg1.pid >> $DAEMON_PIDS
282 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-not-yet.pem" \
282 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-not-yet.pem" \
283 > https://localhost:$HGPORT1/
283 > https://localhost:$HGPORT1/
284 pulling from https://localhost:$HGPORT1/
284 pulling from https://localhost:$HGPORT1/
285 abort: error: *certificate verify failed* (glob)
285 abort: error: *certificate verify failed* (glob)
286 [255]
286 [255]
287
287
288 Test server cert which no longer is valid
288 Test server cert which no longer is valid
289
289
290 $ hg serve -R test -p $HGPORT2 -d --pid-file=hg2.pid --certificate=server-expired.pem
290 $ hg serve -R test -p $HGPORT2 -d --pid-file=hg2.pid --certificate=server-expired.pem
291 $ cat hg2.pid >> $DAEMON_PIDS
291 $ cat hg2.pid >> $DAEMON_PIDS
292 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-expired.pem" \
292 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-expired.pem" \
293 > https://localhost:$HGPORT2/
293 > https://localhost:$HGPORT2/
294 pulling from https://localhost:$HGPORT2/
294 pulling from https://localhost:$HGPORT2/
295 abort: error: *certificate verify failed* (glob)
295 abort: error: *certificate verify failed* (glob)
296 [255]
296 [255]
297
297
298 Fingerprints
298 Fingerprints
299
299
300 - works without cacerts (hostkeyfingerprints)
300 - works without cacerts (hostkeyfingerprints)
301 $ hg -R copy-pull id https://localhost:$HGPORT/ --insecure --config hostfingerprints.localhost=ec:d8:7c:d6:b3:86:d0:4f:c1:b8:b4:1c:9d:8f:5e:16:8e:ef:1c:03
301 $ hg -R copy-pull id https://localhost:$HGPORT/ --insecure --config hostfingerprints.localhost=ec:d8:7c:d6:b3:86:d0:4f:c1:b8:b4:1c:9d:8f:5e:16:8e:ef:1c:03
302 5fed3813f7f5
302 5fed3813f7f5
303
303
304 - works without cacerts (hostsecurity)
304 - works without cacerts (hostsecurity)
305 $ hg -R copy-pull id https://localhost:$HGPORT/ --config hostsecurity.localhost:fingerprints=sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
305 $ hg -R copy-pull id https://localhost:$HGPORT/ --config hostsecurity.localhost:fingerprints=sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
306 5fed3813f7f5
306 5fed3813f7f5
307
307
308 $ hg -R copy-pull id https://localhost:$HGPORT/ --config hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e
308 $ hg -R copy-pull id https://localhost:$HGPORT/ --config hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e
309 5fed3813f7f5
309 5fed3813f7f5
310
310
311 - multiple fingerprints specified and first matches
311 - multiple fingerprints specified and first matches
312 $ hg --config 'hostfingerprints.localhost=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03, deadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/ --insecure
312 $ hg --config 'hostfingerprints.localhost=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03, deadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/ --insecure
313 5fed3813f7f5
313 5fed3813f7f5
314
314
315 $ hg --config 'hostsecurity.localhost:fingerprints=sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03, sha1:deadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/
315 $ hg --config 'hostsecurity.localhost:fingerprints=sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03, sha1:deadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/
316 5fed3813f7f5
316 5fed3813f7f5
317
317
318 - multiple fingerprints specified and last matches
318 - multiple fingerprints specified and last matches
319 $ hg --config 'hostfingerprints.localhost=deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03' -R copy-pull id https://localhost:$HGPORT/ --insecure
319 $ hg --config 'hostfingerprints.localhost=deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03' -R copy-pull id https://localhost:$HGPORT/ --insecure
320 5fed3813f7f5
320 5fed3813f7f5
321
321
322 $ hg --config 'hostsecurity.localhost:fingerprints=sha1:deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03' -R copy-pull id https://localhost:$HGPORT/
322 $ hg --config 'hostsecurity.localhost:fingerprints=sha1:deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03' -R copy-pull id https://localhost:$HGPORT/
323 5fed3813f7f5
323 5fed3813f7f5
324
