upstream/mercurial-mirror Commit - r15005:4a43e23b

hgweb: do not ignore [auth] if url has a username (issue2822)...

Patrick Mezard -

r15005:4a43e23b 1.9.1 stable

parent child

mercurial/help/config.txt

0 +3 -1

             The Mercurial system uses a set of configuration files to control
             aspects of its behavior.
             The configuration files use a simple ini-file format. A configuration
             file consists of sections, led by a ``[section]`` header and followed
             by ``name = value`` entries::
               [ui]
               username = Firstname Lastname <firstname.lastname@example.net>
               verbose = True
             The above entries will be referred to as ``ui.username`` and
             ``ui.verbose``, respectively. See the Syntax section below.
             Files
             -----
             Mercurial reads configuration data from several files, if they exist.
             These files do not exist by default and you will have to create the
             appropriate configuration files yourself: global configuration like
             the username setting is typically put into
             ``%USERPROFILE%\mercurial.ini`` or ``$HOME/.hgrc`` and local
             configuration is put into the per-repository ``<repo>/.hg/hgrc`` file.
             The names of these files depend on the system on which Mercurial is
             installed. ``*.rc`` files from a single directory are read in
             alphabetical order, later ones overriding earlier ones. Where multiple
             paths are given below, settings from earlier paths override later
             ones.
             | (Unix, Windows) ``<repo>/.hg/hgrc``
                 Per-repository configuration options that only apply in a
                 particular repository. This file is not version-controlled, and
                 will not get transferred during a "clone" operation. Options in
                 this file override options in all other configuration files. On
                 Unix, most of this file will be ignored if it doesn't belong to a
                 trusted user or to a trusted group. See the documentation for the
                 ``[trusted]`` section below for more details.
             | (Unix) ``$HOME/.hgrc``
             | (Windows) ``%USERPROFILE%\.hgrc``
             | (Windows) ``%USERPROFILE%\Mercurial.ini``
             | (Windows) ``%HOME%\.hgrc``
             | (Windows) ``%HOME%\Mercurial.ini``
                 Per-user configuration file(s), for the user running Mercurial. On
                 Windows 9x, ``%HOME%`` is replaced by ``%APPDATA%``. Options in these
                 files apply to all Mercurial commands executed by this user in any
                 directory. Options in these files override per-system and per-installation
                 options.
             | (Unix) ``/etc/mercurial/hgrc``
             | (Unix) ``/etc/mercurial/hgrc.d/*.rc``
                 Per-system configuration files, for the system on which Mercurial
                 is running. Options in these files apply to all Mercurial commands
                 executed by any user in any directory. Options in these files
                 override per-installation options.
             | (Unix) ``<install-root>/etc/mercurial/hgrc``
             | (Unix) ``<install-root>/etc/mercurial/hgrc.d/*.rc``
                 Per-installation configuration files, searched for in the
                 directory where Mercurial is installed. ``<install-root>`` is the
                 parent directory of the **hg** executable (or symlink) being run. For
                 example, if installed in ``/shared/tools/bin/hg``, Mercurial will look
                 in ``/shared/tools/etc/mercurial/hgrc``. Options in these files apply
                 to all Mercurial commands executed by any user in any directory.
             | (Windows) ``<install-dir>\Mercurial.ini`` **or**
             | (Windows) ``<install-dir>\hgrc.d\*.rc`` **or**
             | (Windows) ``HKEY_LOCAL_MACHINE\SOFTWARE\Mercurial``
                 Per-installation/system configuration files, for the system on
                 which Mercurial is running. Options in these files apply to all
                 Mercurial commands executed by any user in any directory. Registry
                 keys contain PATH-like strings, every part of which must reference
                 a ``Mercurial.ini`` file or be a directory where ``*.rc`` files will
                 be read.  Mercurial checks each of these locations in the specified
                 order until one or more configuration files are detected.  If the
                 pywin32 extensions are not installed, Mercurial will only look for
                 site-wide configuration in ``C:\Mercurial\Mercurial.ini``.
             Syntax
             ------
             A configuration file consists of sections, led by a ``[section]`` header
             and followed by ``name = value`` entries (sometimes called
             ``configuration keys``)::
                 [spam]
                 eggs=ham
                 green=
                    eggs
             Each line contains one entry. If the lines that follow are indented,
             they are treated as continuations of that entry. Leading whitespace is
             removed from values. Empty lines are skipped. Lines beginning with
             ``#`` or ``;`` are ignored and may be used to provide comments.
             Configuration keys can be set multiple times, in which case Mercurial
             will use the value that was configured last. As an example::
                 [spam]
                 eggs=large
                 ham=serrano
                 eggs=small
             This would set the configuration key named ``eggs`` to ``small``.
             It is also possible to define a section multiple times. A section can
             be redefined on the same and/or on different configuration files. For
             example::
                 [foo]
                 eggs=large
                 ham=serrano
                 eggs=small
                 [bar]
                 eggs=ham
                 green=
                    eggs
                 [foo]
                 ham=prosciutto
                 eggs=medium
                 bread=toasted
             This would set the ``eggs``, ``ham``, and ``bread`` configuration keys
             of the ``foo`` section to ``medium``, ``prosciutto``, and ``toasted``,
             respectively. As you can see there only thing that matters is the last
             value that was set for each of the configuration keys.
             If a configuration key is set multiple times in different
             configuration files the final value will depend on the order in which
             the different configuration files are read, with settings from earlier
             paths overriding later ones as described on the ``Files`` section
             above.
             A line of the form ``%include file`` will include ``file`` into the
             current configuration file. The inclusion is recursive, which means
             that included files can include other files. Filenames are relative to
             the configuration file in which the ``%include`` directive is found.
             Environment variables and ``~user`` constructs are expanded in
             ``file``. This lets you do something like::
               %include ~/.hgrc.d/$HOST.rc
             to include a different configuration file on each computer you use.
             A line with ``%unset name`` will remove ``name`` from the current
             section, if it has been set previously.
             The values are either free-form text strings, lists of text strings,
             or Boolean values. Boolean values can be set to true using any of "1",
             "yes", "true", or "on" and to false using "0", "no", "false", or "off"
             (all case insensitive).
             List values are separated by whitespace or comma, except when values are
             placed in double quotation marks::
               allow_read = "John Doe, PhD", brian, betty
             Quotation marks can be escaped by prefixing them with a backslash. Only
             quotation marks at the beginning of a word is counted as a quotation
             (e.g., ``foo"bar baz`` is the list of ``foo"bar`` and ``baz``).
             Sections
             --------
             This section describes the different sections that may appear in a
             Mercurial configuration file, the purpose of each section, its possible
             keys, and their possible values.
             ``alias``
             """""""""
             Defines command aliases.
             Aliases allow you to define your own commands in terms of other
             commands (or aliases), optionally including arguments. Positional
             arguments in the form of ``$1``, ``$2``, etc in the alias definition
             are expanded by Mercurial before execution. Positional arguments not
             already used by ``$N`` in the definition are put at the end of the
             command to be executed.
             Alias definitions consist of lines of the form::
                 <alias> = <command> [<argument>]...
             For example, this definition::
                 latest = log --limit 5
             creates a new command ``latest`` that shows only the five most recent
             changesets. You can define subsequent aliases using earlier ones::
                 stable5 = latest -b stable
             .. note:: It is possible to create aliases with the same names as
                existing commands, which will then override the original
                definitions. This is almost always a bad idea!
             An alias can start with an exclamation point (``!``) to make it a
             shell alias. A shell alias is executed with the shell and will let you
             run arbitrary commands. As an example, ::
                echo = !echo
             will let you do ``hg echo foo`` to have ``foo`` printed in your
             terminal. A better example might be::
                purge = !$HG status --no-status --unknown -0 | xargs -0 rm
             which will make ``hg purge`` delete all unknown files in the
             repository in the same manner as the purge extension.
             Shell aliases are executed in an environment where ``$HG`` expand to
             the path of the Mercurial that was used to execute the alias. This is
             useful when you want to call further Mercurial commands in a shell
             alias, as was done above for the purge alias. In addition,
             ``$HG_ARGS`` expand to the arguments given to Mercurial. In the ``hg
             echo foo`` call above, ``$HG_ARGS`` would expand to ``echo foo``.
             ``auth``
             """"""""
             Authentication credentials for HTTP authentication. This section
             allows you to store usernames and passwords for use when logging
             *into* HTTP servers. See the ``[web]`` configuration section if
             you want to configure *who* can login to your HTTP server.
             Each line has the following format::
                 <name>.<argument> = <value>
             where ``<name>`` is used to group arguments into authentication
             entries. Example::
                 foo.prefix = hg.intevation.org/mercurial
                 foo.username = foo
                 foo.password = bar
                 foo.schemes = http https
                 bar.prefix = secure.example.org
                 bar.key = path/to/file.key
                 bar.cert = path/to/file.cert
                 bar.schemes = https
             Supported arguments:
             ``prefix``
                 Either ``*`` or a URI prefix with or without the scheme part.
                 The authentication entry with the longest matching prefix is used
                 (where ``*`` matches everything and counts as a match of length
 ). If the prefix doesn't include a scheme, the match is performed
                 against the URI with its scheme stripped as well, and the schemes
                 argument, q.v., is then subsequently consulted.
             ``username``
                 Optional. Username to authenticate with. If not given, and the
                 remote site requires basic or digest authentication, the user will
                 be prompted for it. Environment variables are expanded in the
-                username letting you do ``foo.username = $USER``.
+                username letting you do ``foo.username = $USER``. If the URI
+                includes a username, only ``[auth]`` entries with a matching
+                username or without a username will be considered.
             ``password``
                 Optional. Password to authenticate with. If not given, and the
                 remote site requires basic or digest authentication, the user
                 will be prompted for it.
             ``key``
                 Optional. PEM encoded client certificate key file. Environment
                 variables are expanded in the filename.
             ``cert``
                 Optional. PEM encoded client certificate chain file. Environment
                 variables are expanded in the filename.
             ``schemes``
                 Optional. Space separated list of URI schemes to use this
                 authentication entry with. Only used if the prefix doesn't include
                 a scheme. Supported schemes are http and https. They will match
                 static-http and static-https respectively, as well.
                 Default: https.
             If no suitable authentication entry is found, the user is prompted
             for credentials as usual if required by the remote.
             ``decode/encode``
             """""""""""""""""
             Filters for transforming files on checkout/checkin. This would
             typically be used for newline processing or other
             localization/canonicalization of files.
             Filters consist of a filter pattern followed by a filter command.
             Filter patterns are globs by default, rooted at the repository root.
             For example, to match any file ending in ``.txt`` in the root
             directory only, use the pattern ``*.txt``. To match any file ending
             in ``.c`` anywhere in the repository, use the pattern ``**.c``.
             For each file only the first matching filter applies.
             The filter command can start with a specifier, either ``pipe:`` or
             ``tempfile:``. If no specifier is given, ``pipe:`` is used by default.
             A ``pipe:`` command must accept data on stdin and return the transformed
             data on stdout.