324
325 - multiple fingerprints specified and none match
325 - multiple fingerprints specified and none match
326
326
327 $ hg --config 'hostfingerprints.localhost=deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, aeadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/ --insecure
327 $ hg --config 'hostfingerprints.localhost=deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, aeadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/ --insecure
328 abort: certificate for localhost has unexpected fingerprint ec:d8:7c:d6:b3:86:d0:4f:c1:b8:b4:1c:9d:8f:5e:16:8e:ef:1c:03
328 abort: certificate for localhost has unexpected fingerprint ec:d8:7c:d6:b3:86:d0:4f:c1:b8:b4:1c:9d:8f:5e:16:8e:ef:1c:03
329 (check hostfingerprint configuration)
329 (check hostfingerprint configuration)
330 [255]
330 [255]
331
331
332 $ hg --config 'hostsecurity.localhost:fingerprints=sha1:deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, sha1:aeadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/
332 $ hg --config 'hostsecurity.localhost:fingerprints=sha1:deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, sha1:aeadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/
333 abort: certificate for localhost has unexpected fingerprint sha1:ec:d8:7c:d6:b3:86:d0:4f:c1:b8:b4:1c:9d:8f:5e:16:8e:ef:1c:03
333 abort: certificate for localhost has unexpected fingerprint sha1:ec:d8:7c:d6:b3:86:d0:4f:c1:b8:b4:1c:9d:8f:5e:16:8e:ef:1c:03
334 (check hostsecurity configuration)
334 (check hostsecurity configuration)
335 [255]
335 [255]
336
336
337 - fails when cert doesn't match hostname (port is ignored)
337 - fails when cert doesn't match hostname (port is ignored)
338 $ hg -R copy-pull id https://localhost:$HGPORT1/ --config hostfingerprints.localhost=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
338 $ hg -R copy-pull id https://localhost:$HGPORT1/ --config hostfingerprints.localhost=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
339 abort: certificate for localhost has unexpected fingerprint f4:2f:5a:0c:3e:52:5b:db:e7:24:a8:32:1d:18:97:6d:69:b5:87:84
339 abort: certificate for localhost has unexpected fingerprint f4:2f:5a:0c:3e:52:5b:db:e7:24:a8:32:1d:18:97:6d:69:b5:87:84
340 (check hostfingerprint configuration)
340 (check hostfingerprint configuration)
341 [255]
341 [255]
342
342
343
343
344 - ignores that certificate doesn't match hostname
344 - ignores that certificate doesn't match hostname
345 $ hg -R copy-pull id https://127.0.0.1:$HGPORT/ --config hostfingerprints.127.0.0.1=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
345 $ hg -R copy-pull id https://127.0.0.1:$HGPORT/ --config hostfingerprints.127.0.0.1=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
346 5fed3813f7f5
346 5fed3813f7f5
347
347
348 Ports used by next test. Kill servers.
348 Ports used by next test. Kill servers.
349
349
350 $ killdaemons.py hg0.pid
350 $ killdaemons.py hg0.pid
351 $ killdaemons.py hg1.pid
351 $ killdaemons.py hg1.pid
352 $ killdaemons.py hg2.pid
352 $ killdaemons.py hg2.pid
353
353
354 #if sslcontext
354 #if sslcontext
355 Start servers running supported TLS versions
355 Start servers running supported TLS versions
356
356
357 $ cd test
357 $ cd test
358 $ hg serve -p $HGPORT -d --pid-file=../hg0.pid --certificate=$PRIV \
358 $ hg serve -p $HGPORT -d --pid-file=../hg0.pid --certificate=$PRIV \
359 > --config devel.serverexactprotocol=tls1.0
359 > --config devel.serverexactprotocol=tls1.0
360 $ cat ../hg0.pid >> $DAEMON_PIDS
360 $ cat ../hg0.pid >> $DAEMON_PIDS
361 $ hg serve -p $HGPORT1 -d --pid-file=../hg1.pid --certificate=$PRIV \
361 $ hg serve -p $HGPORT1 -d --pid-file=../hg1.pid --certificate=$PRIV \
362 > --config devel.serverexactprotocol=tls1.1
362 > --config devel.serverexactprotocol=tls1.1
363 $ cat ../hg1.pid >> $DAEMON_PIDS
363 $ cat ../hg1.pid >> $DAEMON_PIDS
364 $ hg serve -p $HGPORT2 -d --pid-file=../hg2.pid --certificate=$PRIV \
364 $ hg serve -p $HGPORT2 -d --pid-file=../hg2.pid --certificate=$PRIV \
365 > --config devel.serverexactprotocol=tls1.2
365 > --config devel.serverexactprotocol=tls1.2
366 $ cat ../hg2.pid >> $DAEMON_PIDS
366 $ cat ../hg2.pid >> $DAEMON_PIDS
367 $ cd ..
367 $ cd ..