             Pipe example::
               [encode]
               # uncompress gzip files on checkin to improve delta compression
               # note: not necessarily a good idea, just an example
               *.gz = pipe: gunzip
               [decode]
               # recompress gzip files when writing them to the working dir (we
               # can safely omit "pipe:", because it's the default)
               *.gz = gzip
             A ``tempfile:`` command is a template. The string ``INFILE`` is replaced
             with the name of a temporary file that contains the data to be
             filtered by the command. The string ``OUTFILE`` is replaced with the name
             of an empty temporary file, where the filtered data must be written by
             the command.
             .. note:: The tempfile mechanism is recommended for Windows systems,
                where the standard shell I/O redirection operators often have
                strange effects and may corrupt the contents of your files.
             This filter mechanism is used internally by the ``eol`` extension to
             translate line ending characters between Windows (CRLF) and Unix (LF)
             format. We suggest you use the ``eol`` extension for convenience.
             ``defaults``
             """"""""""""
             (defaults are deprecated. Don't use them. Use aliases instead)
             Use the ``[defaults]`` section to define command defaults, i.e. the
             default options/arguments to pass to the specified commands.
             The following example makes :hg:`log` run in verbose mode, and
             :hg:`status` show only the modified files, by default::
               [defaults]
               log = -v
               status = -m
             The actual commands, instead of their aliases, must be used when
             defining command defaults. The command defaults will also be applied
             to the aliases of the commands defined.
             ``diff``
             """"""""
             Settings used when displaying diffs. Everything except for ``unified`` is a
             Boolean and defaults to False.
             ``git``
                 Use git extended diff format.
             ``nodates``
                 Don't include dates in diff headers.
             ``showfunc``
                 Show which function each change is in.
             ``ignorews``
                 Ignore white space when comparing lines.
             ``ignorewsamount``
                 Ignore changes in the amount of white space.
             ``ignoreblanklines``
                 Ignore changes whose lines are all blank.
             ``unified``
                 Number of lines of context to show.
             ``email``
             """""""""
             Settings for extensions that send email messages.
             ``from``
                 Optional. Email address to use in "From" header and SMTP envelope
                 of outgoing messages.
             ``to``
                 Optional. Comma-separated list of recipients' email addresses.
             ``cc``
                 Optional. Comma-separated list of carbon copy recipients'
                 email addresses.
             ``bcc``
                 Optional. Comma-separated list of blind carbon copy recipients'
                 email addresses.
             ``method``
                 Optional. Method to use to send email messages. If value is ``smtp``
                 (default), use SMTP (see the ``[smtp]`` section for configuration).
                 Otherwise, use as name of program to run that acts like sendmail
                 (takes ``-f`` option for sender, list of recipients on command line,
                 message on stdin). Normally, setting this to ``sendmail`` or
                 ``/usr/sbin/sendmail`` is enough to use sendmail to send messages.
             ``charsets``
                 Optional. Comma-separated list of character sets considered
                 convenient for recipients. Addresses, headers, and parts not
                 containing patches of outgoing messages will be encoded in the
                 first character set to which conversion from local encoding
                 (``$HGENCODING``, ``ui.fallbackencoding``) succeeds. If correct
                 conversion fails, the text in question is sent as is. Defaults to
                 empty (explicit) list.
                 Order of outgoing email character sets:
 . ``us-ascii``: always first, regardless of settings
 . ``email.charsets``: in order given by user
 . ``ui.fallbackencoding``: if not in email.charsets
 . ``$HGENCODING``: if not in email.charsets
 . ``utf-8``: always last, regardless of settings
             Email example::
               [email]
               from = Joseph User <joe.user@example.com>
               method = /usr/sbin/sendmail
               # charsets for western Europeans
               # us-ascii, utf-8 omitted, as they are tried first and last
               charsets = iso-8859-1, iso-8859-15, windows-1252
             ``extensions``
             """"""""""""""
             Mercurial has an extension mechanism for adding new features. To
             enable an extension, create an entry for it in this section.
             If you know that the extension is already in Python's search path,
             you can give the name of the module, followed by ``=``, with nothing
             after the ``=``.
             Otherwise, give a name that you choose, followed by ``=``, followed by
             the path to the ``.py`` file (including the file name extension) that
             defines the extension.
             To explicitly disable an extension that is enabled in an hgrc of
             broader scope, prepend its path with ``!``, as in ``foo = !/ext/path``
             or ``foo = !`` when path is not supplied.
             Example for ``~/.hgrc``::
               [extensions]
               # (the mq extension will get loaded from Mercurial's path)
               mq =
               # (this extension will get loaded from the file specified)
               myfeature = ~/.hgext/myfeature.py
             ``hostfingerprints``
             """"""""""""""""""""
             Fingerprints of the certificates of known HTTPS servers.
             A HTTPS connection to a server with a fingerprint configured here will
             only succeed if the servers certificate matches the fingerprint.
             This is very similar to how ssh known hosts works.
             The fingerprint is the SHA-1 hash value of the DER encoded certificate.
             The CA chain and web.cacerts is not used for servers with a fingerprint.
             For example::
                 [hostfingerprints]
                 hg.intevation.org = 38:76:52:7c:87:26:9a:8f:4a:f8:d3:de:08:45:3b:ea:d6:4b:ee:cc
             This feature is only supported when using Python 2.6 or later.
             ``format``
             """"""""""
             ``usestore``
                 Enable or disable the "store" repository format which improves
                 compatibility with systems that fold case or otherwise mangle
                 filenames. Enabled by default. Disabling this option will allow
                 you to store longer filenames in some situations at the expense of
                 compatibility and ensures that the on-disk format of newly created
                 repositories will be compatible with Mercurial before version 0.9.4.
             ``usefncache``
                 Enable or disable the "fncache" repository format which enhances
                 the "store" repository format (which has to be enabled to use
                 fncache) to allow longer filenames and avoids using Windows
                 reserved names, e.g. "nul". Enabled by default. Disabling this
                 option ensures that the on-disk format of newly created
                 repositories will be compatible with Mercurial before version 1.1.
             ``dotencode``
                 Enable or disable the "dotencode" repository format which enhances
                 the "fncache" repository format (which has to be enabled to use
                 dotencode) to avoid issues with filenames starting with ._ on
                 Mac OS X and spaces on Windows. Enabled by default. Disabling this
                 option ensures that the on-disk format of newly created
                 repositories will be compatible with Mercurial before version 1.7.
             ``merge-patterns``
             """"""""""""""""""
             This section specifies merge tools to associate with particular file
             patterns. Tools matched here will take precedence over the default
             merge tool. Patterns are globs by default, rooted at the repository
             root.
             Example::
               [merge-patterns]
               **.c = kdiff3
               **.jpg = myimgmerge
             ``merge-tools``
             """""""""""""""
             This section configures external merge tools to use for file-level
             merges.
             Example ``~/.hgrc``::
               [merge-tools]
               # Override stock tool location
               kdiff3.executable = ~/bin/kdiff3
               # Specify command line
               kdiff3.args = $base $local $other -o $output
               # Give higher priority
               kdiff3.priority = 1
               # Define new tool
               myHtmlTool.args = -m $local $other $base $output
               myHtmlTool.regkey = Software\FooSoftware\HtmlMerge
               myHtmlTool.priority = 1
             Supported arguments:
             ``priority``
               The priority in which to evaluate this tool.
               Default: 0.
             ``executable``
               Either just the name of the executable or its pathname.  On Windows,
               the path can use environment variables with ${ProgramFiles} syntax.
               Default: the tool name.
             ``args``
               The arguments to pass to the tool executable. You can refer to the
               files being merged as well as the output file through these
               variables: ``$base``, ``$local``, ``$other``, ``$output``.
               Default: ``$local $base $other``
             ``premerge``
               Attempt to run internal non-interactive 3-way merge tool before
               launching external tool.  Options are ``true``, ``false``, or ``keep``
               to leave markers in the file if the premerge fails.
               Default: True
             ``binary``
               This tool can merge binary files. Defaults to False, unless tool
               was selected by file pattern match.
             ``symlink``
               This tool can merge symlinks. Defaults to False, even if tool was
               selected by file pattern match.
             ``check``
               A list of merge success-checking options:
               ``changed``
                 Ask whether merge was successful when the merged file shows no changes.
               ``conflicts``
                 Check whether there are conflicts even though the tool reported success.
               ``prompt``
                 Always prompt for merge success, regardless of success reported by tool.
             ``checkchanged``
               True is equivalent to ``check = changed``.
               Default: False
             ``checkconflicts``
               True is equivalent to ``check = conflicts``.
               Default: False
             ``fixeol``
               Attempt to fix up EOL changes caused by the merge tool.
               Default: False
             ``gui``
               This tool requires a graphical interface to run. Default: False
             ``regkey``
               Windows registry key which describes install location of this
               tool. Mercurial will search for this key first under
               ``HKEY_CURRENT_USER`` and then under ``HKEY_LOCAL_MACHINE``.
               Default: None
             ``regkeyalt``
               An alternate Windows registry key to try if the first key is not
               found.  The alternate key uses the same ``regname`` and ``regappend``
               semantics of the primary key.  The most common use for this key
               is to search for 32bit applications on 64bit operating systems.
               Default: None
             ``regname``
               Name of value to read from specified registry key. Defaults to the
               unnamed (default) value.
             ``regappend``
               String to append to the value read from the registry, typically
               the executable name of the tool.
               Default: None
             ``hooks``
             """""""""
             Commands or Python functions that get automatically executed by
             various actions such as starting or finishing a commit. Multiple
             hooks can be run for the same action by appending a suffix to the
             action. Overriding a site-wide hook can be done by changing its
             value or setting it to an empty string.
             Example ``.hg/hgrc``::
               [hooks]
               # update working directory after adding changesets
               changegroup.update = hg update
               # do not use the site-wide hook
               incoming =
               incoming.email = /my/email/hook
               incoming.autobuild = /my/build/hook
             Most hooks are run with environment variables set that give useful
             additional information. For each hook below, the environment
             variables it is passed are listed with names of the form ``$HG_foo``.
             ``changegroup``
               Run after a changegroup has been added via push, pull or unbundle.
               ID of the first new changeset is in ``$HG_NODE``. URL from which
               changes came is in ``$HG_URL``.
             ``commit``
               Run after a changeset has been created in the local repository. ID
               of the newly created changeset is in ``$HG_NODE``. Parent changeset
               IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
             ``incoming``
               Run after a changeset has been pulled, pushed, or unbundled into
               the local repository. The ID of the newly arrived changeset is in
               ``$HG_NODE``. URL that was source of changes came is in ``$HG_URL``.
             ``outgoing``
               Run after sending changes from local repository to another. ID of
               first changeset sent is in ``$HG_NODE``. Source of operation is in
               ``$HG_SOURCE``; see "preoutgoing" hook for description.
             ``post-<command>``
               Run after successful invocations of the associated command. The
               contents of the command line are passed as ``$HG_ARGS`` and the result
               code in ``$HG_RESULT``. Parsed command line arguments are passed as
               ``$HG_PATS`` and ``$HG_OPTS``. These contain string representations of
               the python data internally passed to <command>. ``$HG_OPTS`` is a
               dictionary of options (with unspecified options set to their defaults).
               ``$HG_PATS`` is a list of arguments. Hook failure is ignored.
             ``pre-<command>``
               Run before executing the associated command. The contents of the
               command line are passed as ``$HG_ARGS``. Parsed command line arguments
               are passed as ``$HG_PATS`` and ``$HG_OPTS``. These contain string
               representations of the data internally passed to <command>. ``$HG_OPTS``
               is a  dictionary of options (with unspecified options set to their
               defaults). ``$HG_PATS`` is a list of arguments. If the hook returns
               failure, the command doesn't execute and Mercurial returns the failure
               code.
             ``prechangegroup``
               Run before a changegroup is added via push, pull or unbundle. Exit
               status 0 allows the changegroup to proceed. Non-zero status will
               cause the push, pull or unbundle to fail. URL from which changes
               will come is in ``$HG_URL``.
             ``precommit``
               Run before starting a local commit. Exit status 0 allows the
               commit to proceed. Non-zero status will cause the commit to fail.
               Parent changeset IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
             ``prelistkeys``
               Run before listing pushkeys (like bookmarks) in the
               repository. Non-zero status will cause failure. The key namespace is
               in ``$HG_NAMESPACE``.
             ``preoutgoing``
               Run before collecting changes to send from the local repository to
               another. Non-zero status will cause failure. This lets you prevent
               pull over HTTP or SSH. Also prevents against local pull, push
               (outbound) or bundle commands, but not effective, since you can
               just copy files instead then. Source of operation is in
               ``$HG_SOURCE``. If "serve", operation is happening on behalf of remote
               SSH or HTTP repository. If "push", "pull" or "bundle", operation
               is happening on behalf of repository on same system.
             ``prepushkey``
               Run before a pushkey (like a bookmark) is added to the
               repository. Non-zero status will cause the key to be rejected. The
               key namespace is in ``$HG_NAMESPACE``, the key is in ``$HG_KEY``,
               the old value (if any) is in ``$HG_OLD``, and the new value is in
               ``$HG_NEW``.
             ``pretag``
               Run before creating a tag. Exit status 0 allows the tag to be
               created. Non-zero status will cause the tag to fail. ID of
               changeset to tag is in ``$HG_NODE``. Name of tag is in ``$HG_TAG``. Tag is
               local if ``$HG_LOCAL=1``, in repository if ``$HG_LOCAL=0``.
             ``pretxnchangegroup``
               Run after a changegroup has been added via push, pull or unbundle,
               but before the transaction has been committed. Changegroup is
               visible to hook program. This lets you validate incoming changes
               before accepting them. Passed the ID of the first new changeset in
               ``$HG_NODE``. Exit status 0 allows the transaction to commit. Non-zero
               status will cause the transaction to be rolled back and the push,
               pull or unbundle will fail. URL that was source of changes is in
               ``$HG_URL``.
             ``pretxncommit``
               Run after a changeset has been created but the transaction not yet
               committed. Changeset is visible to hook program. This lets you
               validate commit message and changes. Exit status 0 allows the
               commit to proceed. Non-zero status will cause the transaction to
               be rolled back. ID of changeset is in ``$HG_NODE``. Parent changeset
               IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
             ``preupdate``
               Run before updating the working directory. Exit status 0 allows
               the update to proceed. Non-zero status will prevent the update.
               Changeset ID of first new parent is in ``$HG_PARENT1``. If merge, ID
               of second new parent is in ``$HG_PARENT2``.
             ``listkeys``
               Run after listing pushkeys (like bookmarks) in the repository. The
               key namespace is in ``$HG_NAMESPACE``. ``$HG_VALUES`` is a
               dictionary containing the keys and values.
             ``pushkey``
               Run after a pushkey (like a bookmark) is added to the
               repository. The key namespace is in ``$HG_NAMESPACE``, the key is in
               ``$HG_KEY``, the old value (if any) is in ``$HG_OLD``, and the new
               value is in ``$HG_NEW``.
             ``tag``
               Run after a tag is created. ID of tagged changeset is in ``$HG_NODE``.
               Name of tag is in ``$HG_TAG``. Tag is local if ``$HG_LOCAL=1``, in
               repository if ``$HG_LOCAL=0``.
             ``update``
               Run after updating the working directory. Changeset ID of first
               new parent is in ``$HG_PARENT1``. If merge, ID of second new parent is
               in ``$HG_PARENT2``. If the update succeeded, ``$HG_ERROR=0``. If the
               update failed (e.g. because conflicts not resolved), ``$HG_ERROR=1``.
             .. note:: It is generally better to use standard hooks rather than the
                generic pre- and post- command hooks as they are guaranteed to be
                called in the appropriate contexts for influencing transactions.
                Also, hooks like "commit" will be called in all contexts that
                generate a commit (e.g. tag) and not just the commit command.
             .. note:: Environment variables with empty values may not be passed to
                hooks on platforms such as Windows. As an example, ``$HG_PARENT2``
                will have an empty value under Unix-like platforms for non-merge
                changesets, while it will not be available at all under Windows.
             The syntax for Python hooks is as follows::
               hookname = python:modulename.submodule.callable
               hookname = python:/path/to/python/module.py:callable
             Python hooks are run within the Mercurial process. Each hook is
             called with at least three keyword arguments: a ui object (keyword
             ``ui``), a repository object (keyword ``repo``), and a ``hooktype``
             keyword that tells what kind of hook is used. Arguments listed as
             environment variables above are passed as keyword arguments, with no
             ``HG_`` prefix, and names in lower case.
             If a Python hook returns a "true" value or raises an exception, this
             is treated as a failure.
             ``http_proxy``
             """"""""""""""
             Used to access web-based Mercurial repositories through a HTTP
             proxy.
             ``host``
                 Host name and (optional) port of the proxy server, for example
                 "myproxy:8000".
             ``no``
                 Optional. Comma-separated list of host names that should bypass
                 the proxy.
             ``passwd``
                 Optional. Password to authenticate with at the proxy server.
             ``user``
                 Optional. User name to authenticate with at the proxy server.
             ``always``
                 Optional. Always use the proxy, even for localhost and any entries
                 in ``http_proxy.no``. True or False. Default: False.
             ``smtp``
             """"""""
             Configuration for extensions that need to send email messages.
             ``host``
                 Host name of mail server, e.g. "mail.example.com".
             ``port``
                 Optional. Port to connect to on mail server. Default: 25.
             ``tls``
                 Optional. Method to enable TLS when connecting to mail server: starttls,
                 smtps or none. Default: none.
             ``username``
                 Optional. User name for authenticating with the SMTP server.
                 Default: none.
             ``password``
                 Optional. Password for authenticating with the SMTP server. If not
                 specified, interactive sessions will prompt the user for a
                 password; non-interactive sessions will fail. Default: none.
             ``local_hostname``
                 Optional. It's the hostname that the sender can use to identify
                 itself to the MTA.
             ``patch``
             """""""""
             Settings used when applying patches, for instance through the 'import'
             command or with Mercurial Queues extension.
             ``eol``
                 When set to 'strict' patch content and patched files end of lines
                 are preserved. When set to ``lf`` or ``crlf``, both files end of
                 lines are ignored when patching and the result line endings are
                 normalized to either LF (Unix) or CRLF (Windows). When set to
                 ``auto``, end of lines are again ignored while patching but line
                 endings in patched files are normalized to their original setting
                 on a per-file basis. If target file does not exist or has no end
                 of line, patch line endings are preserved.
                 Default: strict.
             ``paths``
             """""""""
             Assigns symbolic names to repositories. The left side is the
             symbolic name, and the right gives the directory or URL that is the
             location of the repository. Default paths can be declared by setting
             the following entries.
             ``default``
                 Directory or URL to use when pulling if no source is specified.
                 Default is set to repository from which the current repository was
                 cloned.
             ``default-push``
                 Optional. Directory or URL to use when pushing if no destination
                 is specified.
             ``profiling``
             """""""""""""
             Specifies profiling format and file output. In this section
             description, 'profiling data' stands for the raw data collected
             during profiling, while 'profiling report' stands for a statistical
             text report generated from the profiling data. The profiling is done
             using lsprof.
             ``format``
                 Profiling format.
                 Default: text.
                 ``text``
                   Generate a profiling report. When saving to a file, it should be
                   noted that only the report is saved, and the profiling data is
                   not kept.
                 ``kcachegrind``
                   Format profiling data for kcachegrind use: when saving to a
                   file, the generated file can directly be loaded into
                   kcachegrind.
             ``output``
                 File path where profiling data or report should be saved. If the
                 file exists, it is replaced. Default: None, data is printed on
                 stderr
             ``revsetalias``
             """""""""""""""
             Alias definitions for revsets. See :hg:`help revsets` for details.
             ``server``
             """"""""""
             Controls generic server settings.
             ``uncompressed``
                 Whether to allow clients to clone a repository using the
                 uncompressed streaming protocol. This transfers about 40% more
                 data than a regular clone, but uses less memory and CPU on both
                 server and client. Over a LAN (100 Mbps or better) or a very fast
                 WAN, an uncompressed streaming clone is a lot faster (~10x) than a
                 regular clone. Over most WAN connections (anything slower than
                 about 6 Mbps), uncompressed streaming is slower, because of the
                 extra data transfer overhead. This mode will also temporarily hold
                 the write lock while determining what data to transfer.
                 Default is True.
             ``validate``
                 Whether to validate the completeness of pushed changesets by
                 checking that all new file revisions specified in manifests are
                 present. Default is False.
             ``subpaths``
             """"""""""""
             Defines subrepositories source locations rewriting rules of the form::
                 <pattern> = <replacement>
             Where ``pattern`` is a regular expression matching the source and
             ``replacement`` is the replacement string used to rewrite it. Groups
             can be matched in ``pattern`` and referenced in ``replacements``. For
             instance::
                 http://server/(.*)-hg/ = http://hg.server/\1/
             rewrites ``http://server/foo-hg/`` into ``http://hg.server/foo/``.
             All patterns are applied in definition order.
             ``trusted``
             """""""""""
             Mercurial will not use the settings in the
             ``.hg/hgrc`` file from a repository if it doesn't belong to a trusted
             user or to a trusted group, as various hgrc features allow arbitrary
             commands to be run. This issue is often encountered when configuring
             hooks or extensions for shared repositories or servers. However,
             the web interface will use some safe settings from the ``[web]``
             section.
             This section specifies what users and groups are trusted. The
             current user is always trusted. To trust everybody, list a user or a
             group with name ``*``. These settings must be placed in an
             *already-trusted file* to take effect, such as ``$HOME/.hgrc`` of the
             user or service running Mercurial.
             ``users``
               Comma-separated list of trusted users.
             ``groups``
               Comma-separated list of trusted groups.
             ``ui``
             """"""