368
368
369 Clients talking same TLS versions work
369 Clients talking same TLS versions work
370
370
371 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.0 id https://localhost:$HGPORT/
371 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.0 id https://localhost:$HGPORT/
372 5fed3813f7f5
372 5fed3813f7f5
373 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 id https://localhost:$HGPORT1/
373 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 id https://localhost:$HGPORT1/
374 5fed3813f7f5
374 5fed3813f7f5
375 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id https://localhost:$HGPORT2/
375 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id https://localhost:$HGPORT2/
376 5fed3813f7f5
376 5fed3813f7f5
377
377
378 Clients requiring newer TLS version than what server supports fail
378 Clients requiring newer TLS version than what server supports fail
379
379
380 $ P="$CERTSDIR" hg id https://localhost:$HGPORT/
381 (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
382 abort: error: *unsupported protocol* (glob)
383 [255]
384
380 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 id https://localhost:$HGPORT/
385 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 id https://localhost:$HGPORT/
381 (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
386 (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
382 abort: error: *unsupported protocol* (glob)
387 abort: error: *unsupported protocol* (glob)
383 [255]
388 [255]
384 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id https://localhost:$HGPORT/
389 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id https://localhost:$HGPORT/
385 (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
390 (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
386 abort: error: *unsupported protocol* (glob)
391 abort: error: *unsupported protocol* (glob)
387 [255]
392 [255]
388 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id https://localhost:$HGPORT1/
393 $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id https://localhost:$HGPORT1/
389 (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
394 (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
390 abort: error: *unsupported protocol* (glob)
395 abort: error: *unsupported protocol* (glob)
391 [255]
396 [255]
392
397
393 The per-host config option overrides the default
398 The per-host config option overrides the default
394
399
395 $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
400 $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
396 > --config hostsecurity.minimumprotocol=tls1.2 \
401 > --config hostsecurity.minimumprotocol=tls1.2 \
397 > --config hostsecurity.localhost:minimumprotocol=tls1.0
402 > --config hostsecurity.localhost:minimumprotocol=tls1.0
398 5fed3813f7f5
403 5fed3813f7f5
399
404
400 The per-host config option by itself works
405 The per-host config option by itself works
401
406
402 $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
407 $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
403 > --config hostsecurity.localhost:minimumprotocol=tls1.2
408 > --config hostsecurity.localhost:minimumprotocol=tls1.2
404 (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
409 (could not negotiate a common protocol; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
405 abort: error: *unsupported protocol* (glob)
410 abort: error: *unsupported protocol* (glob)
406 [255]
411 [255]
407
412
408 $ killdaemons.py hg0.pid
413 $ killdaemons.py hg0.pid
409 $ killdaemons.py hg1.pid
414 $ killdaemons.py hg1.pid
410 $ killdaemons.py hg2.pid
415 $ killdaemons.py hg2.pid
411 #endif
416 #endif
412
417
413 Prepare for connecting through proxy
418 Prepare for connecting through proxy
414
419
415 $ hg serve -R test -p $HGPORT -d --pid-file=hg0.pid --certificate=$PRIV
420 $ hg serve -R test -p $HGPORT -d --pid-file=hg0.pid --certificate=$PRIV
416 $ cat hg0.pid >> $DAEMON_PIDS
421 $ cat hg0.pid >> $DAEMON_PIDS
417 $ hg serve -R test -p $HGPORT2 -d --pid-file=hg2.pid --certificate=server-expired.pem
422 $ hg serve -R test -p $HGPORT2 -d --pid-file=hg2.pid --certificate=server-expired.pem
418 $ cat hg2.pid >> $DAEMON_PIDS
423 $ cat hg2.pid >> $DAEMON_PIDS
419 tinyproxy.py doesn't fully detach, so killing it may result in extra output
424 tinyproxy.py doesn't fully detach, so killing it may result in extra output
420 from the shell. So don't kill it.
425 from the shell. So don't kill it.