             User interface controls.
             ``archivemeta``
                 Whether to include the .hg_archival.txt file containing meta data
                 (hashes for the repository base and for tip) in archives created
                 by the :hg:`archive` command or downloaded via hgweb.
                 Default is True.
             ``askusername``
                 Whether to prompt for a username when committing. If True, and
                 neither ``$HGUSER`` nor ``$EMAIL`` has been specified, then the user will
                 be prompted to enter a username. If no username is entered, the
                 default ``USER@HOST`` is used instead.
                 Default is False.
             ``commitsubrepos``
                 Whether to commit modified subrepositories when committing the
                 parent repository. If False and one subrepository has uncommitted
                 changes, abort the commit.
                 Default is True.
             ``debug``
                 Print debugging information. True or False. Default is False.
             ``editor``
                 The editor to use during a commit. Default is ``$EDITOR`` or ``vi``.
             ``fallbackencoding``
                 Encoding to try if it's not possible to decode the changelog using
                 UTF-8. Default is ISO-8859-1.
             ``ignore``
                 A file to read per-user ignore patterns from. This file should be
                 in the same format as a repository-wide .hgignore file. This
                 option supports hook syntax, so if you want to specify multiple
                 ignore files, you can do so by setting something like
                 ``ignore.other = ~/.hgignore2``. For details of the ignore file
                 format, see the ``hgignore(5)`` man page.
             ``interactive``
                 Allow to prompt the user. True or False. Default is True.
             ``logtemplate``
                 Template string for commands that print changesets.
             ``merge``
                 The conflict resolution program to use during a manual merge.
                 For more information on merge tools see :hg:`help merge-tools`.
                 For configuring merge tools see the ``[merge-tools]`` section.
             ``portablefilenames``
                 Check for portable filenames. Can be ``warn``, ``ignore`` or ``abort``.
                 Default is ``warn``.
                 If set to ``warn`` (or ``true``), a warning message is printed on POSIX
                 platforms, if a file with a non-portable filename is added (e.g. a file
                 with a name that can't be created on Windows because it contains reserved
                 parts like ``AUX``, reserved characters like ``:``, or would cause a case
                 collision with an existing file).
                 If set to ``ignore`` (or ``false``), no warning is printed.
                 If set to ``abort``, the command is aborted.
                 On Windows, this configuration option is ignored and the command aborted.
             ``quiet``
                 Reduce the amount of output printed. True or False. Default is False.
             ``remotecmd``
                 remote command to use for clone/push/pull operations. Default is ``hg``.
             ``report_untrusted``
                 Warn if a ``.hg/hgrc`` file is ignored due to not being owned by a
                 trusted user or group. True or False. Default is True.
             ``slash``
                 Display paths using a slash (``/``) as the path separator. This
                 only makes a difference on systems where the default path
                 separator is not the slash character (e.g. Windows uses the
                 backslash character (``\``)).
                 Default is False.
             ``ssh``
                 command to use for SSH connections. Default is ``ssh``.
             ``strict``
                 Require exact command names, instead of allowing unambiguous
                 abbreviations. True or False. Default is False.
             ``style``
                 Name of style to use for command output.
             ``timeout``
                 The timeout used when a lock is held (in seconds), a negative value
                 means no timeout. Default is 600.
             ``traceback``
                 Mercurial always prints a traceback when an unknown exception
                 occurs. Setting this to True will make Mercurial print a traceback
                 on all exceptions, even those recognized by Mercurial (such as
                 IOError or MemoryError). Default is False.
             ``username``
                 The committer of a changeset created when running "commit".
                 Typically a person's name and email address, e.g. ``Fred Widget
                 <fred@example.com>``. Default is ``$EMAIL`` or ``username@hostname``. If
                 the username in hgrc is empty, it has to be specified manually or
                 in a different hgrc file (e.g. ``$HOME/.hgrc``, if the admin set
                 ``username =``  in the system hgrc). Environment variables in the
                 username are expanded.
             ``verbose``
                 Increase the amount of output printed. True or False. Default is False.
             ``web``
             """""""
             Web interface configuration. The settings in this section apply to
             both the builtin webserver (started by :hg:`serve`) and the script you
             run through a webserver (``hgweb.cgi`` and the derivatives for FastCGI
             and WSGI).
             The Mercurial webserver does no authentication (it does not prompt for
             usernames and passwords to validate *who* users are), but it does do
             authorization (it grants or denies access for *authenticated users*
             based on settings in this section). You must either configure your
             webserver to do authentication for you, or disable the authorization
             checks.
             For a quick setup in a trusted environment, e.g., a private LAN, where
             you want it to accept pushes from anybody, you can use the following
             command line::
                 $ hg --config web.allow_push=* --config web.push_ssl=False serve
             Note that this will allow anybody to push anything to the server and
             that this should not be used for public servers.
             The full set of options is:
             ``accesslog``
                 Where to output the access log. Default is stdout.
             ``address``
                 Interface address to bind to. Default is all.
             ``allow_archive``
                 List of archive format (bz2, gz, zip) allowed for downloading.
                 Default is empty.
             ``allowbz2``
                 (DEPRECATED) Whether to allow .tar.bz2 downloading of repository
                 revisions.
                 Default is False.
             ``allowgz``
                 (DEPRECATED) Whether to allow .tar.gz downloading of repository
                 revisions.
                 Default is False.
             ``allowpull``
                 Whether to allow pulling from the repository. Default is True.
             ``allow_push``
                 Whether to allow pushing to the repository. If empty or not set,
                 push is not allowed. If the special value ``*``, any remote user can
                 push, including unauthenticated users. Otherwise, the remote user
                 must have been authenticated, and the authenticated user name must
                 be present in this list. The contents of the allow_push list are
                 examined after the deny_push list.
             ``guessmime``
                 Control MIME types for raw download of file content.
                 Set to True to let hgweb guess the content type from the file
                 extension. This will serve HTML files as ``text/html`` and might
                 allow cross-site scripting attacks when serving untrusted
                 repositories. Default is False.
             ``allow_read``
                 If the user has not already been denied repository access due to
                 the contents of deny_read, this list determines whether to grant
                 repository access to the user. If this list is not empty, and the
                 user is unauthenticated or not present in the list, then access is
                 denied for the user. If the list is empty or not set, then access
                 is permitted to all users by default. Setting allow_read to the
                 special value ``*`` is equivalent to it not being set (i.e. access
                 is permitted to all users). The contents of the allow_read list are
                 examined after the deny_read list.
             ``allowzip``
                 (DEPRECATED) Whether to allow .zip downloading of repository
                 revisions. Default is False. This feature creates temporary files.
             ``baseurl``
                 Base URL to use when publishing URLs in other locations, so
                 third-party tools like email notification hooks can construct
                 URLs. Example: ``http://hgserver/repos/``.
             ``cacerts``
                 Path to file containing a list of PEM encoded certificate
                 authority certificates. Environment variables and ``~user``
                 constructs are expanded in the filename. If specified on the
                 client, then it will verify the identity of remote HTTPS servers
                 with these certificates. The form must be as follows::
                     -----BEGIN CERTIFICATE-----
                     ... (certificate in base64 PEM encoding) ...
                     -----END CERTIFICATE-----
                     -----BEGIN CERTIFICATE-----
                     ... (certificate in base64 PEM encoding) ...
                     -----END CERTIFICATE-----
                 This feature is only supported when using Python 2.6 or later. If you wish
                 to use it with earlier versions of Python, install the backported
                 version of the ssl library that is available from
                 ``http://pypi.python.org``.
                 You can use OpenSSL's CA certificate file if your platform has one.
                 On most Linux systems this will be ``/etc/ssl/certs/ca-certificates.crt``.
                 Otherwise you will have to generate this file manually.
                 To disable SSL verification temporarily, specify ``--insecure`` from
                 command line.
             ``cache``
                 Whether to support caching in hgweb. Defaults to True.
             ``contact``
                 Name or email address of the person in charge of the repository.
                 Defaults to ui.username or ``$EMAIL`` or "unknown" if unset or empty.
             ``deny_push``
                 Whether to deny pushing to the repository. If empty or not set,
                 push is not denied. If the special value ``*``, all remote users are
                 denied push. Otherwise, unauthenticated users are all denied, and
                 any authenticated user name present in this list is also denied. The
                 contents of the deny_push list are examined before the allow_push list.
             ``deny_read``
                 Whether to deny reading/viewing of the repository. If this list is
                 not empty, unauthenticated users are all denied, and any
                 authenticated user name present in this list is also denied access to
                 the repository. If set to the special value ``*``, all remote users
                 are denied access (rarely needed ;). If deny_read is empty or not set,
                 the determination of repository access depends on the presence and
                 content of the allow_read list (see description). If both
                 deny_read and allow_read are empty or not set, then access is
                 permitted to all users by default. If the repository is being
                 served via hgwebdir, denied users will not be able to see it in
                 the list of repositories. The contents of the deny_read list have
                 priority over (are examined before) the contents of the allow_read
                 list.
             ``descend``
                 hgwebdir indexes will not descend into subdirectories. Only repositories
                 directly in the current path will be shown (other repositories are still
                 available from the index corresponding to their containing path).
             ``description``
                 Textual description of the repository's purpose or contents.
                 Default is "unknown".
             ``encoding``
                 Character encoding name. Default is the current locale charset.
                 Example: "UTF-8"
             ``errorlog``
                 Where to output the error log. Default is stderr.
             ``hidden``
                 Whether to hide the repository in the hgwebdir index.
                 Default is False.
             ``ipv6``
                 Whether to use IPv6. Default is False.
             ``logourl``
                 Base URL to use for logos. If unset, ``http://mercurial.selenic.com/``
                 will be used.
             ``name``
                 Repository name to use in the web interface. Default is current
                 working directory.
             ``maxchanges``
                 Maximum number of changes to list on the changelog. Default is 10.
             ``maxfiles``
                 Maximum number of files to list per changeset. Default is 10.
             ``port``
                 Port to listen on. Default is 8000.
             ``prefix``
                 Prefix path to serve from. Default is '' (server root).
             ``push_ssl``
                 Whether to require that inbound pushes be transported over SSL to
                 prevent password sniffing. Default is True.
             ``staticurl``
                 Base URL to use for static files. If unset, static files (e.g. the
                 hgicon.png favicon) will be served by the CGI script itself. Use
                 this setting to serve them directly with the HTTP server.
                 Example: ``http://hgserver/static/``.
             ``stripes``
                 How many lines a "zebra stripe" should span in multiline output.
                 Default is 1; set to 0 to disable.
             ``style``
                 Which template map style to use.
             ``templates``
                 Where to find the HTML templates. Default is install path.

mercurial/httpconnection.py

0 +15 -1

             # httpconnection.py - urllib2 handler for new http support
             #
             # Copyright 2005, 2006, 2007, 2008 Matt Mackall <mpm@selenic.com>
             # Copyright 2006, 2007 Alexis S. L. Carvalho <alexis@cecm.usp.br>
             # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
             # Copyright 2011 Google, Inc.
             #
             # This software may be used and distributed according to the terms of the
             # GNU General Public License version 2 or any later version.
             import logging
             import socket
             import urllib
             import urllib2
             import os
             from mercurial import httpclient
             from mercurial import sslutil
             from mercurial import util
             from mercurial.i18n import _
             # moved here from url.py to avoid a cycle
             class httpsendfile(object):
                 """This is a wrapper around the objects returned by python's "open".
                 Its purpose is to send file-like objects via HTTP and, to do so, it
                 defines a __len__ attribute to feed the Content-Length header.
                 """
                 def __init__(self, ui, *args, **kwargs):
                     # We can't just "self._data = open(*args, **kwargs)" here because there
                     # is an "open" function defined in this module that shadows the global
                     # one
                     self.ui = ui
                     self._data = open(*args, **kwargs)
                     self.seek = self._data.seek
                     self.close = self._data.close
                     self.write = self._data.write
                     self._len = os.fstat(self._data.fileno()).st_size
                     self._pos = 0
                     self._total = self._len / 1024 * 2
                 def read(self, *args, **kwargs):
                     try:
                         ret = self._data.read(*args, **kwargs)
                     except EOFError:
                         self.ui.progress(_('sending'), None)
                     self._pos += len(ret)
                     # We pass double the max for total because we currently have
                     # to send the bundle twice in the case of a server that
                     # requires authentication. Since we can't know until we try
                     # once whether authentication will be required, just lie to
                     # the user and maybe the push succeeds suddenly at 50%.
                     self.ui.progress(_('sending'), self._pos / 1024,
                                      unit=_('kb'), total=self._total)
                     return ret
                 def __len__(self):
                     return self._len
             # moved here from url.py to avoid a cycle
             def readauthforuri(ui, uri):
                 # Read configuration
                 config = dict()
                 for key, val in ui.configitems('auth'):
                     if '.' not in key:
                         ui.warn(_("ignoring invalid [auth] key '%s'\n") % key)
                         continue
                     group, setting = key.rsplit('.', 1)
                     gdict = config.setdefault(group, dict())
                     if setting in ('username', 'cert', 'key'):
                         val = util.expandpath(val)
                     gdict[setting] = val
                 # Find the best match
+                uri = util.url(uri)
+                user = uri.user
+                uri.user = uri.password = None
+                uri = str(uri)
                 scheme, hostpath = uri.split('://', 1)
+                bestuser = None
                 bestlen = 0
                 bestauth = None
                 for group, auth in config.iteritems():
+                    if user and user != auth.get('username', user):
+                        # If a username was set in the URI, the entry username
+                        # must either match it or be unset
+                        continue
                     prefix = auth.get('prefix')
                     if not prefix:
                         continue
                     p = prefix.split('://', 1)
                     if len(p) > 1:
                         schemes, prefix = [p[0]], p[1]
                     else:
                         schemes = (auth.get('schemes') or 'https').split()
                     if (prefix == '*' or hostpath.startswith(prefix)) and \
-                        len(prefix) > bestlen and scheme in schemes:
+                        (len(prefix) > bestlen or (len(prefix) == bestlen and \
+                            not bestuser and 'username' in auth)) \
+                         and scheme in schemes:
                         bestlen = len(prefix)
                         bestauth = group, auth
+                        bestuser = auth.get('username')
+                        if user and not bestuser:
+                            auth['username'] = user
                 return bestauth
             # Mercurial (at least until we can remove the old codepath) requires
             # that the http response object be sufficiently file-like, so we
             # provide a close() method here.
             class HTTPResponse(httpclient.HTTPResponse):
                 def close(self):
                     pass
             class HTTPConnection(httpclient.HTTPConnection):
                 response_class = HTTPResponse
                 def request(self, method, uri, body=None, headers={}):
                     if isinstance(body, httpsendfile):
                         body.seek(0)
                     httpclient.HTTPConnection.request(self, method, uri, body=body,
                                                       headers=headers)
             _configuredlogging = False
             LOGFMT = '%(levelname)s:%(name)s:%(lineno)d:%(message)s'
             # Subclass BOTH of these because otherwise urllib2 "helpfully"
             # reinserts them since it notices we don't include any subclasses of
             # them.
             class http2handler(urllib2.HTTPHandler, urllib2.HTTPSHandler):
                 def __init__(self, ui, pwmgr):
                     global _configuredlogging
                     urllib2.AbstractHTTPHandler.__init__(self)
                     self.ui = ui
                     self.pwmgr = pwmgr
                     self._connections = {}
                     loglevel = ui.config('ui', 'http2debuglevel', default=None)
                     if loglevel and not _configuredlogging:
                         _configuredlogging = True
                         logger = logging.getLogger('mercurial.httpclient')
                         logger.setLevel(getattr(logging, loglevel.upper()))
                         handler = logging.StreamHandler()
                         handler.setFormatter(logging.Formatter(LOGFMT))
                         logger.addHandler(handler)
                 def close_all(self):
                     """Close and remove all connection objects being kept for reuse."""
                     for openconns in self._connections.values():
                         for conn in openconns:
                             conn.close()
                     self._connections = {}
                 # shamelessly borrowed from urllib2.AbstractHTTPHandler
                 def do_open(self, http_class, req, use_ssl):
                     """Return an addinfourl object for the request, using http_class.
                     http_class must implement the HTTPConnection API from httplib.
                     The addinfourl return value is a file-like object.  It also
                     has methods and attributes including:
                         - info(): return a mimetools.Message object for the headers
                         - geturl(): return the original request URL
                         - code: HTTP status code
                     """
                     # If using a proxy, the host returned by get_host() is
                     # actually the proxy. On Python 2.6.1, the real destination
                     # hostname is encoded in the URI in the urllib2 request
                     # object. On Python 2.6.5, it's stored in the _tunnel_host
                     # attribute which has no accessor.
                     tunhost = getattr(req, '_tunnel_host', None)
                     host = req.get_host()
                     if tunhost:
                         proxyhost = host
                         host = tunhost
                     elif req.has_proxy():
                         proxyhost = req.get_host()
                         host = req.get_selector().split('://', 1)[1].split('/', 1)[0]
                     else:
                         proxyhost = None
                     if proxyhost:
                         if ':' in proxyhost:
                             # Note: this means we'll explode if we try and use an
                             # IPv6 http proxy. This isn't a regression, so we
                             # won't worry about it for now.
                             proxyhost, proxyport = proxyhost.rsplit(':', 1)
                         else:
                             proxyport = 3128 # squid default
                         proxy = (proxyhost, proxyport)
                     else:
                         proxy = None
                     if not host:
                         raise urllib2.URLError('no host given')
                     connkey = use_ssl, host, proxy
                     allconns = self._connections.get(connkey, [])
                     conns = [c for c in allconns if not c.busy()]
                     if conns:
                         h = conns[0]
                     else:
                         if allconns:
                             self.ui.debug('all connections for %s busy, making a new '
                                           'one\n' % host)
                         timeout = None
                         if req.timeout is not socket._GLOBAL_DEFAULT_TIMEOUT:
                             timeout = req.timeout
                         h = http_class(host, timeout=timeout, proxy_hostport=proxy)
                         self._connections.setdefault(connkey, []).append(h)
                     headers = dict(req.headers)
                     headers.update(req.unredirected_hdrs)
                     headers = dict(
                         (name.title(), val) for name, val in headers.items())
                     try:
                         path = req.get_selector()
                         if '://' in path:
                             path = path.split('://', 1)[1].split('/', 1)[1]
                         if path[0] != '/':
                             path = '/' + path
                         h.request(req.get_method(), path, req.data, headers)
                         r = h.getresponse()
                     except socket.error, err: # XXX what error?
                         raise urllib2.URLError(err)
                     # Pick apart the HTTPResponse object to get the addinfourl
                     # object initialized properly.
                     r.recv = r.read
                     resp = urllib.addinfourl(r, r.headers, req.get_full_url())
                     resp.code = r.status
                     resp.msg = r.reason
                     return resp
                 # httplib always uses the given host/port as the socket connect
                 # target, and then allows full URIs in the request path, which it
                 # then observes and treats as a signal to do proxying instead.
                 def http_open(self, req):
                     if req.get_full_url().startswith('https'):
                         return self.https_open(req)
                     return self.do_open(HTTPConnection, req, False)
                 def https_open(self, req):
                     res = readauthforuri(self.ui, req.get_full_url())
                     if res:
                         group, auth = res
                         self.auth = auth
                         self.ui.debug("using auth.%s.* for authentication\n" % group)
                     else:
                         self.auth = None
                     return self.do_open(self._makesslconnection, req, True)
                 def _makesslconnection(self, host, port=443, *args, **kwargs):
                     keyfile = None
                     certfile = None
                     if args: # key_file
                         keyfile = args.pop(0)
                     if args: # cert_file
                         certfile = args.pop(0)
                     # if the user has specified different key/cert files in
                     # hgrc, we prefer these
                     if self.auth and 'key' in self.auth and 'cert' in self.auth:
                         keyfile = self.auth['key']
                         certfile = self.auth['cert']
                     # let host port take precedence
                     if ':' in host and '[' not in host or ']:' in host:
                         host, port = host.rsplit(':', 1)
                         port = int(port)
                         if '[' in host:
                             host = host[1:-1]
                     if keyfile:
                         kwargs['keyfile'] = keyfile
                     if certfile:
                         kwargs['certfile'] = certfile
                     kwargs.update(sslutil.sslkwargs(self.ui, host))
                     con = HTTPConnection(host, port, use_ssl=True,
                                          ssl_validator=sslutil.validator(self.ui, host),
                                          **kwargs)
                     return con