421 $ tinyproxy.py $HGPORT1 localhost >proxy.log </dev/null 2>&1 &
426 $ tinyproxy.py $HGPORT1 localhost >proxy.log </dev/null 2>&1 &
422 $ while [ ! -f proxy.pid ]; do sleep 0; done
427 $ while [ ! -f proxy.pid ]; do sleep 0; done
423 $ cat proxy.pid >> $DAEMON_PIDS
428 $ cat proxy.pid >> $DAEMON_PIDS
424
429
425 $ echo "[http_proxy]" >> copy-pull/.hg/hgrc
430 $ echo "[http_proxy]" >> copy-pull/.hg/hgrc
426 $ echo "always=True" >> copy-pull/.hg/hgrc
431 $ echo "always=True" >> copy-pull/.hg/hgrc
427 $ echo "[hostfingerprints]" >> copy-pull/.hg/hgrc
432 $ echo "[hostfingerprints]" >> copy-pull/.hg/hgrc
428 $ echo "localhost =" >> copy-pull/.hg/hgrc
433 $ echo "localhost =" >> copy-pull/.hg/hgrc
429
434
430 Test unvalidated https through proxy
435 Test unvalidated https through proxy
431
436
432 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull --insecure --traceback
437 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull --insecure --traceback
433 pulling from https://localhost:$HGPORT/
438 pulling from https://localhost:$HGPORT/
434 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
439 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
435 searching for changes
440 searching for changes
436 no changes found
441 no changes found
437
442
438 Test https with cacert and fingerprint through proxy
443 Test https with cacert and fingerprint through proxy
439
444
440 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
445 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
441 > --config web.cacerts="$CERTSDIR/pub.pem"
446 > --config web.cacerts="$CERTSDIR/pub.pem"
442 pulling from https://localhost:$HGPORT/
447 pulling from https://localhost:$HGPORT/
443 searching for changes
448 searching for changes
444 no changes found
449 no changes found
445 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull https://127.0.0.1:$HGPORT/ --config hostfingerprints.127.0.0.1=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
450 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull https://127.0.0.1:$HGPORT/ --config hostfingerprints.127.0.0.1=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
446 pulling from https://127.0.0.1:$HGPORT/ (glob)
451 pulling from https://127.0.0.1:$HGPORT/ (glob)
447 searching for changes
452 searching for changes
448 no changes found
453 no changes found
449
454
450 Test https with cert problems through proxy
455 Test https with cert problems through proxy
451
456
452 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
457 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
453 > --config web.cacerts="$CERTSDIR/pub-other.pem"
458 > --config web.cacerts="$CERTSDIR/pub-other.pem"
454 pulling from https://localhost:$HGPORT/
459 pulling from https://localhost:$HGPORT/
455 abort: error: *certificate verify failed* (glob)
460 abort: error: *certificate verify failed* (glob)
456 [255]
461 [255]
457 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
462 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
458 > --config web.cacerts="$CERTSDIR/pub-expired.pem" https://localhost:$HGPORT2/
463 > --config web.cacerts="$CERTSDIR/pub-expired.pem" https://localhost:$HGPORT2/
459 pulling from https://localhost:$HGPORT2/
464 pulling from https://localhost:$HGPORT2/
460 abort: error: *certificate verify failed* (glob)
465 abort: error: *certificate verify failed* (glob)
461 [255]
466 [255]
462
467
463
468
464 $ killdaemons.py hg0.pid
469 $ killdaemons.py hg0.pid
465
470
466 #if sslcontext
471 #if sslcontext
467
472
468 Start hgweb that requires client certificates:
473 Start hgweb that requires client certificates:
469
474
470 $ cd test
475 $ cd test
471 $ hg serve -p $HGPORT -d --pid-file=../hg0.pid --certificate=$PRIV \
476 $ hg serve -p $HGPORT -d --pid-file=../hg0.pid --certificate=$PRIV \
472 > --config devel.servercafile=$PRIV --config devel.serverrequirecert=true
477 > --config devel.servercafile=$PRIV --config devel.serverrequirecert=true
473 $ cat ../hg0.pid >> $DAEMON_PIDS
478 $ cat ../hg0.pid >> $DAEMON_PIDS
474 $ cd ..
479 $ cd ..
475
480
476 without client certificate:
481 without client certificate:
477
482
478 $ P="$CERTSDIR" hg id https://localhost:$HGPORT/
483 $ P="$CERTSDIR" hg id https://localhost:$HGPORT/
479 abort: error: *handshake failure* (glob)
484 abort: error: *handshake failure* (glob)
480 [255]
485 [255]
481
486
482 with client certificate:
487 with client certificate:
483
488
484 $ cat << EOT >> $HGRCPATH
489 $ cat << EOT >> $HGRCPATH
485 > [auth]
490 > [auth]
486 > l.prefix = localhost
491 > l.prefix = localhost
487 > l.cert = $CERTSDIR/client-cert.pem
492 > l.cert = $CERTSDIR/client-cert.pem
488 > l.key = $CERTSDIR/client-key.pem
493 > l.key = $CERTSDIR/client-key.pem
489 > EOT
494 > EOT
490
495
491 $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
496 $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
492 > --config auth.l.key="$CERTSDIR/client-key-decrypted.pem"
497 > --config auth.l.key="$CERTSDIR/client-key-decrypted.pem"
493 5fed3813f7f5
498 5fed3813f7f5
494
499
495 $ printf '1234\n' | env P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
500 $ printf '1234\n' | env P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
496 > --config ui.interactive=True --config ui.nontty=True
501 > --config ui.interactive=True --config ui.nontty=True
497 passphrase for */client-key.pem: 5fed3813f7f5 (glob)
502 passphrase for */client-key.pem: 5fed3813f7f5 (glob)
498
503
499 $ env P="$CERTSDIR" hg id https://localhost:$HGPORT/
504 $ env P="$CERTSDIR" hg id https://localhost:$HGPORT/
500 abort: error: * (glob)
505 abort: error: * (glob)
501 [255]
506 [255]
502
507
503 #endif
508 #endif
General Comments 0
You need to be logged in to leave comments. Login now