mercurial/url.py

0 +1 -1

             # url.py - HTTP handling for mercurial
             #
             # Copyright 2005, 2006, 2007, 2008 Matt Mackall <mpm@selenic.com>
             # Copyright 2006, 2007 Alexis S. L. Carvalho <alexis@cecm.usp.br>
             # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
             #
             # This software may be used and distributed according to the terms of the
             # GNU General Public License version 2 or any later version.
             import urllib, urllib2, httplib, os, socket, cStringIO
             from i18n import _
             import keepalive, util, sslutil
             import httpconnection as httpconnectionmod
             class passwordmgr(urllib2.HTTPPasswordMgrWithDefaultRealm):
                 def __init__(self, ui):
                     urllib2.HTTPPasswordMgrWithDefaultRealm.__init__(self)
                     self.ui = ui
                 def find_user_password(self, realm, authuri):
                     authinfo = urllib2.HTTPPasswordMgrWithDefaultRealm.find_user_password(
                         self, realm, authuri)
                     user, passwd = authinfo
                     if user and passwd:
                         self._writedebug(user, passwd)
                         return (user, passwd)
-                    if not user:
+                    if not user or not passwd:
                         res = httpconnectionmod.readauthforuri(self.ui, authuri)
                         if res:
                             group, auth = res
                             user, passwd = auth.get('username'), auth.get('password')
                             self.ui.debug("using auth.%s.* for authentication\n" % group)
                     if not user or not passwd:
                         if not self.ui.interactive():
                             raise util.Abort(_('http authorization required'))
                         self.ui.write(_("http authorization required\n"))
                         self.ui.write(_("realm: %s\n") % realm)
                         if user:
                             self.ui.write(_("user: %s\n") % user)
                         else:
                             user = self.ui.prompt(_("user:"), default=None)
                         if not passwd:
                             passwd = self.ui.getpass()
                     self.add_password(realm, authuri, user, passwd)
                     self._writedebug(user, passwd)
                     return (user, passwd)
                 def _writedebug(self, user, passwd):
                     msg = _('http auth: user %s, password %s\n')
                     self.ui.debug(msg % (user, passwd and '*' * len(passwd) or 'not set'))
             class proxyhandler(urllib2.ProxyHandler):
                 def __init__(self, ui):
                     proxyurl = ui.config("http_proxy", "host") or os.getenv('http_proxy')
                     # XXX proxyauthinfo = None
                     if proxyurl:
                         # proxy can be proper url or host[:port]
                         if not (proxyurl.startswith('http:') or
                                 proxyurl.startswith('https:')):
                             proxyurl = 'http://' + proxyurl + '/'
                         proxy = util.url(proxyurl)
                         if not proxy.user:
                             proxy.user = ui.config("http_proxy", "user")
                             proxy.passwd = ui.config("http_proxy", "passwd")
                         # see if we should use a proxy for this url
                         no_list = ["localhost", "127.0.0.1"]
                         no_list.extend([p.lower() for
                                         p in ui.configlist("http_proxy", "no")])
                         no_list.extend([p.strip().lower() for
                                         p in os.getenv("no_proxy", '').split(',')
                                         if p.strip()])
                         # "http_proxy.always" config is for running tests on localhost
                         if ui.configbool("http_proxy", "always"):
                             self.no_list = []
                         else:
                             self.no_list = no_list
                         proxyurl = str(proxy)
                         proxies = {'http': proxyurl, 'https': proxyurl}
                         ui.debug('proxying through http://%s:%s\n' %
                                   (proxy.host, proxy.port))
                     else:
                         proxies = {}
                     # urllib2 takes proxy values from the environment and those
                     # will take precedence if found, so drop them
                     for env in ["HTTP_PROXY", "http_proxy", "no_proxy"]:
                         try:
                             if env in os.environ:
                                 del os.environ[env]
                         except OSError:
                             pass
                     urllib2.ProxyHandler.__init__(self, proxies)
                     self.ui = ui
                 def proxy_open(self, req, proxy, type_):
                     host = req.get_host().split(':')[0]
                     if host in self.no_list:
                         return None
                     # work around a bug in Python < 2.4.2
                     # (it leaves a "\n" at the end of Proxy-authorization headers)
                     baseclass = req.__class__
                     class _request(baseclass):
                         def add_header(self, key, val):
                             if key.lower() == 'proxy-authorization':
                                 val = val.strip()
                             return baseclass.add_header(self, key, val)
                     req.__class__ = _request
                     return urllib2.ProxyHandler.proxy_open(self, req, proxy, type_)
             def _gen_sendfile(orgsend):
                 def _sendfile(self, data):
                     # send a file
                     if isinstance(data, httpconnectionmod.httpsendfile):
                         # if auth required, some data sent twice, so rewind here
                         data.seek(0)
                         for chunk in util.filechunkiter(data):
                             orgsend(self, chunk)
                     else:
                         orgsend(self, data)
                 return _sendfile
             has_https = hasattr(urllib2, 'HTTPSHandler')
             if has_https:
                 try:
                     _create_connection = socket.create_connection
                 except AttributeError:
                     _GLOBAL_DEFAULT_TIMEOUT = object()
                     def _create_connection(address, timeout=_GLOBAL_DEFAULT_TIMEOUT,
                                            source_address=None):
                         # lifted from Python 2.6
                         msg = "getaddrinfo returns an empty list"
                         host, port = address
                         for res in socket.getaddrinfo(host, port, 0, socket.SOCK_STREAM):
                             af, socktype, proto, canonname, sa = res
                             sock = None
                             try:
                                 sock = socket.socket(af, socktype, proto)
                                 if timeout is not _GLOBAL_DEFAULT_TIMEOUT:
                                     sock.settimeout(timeout)
                                 if source_address:
                                     sock.bind(source_address)
                                 sock.connect(sa)
                                 return sock
                             except socket.error, msg:
                                 if sock is not None:
                                     sock.close()
                         raise socket.error, msg
             class httpconnection(keepalive.HTTPConnection):
                 # must be able to send big bundle as stream.
                 send = _gen_sendfile(keepalive.HTTPConnection.send)
                 def connect(self):
                     if has_https and self.realhostport: # use CONNECT proxy
                         self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                         self.sock.connect((self.host, self.port))
                         if _generic_proxytunnel(self):
                             # we do not support client x509 certificates
                             self.sock = sslutil.ssl_wrap_socket(self.sock, None, None)
                     else:
                         keepalive.HTTPConnection.connect(self)
                 def getresponse(self):
                     proxyres = getattr(self, 'proxyres', None)
                     if proxyres:
                         if proxyres.will_close:
                             self.close()
                         self.proxyres = None
                         return proxyres
                     return keepalive.HTTPConnection.getresponse(self)
             # general transaction handler to support different ways to handle
             # HTTPS proxying before and after Python 2.6.3.
             def _generic_start_transaction(handler, h, req):
                 if hasattr(req, '_tunnel_host') and req._tunnel_host:
                     tunnel_host = req._tunnel_host
                     if tunnel_host[:7] not in ['http://', 'https:/']:
                         tunnel_host = 'https://' + tunnel_host
                     new_tunnel = True
                 else:
                     tunnel_host = req.get_selector()
                     new_tunnel = False
                 if new_tunnel or tunnel_host == req.get_full_url(): # has proxy
                     u = util.url(tunnel_host)
                     if new_tunnel or u.scheme == 'https': # only use CONNECT for HTTPS
                         h.realhostport = ':'.join([u.host, (u.port or '443')])
                         h.headers = req.headers.copy()
                         h.headers.update(handler.parent.addheaders)
                         return
                 h.realhostport = None
                 h.headers = None
             def _generic_proxytunnel(self):
                 proxyheaders = dict(
                         [(x, self.headers[x]) for x in self.headers
                          if x.lower().startswith('proxy-')])
                 self._set_hostport(self.host, self.port)
                 self.send('CONNECT %s HTTP/1.0\r\n' % self.realhostport)
                 for header in proxyheaders.iteritems():
                     self.send('%s: %s\r\n' % header)
                 self.send('\r\n')
                 # majority of the following code is duplicated from
                 # httplib.HTTPConnection as there are no adequate places to
                 # override functions to provide the needed functionality
                 res = self.response_class(self.sock,
                                           strict=self.strict,
                                           method=self._method)
                 while True:
                     version, status, reason = res._read_status()
                     if status != httplib.CONTINUE:
                         break
                     while True:
                         skip = res.fp.readline().strip()
                         if not skip:
                             break
                 res.status = status
                 res.reason = reason.strip()
                 if res.status == 200:
                     while True:
                         line = res.fp.readline()
                         if line == '\r\n':
                             break
                     return True
                 if version == 'HTTP/1.0':
                     res.version = 10
                 elif version.startswith('HTTP/1.'):
                     res.version = 11
                 elif version == 'HTTP/0.9':
                     res.version = 9
                 else:
                     raise httplib.UnknownProtocol(version)
                 if res.version == 9:
                     res.length = None
                     res.chunked = 0
                     res.will_close = 1
                     res.msg = httplib.HTTPMessage(cStringIO.StringIO())
                     return False
                 res.msg = httplib.HTTPMessage(res.fp)
                 res.msg.fp = None
                 # are we using the chunked-style of transfer encoding?
                 trenc = res.msg.getheader('transfer-encoding')
                 if trenc and trenc.lower() == "chunked":
                     res.chunked = 1
                     res.chunk_left = None
                 else:
                     res.chunked = 0
                 # will the connection close at the end of the response?
                 res.will_close = res._check_close()
                 # do we have a Content-Length?
                 # NOTE: RFC 2616, S4.4, #3 says we ignore this if tr_enc is "chunked"
                 length = res.msg.getheader('content-length')
                 if length and not res.chunked:
                     try:
                         res.length = int(length)
                     except ValueError:
                         res.length = None
                     else:
                         if res.length < 0:  # ignore nonsensical negative lengths
                             res.length = None
                 else:
                     res.length = None
                 # does the body have a fixed length? (of zero)
                 if (status == httplib.NO_CONTENT or status == httplib.NOT_MODIFIED or
 <= status < 200 or # 1xx codes
                     res._method == 'HEAD'):
                     res.length = 0
                 # if the connection remains open, and we aren't using chunked, and
                 # a content-length was not provided, then assume that the connection
                 # WILL close.
                 if (not res.will_close and
                    not res.chunked and
                    res.length is None):
                     res.will_close = 1
                 self.proxyres = res
                 return False
             class httphandler(keepalive.HTTPHandler):
                 def http_open(self, req):
                     return self.do_open(httpconnection, req)
                 def _start_transaction(self, h, req):
                     _generic_start_transaction(self, h, req)
                     return keepalive.HTTPHandler._start_transaction(self, h, req)
             if has_https:
                 class httpsconnection(httplib.HTTPSConnection):
                     response_class = keepalive.HTTPResponse
                     # must be able to send big bundle as stream.
                     send = _gen_sendfile(keepalive.safesend)
                     getresponse = keepalive.wrapgetresponse(httplib.HTTPSConnection)
                     def connect(self):
                         self.sock = _create_connection((self.host, self.port))
                         host = self.host
                         if self.realhostport: # use CONNECT proxy
                             _generic_proxytunnel(self)
                             host = self.realhostport.rsplit(':', 1)[0]
                         self.sock = sslutil.ssl_wrap_socket(
                             self.sock, self.key_file, self.cert_file,
                             **sslutil.sslkwargs(self.ui, host))
                         sslutil.validator(self.ui, host)(self.sock)
                 class httpshandler(keepalive.KeepAliveHandler, urllib2.HTTPSHandler):
                     def __init__(self, ui):
                         keepalive.KeepAliveHandler.__init__(self)
                         urllib2.HTTPSHandler.__init__(self)
                         self.ui = ui
                         self.pwmgr = passwordmgr(self.ui)
                     def _start_transaction(self, h, req):
                         _generic_start_transaction(self, h, req)
                         return keepalive.KeepAliveHandler._start_transaction(self, h, req)
                     def https_open(self, req):
                         res = httpconnectionmod.readauthforuri(self.ui, req.get_full_url())
                         if res:
                             group, auth = res
                             self.auth = auth
                             self.ui.debug("using auth.%s.* for authentication\n" % group)
                         else:
                             self.auth = None
                         return self.do_open(self._makeconnection, req)
                     def _makeconnection(self, host, port=None, *args, **kwargs):
                         keyfile = None
                         certfile = None
                         if len(args) >= 1: # key_file
                             keyfile = args[0]
                         if len(args) >= 2: # cert_file
                             certfile = args[1]
                         args = args[2:]
                         # if the user has specified different key/cert files in
                         # hgrc, we prefer these
                         if self.auth and 'key' in self.auth and 'cert' in self.auth:
                             keyfile = self.auth['key']
                             certfile = self.auth['cert']
                         conn = httpsconnection(host, port, keyfile, certfile, *args, **kwargs)
                         conn.ui = self.ui
                         return conn
             class httpdigestauthhandler(urllib2.HTTPDigestAuthHandler):
                 def __init__(self, *args, **kwargs):
                     urllib2.HTTPDigestAuthHandler.__init__(self, *args, **kwargs)
                     self.retried_req = None
                 def reset_retry_count(self):
                     # Python 2.6.5 will call this on 401 or 407 errors and thus loop
                     # forever. We disable reset_retry_count completely and reset in
                     # http_error_auth_reqed instead.
                     pass
                 def http_error_auth_reqed(self, auth_header, host, req, headers):
                     # Reset the retry counter once for each request.
                     if req is not self.retried_req:
                         self.retried_req = req
                         self.retried = 0
                     # In python < 2.5 AbstractDigestAuthHandler raises a ValueError if
                     # it doesn't know about the auth type requested. This can happen if
                     # somebody is using BasicAuth and types a bad password.
                     try:
                         return urllib2.HTTPDigestAuthHandler.http_error_auth_reqed(
                                     self, auth_header, host, req, headers)
                     except ValueError, inst:
                         arg = inst.args[0]
                         if arg.startswith("AbstractDigestAuthHandler doesn't know "):
                             return
                         raise
             class httpbasicauthhandler(urllib2.HTTPBasicAuthHandler):
                 def __init__(self, *args, **kwargs):
                     urllib2.HTTPBasicAuthHandler.__init__(self, *args, **kwargs)
                     self.retried_req = None
                 def reset_retry_count(self):
                     # Python 2.6.5 will call this on 401 or 407 errors and thus loop
                     # forever. We disable reset_retry_count completely and reset in
                     # http_error_auth_reqed instead.
                     pass
                 def http_error_auth_reqed(self, auth_header, host, req, headers):
                     # Reset the retry counter once for each request.
                     if req is not self.retried_req:
                         self.retried_req = req
                         self.retried = 0
                     return urllib2.HTTPBasicAuthHandler.http_error_auth_reqed(
                                     self, auth_header, host, req, headers)
             handlerfuncs = []
             def opener(ui, authinfo=None):
                 '''
                 construct an opener suitable for urllib2
                 authinfo will be added to the password manager
                 '''
                 if ui.configbool('ui', 'usehttp2', False):
                     handlers = [httpconnectionmod.http2handler(ui, passwordmgr(ui))]
                 else:
                     handlers = [httphandler()]
                     if has_https:
                         handlers.append(httpshandler(ui))
                 handlers.append(proxyhandler(ui))
                 passmgr = passwordmgr(ui)
                 if authinfo is not None:
                     passmgr.add_password(*authinfo)
                     user, passwd = authinfo[2:4]
                     ui.debug('http auth: user %s, password %s\n' %
                              (user, passwd and '*' * len(passwd) or 'not set'))
                 handlers.extend((httpbasicauthhandler(passmgr),
                                  httpdigestauthhandler(passmgr)))
                 handlers.extend([h(ui, passmgr) for h in handlerfuncs])
                 opener = urllib2.build_opener(*handlers)
                 # 1.0 here is the _protocol_ version
                 opener.addheaders = [('User-agent', 'mercurial/proto-1.0')]
                 opener.addheaders.append(('Accept', 'application/mercurial-0.1'))
                 return opener
             def open(ui, url_, data=None):
                 u = util.url(url_)
                 if u.scheme:
                     u.scheme = u.scheme.lower()
                     url_, authinfo = u.authinfo()
                 else:
                     path = util.normpath(os.path.abspath(url_))
                     url_ = 'file://' + urllib.pathname2url(path)
                     authinfo = None
                 return opener(ui, authinfo).open(url_, data)

tests/test-hgweb-auth.py

0 +42 -9

             from mercurial import demandimport; demandimport.enable()
-            from mercurial import ui
+            from mercurial import ui, util
             from mercurial import url
             from mercurial.error import Abort
             class myui(ui.ui):
                 def interactive(self):
                     return False
             origui = myui()
             def writeauth(items):
                 ui = origui.copy()
                 for name, value in items.iteritems():
                     ui.setconfig('auth', name, value)
                 return ui
             def dumpdict(dict):
                 return '{' + ', '.join(['%s: %s' % (k, dict[k])
                                         for k in sorted(dict.iterkeys())]) + '}'
-            def test(auth):
+            def test(auth, urls=None):
                 print 'CFG:', dumpdict(auth)
                 prefixes = set()
                 for k in auth:
                     prefixes.add(k.split('.', 1)[0])
                 for p in prefixes:
-                    auth.update({p + '.username': p, p + '.password': p})
+                    for name in ('.username', '.password'):
+                        if (p + name) not in auth:
+                            auth[p + name] = p
+                auth = dict((k, v) for k, v in auth.iteritems() if v is not None)
                 ui = writeauth(auth)
                 def _test(uri):
                     print 'URI:', uri
                     try:
                         pm = url.passwordmgr(ui)
+                        authinfo = util.url(uri).authinfo()[1]
+                        if authinfo is not None:
+                            pm.add_password(*authinfo)
                         print '    ', pm.find_user_password('test', uri)
                     except Abort, e:
                         print 'abort'
-                _test('http://example.org/foo')
+                if not urls:
-                _test('http://example.org/foo/bar')
+                    urls = [
-                _test('http://example.org/bar')
+                        'http://example.org/foo',
-                _test('https://example.org/foo')
+                        'http://example.org/foo/bar',
-                _test('https://example.org/foo/bar')
+                        'http://example.org/bar',
-                _test('https://example.org/bar')
+                        'https://example.org/foo',
+                        'https://example.org/foo/bar',
+                        'https://example.org/bar',
+                        'https://x@example.org/bar',
+                        'https://y@example.org/bar',
+                        ]
+                for u in urls:
+                    _test(u)
             print '\n*** Test in-uri schemes\n'
             test({'x.prefix': 'http://example.org'})
             test({'x.prefix': 'https://example.org'})
             test({'x.prefix': 'http://example.org', 'x.schemes': 'https'})
             test({'x.prefix': 'https://example.org', 'x.schemes': 'http'})
             print '\n*** Test separately configured schemes\n'
             test({'x.prefix': 'example.org', 'x.schemes': 'http'})
             test({'x.prefix': 'example.org', 'x.schemes': 'https'})
             test({'x.prefix': 'example.org', 'x.schemes': 'http https'})
             print '\n*** Test prefix matching\n'
             test({'x.prefix': 'http://example.org/foo',
                   'y.prefix': 'http://example.org/bar'})
             test({'x.prefix': 'http://example.org/foo',
                   'y.prefix': 'http://example.org/foo/bar'})
             test({'x.prefix': '*', 'y.prefix': 'https://example.org/bar'})
+            print '\n*** Test user matching\n'
+            test({'x.prefix': 'http://example.org/foo',
+                  'x.username': None,
+                  'x.password': 'xpassword'},
+                 urls=['http://y@example.org/foo'])
+            test({'x.prefix': 'http://example.org/foo',
+                  'x.username': None,
+                  'x.password': 'xpassword',
+                  'y.prefix': 'http://example.org/foo',
+                  'y.username': 'y',
+                  'y.password': 'ypassword'},
+                 urls=['http://y@example.org/foo'])
+            test({'x.prefix': 'http://example.org/foo/bar',
+                  'x.username': None,
+                  'x.password': 'xpassword',
+                  'y.prefix': 'http://example.org/foo',
+                  'y.username': 'y',
+                  'y.password': 'ypassword'},
+                 urls=['http://y@example.org/foo/bar'])

tests/test-hgweb-auth.py.out

0 +52 0

             *** Test in-uri schemes
             CFG: {x.prefix: http://example.org}
             URI: http://example.org/foo
                  ('x', 'x')
             URI: http://example.org/foo/bar
                  ('x', 'x')
             URI: http://example.org/bar
                  ('x', 'x')
             URI: https://example.org/foo
                  abort
             URI: https://example.org/foo/bar
                  abort
             URI: https://example.org/bar
                  abort
+            URI: https://x@example.org/bar
+                 abort
+            URI: https://y@example.org/bar
+                 abort
             CFG: {x.prefix: https://example.org}
             URI: http://example.org/foo
                  abort
             URI: http://example.org/foo/bar
                  abort
             URI: http://example.org/bar
                  abort
             URI: https://example.org/foo
                  ('x', 'x')
             URI: https://example.org/foo/bar
                  ('x', 'x')
             URI: https://example.org/bar
                  ('x', 'x')
+            URI: https://x@example.org/bar
+                 ('x', 'x')
+            URI: https://y@example.org/bar
+                 abort
             CFG: {x.prefix: http://example.org, x.schemes: https}
             URI: http://example.org/foo
                  ('x', 'x')
             URI: http://example.org/foo/bar
                  ('x', 'x')
             URI: http://example.org/bar
                  ('x', 'x')
             URI: https://example.org/foo
                  abort
             URI: https://example.org/foo/bar
                  abort
             URI: https://example.org/bar
                  abort
+            URI: https://x@example.org/bar
+                 abort
+            URI: https://y@example.org/bar
+                 abort
             CFG: {x.prefix: https://example.org, x.schemes: http}
             URI: http://example.org/foo
                  abort
             URI: http://example.org/foo/bar
                  abort
             URI: http://example.org/bar
                  abort
             URI: https://example.org/foo
                  ('x', 'x')
             URI: https://example.org/foo/bar
                  ('x', 'x')
             URI: https://example.org/bar
                  ('x', 'x')
+            URI: https://x@example.org/bar
+                 ('x', 'x')
+            URI: https://y@example.org/bar
+                 abort
             *** Test separately configured schemes
             CFG: {x.prefix: example.org, x.schemes: http}
             URI: http://example.org/foo
                  ('x', 'x')
             URI: http://example.org/foo/bar
                  ('x', 'x')
             URI: http://example.org/bar
                  ('x', 'x')
             URI: https://example.org/foo
                  abort
             URI: https://example.org/foo/bar
                  abort
             URI: https://example.org/bar
                  abort
+            URI: https://x@example.org/bar
+                 abort
+            URI: https://y@example.org/bar
+                 abort
             CFG: {x.prefix: example.org, x.schemes: https}
             URI: http://example.org/foo
                  abort
             URI: http://example.org/foo/bar
                  abort
             URI: http://example.org/bar
                  abort
             URI: https://example.org/foo
                  ('x', 'x')
             URI: https://example.org/foo/bar
                  ('x', 'x')
             URI: https://example.org/bar
                  ('x', 'x')
+            URI: https://x@example.org/bar
+                 ('x', 'x')
+            URI: https://y@example.org/bar
+                 abort
             CFG: {x.prefix: example.org, x.schemes: http https}
             URI: http://example.org/foo
                  ('x', 'x')
             URI: http://example.org/foo/bar
                  ('x', 'x')
             URI: http://example.org/bar
                  ('x', 'x')
             URI: https://example.org/foo
                  ('x', 'x')
             URI: https://example.org/foo/bar
                  ('x', 'x')
             URI: https://example.org/bar
                  ('x', 'x')
+            URI: https://x@example.org/bar
+                 ('x', 'x')
+            URI: https://y@example.org/bar
+                 abort
             *** Test prefix matching
             CFG: {x.prefix: http://example.org/foo, y.prefix: http://example.org/bar}
             URI: http://example.org/foo
                  ('x', 'x')
             URI: http://example.org/foo/bar
                  ('x', 'x')
             URI: http://example.org/bar
                  ('y', 'y')
             URI: https://example.org/foo
                  abort
             URI: https://example.org/foo/bar
                  abort
             URI: https://example.org/bar
                  abort
+            URI: https://x@example.org/bar
+                 abort
+            URI: https://y@example.org/bar
+                 abort
             CFG: {x.prefix: http://example.org/foo, y.prefix: http://example.org/foo/bar}
             URI: http://example.org/foo
                  ('x', 'x')
             URI: http://example.org/foo/bar
                  ('y', 'y')
             URI: http://example.org/bar
                  abort
             URI: https://example.org/foo
                  abort
             URI: https://example.org/foo/bar
                  abort
             URI: https://example.org/bar
                  abort
+            URI: https://x@example.org/bar
+                 abort
+            URI: https://y@example.org/bar
+                 abort
             CFG: {x.prefix: *, y.prefix: https://example.org/bar}
             URI: http://example.org/foo
                  abort
             URI: http://example.org/foo/bar
                  abort
             URI: http://example.org/bar
                  abort
             URI: https://example.org/foo
                  ('x', 'x')
             URI: https://example.org/foo/bar
                  ('x', 'x')
             URI: https://example.org/bar
                  ('y', 'y')
+            URI: https://x@example.org/bar
+                 ('x', 'x')
+            URI: https://y@example.org/bar
+                 ('y', 'y')
+            *** Test user matching
+            CFG: {x.password: xpassword, x.prefix: http://example.org/foo, x.username: None}
+            URI: http://y@example.org/foo
+                 ('y', 'xpassword')
+            CFG: {x.password: xpassword, x.prefix: http://example.org/foo, x.username: None, y.password: ypassword, y.prefix: http://example.org/foo, y.username: y}
+            URI: http://y@example.org/foo
+                 ('y', 'ypassword')
+            CFG: {x.password: xpassword, x.prefix: http://example.org/foo/bar, x.username: None, y.password: ypassword, y.prefix: http://example.org/foo, y.username: y}
+            URI: http://y@example.org/foo/bar
+                 ('y', 'xpassword')

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages