upstream/mercurial-mirror Commit - r37563:93397c46

wireproto: extract HTTP version 2 code to own module...

Gregory Szorc -

r37563:93397c46 default

parent child

mercurial/httppeer.py

0 +5 -5

             # httppeer.py - HTTP repository proxy classes for mercurial
             #
             # Copyright 2005, 2006 Matt Mackall <mpm@selenic.com>
             # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
             #
             # This software may be used and distributed according to the terms of the
             # GNU General Public License version 2 or any later version.
             from __future__ import absolute_import
             import errno
             import io
             import os
             import socket
             import struct
             import tempfile
             from .i18n import _
             from .thirdparty import (
                 cbor,
             )
             from . import (
                 bundle2,
                 error,
                 httpconnection,
                 pycompat,
                 statichttprepo,
                 url as urlmod,
                 util,
                 wireproto,
                 wireprotoframing,
-                wireprotoserver,
+                wireprotov2server,
             )
             httplib = util.httplib
             urlerr = util.urlerr
             urlreq = util.urlreq
             def encodevalueinheaders(value, header, limit):
                 """Encode a string value into multiple HTTP headers.
                 ``value`` will be encoded into 1 or more HTTP headers with the names
                 ``header-<N>`` where ``<N>`` is an integer starting at 1. Each header
                 name + value will be at most ``limit`` bytes long.
                 Returns an iterable of 2-tuples consisting of header names and
                 values as native strings.
                 """
                 # HTTP Headers are ASCII. Python 3 requires them to be unicodes,
                 # not bytes. This function always takes bytes in as arguments.
                 fmt = pycompat.strurl(header) + r'-%s'
                 # Note: it is *NOT* a bug that the last bit here is a bytestring
                 # and not a unicode: we're just getting the encoded length anyway,
                 # and using an r-string to make it portable between Python 2 and 3
                 # doesn't work because then the \r is a literal backslash-r
                 # instead of a carriage return.
                 valuelen = limit - len(fmt % r'000') - len(': \r\n')
                 result = []
                 n = 0
                 for i in xrange(0, len(value), valuelen):
                     n += 1
                     result.append((fmt % str(n), pycompat.strurl(value[i:i + valuelen])))
                 return result
             def _wraphttpresponse(resp):
                 """Wrap an HTTPResponse with common error handlers.
                 This ensures that any I/O from any consumer raises the appropriate
                 error and messaging.
                 """
                 origread = resp.read
                 class readerproxy(resp.__class__):
                     def read(self, size=None):
                         try:
                             return origread(size)
                         except httplib.IncompleteRead as e:
                             # e.expected is an integer if length known or None otherwise.
                             if e.expected:
                                 msg = _('HTTP request error (incomplete response; '
                                         'expected %d bytes got %d)') % (e.expected,
                                                                        len(e.partial))
                             else:
                                 msg = _('HTTP request error (incomplete response)')
                             raise error.PeerTransportError(
                                 msg,
                                 hint=_('this may be an intermittent network failure; '
                                        'if the error persists, consider contacting the '
                                        'network or server operator'))
                         except httplib.HTTPException as e:
                             raise error.PeerTransportError(
                                 _('HTTP request error (%s)') % e,
                                 hint=_('this may be an intermittent network failure; '
                                        'if the error persists, consider contacting the '
                                        'network or server operator'))
                 resp.__class__ = readerproxy
             class _multifile(object):
                 def __init__(self, *fileobjs):
                     for f in fileobjs:
                         if not util.safehasattr(f, 'length'):
                             raise ValueError(
                                 '_multifile only supports file objects that '
                                 'have a length but this one does not:', type(f), f)
                     self._fileobjs = fileobjs
                     self._index = 0
                 @property
                 def length(self):
                     return sum(f.length for f in self._fileobjs)
                 def read(self, amt=None):
                     if amt <= 0:
                         return ''.join(f.read() for f in self._fileobjs)
                     parts = []
                     while amt and self._index < len(self._fileobjs):
                         parts.append(self._fileobjs[self._index].read(amt))
                         got = len(parts[-1])
                         if got < amt:
                             self._index += 1
                         amt -= got
                     return ''.join(parts)
                 def seek(self, offset, whence=os.SEEK_SET):
                     if whence != os.SEEK_SET:
                         raise NotImplementedError(
                             '_multifile does not support anything other'
                             ' than os.SEEK_SET for whence on seek()')
                     if offset != 0:
                         raise NotImplementedError(
                             '_multifile only supports seeking to start, but that '
                             'could be fixed if you need it')
                     for f in self._fileobjs:
                         f.seek(0)
                     self._index = 0
             class httppeer(wireproto.wirepeer):
                 def __init__(self, ui, path, url, opener):
                     self.ui = ui
                     self._path = path
                     self._url = url
                     self._caps = None
                     self._urlopener = opener
                     # This is an its own attribute to facilitate extensions overriding
                     # the default type.
                     self._requestbuilder = urlreq.request
                 def __del__(self):
                     for h in self._urlopener.handlers:
                         h.close()
                         getattr(h, "close_all", lambda: None)()
                 def _openurl(self, req):
                     if (self.ui.debugflag
                         and self.ui.configbool('devel', 'debug.peer-request')):
                         dbg = self.ui.debug
                         line = 'devel-peer-request: %s\n'
                         dbg(line % '%s %s' % (req.get_method(), req.get_full_url()))
                         hgargssize = None
                         for header, value in sorted(req.header_items()):
                             if header.startswith('X-hgarg-'):
                                 if hgargssize is None:
                                     hgargssize = 0
                                 hgargssize += len(value)
                             else:
                                 dbg(line % '  %s %s' % (header, value))
                         if hgargssize is not None:
                             dbg(line % '  %d bytes of commands arguments in headers'
                                 % hgargssize)
                         if req.has_data():
                             data = req.get_data()
                             length = getattr(data, 'length', None)
                             if length is None:
                                 length = len(data)
                             dbg(line % '  %d bytes of data' % length)
                         start = util.timer()
                     ret = self._urlopener.open(req)
                     if self.ui.configbool('devel', 'debug.peer-request'):
                         dbg(line % '  finished in %.4f seconds (%s)'
                             % (util.timer() - start, ret.code))
                     return ret
                 # Begin of ipeerconnection interface.
                 def url(self):
                     return self._path
                 def local(self):
                     return None
                 def peer(self):
                     return self
                 def canpush(self):
                     return True
                 def close(self):
                     pass
                 # End of ipeerconnection interface.
                 # Begin of ipeercommands interface.
                 def capabilities(self):
                     # self._fetchcaps() should have been called as part of peer
                     # handshake. So self._caps should always be set.
                     assert self._caps is not None
                     return self._caps
                 # End of ipeercommands interface.
                 # look up capabilities only when needed
                 def _fetchcaps(self):
                     self._caps = set(self._call('capabilities').split())
                 def _callstream(self, cmd, _compressible=False, **args):
                     args = pycompat.byteskwargs(args)
                     if cmd == 'pushkey':
                         args['data'] = ''
                     data = args.pop('data', None)
                     headers = args.pop('headers', {})
                     self.ui.debug("sending %s command\n" % cmd)
                     q = [('cmd', cmd)]
                     headersize = 0
                     varyheaders = []
                     # Important: don't use self.capable() here or else you end up
                     # with infinite recursion when trying to look up capabilities
                     # for the first time.
                     postargsok = self._caps is not None and 'httppostargs' in self._caps
                     # Send arguments via POST.
                     if postargsok and args:
                         strargs = urlreq.urlencode(sorted(args.items()))
                         if not data:
                             data = strargs
                         else:
                             if isinstance(data, bytes):
                                 i = io.BytesIO(data)
                                 i.length = len(data)
                                 data = i
                             argsio = io.BytesIO(strargs)
                             argsio.length = len(strargs)
                             data = _multifile(argsio, data)
                         headers[r'X-HgArgs-Post'] = len(strargs)
                     elif args:
                         # Calling self.capable() can infinite loop if we are calling
                         # "capabilities". But that command should never accept wire
                         # protocol arguments. So this should never happen.
                         assert cmd != 'capabilities'
                         httpheader = self.capable('httpheader')
                         if httpheader:
                             headersize = int(httpheader.split(',', 1)[0])
                         # Send arguments via HTTP headers.
                         if headersize > 0:
                             # The headers can typically carry more data than the URL.
                             encargs = urlreq.urlencode(sorted(args.items()))
                             for header, value in encodevalueinheaders(encargs, 'X-HgArg',
                                                                       headersize):
                                 headers[header] = value
                                 varyheaders.append(header)
                         # Send arguments via query string (Mercurial <1.9).
                         else:
                             q += sorted(args.items())
                     qs = '?%s' % urlreq.urlencode(q)
                     cu = "%s%s" % (self._url, qs)
                     size = 0
                     if util.safehasattr(data, 'length'):
                         size = data.length
                     elif data is not None:
                         size = len(data)
                     if data is not None and r'Content-Type' not in headers:
                         headers[r'Content-Type'] = r'application/mercurial-0.1'
                     # Tell the server we accept application/mercurial-0.2 and multiple
                     # compression formats if the server is capable of emitting those
                     # payloads.
                     protoparams = {'partial-pull'}
                     mediatypes = set()
                     if self._caps is not None:
                         mt = self.capable('httpmediatype')
                         if mt:
                             protoparams.add('0.1')
                             mediatypes = set(mt.split(','))
                     if '0.2tx' in mediatypes:
                         protoparams.add('0.2')
                     if '0.2tx' in mediatypes and self.capable('compression'):
                         # We /could/ compare supported compression formats and prune
                         # non-mutually supported or error if nothing is mutually supported.
                         # For now, send the full list to the server and have it error.
                         comps = [e.wireprotosupport().name for e in
                                  util.compengines.supportedwireengines(util.CLIENTROLE)]
                         protoparams.add('comp=%s' % ','.join(comps))
                     if protoparams:
                         protoheaders = encodevalueinheaders(' '.join(sorted(protoparams)),
                                                             'X-HgProto',
                                                             headersize or 1024)
                         for header, value in protoheaders:
                             headers[header] = value
                             varyheaders.append(header)
                     if varyheaders:
                         headers[r'Vary'] = r','.join(varyheaders)
                     req = self._requestbuilder(pycompat.strurl(cu), data, headers)
                     if data is not None:
                         self.ui.debug("sending %d bytes\n" % size)
                         req.add_unredirected_header(r'Content-Length', r'%d' % size)
                     try:
                         resp = self._openurl(req)
                     except urlerr.httperror as inst:
                         if inst.code == 401:
                             raise error.Abort(_('authorization failed'))
                         raise
                     except httplib.HTTPException as inst:
                         self.ui.debug('http error while sending %s command\n' % cmd)
                         self.ui.traceback()
                         raise IOError(None, inst)
                     # Insert error handlers for common I/O failures.
                     _wraphttpresponse(resp)
                     # record the url we got redirected to
                     resp_url = pycompat.bytesurl(resp.geturl())
                     if resp_url.endswith(qs):
                         resp_url = resp_url[:-len(qs)]
                     if self._url.rstrip('/') != resp_url.rstrip('/'):
                         if not self.ui.quiet:
                             self.ui.warn(_('real URL is %s\n') % resp_url)
                     self._url = resp_url
                     try:
                         proto = pycompat.bytesurl(resp.getheader(r'content-type', r''))
                     except AttributeError:
                         proto = pycompat.bytesurl(resp.headers.get(r'content-type', r''))
                     safeurl = util.hidepassword(self._url)
                     if proto.startswith('application/hg-error'):
                         raise error.OutOfBandError(resp.read())
                     # accept old "text/plain" and "application/hg-changegroup" for now
                     if not (proto.startswith('application/mercurial-') or
                             (proto.startswith('text/plain')
                              and not resp.headers.get('content-length')) or
                             proto.startswith('application/hg-changegroup')):
                         self.ui.debug("requested URL: '%s'\n" % util.hidepassword(cu))
                         raise error.RepoError(
                             _("'%s' does not appear to be an hg repository:\n"
                               "---%%<--- (%s)\n%s\n---%%<---\n")
                             % (safeurl, proto or 'no content-type', resp.read(1024)))
                     if proto.startswith('application/mercurial-'):
                         try:
                             version = proto.split('-', 1)[1]
                             version_info = tuple([int(n) for n in version.split('.')])
                         except ValueError:
                             raise error.RepoError(_("'%s' sent a broken Content-Type "
                                                     "header (%s)") % (safeurl, proto))
                         # TODO consider switching to a decompression reader that uses
                         # generators.
                         if version_info == (0, 1):
                             if _compressible:
                                 return util.compengines['zlib'].decompressorreader(resp)
                             return resp
                         elif version_info == (0, 2):
                             # application/mercurial-0.2 always identifies the compression
                             # engine in the payload header.
                             elen = struct.unpack('B', resp.read(1))[0]
                             ename = resp.read(elen)
                             engine = util.compengines.forwiretype(ename)
                             return engine.decompressorreader(resp)
                         else:
                             raise error.RepoError(_("'%s' uses newer protocol %s") %
                                                   (safeurl, version))
                     if _compressible:
                         return util.compengines['zlib'].decompressorreader(resp)
                     return resp
                 def _call(self, cmd, **args):
                     fp = self._callstream(cmd, **args)
                     try:
                         return fp.read()
                     finally:
                         # if using keepalive, allow connection to be reused
                         fp.close()
                 def _callpush(self, cmd, cg, **args):
                     # have to stream bundle to a temp file because we do not have
                     # http 1.1 chunked transfer.
                     types = self.capable('unbundle')
                     try:
                         types = types.split(',')
                     except AttributeError:
                         # servers older than d1b16a746db6 will send 'unbundle' as a
                         # boolean capability. They only support headerless/uncompressed
                         # bundles.
                         types = [""]
                     for x in types:
                         if x in bundle2.bundletypes:
                             type = x
                             break
                     tempname = bundle2.writebundle(self.ui, cg, None, type)
                     fp = httpconnection.httpsendfile(self.ui, tempname, "rb")
                     headers = {r'Content-Type': r'application/mercurial-0.1'}
                     try:
                         r = self._call(cmd, data=fp, headers=headers, **args)
                         vals = r.split('\n', 1)
                         if len(vals) < 2:
                             raise error.ResponseError(_("unexpected response:"), r)
                         return vals
                     except urlerr.httperror:
                         # Catch and re-raise these so we don't try and treat them
                         # like generic socket errors. They lack any values in
                         # .args on Python 3 which breaks our socket.error block.
                         raise
                     except socket.error as err:
                         if err.args[0] in (errno.ECONNRESET, errno.EPIPE):
                             raise error.Abort(_('push failed: %s') % err.args[1])
                         raise error.Abort(err.args[1])
                     finally:
                         fp.close()
                         os.unlink(tempname)
                 def _calltwowaystream(self, cmd, fp, **args):
                     fh = None
                     fp_ = None
                     filename = None
                     try:
                         # dump bundle to disk
                         fd, filename = tempfile.mkstemp(prefix="hg-bundle-", suffix=".hg")
                         fh = os.fdopen(fd, r"wb")
                         d = fp.read(4096)
                         while d:
                             fh.write(d)
                             d = fp.read(4096)
                         fh.close()
                         # start http push
                         fp_ = httpconnection.httpsendfile(self.ui, filename, "rb")
                         headers = {r'Content-Type': r'application/mercurial-0.1'}
                         return self._callstream(cmd, data=fp_, headers=headers, **args)
                     finally:
                         if fp_ is not None:
                             fp_.close()
                         if fh is not None:
                             fh.close()
                             os.unlink(filename)
                 def _callcompressable(self, cmd, **args):
                     return self._callstream(cmd, _compressible=True, **args)
                 def _abort(self, exception):
                     raise exception
             # TODO implement interface for version 2 peers
             class httpv2peer(object):
                 def __init__(self, ui, repourl, opener):
                     self.ui = ui
                     if repourl.endswith('/'):
                         repourl = repourl[:-1]
                     self.url = repourl
                     self._opener = opener
                     # This is an its own attribute to facilitate extensions overriding
                     # the default type.
                     self._requestbuilder = urlreq.request
                 def close(self):
                     pass
                 # TODO require to be part of a batched primitive, use futures.
                 def _call(self, name, **args):
                     """Call a wire protocol command with arguments."""
                     # TODO permissions should come from capabilities results.
                     permission = wireproto.commandsv2[name].permission
                     if permission not in ('push', 'pull'):
                         raise error.ProgrammingError('unknown permission type: %s' %
                                                      permission)
                     permission = {
                         'push': 'rw',
                         'pull': 'ro',
                     }[permission]
-                    url = '%s/api/%s/%s/%s' % (self.url, wireprotoserver.HTTPV2, permission,
+                    url = '%s/api/%s/%s/%s' % (self.url, wireprotov2server.HTTPV2,
-                                               name)
+                                               permission, name)
                     # TODO modify user-agent to reflect v2.
                     headers = {
-                        r'Accept': wireprotoserver.FRAMINGTYPE,
+                        r'Accept': wireprotov2server.FRAMINGTYPE,
-                        r'Content-Type': wireprotoserver.FRAMINGTYPE,
+                        r'Content-Type': wireprotov2server.FRAMINGTYPE,
                     }
                     # TODO this should be part of a generic peer for the frame-based
                     # protocol.
                     reactor = wireprotoframing.clientreactor(hasmultiplesend=False,
                                                              buffersends=True)
                     request, action, meta = reactor.callcommand(name, args)
                     assert action == 'noop'
                     action, meta = reactor.flushcommands()
                     assert action == 'sendframes'
                     body = b''.join(map(bytes, meta['framegen']))
                     req = self._requestbuilder(pycompat.strurl(url), body, headers)
                     req.add_unredirected_header(r'Content-Length', r'%d' % len(body))
                     # TODO unify this code with httppeer.
                     try:
                         res = self._opener.open(req)
                     except urlerr.httperror as e:
                         if e.code == 401:
                             raise error.Abort(_('authorization failed'))
                         raise
                     except httplib.HTTPException as e:
                         self.ui.traceback()
                         raise IOError(None, e)
                     # TODO validate response type, wrap response to handle I/O errors.
                     # TODO more robust frame receiver.
                     results = []
                     while True:
                         frame = wireprotoframing.readframe(res)
                         if frame is None:
                             break
                         self.ui.note(_('received %r\n') % frame)
                         action, meta = reactor.onframerecv(frame)
                         if action == 'responsedata':
                             if meta['cbor']:
                                 payload = util.bytesio(meta['data'])
                                 decoder = cbor.CBORDecoder(payload)
                                 while payload.tell() + 1 < len(meta['data']):
                                     results.append(decoder.decode())
                             else:
                                 results.append(meta['data'])
                         else:
                             error.ProgrammingError('unhandled action: %s' % action)
                     return results
             def makepeer(ui, path):
                 u = util.url(path)
                 if u.query or u.fragment:
                     raise error.Abort(_('unsupported URL component: "%s"') %
                                       (u.query or u.fragment))
                 # urllib cannot handle URLs with embedded user or passwd.
                 url, authinfo = u.authinfo()
                 ui.debug('using %s\n' % url)
                 opener = urlmod.opener(ui, authinfo)
                 return httppeer(ui, path, url, opener)
             def instance(ui, path, create):
                 if create:
                     raise error.Abort(_('cannot create new http repository'))
                 try:
                     if path.startswith('https:') and not urlmod.has_https:
                         raise error.Abort(_('Python support for SSL and HTTPS '
                                             'is not installed'))
                     inst = makepeer(ui, path)
                     inst._fetchcaps()
                     return inst
                 except error.RepoError as httpexception:
                     try:
                         r = statichttprepo.instance(ui, "static-" + path, create)
                         ui.note(_('(falling back to static-http)\n'))
                         return r
                     except error.RepoError:
                         raise httpexception # use the original http RepoError instead

mercurial/wireprotoserver.py

0 +3 -344

             # Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>
             # Copyright 2005-2007 Matt Mackall <mpm@selenic.com>
             #
             # This software may be used and distributed according to the terms of the
             # GNU General Public License version 2 or any later version.
             from __future__ import absolute_import
             import contextlib
             import struct
             import sys
             import threading
             from .i18n import _
-            from .thirdparty import (
-                cbor,
             from .thirdparty.zope import (
                 interface as zi,
             )
             from . import (
                 encoding,
                 error,
                 hook,
                 pycompat,
                 util,
                 wireproto,
-                wireprotoframing,
                 wireprototypes,
+                wireprotov2server,
             )
             from .utils import (
                 procutil,
             )
             stringio = util.stringio
             urlerr = util.urlerr
             urlreq = util.urlreq
             HTTP_OK = 200
             HGTYPE = 'application/mercurial-0.1'
             HGTYPE2 = 'application/mercurial-0.2'
             HGERRTYPE = 'application/hg-error'
-            FRAMINGTYPE = b'application/mercurial-exp-framing-0003'
-            HTTPV2 = wireprototypes.HTTPV2
             SSHV1 = wireprototypes.SSHV1
             SSHV2 = wireprototypes.SSHV2
             def decodevaluefromheaders(req, headerprefix):
                 """Decode a long value from multiple HTTP request headers.
                 Returns the value as a bytes, not a str.
                 """
                 chunks = []
                 i = 1
                 while True:
                     v = req.headers.get(b'%s-%d' % (headerprefix, i))
                     if v is None:
                         break
                     chunks.append(pycompat.bytesurl(v))
                     i += 1
                 return ''.join(chunks)
             @zi.implementer(wireprototypes.baseprotocolhandler)
             class httpv1protocolhandler(object):
                 def __init__(self, req, ui, checkperm):
                     self._req = req
                     self._ui = ui
                     self._checkperm = checkperm
                     self._protocaps = None
                 @property
                 def name(self):
                     return 'http-v1'
                 def getargs(self, args):
                     knownargs = self._args()
                     data = {}
                     keys = args.split()
                     for k in keys:
                         if k == '*':
                             star = {}
                             for key in knownargs.keys():
                                 if key != 'cmd' and key not in keys:
                                     star[key] = knownargs[key][0]
                             data['*'] = star
                         else:
                             data[k] = knownargs[k][0]
                     return [data[k] for k in keys]
                 def _args(self):
                     args = self._req.qsparams.asdictoflists()
                     postlen = int(self._req.headers.get(b'X-HgArgs-Post', 0))
                     if postlen:
                         args.update(urlreq.parseqs(
                             self._req.bodyfh.read(postlen), keep_blank_values=True))
                         return args
                     argvalue = decodevaluefromheaders(self._req, b'X-HgArg')
                     args.update(urlreq.parseqs(argvalue, keep_blank_values=True))
                     return args
                 def getprotocaps(self):
                     if self._protocaps is None:
                         value = decodevaluefromheaders(self._req, r'X-HgProto')
                         self._protocaps = set(value.split(' '))
                     return self._protocaps
                 def getpayload(self):
                     # Existing clients *always* send Content-Length.
                     length = int(self._req.headers[b'Content-Length'])
                     # If httppostargs is used, we need to read Content-Length
                     # minus the amount that was consumed by args.
                     length -= int(self._req.headers.get(b'X-HgArgs-Post', 0))
                     return util.filechunkiter(self._req.bodyfh, limit=length)
                 @contextlib.contextmanager
                 def mayberedirectstdio(self):
                     oldout = self._ui.fout
                     olderr = self._ui.ferr
                     out = util.stringio()
                     try:
                         self._ui.fout = out
                         self._ui.ferr = out
                         yield out
                     finally:
                         self._ui.fout = oldout
                         self._ui.ferr = olderr
                 def client(self):
                     return 'remote:%s:%s:%s' % (
                         self._req.urlscheme,
                         urlreq.quote(self._req.remotehost or ''),
                         urlreq.quote(self._req.remoteuser or ''))
                 def addcapabilities(self, repo, caps):
                     caps.append(b'batch')
                     caps.append('httpheader=%d' %
                                 repo.ui.configint('server', 'maxhttpheaderlen'))
                     if repo.ui.configbool('experimental', 'httppostargs'):
                         caps.append('httppostargs')
                     # FUTURE advertise 0.2rx once support is implemented
                     # FUTURE advertise minrx and mintx after consulting config option
                     caps.append('httpmediatype=0.1rx,0.1tx,0.2tx')
                     compengines = wireproto.supportedcompengines(repo.ui, util.SERVERROLE)
                     if compengines:
                         comptypes = ','.join(urlreq.quote(e.wireprotosupport().name)
                                              for e in compengines)
                         caps.append('compression=%s' % comptypes)
                     return caps
                 def checkperm(self, perm):
                     return self._checkperm(perm)
             # This method exists mostly so that extensions like remotefilelog can
             # disable a kludgey legacy method only over http. As of early 2018,
             # there are no other known users, so with any luck we can discard this
             # hook if remotefilelog becomes a first-party extension.
             def iscmd(cmd):
                 return cmd in wireproto.commands
             def handlewsgirequest(rctx, req, res, checkperm):
                 """Possibly process a wire protocol request.
                 If the current request is a wire protocol request, the request is
                 processed by this function.
                 ``req`` is a ``parsedrequest`` instance.
                 ``res`` is a ``wsgiresponse`` instance.
                 Returns a bool indicating if the request was serviced. If set, the caller
                 should stop processing the request, as a response has already been issued.
                 """
                 # Avoid cycle involving hg module.
                 from .hgweb import common as hgwebcommon
                 repo = rctx.repo
                 # HTTP version 1 wire protocol requests are denoted by a "cmd" query
                 # string parameter. If it isn't present, this isn't a wire protocol
                 # request.
                 if 'cmd' not in req.qsparams:
                     return False
                 cmd = req.qsparams['cmd']
                 # The "cmd" request parameter is used by both the wire protocol and hgweb.
                 # While not all wire protocol commands are available for all transports,
                 # if we see a "cmd" value that resembles a known wire protocol command, we
                 # route it to a protocol handler. This is better than routing possible
                 # wire protocol requests to hgweb because it prevents hgweb from using
                 # known wire protocol commands and it is less confusing for machine
                 # clients.
                 if not iscmd(cmd):
                     return False
                 # The "cmd" query string argument is only valid on the root path of the
                 # repo. e.g. ``/?cmd=foo``, ``/repo?cmd=foo``. URL paths within the repo
                 # like ``/blah?cmd=foo`` are not allowed. So don't recognize the request
                 # in this case. We send an HTTP 404 for backwards compatibility reasons.
                 if req.dispatchpath:
                     res.status = hgwebcommon.statusmessage(404)
                     res.headers['Content-Type'] = HGTYPE
                     # TODO This is not a good response to issue for this request. This
                     # is mostly for BC for now.
                     res.setbodybytes('0\n%s\n' % b'Not Found')
                     return True
                 proto = httpv1protocolhandler(req, repo.ui,
                                               lambda perm: checkperm(rctx, req, perm))
                 # The permissions checker should be the only thing that can raise an
                 # ErrorResponse. It is kind of a layer violation to catch an hgweb
                 # exception here. So consider refactoring into a exception type that
                 # is associated with the wire protocol.
                 try:
                     _callhttp(repo, req, res, proto, cmd)
                 except hgwebcommon.ErrorResponse as e:
                     for k, v in e.headers:
                         res.headers[k] = v
                     res.status = hgwebcommon.statusmessage(e.code, pycompat.bytestr(e))
                     # TODO This response body assumes the failed command was
                     # "unbundle." That assumption is not always valid.
                     res.setbodybytes('0\n%s\n' % pycompat.bytestr(e))
                 return True
             def handlewsgiapirequest(rctx, req, res, checkperm):
                 """Handle requests to /api/*."""
                 assert req.dispatchparts[0] == b'api'
                 repo = rctx.repo
                 # This whole URL space is experimental for now. But we want to
                 # reserve the URL space. So, 404 all URLs if the feature isn't enabled.
                 if not repo.ui.configbool('experimental', 'web.apiserver'):
                     res.status = b'404 Not Found'
                     res.headers[b'Content-Type'] = b'text/plain'
                     res.setbodybytes(_('Experimental API server endpoint not enabled'))
                     return
                 # The URL space is /api/<protocol>/*. The structure of URLs under varies
                 # by <protocol>.
                 # Registered APIs are made available via config options of the name of
                 # the protocol.
                 availableapis = set()
                 for k, v in API_HANDLERS.items():
                     section, option = v['config']
                     if repo.ui.configbool(section, option):
                         availableapis.add(k)
                 # Requests to /api/ list available APIs.
                 if req.dispatchparts == [b'api']:
                     res.status = b'200 OK'
                     res.headers[b'Content-Type'] = b'text/plain'
                     lines = [_('APIs can be accessed at /api/<name>, where <name> can be '
                                'one of the following:\n')]
                     if availableapis:
                         lines.extend(sorted(availableapis))
                     else:
                         lines.append(_('(no available APIs)\n'))
                     res.setbodybytes(b'\n'.join(lines))
                     return
                 proto = req.dispatchparts[1]
                 if proto not in API_HANDLERS:
                     res.status = b'404 Not Found'
                     res.headers[b'Content-Type'] = b'text/plain'
                     res.setbodybytes(_('Unknown API: %s\nKnown APIs: %s') % (
                         proto, b', '.join(sorted(availableapis))))
                     return
                 if proto not in availableapis:
                     res.status = b'404 Not Found'
                     res.headers[b'Content-Type'] = b'text/plain'
                     res.setbodybytes(_('API %s not enabled\n') % proto)
                     return
                 API_HANDLERS[proto]['handler'](rctx, req, res, checkperm,
                                                req.dispatchparts[2:])
-            def _handlehttpv2request(rctx, req, res, checkperm, urlparts):
-                from .hgweb import common as hgwebcommon
-                # URL space looks like: <permissions>/<command>, where <permission> can
-                # be ``ro`` or ``rw`` to signal read-only or read-write, respectively.
-                # Root URL does nothing meaningful... yet.
-                if not urlparts:
-                    res.status = b'200 OK'
-                    res.headers[b'Content-Type'] = b'text/plain'
-                    res.setbodybytes(_('HTTP version 2 API handler'))
-                    return
-                if len(urlparts) == 1:
-                    res.status = b'404 Not Found'
-                    res.headers[b'Content-Type'] = b'text/plain'
-                    res.setbodybytes(_('do not know how to process %s\n') %
-                                     req.dispatchpath)
-                    return
-                permission, command = urlparts[0:2]
-                if permission not in (b'ro', b'rw'):
-                    res.status = b'404 Not Found'
-                    res.headers[b'Content-Type'] = b'text/plain'
-                    res.setbodybytes(_('unknown permission: %s') % permission)
-                    return
-                if req.method != 'POST':
-                    res.status = b'405 Method Not Allowed'
-                    res.headers[b'Allow'] = b'POST'
-                    res.setbodybytes(_('commands require POST requests'))
-                    return
-                # At some point we'll want to use our own API instead of recycling the
-                # behavior of version 1 of the wire protocol...
-                # TODO return reasonable responses - not responses that overload the
-                # HTTP status line message for error reporting.
-                try:
-                    checkperm(rctx, req, 'pull' if permission == b'ro' else 'push')
-                except hgwebcommon.ErrorResponse as e:
-                    res.status = hgwebcommon.statusmessage(e.code, pycompat.bytestr(e))
-                    for k, v in e.headers:
-                        res.headers[k] = v
-                    res.setbodybytes('permission denied')
-                    return
-                # We have a special endpoint to reflect the request back at the client.
-                if command == b'debugreflect':
-                    _processhttpv2reflectrequest(rctx.repo.ui, rctx.repo, req, res)
-                    return
-                # Extra commands that we handle that aren't really wire protocol
-                # commands. Think extra hard before making this hackery available to
-                # extension.
-                extracommands = {'multirequest'}
-                if command not in wireproto.commandsv2 and command not in extracommands:
-                    res.status = b'404 Not Found'
-                    res.headers[b'Content-Type'] = b'text/plain'
-                    res.setbodybytes(_('unknown wire protocol command: %s\n') % command)
-                    return
-                repo = rctx.repo
-                ui = repo.ui
-                proto = httpv2protocolhandler(req, ui)
-                if (not wireproto.commandsv2.commandavailable(command, proto)
-                    and command not in extracommands):
-                    res.status = b'404 Not Found'
-                    res.headers[b'Content-Type'] = b'text/plain'
-                    res.setbodybytes(_('invalid wire protocol command: %s') % command)
-                    return
-                # TODO consider cases where proxies may add additional Accept headers.
-                if req.headers.get(b'Accept') != FRAMINGTYPE:
-                    res.status = b'406 Not Acceptable'
-                    res.headers[b'Content-Type'] = b'text/plain'
-                    res.setbodybytes(_('client MUST specify Accept header with value: %s\n')
-                                       % FRAMINGTYPE)
-                    return
-                if req.headers.get(b'Content-Type') != FRAMINGTYPE:
-                    res.status = b'415 Unsupported Media Type'
-                    # TODO we should send a response with appropriate media type,
-                    # since client does Accept it.
-                    res.headers[b'Content-Type'] = b'text/plain'
-                    res.setbodybytes(_('client MUST send Content-Type header with '
-                                       'value: %s\n') % FRAMINGTYPE)
-                    return
-                _processhttpv2request(ui, repo, req, res, permission, command, proto)
-            def _processhttpv2reflectrequest(ui, repo, req, res):
-                """Reads unified frame protocol request and dumps out state to client.
-                This special endpoint can be used to help debug the wire protocol.
-                Instead of routing the request through the normal dispatch mechanism,
-                we instead read all frames, decode them, and feed them into our state
-                tracker. We then dump the log of all that activity back out to the
-                client.
-                """
-                import json
-                # Reflection APIs have a history of being abused, accidentally disclosing
-                # sensitive data, etc. So we have a config knob.
-                if not ui.configbool('experimental', 'web.api.debugreflect'):
-                    res.status = b'404 Not Found'
-                    res.headers[b'Content-Type'] = b'text/plain'
-                    res.setbodybytes(_('debugreflect service not available'))
-                    return
-                # We assume we have a unified framing protocol request body.
-                reactor = wireprotoframing.serverreactor()
-                states = []
-                while True:
-                    frame = wireprotoframing.readframe(req.bodyfh)
-                    if not frame:
-                        states.append(b'received: <no frame>')
-                        break
-                    states.append(b'received: %d %d %d %s' % (frame.typeid, frame.flags,
-                                                              frame.requestid,
-                                                              frame.payload))
-                    action, meta = reactor.onframerecv(frame)
-                    states.append(json.dumps((action, meta), sort_keys=True,
-                                             separators=(', ', ': ')))
-                action, meta = reactor.oninputeof()
-                meta['action'] = action
-                states.append(json.dumps(meta, sort_keys=True, separators=(', ',': ')))
-                res.status = b'200 OK'
-                res.headers[b'Content-Type'] = b'text/plain'
-                res.setbodybytes(b'\n'.join(states))
-            def _processhttpv2request(ui, repo, req, res, authedperm, reqcommand, proto):
-                """Post-validation handler for HTTPv2 requests.
-                Called when the HTTP request contains unified frame-based protocol
-                frames for evaluation.
-                """
-                # TODO Some HTTP clients are full duplex and can receive data before
-                # the entire request is transmitted. Figure out a way to indicate support
-                # for that so we can opt into full duplex mode.
-                reactor = wireprotoframing.serverreactor(deferoutput=True)
-                seencommand = False
-                outstream = reactor.makeoutputstream()
-                while True:
-                    frame = wireprotoframing.readframe(req.bodyfh)
-                    if not frame:
-                        break
-                    action, meta = reactor.onframerecv(frame)
-                    if action == 'wantframe':
-                        # Need more data before we can do anything.
-                        continue
-                    elif action == 'runcommand':
-                        sentoutput = _httpv2runcommand(ui, repo, req, res, authedperm,
-                                                       reqcommand, reactor, outstream,
-                                                       meta, issubsequent=seencommand)
-                        if sentoutput:
-                            return
-                        seencommand = True
-                    elif action == 'error':
-                        # TODO define proper error mechanism.
-                        res.status = b'200 OK'
-                        res.headers[b'Content-Type'] = b'text/plain'
-                        res.setbodybytes(meta['message'] + b'\n')
-                        return
-                    else:
-                        raise error.ProgrammingError(
-                            'unhandled action from frame processor: %s' % action)
-                action, meta = reactor.oninputeof()
-                if action == 'sendframes':
-                    # We assume we haven't started sending the response yet. If we're
-                    # wrong, the response type will raise an exception.
-                    res.status = b'200 OK'
-                    res.headers[b'Content-Type'] = FRAMINGTYPE
-                    res.setbodygen(meta['framegen'])
-                elif action == 'noop':
-                    pass
-                else:
-                    raise error.ProgrammingError('unhandled action from frame processor: %s'
-                                                 % action)
-            def _httpv2runcommand(ui, repo, req, res, authedperm, reqcommand, reactor,
-                                  outstream, command, issubsequent):
-                """Dispatch a wire protocol command made from HTTPv2 requests.
-                The authenticated permission (``authedperm``) along with the original
-                command from the URL (``reqcommand``) are passed in.
-                """
-                # We already validated that the session has permissions to perform the
-                # actions in ``authedperm``. In the unified frame protocol, the canonical
-                # command to run is expressed in a frame. However, the URL also requested
-                # to run a specific command. We need to be careful that the command we
-                # run doesn't have permissions requirements greater than what was granted
-                # by ``authedperm``.
-                # Our rule for this is we only allow one command per HTTP request and
-                # that command must match the command in the URL. However, we make
-                # an exception for the ``multirequest`` URL. This URL is allowed to
-                # execute multiple commands. We double check permissions of each command
-                # as it is invoked to ensure there is no privilege escalation.
-                # TODO consider allowing multiple commands to regular command URLs
-                # iff each command is the same.
-                proto = httpv2protocolhandler(req, ui, args=command['args'])
-                if reqcommand == b'multirequest':
-                    if not wireproto.commandsv2.commandavailable(command['command'], proto):
-                        # TODO proper error mechanism
-                        res.status = b'200 OK'
-                        res.headers[b'Content-Type'] = b'text/plain'
-                        res.setbodybytes(_('wire protocol command not available: %s') %
-                                         command['command'])
-                        return True
-                    # TODO don't use assert here, since it may be elided by -O.
-                    assert authedperm in (b'ro', b'rw')
-                    wirecommand = wireproto.commandsv2[command['command']]
-                    assert wirecommand.permission in ('push', 'pull')
-                    if authedperm == b'ro' and wirecommand.permission != 'pull':
-                        # TODO proper error mechanism
-                        res.status = b'403 Forbidden'
-                        res.headers[b'Content-Type'] = b'text/plain'
-                        res.setbodybytes(_('insufficient permissions to execute '
-                                           'command: %s') % command['command'])
-                        return True
-                    # TODO should we also call checkperm() here? Maybe not if we're going
-                    # to overhaul that API. The granted scope from the URL check should
-                    # be good enough.
-                else:
-                    # Don't allow multiple commands outside of ``multirequest`` URL.
-                    if issubsequent:
-                        # TODO proper error mechanism
-                        res.status = b'200 OK'
-                        res.headers[b'Content-Type'] = b'text/plain'
-                        res.setbodybytes(_('multiple commands cannot be issued to this '
-                                           'URL'))
-                        return True
-                    if reqcommand != command['command']:
-                        # TODO define proper error mechanism
-                        res.status = b'200 OK'
-                        res.headers[b'Content-Type'] = b'text/plain'
-                        res.setbodybytes(_('command in frame must match command in URL'))
-                        return True
-                rsp = wireproto.dispatch(repo, proto, command['command'])
-                res.status = b'200 OK'
-                res.headers[b'Content-Type'] = FRAMINGTYPE
-                if isinstance(rsp, wireprototypes.bytesresponse):
-                    action, meta = reactor.onbytesresponseready(outstream,
-                                                                command['requestid'],
-                                                                rsp.data)
-                elif isinstance(rsp, wireprototypes.cborresponse):
-                    encoded = cbor.dumps(rsp.value, canonical=True)
-                    action, meta = reactor.onbytesresponseready(outstream,
-                                                                command['requestid'],
-                                                                encoded,
-                                                                iscbor=True)
-                else:
-                    action, meta = reactor.onapplicationerror(
-                        _('unhandled response type from wire proto command'))
-                if action == 'sendframes':
-                    res.setbodygen(meta['framegen'])
-                    return True
-                elif action == 'noop':
-                    return False
-                else:
-                    raise error.ProgrammingError('unhandled event from reactor: %s' %
-                                                 action)
             # Maps API name to metadata so custom API can be registered.
             API_HANDLERS = {
-                HTTPV2: {
+                wireprotov2server.HTTPV2: {
                     'config': ('experimental', 'web.api.http-v2'),
-                    'handler': _handlehttpv2request,
+                    'handler': wireprotov2server.handlehttpv2request,
                 },
             }
-            @zi.implementer(wireprototypes.baseprotocolhandler)
-            class httpv2protocolhandler(object):
-                def __init__(self, req, ui, args=None):
-                    self._req = req
-                    self._ui = ui
-                    self._args = args
-                @property
-                def name(self):
-                    return HTTPV2
-                def getargs(self, args):
-                    data = {}
-                    for k, typ in args.items():
-                        if k == '*':
-                            raise NotImplementedError('do not support * args')
-                        elif k in self._args:
-                            # TODO consider validating value types.
-                            data[k] = self._args[k]
-                    return data
-                def getprotocaps(self):
-                    # Protocol capabilities are currently not implemented for HTTP V2.
-                    return set()
-                def getpayload(self):
-                    raise NotImplementedError
-                @contextlib.contextmanager
-                def mayberedirectstdio(self):
-                    raise NotImplementedError
-                def client(self):
-                    raise NotImplementedError
-                def addcapabilities(self, repo, caps):
-                    return caps
-                def checkperm(self, perm):
-                    raise NotImplementedError
             def _httpresponsetype(ui, proto, prefer_uncompressed):
                 """Determine the appropriate response type and compression settings.
                 Returns a tuple of (mediatype, compengine, engineopts).
                 """
                 # Determine the response media type and compression engine based
                 # on the request parameters.
                 if '0.2' in proto.getprotocaps():
                     # All clients are expected to support uncompressed data.
                     if prefer_uncompressed:
                         return HGTYPE2, util._noopengine(), {}
                     # Now find an agreed upon compression format.
                     compformats = wireproto.clientcompressionsupport(proto)
                     for engine in wireproto.supportedcompengines(ui, util.SERVERROLE):
                         if engine.wireprotosupport().name in compformats:
                             opts = {}
                             level = ui.configint('server', '%slevel' % engine.name())
                             if level is not None:
                                 opts['level'] = level
                             return HGTYPE2, engine, opts
                     # No mutually supported compression format. Fall back to the
                     # legacy protocol.
                 # Don't allow untrusted settings because disabling compression or
                 # setting a very high compression level could lead to flooding
                 # the server's network or CPU.
                 opts = {'level': ui.configint('server', 'zliblevel')}
                 return HGTYPE, util.compengines['zlib'], opts
             def _callhttp(repo, req, res, proto, cmd):
                 # Avoid cycle involving hg module.
                 from .hgweb import common as hgwebcommon
                 def genversion2(gen, engine, engineopts):
                     # application/mercurial-0.2 always sends a payload header
                     # identifying the compression engine.
                     name = engine.wireprotosupport().name
                     assert 0 < len(name) < 256
                     yield struct.pack('B', len(name))
                     yield name
                     for chunk in gen:
                         yield chunk
                 def setresponse(code, contenttype, bodybytes=None, bodygen=None):
                     if code == HTTP_OK:
                         res.status = '200 Script output follows'
                     else:
                         res.status = hgwebcommon.statusmessage(code)
                     res.headers['Content-Type'] = contenttype
                     if bodybytes is not None:
                         res.setbodybytes(bodybytes)
                     if bodygen is not None:
                         res.setbodygen(bodygen)
                 if not wireproto.commands.commandavailable(cmd, proto):
                     setresponse(HTTP_OK, HGERRTYPE,
                                 _('requested wire protocol command is not available over '
                                   'HTTP'))
                     return
                 proto.checkperm(wireproto.commands[cmd].permission)
                 rsp = wireproto.dispatch(repo, proto, cmd)
                 if isinstance(rsp, bytes):
                     setresponse(HTTP_OK, HGTYPE, bodybytes=rsp)
                 elif isinstance(rsp, wireprototypes.bytesresponse):
                     setresponse(HTTP_OK, HGTYPE, bodybytes=rsp.data)
                 elif isinstance(rsp, wireprototypes.streamreslegacy):
                     setresponse(HTTP_OK, HGTYPE, bodygen=rsp.gen)
                 elif isinstance(rsp, wireprototypes.streamres):
                     gen = rsp.gen
                     # This code for compression should not be streamres specific. It
                     # is here because we only compress streamres at the moment.
                     mediatype, engine, engineopts = _httpresponsetype(
                         repo.ui, proto, rsp.prefer_uncompressed)
                     gen = engine.compressstream(gen, engineopts)
                     if mediatype == HGTYPE2:
                         gen = genversion2(gen, engine, engineopts)
                     setresponse(HTTP_OK, mediatype, bodygen=gen)
                 elif isinstance(rsp, wireprototypes.pushres):
                     rsp = '%d\n%s' % (rsp.res, rsp.output)
                     setresponse(HTTP_OK, HGTYPE, bodybytes=rsp)
                 elif isinstance(rsp, wireprototypes.pusherr):
                     rsp = '0\n%s\n' % rsp.res
                     res.drain = True
                     setresponse(HTTP_OK, HGTYPE, bodybytes=rsp)
                 elif isinstance(rsp, wireprototypes.ooberror):
                     setresponse(HTTP_OK, HGERRTYPE, bodybytes=rsp.message)
                 else:
                     raise error.ProgrammingError('hgweb.protocol internal failure', rsp)
             def _sshv1respondbytes(fout, value):
                 """Send a bytes response for protocol version 1."""
                 fout.write('%d\n' % len(value))
                 fout.write(value)
                 fout.flush()
             def _sshv1respondstream(fout, source):
                 write = fout.write
                 for chunk in source.gen:
                     write(chunk)
                 fout.flush()
             def _sshv1respondooberror(fout, ferr, rsp):
                 ferr.write(b'%s\n-\n' % rsp)
                 ferr.flush()
                 fout.write(b'\n')
                 fout.flush()
             @zi.implementer(wireprototypes.baseprotocolhandler)
             class sshv1protocolhandler(object):
                 """Handler for requests services via version 1 of SSH protocol."""
                 def __init__(self, ui, fin, fout):
                     self._ui = ui
                     self._fin = fin
                     self._fout = fout
                     self._protocaps = set()
                 @property
                 def name(self):
                     return wireprototypes.SSHV1
                 def getargs(self, args):
                     data = {}
                     keys = args.split()
                     for n in xrange(len(keys)):
                         argline = self._fin.readline()[:-1]
                         arg, l = argline.split()
                         if arg not in keys:
                             raise error.Abort(_("unexpected parameter %r") % arg)
                         if arg == '*':
                             star = {}
                             for k in xrange(int(l)):
                                 argline = self._fin.readline()[:-1]
                                 arg, l = argline.split()
                                 val = self._fin.read(int(l))
                                 star[arg] = val
                             data['*'] = star
                         else:
                             val = self._fin.read(int(l))
                             data[arg] = val
                     return [data[k] for k in keys]
                 def getprotocaps(self):
                     return self._protocaps
                 def getpayload(self):
                     # We initially send an empty response. This tells the client it is
                     # OK to start sending data. If a client sees any other response, it
                     # interprets it as an error.
                     _sshv1respondbytes(self._fout, b'')
                     # The file is in the form:
                     #
                     # <chunk size>\n<chunk>
                     # ...
                     # 0\n
                     count = int(self._fin.readline())
                     while count:
                         yield self._fin.read(count)
                         count = int(self._fin.readline())
                 @contextlib.contextmanager
                 def mayberedirectstdio(self):
                     yield None
                 def client(self):
                     client = encoding.environ.get('SSH_CLIENT', '').split(' ', 1)[0]
                     return 'remote:ssh:' + client
                 def addcapabilities(self, repo, caps):
                     if self.name == wireprototypes.SSHV1:
                         caps.append(b'protocaps')
                     caps.append(b'batch')
                     return caps
                 def checkperm(self, perm):
                     pass
             class sshv2protocolhandler(sshv1protocolhandler):
                 """Protocol handler for version 2 of the SSH protocol."""
                 @property
                 def name(self):
                     return wireprototypes.SSHV2
                 def addcapabilities(self, repo, caps):
                     return caps
             def _runsshserver(ui, repo, fin, fout, ev):
                 # This function operates like a state machine of sorts. The following
                 # states are defined:
                 #
                 # protov1-serving
                 #    Server is in protocol version 1 serving mode. Commands arrive on
                 #    new lines. These commands are processed in this state, one command
                 #    after the other.
                 #
                 # protov2-serving
                 #    Server is in protocol version 2 serving mode.
                 #
                 # upgrade-initial
                 #    The server is going to process an upgrade request.
                 #
                 # upgrade-v2-filter-legacy-handshake
                 #    The protocol is being upgraded to version 2. The server is expecting
                 #    the legacy handshake from version 1.
                 #
                 # upgrade-v2-finish
                 #    The upgrade to version 2 of the protocol is imminent.
                 #
                 # shutdown
                 #    The server is shutting down, possibly in reaction to a client event.
                 #
                 # And here are their transitions:
                 #
                 # protov1-serving -> shutdown
                 #    When server receives an empty request or encounters another
                 #    error.
                 #
                 # protov1-serving -> upgrade-initial
                 #    An upgrade request line was seen.
                 #
                 # upgrade-initial -> upgrade-v2-filter-legacy-handshake
                 #    Upgrade to version 2 in progress. Server is expecting to
                 #    process a legacy handshake.
                 #
                 # upgrade-v2-filter-legacy-handshake -> shutdown
                 #    Client did not fulfill upgrade handshake requirements.
                 #
                 # upgrade-v2-filter-legacy-handshake -> upgrade-v2-finish
                 #    Client fulfilled version 2 upgrade requirements. Finishing that
                 #    upgrade.
                 #
                 # upgrade-v2-finish -> protov2-serving
                 #    Protocol upgrade to version 2 complete. Server can now speak protocol
                 #    version 2.
                 #
                 # protov2-serving -> protov1-serving
                 #    Ths happens by default since protocol version 2 is the same as
                 #    version 1 except for the handshake.
                 state = 'protov1-serving'
                 proto = sshv1protocolhandler(ui, fin, fout)
                 protoswitched = False
                 while not ev.is_set():
                     if state == 'protov1-serving':
                         # Commands are issued on new lines.
                         request = fin.readline()[:-1]
                         # Empty lines signal to terminate the connection.
                         if not request:
                             state = 'shutdown'
                             continue
                         # It looks like a protocol upgrade request. Transition state to
                         # handle it.
                         if request.startswith(b'upgrade '):
                             if protoswitched:
                                 _sshv1respondooberror(fout, ui.ferr,
                                                       b'cannot upgrade protocols multiple '
                                                       b'times')
                                 state = 'shutdown'
                                 continue
                             state = 'upgrade-initial'
                             continue
                         available = wireproto.commands.commandavailable(request, proto)
                         # This command isn't available. Send an empty response and go
                         # back to waiting for a new command.
                         if not available:
                             _sshv1respondbytes(fout, b'')
                             continue
                         rsp = wireproto.dispatch(repo, proto, request)
                         if isinstance(rsp, bytes):
                             _sshv1respondbytes(fout, rsp)
                         elif isinstance(rsp, wireprototypes.bytesresponse):
                             _sshv1respondbytes(fout, rsp.data)
                         elif isinstance(rsp, wireprototypes.streamres):
                             _sshv1respondstream(fout, rsp)
                         elif isinstance(rsp, wireprototypes.streamreslegacy):
                             _sshv1respondstream(fout, rsp)
                         elif isinstance(rsp, wireprototypes.pushres):
                             _sshv1respondbytes(fout, b'')
                             _sshv1respondbytes(fout, b'%d' % rsp.res)
                         elif isinstance(rsp, wireprototypes.pusherr):
                             _sshv1respondbytes(fout, rsp.res)
                         elif isinstance(rsp, wireprototypes.ooberror):
                             _sshv1respondooberror(fout, ui.ferr, rsp.message)
                         else:
                             raise error.ProgrammingError('unhandled response type from '
                                                          'wire protocol command: %s' % rsp)
                     # For now, protocol version 2 serving just goes back to version 1.
                     elif state == 'protov2-serving':
                         state = 'protov1-serving'
                         continue
                     elif state == 'upgrade-initial':
                         # We should never transition into this state if we've switched
                         # protocols.
                         assert not protoswitched
                         assert proto.name == wireprototypes.SSHV1
                         # Expected: upgrade <token> <capabilities>
                         # If we get something else, the request is malformed. It could be
                         # from a future client that has altered the upgrade line content.
                         # We treat this as an unknown command.
                         try:
                             token, caps = request.split(b' ')[1:]
                         except ValueError:
                             _sshv1respondbytes(fout, b'')
                             state = 'protov1-serving'
                             continue
                         # Send empty response if we don't support upgrading protocols.
                         if not ui.configbool('experimental', 'sshserver.support-v2'):
                             _sshv1respondbytes(fout, b'')
                             state = 'protov1-serving'
                             continue
                         try:
                             caps = urlreq.parseqs(caps)
                         except ValueError:
                             _sshv1respondbytes(fout, b'')
                             state = 'protov1-serving'
                             continue
                         # We don't see an upgrade request to protocol version 2. Ignore
                         # the upgrade request.
                         wantedprotos = caps.get(b'proto', [b''])[0]
                         if SSHV2 not in wantedprotos:
                             _sshv1respondbytes(fout, b'')
                             state = 'protov1-serving'
                             continue
                         # It looks like we can honor this upgrade request to protocol 2.
                         # Filter the rest of the handshake protocol request lines.
                         state = 'upgrade-v2-filter-legacy-handshake'
                         continue
                     elif state == 'upgrade-v2-filter-legacy-handshake':
                         # Client should have sent legacy handshake after an ``upgrade``
                         # request. Expected lines:
                         #
                         #    hello
                         #    between
                         #    pairs 81
                         #    0000...-0000...
                         ok = True
                         for line in (b'hello', b'between', b'pairs 81'):
                             request = fin.readline()[:-1]
                             if request != line:
                                 _sshv1respondooberror(fout, ui.ferr,
                                                       b'malformed handshake protocol: '
                                                       b'missing %s' % line)
                                 ok = False
                                 state = 'shutdown'
                                 break
                         if not ok:
                             continue
                         request = fin.read(81)
                         if request != b'%s-%s' % (b'0' * 40, b'0' * 40):
                             _sshv1respondooberror(fout, ui.ferr,
                                                   b'malformed handshake protocol: '
                                                   b'missing between argument value')
                             state = 'shutdown'
                             continue
                         state = 'upgrade-v2-finish'
                         continue
                     elif state == 'upgrade-v2-finish':
                         # Send the upgrade response.
                         fout.write(b'upgraded %s %s\n' % (token, SSHV2))
                         servercaps = wireproto.capabilities(repo, proto)
                         rsp = b'capabilities: %s' % servercaps.data
                         fout.write(b'%d\n%s\n' % (len(rsp), rsp))
                         fout.flush()
                         proto = sshv2protocolhandler(ui, fin, fout)
                         protoswitched = True
                         state = 'protov2-serving'
                         continue
                     elif state == 'shutdown':
                         break
                     else:
                         raise error.ProgrammingError('unhandled ssh server state: %s' %
                                                      state)
             class sshserver(object):
                 def __init__(self, ui, repo, logfh=None):
                     self._ui = ui
                     self._repo = repo
                     self._fin = ui.fin
                     self._fout = ui.fout
                     # Log write I/O to stdout and stderr if configured.
                     if logfh:
                         self._fout = util.makeloggingfileobject(
                             logfh, self._fout, 'o', logdata=True)
                         ui.ferr = util.makeloggingfileobject(
                             logfh, ui.ferr, 'e', logdata=True)
                     hook.redirect(True)
                     ui.fout = repo.ui.fout = ui.ferr
                     # Prevent insertion/deletion of CRs
                     procutil.setbinary(self._fin)
                     procutil.setbinary(self._fout)
                 def serve_forever(self):
                     self.serveuntil(threading.Event())
                     sys.exit(0)
                 def serveuntil(self, ev):
                     """Serve until a threading.Event is set."""
                     _runsshserver(self._ui, self._repo, self._fin, self._fout, ev)

mercurial/wireprotov2server.py mercurial/wireprotoserver.py

0 copied +1 -715

This diff has been collapsed as it changes many lines, (716 lines changed) Show them Hide them
	@@ -1,1078 +1,364 b''
	1	# Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>	1	# Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>
	2	# Copyright 2005-2007 Matt Mackall <mpm@selenic.com>	2	# Copyright 2005-2007 Matt Mackall <mpm@selenic.com>
	3	#	3	#
	4	# This software may be used and distributed according to the terms of the	4	# This software may be used and distributed according to the terms of the
	5	# GNU General Public License version 2 or any later version.	5	# GNU General Public License version 2 or any later version.
	6		6
	7	from __future__ import absolute_import	7	from __future__ import absolute_import
	8		8
	9	import contextlib	9	import contextlib
	10	import struct
	11	import sys
	12	import threading
	13		10
	14	from .i18n import _	11	from .i18n import _
	15	from .thirdparty import (	12	from .thirdparty import (
	16	cbor,	13	cbor,
	17	)	14	)
	18	from .thirdparty.zope import (	15	from .thirdparty.zope import (
	19	interface as zi,	16	interface as zi,
	20	)	17	)
	21	from . import (	18	from . import (
	22	encoding,
	23	error,	19	error,
	24	hook,
	25	pycompat,	20	pycompat,
	26	util,
	27	wireproto,	21	wireproto,
	28	wireprotoframing,	22	wireprotoframing,
	29	wireprototypes,	23	wireprototypes,
	30	)	24	)
	31	from .utils import (
	32	procutil,
	33	)
	34		25
	35	stringio = util.stringio
	36
	37	urlerr = util.urlerr
	38	urlreq = util.urlreq
	39
	40	HTTP_OK = 200
	41
	42	HGTYPE = 'application/mercurial-0.1'
	43	HGTYPE2 = 'application/mercurial-0.2'
	44	HGERRTYPE = 'application/hg-error'
	45	FRAMINGTYPE = b'application/mercurial-exp-framing-0003'	26	FRAMINGTYPE = b'application/mercurial-exp-framing-0003'
	46		27
	47	HTTPV2 = wireprototypes.HTTPV2	28	HTTPV2 = wireprototypes.HTTPV2
	48	SSHV1 = wireprototypes.SSHV1
	49	SSHV2 = wireprototypes.SSHV2
	50		29
	51	def decodevaluefromheaders(req, headerprefix):	30	def handlehttpv2request(rctx, req, res, checkperm, urlparts):
	52	"""Decode a long value from multiple HTTP request headers.
	53
	54	Returns the value as a bytes, not a str.
	55	"""
	56	chunks = []
	57	i = 1
	58	while True:
	59	v = req.headers.get(b'%s-%d' % (headerprefix, i))
	60	if v is None:
	61	break
	62	chunks.append(pycompat.bytesurl(v))
	63	i += 1
	64
	65	return ''.join(chunks)
	66
	67	@zi.implementer(wireprototypes.baseprotocolhandler)
	68	class httpv1protocolhandler(object):
	69	def __init__(self, req, ui, checkperm):
	70	self._req = req
	71	self._ui = ui
	72	self._checkperm = checkperm
	73	self._protocaps = None
	74
	75	@property
	76	def name(self):
	77	return 'http-v1'
	78
	79	def getargs(self, args):
	80	knownargs = self._args()
	81	data = {}
	82	keys = args.split()
	83	for k in keys:
	84	if k == '*':
	85	star = {}
	86	for key in knownargs.keys():
	87	if key != 'cmd' and key not in keys:
	88	star[key] = knownargs[key][0]
	89	data['*'] = star
	90	else:
	91	data[k] = knownargs[k][0]
	92	return [data[k] for k in keys]
	93
	94	def _args(self):
	95	args = self._req.qsparams.asdictoflists()
	96	postlen = int(self._req.headers.get(b'X-HgArgs-Post', 0))
	97	if postlen:
	98	args.update(urlreq.parseqs(
	99	self._req.bodyfh.read(postlen), keep_blank_values=True))
	100	return args
	101
	102	argvalue = decodevaluefromheaders(self._req, b'X-HgArg')
	103	args.update(urlreq.parseqs(argvalue, keep_blank_values=True))
	104	return args
	105
	106	def getprotocaps(self):
	107	if self._protocaps is None:
	108	value = decodevaluefromheaders(self._req, r'X-HgProto')
	109	self._protocaps = set(value.split(' '))
	110	return self._protocaps
	111
	112	def getpayload(self):
	113	# Existing clients always send Content-Length.
	114	length = int(self._req.headers[b'Content-Length'])
	115
	116	# If httppostargs is used, we need to read Content-Length
	117	# minus the amount that was consumed by args.
	118	length -= int(self._req.headers.get(b'X-HgArgs-Post', 0))
	119	return util.filechunkiter(self._req.bodyfh, limit=length)
	120
	121	@contextlib.contextmanager
	122	def mayberedirectstdio(self):
	123	oldout = self._ui.fout
	124	olderr = self._ui.ferr
	125
	126	out = util.stringio()
	127
	128	try:
	129	self._ui.fout = out
	130	self._ui.ferr = out
	131	yield out
	132	finally:
	133	self._ui.fout = oldout
	134	self._ui.ferr = olderr
	135
	136	def client(self):
	137	return 'remote:%s:%s:%s' % (
	138	self._req.urlscheme,
	139	urlreq.quote(self._req.remotehost or ''),
	140	urlreq.quote(self._req.remoteuser or ''))
	141
	142	def addcapabilities(self, repo, caps):
	143	caps.append(b'batch')
	144
	145	caps.append('httpheader=%d' %
	146	repo.ui.configint('server', 'maxhttpheaderlen'))
	147	if repo.ui.configbool('experimental', 'httppostargs'):
	148	caps.append('httppostargs')
	149
	150	# FUTURE advertise 0.2rx once support is implemented
	151	# FUTURE advertise minrx and mintx after consulting config option
	152	caps.append('httpmediatype=0.1rx,0.1tx,0.2tx')
	153
	154	compengines = wireproto.supportedcompengines(repo.ui, util.SERVERROLE)
	155	if compengines:
	156	comptypes = ','.join(urlreq.quote(e.wireprotosupport().name)
	157	for e in compengines)
	158	caps.append('compression=%s' % comptypes)
	159
	160	return caps
	161
	162	def checkperm(self, perm):
	163	return self._checkperm(perm)
	164
	165	# This method exists mostly so that extensions like remotefilelog can
	166	# disable a kludgey legacy method only over http. As of early 2018,
	167	# there are no other known users, so with any luck we can discard this
	168	# hook if remotefilelog becomes a first-party extension.
	169	def iscmd(cmd):
	170	return cmd in wireproto.commands
	171
	172	def handlewsgirequest(rctx, req, res, checkperm):
	173	"""Possibly process a wire protocol request.
	174
	175	If the current request is a wire protocol request, the request is
	176	processed by this function.
	177
	178	``req`` is a ``parsedrequest`` instance.
	179	``res`` is a ``wsgiresponse`` instance.
	180
	181	Returns a bool indicating if the request was serviced. If set, the caller
	182	should stop processing the request, as a response has already been issued.
	183	"""
	184	# Avoid cycle involving hg module.
	185	from .hgweb import common as hgwebcommon
	186
	187	repo = rctx.repo
	188
	189	# HTTP version 1 wire protocol requests are denoted by a "cmd" query
	190	# string parameter. If it isn't present, this isn't a wire protocol
	191	# request.
	192	if 'cmd' not in req.qsparams:
	193	return False
	194
	195	cmd = req.qsparams['cmd']
	196
	197	# The "cmd" request parameter is used by both the wire protocol and hgweb.
	198	# While not all wire protocol commands are available for all transports,
	199	# if we see a "cmd" value that resembles a known wire protocol command, we
	200	# route it to a protocol handler. This is better than routing possible
	201	# wire protocol requests to hgweb because it prevents hgweb from using
	202	# known wire protocol commands and it is less confusing for machine
	203	# clients.
	204	if not iscmd(cmd):
	205	return False
	206
	207	# The "cmd" query string argument is only valid on the root path of the
	208	# repo. e.g. ``/?cmd=foo``, ``/repo?cmd=foo``. URL paths within the repo
	209	# like ``/blah?cmd=foo`` are not allowed. So don't recognize the request
	210	# in this case. We send an HTTP 404 for backwards compatibility reasons.
	211	if req.dispatchpath:
	212	res.status = hgwebcommon.statusmessage(404)
	213	res.headers['Content-Type'] = HGTYPE
	214	# TODO This is not a good response to issue for this request. This
	215	# is mostly for BC for now.
	216	res.setbodybytes('0\n%s\n' % b'Not Found')
	217	return True
	218
	219	proto = httpv1protocolhandler(req, repo.ui,
	220	lambda perm: checkperm(rctx, req, perm))
	221
	222	# The permissions checker should be the only thing that can raise an
	223	# ErrorResponse. It is kind of a layer violation to catch an hgweb
	224	# exception here. So consider refactoring into a exception type that
	225	# is associated with the wire protocol.
	226	try:
	227	_callhttp(repo, req, res, proto, cmd)
	228	except hgwebcommon.ErrorResponse as e:
	229	for k, v in e.headers:
	230	res.headers[k] = v
	231	res.status = hgwebcommon.statusmessage(e.code, pycompat.bytestr(e))
	232	# TODO This response body assumes the failed command was
	233	# "unbundle." That assumption is not always valid.
	234	res.setbodybytes('0\n%s\n' % pycompat.bytestr(e))
	235
	236	return True
	237
	238	def handlewsgiapirequest(rctx, req, res, checkperm):
	239	"""Handle requests to /api/*."""
	240	assert req.dispatchparts[0] == b'api'
	241
	242	repo = rctx.repo
	243
	244	# This whole URL space is experimental for now. But we want to
	245	# reserve the URL space. So, 404 all URLs if the feature isn't enabled.
	246	if not repo.ui.configbool('experimental', 'web.apiserver'):
	247	res.status = b'404 Not Found'
	248	res.headers[b'Content-Type'] = b'text/plain'
	249	res.setbodybytes(_('Experimental API server endpoint not enabled'))
	250	return
	251
	252	# The URL space is /api/<protocol>/*. The structure of URLs under varies
	253	# by <protocol>.
	254
	255	# Registered APIs are made available via config options of the name of
	256	# the protocol.
	257	availableapis = set()
	258	for k, v in API_HANDLERS.items():
	259	section, option = v['config']
	260	if repo.ui.configbool(section, option):
	261	availableapis.add(k)
	262
	263	# Requests to /api/ list available APIs.
	264	if req.dispatchparts == [b'api']:
	265	res.status = b'200 OK'
	266	res.headers[b'Content-Type'] = b'text/plain'
	267	lines = [_('APIs can be accessed at /api/<name>, where <name> can be '
	268	'one of the following:\n')]
	269	if availableapis:
	270	lines.extend(sorted(availableapis))
	271	else:
	272	lines.append(_('(no available APIs)\n'))
	273	res.setbodybytes(b'\n'.join(lines))
	274	return
	275
	276	proto = req.dispatchparts[1]
	277
	278	if proto not in API_HANDLERS:
	279	res.status = b'404 Not Found'
	280	res.headers[b'Content-Type'] = b'text/plain'
	281	res.setbodybytes(_('Unknown API: %s\nKnown APIs: %s') % (
	282	proto, b', '.join(sorted(availableapis))))
	283	return
	284
	285	if proto not in availableapis:
	286	res.status = b'404 Not Found'
	287	res.headers[b'Content-Type'] = b'text/plain'
	288	res.setbodybytes(_('API %s not enabled\n') % proto)
	289	return
	290
	291	API_HANDLERS[proto]['handler'](rctx, req, res, checkperm,
	292	req.dispatchparts[2:])
	293
	294	def _handlehttpv2request(rctx, req, res, checkperm, urlparts):
	295	from .hgweb import common as hgwebcommon	31	from .hgweb import common as hgwebcommon
	296		32
	297	# URL space looks like: <permissions>/<command>, where <permission> can	33	# URL space looks like: <permissions>/<command>, where <permission> can
	298	# be ``ro`` or ``rw`` to signal read-only or read-write, respectively.	34	# be ``ro`` or ``rw`` to signal read-only or read-write, respectively.
	299		35
	300	# Root URL does nothing meaningful... yet.	36	# Root URL does nothing meaningful... yet.
	301	if not urlparts:	37	if not urlparts:
	302	res.status = b'200 OK'	38	res.status = b'200 OK'
	303	res.headers[b'Content-Type'] = b'text/plain'	39	res.headers[b'Content-Type'] = b'text/plain'
	304	res.setbodybytes(_('HTTP version 2 API handler'))	40	res.setbodybytes(_('HTTP version 2 API handler'))
	305	return	41	return
	306		42
	307	if len(urlparts) == 1:	43	if len(urlparts) == 1:
	308	res.status = b'404 Not Found'	44	res.status = b'404 Not Found'
	309	res.headers[b'Content-Type'] = b'text/plain'	45	res.headers[b'Content-Type'] = b'text/plain'
	310	res.setbodybytes(_('do not know how to process %s\n') %	46	res.setbodybytes(_('do not know how to process %s\n') %
	311	req.dispatchpath)	47	req.dispatchpath)
	312	return	48	return
	313		49
	314	permission, command = urlparts[0:2]	50	permission, command = urlparts[0:2]
	315		51
	316	if permission not in (b'ro', b'rw'):	52	if permission not in (b'ro', b'rw'):
	317	res.status = b'404 Not Found'	53	res.status = b'404 Not Found'
	318	res.headers[b'Content-Type'] = b'text/plain'	54	res.headers[b'Content-Type'] = b'text/plain'
	319	res.setbodybytes(_('unknown permission: %s') % permission)	55	res.setbodybytes(_('unknown permission: %s') % permission)
	320	return	56	return
	321		57
	322	if req.method != 'POST':	58	if req.method != 'POST':
	323	res.status = b'405 Method Not Allowed'	59	res.status = b'405 Method Not Allowed'
	324	res.headers[b'Allow'] = b'POST'	60	res.headers[b'Allow'] = b'POST'
	325	res.setbodybytes(_('commands require POST requests'))	61	res.setbodybytes(_('commands require POST requests'))
	326	return	62	return
	327		63
	328	# At some point we'll want to use our own API instead of recycling the	64	# At some point we'll want to use our own API instead of recycling the
	329	# behavior of version 1 of the wire protocol...	65	# behavior of version 1 of the wire protocol...
	330	# TODO return reasonable responses - not responses that overload the	66	# TODO return reasonable responses - not responses that overload the
	331	# HTTP status line message for error reporting.	67	# HTTP status line message for error reporting.
	332	try:	68	try:
	333	checkperm(rctx, req, 'pull' if permission == b'ro' else 'push')	69	checkperm(rctx, req, 'pull' if permission == b'ro' else 'push')
	334	except hgwebcommon.ErrorResponse as e:	70	except hgwebcommon.ErrorResponse as e:
	335	res.status = hgwebcommon.statusmessage(e.code, pycompat.bytestr(e))	71	res.status = hgwebcommon.statusmessage(e.code, pycompat.bytestr(e))
	336	for k, v in e.headers:	72	for k, v in e.headers:
	337	res.headers[k] = v	73	res.headers[k] = v
	338	res.setbodybytes('permission denied')	74	res.setbodybytes('permission denied')
	339	return	75	return
	340		76
	341	# We have a special endpoint to reflect the request back at the client.	77	# We have a special endpoint to reflect the request back at the client.
	342	if command == b'debugreflect':	78	if command == b'debugreflect':
	343	_processhttpv2reflectrequest(rctx.repo.ui, rctx.repo, req, res)	79	_processhttpv2reflectrequest(rctx.repo.ui, rctx.repo, req, res)
	344	return	80	return
	345		81
	346	# Extra commands that we handle that aren't really wire protocol	82	# Extra commands that we handle that aren't really wire protocol
	347	# commands. Think extra hard before making this hackery available to	83	# commands. Think extra hard before making this hackery available to
	348	# extension.	84	# extension.
	349	extracommands = {'multirequest'}	85	extracommands = {'multirequest'}
	350		86
	351	if command not in wireproto.commandsv2 and command not in extracommands:	87	if command not in wireproto.commandsv2 and command not in extracommands:
	352	res.status = b'404 Not Found'	88	res.status = b'404 Not Found'
	353	res.headers[b'Content-Type'] = b'text/plain'	89	res.headers[b'Content-Type'] = b'text/plain'
	354	res.setbodybytes(_('unknown wire protocol command: %s\n') % command)	90	res.setbodybytes(_('unknown wire protocol command: %s\n') % command)
	355	return	91	return
	356		92
	357	repo = rctx.repo	93	repo = rctx.repo
	358	ui = repo.ui	94	ui = repo.ui
	359		95
	360	proto = httpv2protocolhandler(req, ui)	96	proto = httpv2protocolhandler(req, ui)
	361		97
	362	if (not wireproto.commandsv2.commandavailable(command, proto)	98	if (not wireproto.commandsv2.commandavailable(command, proto)
	363	and command not in extracommands):	99	and command not in extracommands):
	364	res.status = b'404 Not Found'	100	res.status = b'404 Not Found'
	365	res.headers[b'Content-Type'] = b'text/plain'	101	res.headers[b'Content-Type'] = b'text/plain'
	366	res.setbodybytes(_('invalid wire protocol command: %s') % command)	102	res.setbodybytes(_('invalid wire protocol command: %s') % command)
	367	return	103	return
	368		104
	369	# TODO consider cases where proxies may add additional Accept headers.	105	# TODO consider cases where proxies may add additional Accept headers.
	370	if req.headers.get(b'Accept') != FRAMINGTYPE:	106	if req.headers.get(b'Accept') != FRAMINGTYPE:
	371	res.status = b'406 Not Acceptable'	107	res.status = b'406 Not Acceptable'
	372	res.headers[b'Content-Type'] = b'text/plain'	108	res.headers[b'Content-Type'] = b'text/plain'
	373	res.setbodybytes(_('client MUST specify Accept header with value: %s\n')	109	res.setbodybytes(_('client MUST specify Accept header with value: %s\n')
	374	% FRAMINGTYPE)	110	% FRAMINGTYPE)
	375	return	111	return
	376		112
	377	if req.headers.get(b'Content-Type') != FRAMINGTYPE:	113	if req.headers.get(b'Content-Type') != FRAMINGTYPE:
	378	res.status = b'415 Unsupported Media Type'	114	res.status = b'415 Unsupported Media Type'
	379	# TODO we should send a response with appropriate media type,	115	# TODO we should send a response with appropriate media type,
	380	# since client does Accept it.	116	# since client does Accept it.
	381	res.headers[b'Content-Type'] = b'text/plain'	117	res.headers[b'Content-Type'] = b'text/plain'
	382	res.setbodybytes(_('client MUST send Content-Type header with '	118	res.setbodybytes(_('client MUST send Content-Type header with '
	383	'value: %s\n') % FRAMINGTYPE)	119	'value: %s\n') % FRAMINGTYPE)
	384	return	120	return
	385		121
	386	_processhttpv2request(ui, repo, req, res, permission, command, proto)	122	_processhttpv2request(ui, repo, req, res, permission, command, proto)
	387		123
	388	def _processhttpv2reflectrequest(ui, repo, req, res):	124	def _processhttpv2reflectrequest(ui, repo, req, res):
	389	"""Reads unified frame protocol request and dumps out state to client.	125	"""Reads unified frame protocol request and dumps out state to client.
	390		126
	391	This special endpoint can be used to help debug the wire protocol.	127	This special endpoint can be used to help debug the wire protocol.
	392		128
	393	Instead of routing the request through the normal dispatch mechanism,	129	Instead of routing the request through the normal dispatch mechanism,
	394	we instead read all frames, decode them, and feed them into our state	130	we instead read all frames, decode them, and feed them into our state
	395	tracker. We then dump the log of all that activity back out to the	131	tracker. We then dump the log of all that activity back out to the
	396	client.	132	client.
	397	"""	133	"""
	398	import json	134	import json
	399		135
	400	# Reflection APIs have a history of being abused, accidentally disclosing	136	# Reflection APIs have a history of being abused, accidentally disclosing
	401	# sensitive data, etc. So we have a config knob.	137	# sensitive data, etc. So we have a config knob.
	402	if not ui.configbool('experimental', 'web.api.debugreflect'):	138	if not ui.configbool('experimental', 'web.api.debugreflect'):
	403	res.status = b'404 Not Found'	139	res.status = b'404 Not Found'
	404	res.headers[b'Content-Type'] = b'text/plain'	140	res.headers[b'Content-Type'] = b'text/plain'
	405	res.setbodybytes(_('debugreflect service not available'))	141	res.setbodybytes(_('debugreflect service not available'))
	406	return	142	return
	407		143
	408	# We assume we have a unified framing protocol request body.	144	# We assume we have a unified framing protocol request body.
	409		145
	410	reactor = wireprotoframing.serverreactor()	146	reactor = wireprotoframing.serverreactor()
	411	states = []	147	states = []
	412		148
	413	while True:	149	while True:
	414	frame = wireprotoframing.readframe(req.bodyfh)	150	frame = wireprotoframing.readframe(req.bodyfh)
	415		151
	416	if not frame:	152	if not frame:
	417	states.append(b'received: <no frame>')	153	states.append(b'received: <no frame>')
	418	break	154	break
	419		155
	420	states.append(b'received: %d %d %d %s' % (frame.typeid, frame.flags,	156	states.append(b'received: %d %d %d %s' % (frame.typeid, frame.flags,
	421	frame.requestid,	157	frame.requestid,
	422	frame.payload))	158	frame.payload))
	423		159
	424	action, meta = reactor.onframerecv(frame)	160	action, meta = reactor.onframerecv(frame)
	425	states.append(json.dumps((action, meta), sort_keys=True,	161	states.append(json.dumps((action, meta), sort_keys=True,
	426	separators=(', ', ': ')))	162	separators=(', ', ': ')))
	427		163
	428	action, meta = reactor.oninputeof()	164	action, meta = reactor.oninputeof()
	429	meta['action'] = action	165	meta['action'] = action
	430	states.append(json.dumps(meta, sort_keys=True, separators=(', ',': ')))	166	states.append(json.dumps(meta, sort_keys=True, separators=(', ',': ')))
	431		167
	432	res.status = b'200 OK'	168	res.status = b'200 OK'
	433	res.headers[b'Content-Type'] = b'text/plain'	169	res.headers[b'Content-Type'] = b'text/plain'
	434	res.setbodybytes(b'\n'.join(states))	170	res.setbodybytes(b'\n'.join(states))
	435		171
	436	def _processhttpv2request(ui, repo, req, res, authedperm, reqcommand, proto):	172	def _processhttpv2request(ui, repo, req, res, authedperm, reqcommand, proto):
	437	"""Post-validation handler for HTTPv2 requests.	173	"""Post-validation handler for HTTPv2 requests.
	438		174
	439	Called when the HTTP request contains unified frame-based protocol	175	Called when the HTTP request contains unified frame-based protocol
	440	frames for evaluation.	176	frames for evaluation.
	441	"""	177	"""
	442	# TODO Some HTTP clients are full duplex and can receive data before	178	# TODO Some HTTP clients are full duplex and can receive data before
	443	# the entire request is transmitted. Figure out a way to indicate support	179	# the entire request is transmitted. Figure out a way to indicate support
	444	# for that so we can opt into full duplex mode.	180	# for that so we can opt into full duplex mode.
	445	reactor = wireprotoframing.serverreactor(deferoutput=True)	181	reactor = wireprotoframing.serverreactor(deferoutput=True)
	446	seencommand = False	182	seencommand = False
	447		183
	448	outstream = reactor.makeoutputstream()	184	outstream = reactor.makeoutputstream()
	449		185
	450	while True:	186	while True:
	451	frame = wireprotoframing.readframe(req.bodyfh)	187	frame = wireprotoframing.readframe(req.bodyfh)
	452	if not frame:	188	if not frame:
	453	break	189	break
	454		190
	455	action, meta = reactor.onframerecv(frame)	191	action, meta = reactor.onframerecv(frame)
	456		192
	457	if action == 'wantframe':	193	if action == 'wantframe':
	458	# Need more data before we can do anything.	194	# Need more data before we can do anything.
	459	continue	195	continue
	460	elif action == 'runcommand':	196	elif action == 'runcommand':
	461	sentoutput = _httpv2runcommand(ui, repo, req, res, authedperm,	197	sentoutput = _httpv2runcommand(ui, repo, req, res, authedperm,
	462	reqcommand, reactor, outstream,	198	reqcommand, reactor, outstream,
	463	meta, issubsequent=seencommand)	199	meta, issubsequent=seencommand)
	464		200
	465	if sentoutput:	201	if sentoutput:
	466	return	202	return
	467		203
	468	seencommand = True	204	seencommand = True
	469		205
	470	elif action == 'error':	206	elif action == 'error':
	471	# TODO define proper error mechanism.	207	# TODO define proper error mechanism.
	472	res.status = b'200 OK'	208	res.status = b'200 OK'
	473	res.headers[b'Content-Type'] = b'text/plain'	209	res.headers[b'Content-Type'] = b'text/plain'
	474	res.setbodybytes(meta['message'] + b'\n')	210	res.setbodybytes(meta['message'] + b'\n')
	475	return	211	return
	476	else:	212	else:
	477	raise error.ProgrammingError(	213	raise error.ProgrammingError(
	478	'unhandled action from frame processor: %s' % action)	214	'unhandled action from frame processor: %s' % action)
	479		215
	480	action, meta = reactor.oninputeof()	216	action, meta = reactor.oninputeof()
	481	if action == 'sendframes':	217	if action == 'sendframes':
	482	# We assume we haven't started sending the response yet. If we're	218	# We assume we haven't started sending the response yet. If we're
	483	# wrong, the response type will raise an exception.	219	# wrong, the response type will raise an exception.
	484	res.status = b'200 OK'	220	res.status = b'200 OK'
	485	res.headers[b'Content-Type'] = FRAMINGTYPE	221	res.headers[b'Content-Type'] = FRAMINGTYPE
	486	res.setbodygen(meta['framegen'])	222	res.setbodygen(meta['framegen'])
	487	elif action == 'noop':	223	elif action == 'noop':
	488	pass	224	pass
	489	else:	225	else:
	490	raise error.ProgrammingError('unhandled action from frame processor: %s'	226	raise error.ProgrammingError('unhandled action from frame processor: %s'
	491	% action)	227	% action)
	492		228
	493	def _httpv2runcommand(ui, repo, req, res, authedperm, reqcommand, reactor,	229	def _httpv2runcommand(ui, repo, req, res, authedperm, reqcommand, reactor,
	494	outstream, command, issubsequent):	230	outstream, command, issubsequent):
	495	"""Dispatch a wire protocol command made from HTTPv2 requests.	231	"""Dispatch a wire protocol command made from HTTPv2 requests.
	496		232
	497	The authenticated permission (``authedperm``) along with the original	233	The authenticated permission (``authedperm``) along with the original
	498	command from the URL (``reqcommand``) are passed in.	234	command from the URL (``reqcommand``) are passed in.
	499	"""	235	"""
	500	# We already validated that the session has permissions to perform the	236	# We already validated that the session has permissions to perform the
	501	# actions in ``authedperm``. In the unified frame protocol, the canonical	237	# actions in ``authedperm``. In the unified frame protocol, the canonical
	502	# command to run is expressed in a frame. However, the URL also requested	238	# command to run is expressed in a frame. However, the URL also requested
	503	# to run a specific command. We need to be careful that the command we	239	# to run a specific command. We need to be careful that the command we
	504	# run doesn't have permissions requirements greater than what was granted	240	# run doesn't have permissions requirements greater than what was granted
	505	# by ``authedperm``.	241	# by ``authedperm``.
	506	#	242	#
	507	# Our rule for this is we only allow one command per HTTP request and	243	# Our rule for this is we only allow one command per HTTP request and
	508	# that command must match the command in the URL. However, we make	244	# that command must match the command in the URL. However, we make
	509	# an exception for the ``multirequest`` URL. This URL is allowed to	245	# an exception for the ``multirequest`` URL. This URL is allowed to
	510	# execute multiple commands. We double check permissions of each command	246	# execute multiple commands. We double check permissions of each command
	511	# as it is invoked to ensure there is no privilege escalation.	247	# as it is invoked to ensure there is no privilege escalation.
	512	# TODO consider allowing multiple commands to regular command URLs	248	# TODO consider allowing multiple commands to regular command URLs
	513	# iff each command is the same.	249	# iff each command is the same.
	514		250
	515	proto = httpv2protocolhandler(req, ui, args=command['args'])	251	proto = httpv2protocolhandler(req, ui, args=command['args'])
	516		252
	517	if reqcommand == b'multirequest':	253	if reqcommand == b'multirequest':
	518	if not wireproto.commandsv2.commandavailable(command['command'], proto):	254	if not wireproto.commandsv2.commandavailable(command['command'], proto):
	519	# TODO proper error mechanism	255	# TODO proper error mechanism
	520	res.status = b'200 OK'	256	res.status = b'200 OK'
	521	res.headers[b'Content-Type'] = b'text/plain'	257	res.headers[b'Content-Type'] = b'text/plain'
	522	res.setbodybytes(_('wire protocol command not available: %s') %	258	res.setbodybytes(_('wire protocol command not available: %s') %
	523	command['command'])	259	command['command'])
	524	return True	260	return True
	525		261
	526	# TODO don't use assert here, since it may be elided by -O.	262	# TODO don't use assert here, since it may be elided by -O.
	527	assert authedperm in (b'ro', b'rw')	263	assert authedperm in (b'ro', b'rw')
	528	wirecommand = wireproto.commandsv2[command['command']]	264	wirecommand = wireproto.commandsv2[command['command']]
	529	assert wirecommand.permission in ('push', 'pull')	265	assert wirecommand.permission in ('push', 'pull')
	530		266
	531	if authedperm == b'ro' and wirecommand.permission != 'pull':	267	if authedperm == b'ro' and wirecommand.permission != 'pull':
	532	# TODO proper error mechanism	268	# TODO proper error mechanism
	533	res.status = b'403 Forbidden'	269	res.status = b'403 Forbidden'
	534	res.headers[b'Content-Type'] = b'text/plain'	270	res.headers[b'Content-Type'] = b'text/plain'
	535	res.setbodybytes(_('insufficient permissions to execute '	271	res.setbodybytes(_('insufficient permissions to execute '
	536	'command: %s') % command['command'])	272	'command: %s') % command['command'])
	537	return True	273	return True
	538		274
	539	# TODO should we also call checkperm() here? Maybe not if we're going	275	# TODO should we also call checkperm() here? Maybe not if we're going
	540	# to overhaul that API. The granted scope from the URL check should	276	# to overhaul that API. The granted scope from the URL check should
	541	# be good enough.	277	# be good enough.
	542		278
	543	else:	279	else:
	544	# Don't allow multiple commands outside of ``multirequest`` URL.	280	# Don't allow multiple commands outside of ``multirequest`` URL.
	545	if issubsequent:	281	if issubsequent:
	546	# TODO proper error mechanism	282	# TODO proper error mechanism
	547	res.status = b'200 OK'	283	res.status = b'200 OK'
	548	res.headers[b'Content-Type'] = b'text/plain'	284	res.headers[b'Content-Type'] = b'text/plain'
	549	res.setbodybytes(_('multiple commands cannot be issued to this '	285	res.setbodybytes(_('multiple commands cannot be issued to this '
	550	'URL'))	286	'URL'))
	551	return True	287	return True
	552		288
	553	if reqcommand != command['command']:	289	if reqcommand != command['command']:
	554	# TODO define proper error mechanism	290	# TODO define proper error mechanism
	555	res.status = b'200 OK'	291	res.status = b'200 OK'
	556	res.headers[b'Content-Type'] = b'text/plain'	292	res.headers[b'Content-Type'] = b'text/plain'
	557	res.setbodybytes(_('command in frame must match command in URL'))	293	res.setbodybytes(_('command in frame must match command in URL'))
	558	return True	294	return True
	559		295
	560	rsp = wireproto.dispatch(repo, proto, command['command'])	296	rsp = wireproto.dispatch(repo, proto, command['command'])
	561		297
	562	res.status = b'200 OK'	298	res.status = b'200 OK'
	563	res.headers[b'Content-Type'] = FRAMINGTYPE	299	res.headers[b'Content-Type'] = FRAMINGTYPE
	564		300
	565	if isinstance(rsp, wireprototypes.bytesresponse):	301	if isinstance(rsp, wireprototypes.bytesresponse):
	566	action, meta = reactor.onbytesresponseready(outstream,	302	action, meta = reactor.onbytesresponseready(outstream,
	567	command['requestid'],	303	command['requestid'],
	568	rsp.data)	304	rsp.data)
	569	elif isinstance(rsp, wireprototypes.cborresponse):	305	elif isinstance(rsp, wireprototypes.cborresponse):
	570	encoded = cbor.dumps(rsp.value, canonical=True)	306	encoded = cbor.dumps(rsp.value, canonical=True)
	571	action, meta = reactor.onbytesresponseready(outstream,	307	action, meta = reactor.onbytesresponseready(outstream,
	572	command['requestid'],	308	command['requestid'],
	573	encoded,	309	encoded,
	574	iscbor=True)	310	iscbor=True)
	575	else:	311	else:
	576	action, meta = reactor.onapplicationerror(	312	action, meta = reactor.onapplicationerror(
	577	_('unhandled response type from wire proto command'))	313	_('unhandled response type from wire proto command'))
	578		314
	579	if action == 'sendframes':	315	if action == 'sendframes':
	580	res.setbodygen(meta['framegen'])	316	res.setbodygen(meta['framegen'])
	581	return True	317	return True
	582	elif action == 'noop':	318	elif action == 'noop':
	583	return False	319	return False
	584	else:	320	else:
	585	raise error.ProgrammingError('unhandled event from reactor: %s' %	321	raise error.ProgrammingError('unhandled event from reactor: %s' %
	586	action)	322	action)
	587		323
	588	# Maps API name to metadata so custom API can be registered.
	589	API_HANDLERS = {
	590	HTTPV2: {
	591	'config': ('experimental', 'web.api.http-v2'),
	592	'handler': _handlehttpv2request,
	593	},
	594	}
	595
	596	@zi.implementer(wireprototypes.baseprotocolhandler)	324	@zi.implementer(wireprototypes.baseprotocolhandler)
	597	class httpv2protocolhandler(object):	325	class httpv2protocolhandler(object):
	598	def __init__(self, req, ui, args=None):	326	def __init__(self, req, ui, args=None):
	599	self._req = req	327	self._req = req
	600	self._ui = ui	328	self._ui = ui
	601	self._args = args	329	self._args = args
	602		330
	603	@property	331	@property
	604	def name(self):	332	def name(self):
	605	return HTTPV2	333	return HTTPV2
	606		334
	607	def getargs(self, args):	335	def getargs(self, args):
	608	data = {}	336	data = {}
	609	for k, typ in args.items():	337	for k, typ in args.items():
	610	if k == '*':	338	if k == '*':
	611	raise NotImplementedError('do not support * args')	339	raise NotImplementedError('do not support * args')
	612	elif k in self._args:	340	elif k in self._args:
	613	# TODO consider validating value types.	341	# TODO consider validating value types.
	614	data[k] = self._args[k]	342	data[k] = self._args[k]
	615		343
	616	return data	344	return data
	617		345
	618	def getprotocaps(self):	346	def getprotocaps(self):
	619	# Protocol capabilities are currently not implemented for HTTP V2.	347	# Protocol capabilities are currently not implemented for HTTP V2.
	620	return set()	348	return set()
	621		349
	622	def getpayload(self):	350	def getpayload(self):
	623	raise NotImplementedError	351	raise NotImplementedError
	624		352
	625	@contextlib.contextmanager	353	@contextlib.contextmanager
	626	def mayberedirectstdio(self):	354	def mayberedirectstdio(self):
	627	raise NotImplementedError	355	raise NotImplementedError
	628		356
	629	def client(self):	357	def client(self):
	630	raise NotImplementedError	358	raise NotImplementedError
	631		359
	632	def addcapabilities(self, repo, caps):	360	def addcapabilities(self, repo, caps):
	633	return caps	361	return caps
	634		362
	635	def checkperm(self, perm):	363	def checkperm(self, perm):
	636	raise NotImplementedError	364	raise NotImplementedError
	637
	638	def _httpresponsetype(ui, proto, prefer_uncompressed):
	639	"""Determine the appropriate response type and compression settings.
	640
	641	Returns a tuple of (mediatype, compengine, engineopts).
	642	"""
	643	# Determine the response media type and compression engine based
	644	# on the request parameters.
	645
	646	if '0.2' in proto.getprotocaps():
	647	# All clients are expected to support uncompressed data.
	648	if prefer_uncompressed:
	649	return HGTYPE2, util._noopengine(), {}
	650
	651	# Now find an agreed upon compression format.
	652	compformats = wireproto.clientcompressionsupport(proto)
	653	for engine in wireproto.supportedcompengines(ui, util.SERVERROLE):
	654	if engine.wireprotosupport().name in compformats:
	655	opts = {}
	656	level = ui.configint('server', '%slevel' % engine.name())
	657	if level is not None:
	658	opts['level'] = level
	659
	660	return HGTYPE2, engine, opts
	661
	662	# No mutually supported compression format. Fall back to the
	663	# legacy protocol.
	664
	665	# Don't allow untrusted settings because disabling compression or
	666	# setting a very high compression level could lead to flooding
	667	# the server's network or CPU.
	668	opts = {'level': ui.configint('server', 'zliblevel')}
	669	return HGTYPE, util.compengines['zlib'], opts
	670
	671	def _callhttp(repo, req, res, proto, cmd):
	672	# Avoid cycle involving hg module.
	673	from .hgweb import common as hgwebcommon
	674
	675	def genversion2(gen, engine, engineopts):
	676	# application/mercurial-0.2 always sends a payload header
	677	# identifying the compression engine.
	678	name = engine.wireprotosupport().name
	679	assert 0 < len(name) < 256
	680	yield struct.pack('B', len(name))
	681	yield name
	682
	683	for chunk in gen:
	684	yield chunk
	685
	686	def setresponse(code, contenttype, bodybytes=None, bodygen=None):
	687	if code == HTTP_OK:
	688	res.status = '200 Script output follows'
	689	else:
	690	res.status = hgwebcommon.statusmessage(code)
	691
	692	res.headers['Content-Type'] = contenttype
	693
	694	if bodybytes is not None:
	695	res.setbodybytes(bodybytes)
	696	if bodygen is not None:
	697	res.setbodygen(bodygen)
	698
	699	if not wireproto.commands.commandavailable(cmd, proto):
	700	setresponse(HTTP_OK, HGERRTYPE,
	701	_('requested wire protocol command is not available over '
	702	'HTTP'))
	703	return
	704
	705	proto.checkperm(wireproto.commands[cmd].permission)
	706
	707	rsp = wireproto.dispatch(repo, proto, cmd)
	708
	709	if isinstance(rsp, bytes):
	710	setresponse(HTTP_OK, HGTYPE, bodybytes=rsp)
	711	elif isinstance(rsp, wireprototypes.bytesresponse):
	712	setresponse(HTTP_OK, HGTYPE, bodybytes=rsp.data)
	713	elif isinstance(rsp, wireprototypes.streamreslegacy):
	714	setresponse(HTTP_OK, HGTYPE, bodygen=rsp.gen)
	715	elif isinstance(rsp, wireprototypes.streamres):
	716	gen = rsp.gen
	717
	718	# This code for compression should not be streamres specific. It
	719	# is here because we only compress streamres at the moment.
	720	mediatype, engine, engineopts = _httpresponsetype(
	721	repo.ui, proto, rsp.prefer_uncompressed)
	722	gen = engine.compressstream(gen, engineopts)
	723
	724	if mediatype == HGTYPE2:
	725	gen = genversion2(gen, engine, engineopts)
	726
	727	setresponse(HTTP_OK, mediatype, bodygen=gen)
	728	elif isinstance(rsp, wireprototypes.pushres):
	729	rsp = '%d\n%s' % (rsp.res, rsp.output)
	730	setresponse(HTTP_OK, HGTYPE, bodybytes=rsp)
	731	elif isinstance(rsp, wireprototypes.pusherr):
	732	rsp = '0\n%s\n' % rsp.res
	733	res.drain = True
	734	setresponse(HTTP_OK, HGTYPE, bodybytes=rsp)
	735	elif isinstance(rsp, wireprototypes.ooberror):
	736	setresponse(HTTP_OK, HGERRTYPE, bodybytes=rsp.message)
	737	else:
	738	raise error.ProgrammingError('hgweb.protocol internal failure', rsp)
	739
	740	def _sshv1respondbytes(fout, value):
	741	"""Send a bytes response for protocol version 1."""
	742	fout.write('%d\n' % len(value))
	743	fout.write(value)
	744	fout.flush()
	745
	746	def _sshv1respondstream(fout, source):
	747	write = fout.write
	748	for chunk in source.gen:
	749	write(chunk)
	750	fout.flush()
	751
	752	def _sshv1respondooberror(fout, ferr, rsp):
	753	ferr.write(b'%s\n-\n' % rsp)
	754	ferr.flush()
	755	fout.write(b'\n')
	756	fout.flush()
	757
	758	@zi.implementer(wireprototypes.baseprotocolhandler)
	759	class sshv1protocolhandler(object):
	760	"""Handler for requests services via version 1 of SSH protocol."""
	761	def __init__(self, ui, fin, fout):
	762	self._ui = ui
	763	self._fin = fin
	764	self._fout = fout
	765	self._protocaps = set()
	766
	767	@property
	768	def name(self):
	769	return wireprototypes.SSHV1
	770
	771	def getargs(self, args):
	772	data = {}
	773	keys = args.split()
	774	for n in xrange(len(keys)):
	775	argline = self._fin.readline()[:-1]
	776	arg, l = argline.split()
	777	if arg not in keys:
	778	raise error.Abort(_("unexpected parameter %r") % arg)
	779	if arg == '*':
	780	star = {}
	781	for k in xrange(int(l)):
	782	argline = self._fin.readline()[:-1]
	783	arg, l = argline.split()
	784	val = self._fin.read(int(l))
	785	star[arg] = val
	786	data['*'] = star
	787	else:
	788	val = self._fin.read(int(l))
	789	data[arg] = val
	790	return [data[k] for k in keys]
	791
	792	def getprotocaps(self):
	793	return self._protocaps
	794
	795	def getpayload(self):
	796	# We initially send an empty response. This tells the client it is
	797	# OK to start sending data. If a client sees any other response, it
	798	# interprets it as an error.
	799	_sshv1respondbytes(self._fout, b'')
	800
	801	# The file is in the form:
	802	#
	803	# <chunk size>\n<chunk>
	804	# ...
	805	# 0\n
	806	count = int(self._fin.readline())
	807	while count:
	808	yield self._fin.read(count)
	809	count = int(self._fin.readline())
	810
	811	@contextlib.contextmanager
	812	def mayberedirectstdio(self):
	813	yield None
	814
	815	def client(self):
	816	client = encoding.environ.get('SSH_CLIENT', '').split(' ', 1)[0]
	817	return 'remote:ssh:' + client
	818
	819	def addcapabilities(self, repo, caps):
	820	if self.name == wireprototypes.SSHV1:
	821	caps.append(b'protocaps')
	822	caps.append(b'batch')
	823	return caps
	824
	825	def checkperm(self, perm):
	826	pass
	827
	828	class sshv2protocolhandler(sshv1protocolhandler):
	829	"""Protocol handler for version 2 of the SSH protocol."""
	830
	831	@property
	832	def name(self):
	833	return wireprototypes.SSHV2
	834
	835	def addcapabilities(self, repo, caps):
	836	return caps
	837
	838	def _runsshserver(ui, repo, fin, fout, ev):
	839	# This function operates like a state machine of sorts. The following
	840	# states are defined:
	841	#
	842	# protov1-serving
	843	# Server is in protocol version 1 serving mode. Commands arrive on
	844	# new lines. These commands are processed in this state, one command
	845	# after the other.
	846	#
	847	# protov2-serving
	848	# Server is in protocol version 2 serving mode.
	849	#
	850	# upgrade-initial
	851	# The server is going to process an upgrade request.
	852	#
	853	# upgrade-v2-filter-legacy-handshake
	854	# The protocol is being upgraded to version 2. The server is expecting
	855	# the legacy handshake from version 1.
	856	#
	857	# upgrade-v2-finish
	858	# The upgrade to version 2 of the protocol is imminent.
	859	#
	860	# shutdown
	861	# The server is shutting down, possibly in reaction to a client event.
	862	#
	863	# And here are their transitions:
	864	#
	865	# protov1-serving -> shutdown
	866	# When server receives an empty request or encounters another
	867	# error.
	868	#
	869	# protov1-serving -> upgrade-initial
	870	# An upgrade request line was seen.
	871	#
	872	# upgrade-initial -> upgrade-v2-filter-legacy-handshake
	873	# Upgrade to version 2 in progress. Server is expecting to
	874	# process a legacy handshake.
	875	#
	876	# upgrade-v2-filter-legacy-handshake -> shutdown
	877	# Client did not fulfill upgrade handshake requirements.
	878	#
	879	# upgrade-v2-filter-legacy-handshake -> upgrade-v2-finish
	880	# Client fulfilled version 2 upgrade requirements. Finishing that
	881	# upgrade.
	882	#
	883	# upgrade-v2-finish -> protov2-serving
	884	# Protocol upgrade to version 2 complete. Server can now speak protocol
	885	# version 2.
	886	#
	887	# protov2-serving -> protov1-serving
	888	# Ths happens by default since protocol version 2 is the same as
	889	# version 1 except for the handshake.
	890
	891	state = 'protov1-serving'
	892	proto = sshv1protocolhandler(ui, fin, fout)
	893	protoswitched = False
	894
	895	while not ev.is_set():
	896	if state == 'protov1-serving':
	897	# Commands are issued on new lines.
	898	request = fin.readline()[:-1]
	899
	900	# Empty lines signal to terminate the connection.
	901	if not request:
	902	state = 'shutdown'
	903	continue
	904
	905	# It looks like a protocol upgrade request. Transition state to
	906	# handle it.
	907	if request.startswith(b'upgrade '):
	908	if protoswitched:
	909	_sshv1respondooberror(fout, ui.ferr,
	910	b'cannot upgrade protocols multiple '
	911	b'times')
	912	state = 'shutdown'
	913	continue
	914
	915	state = 'upgrade-initial'
	916	continue
	917
	918	available = wireproto.commands.commandavailable(request, proto)
	919
	920	# This command isn't available. Send an empty response and go
	921	# back to waiting for a new command.
	922	if not available:
	923	_sshv1respondbytes(fout, b'')
	924	continue
	925
	926	rsp = wireproto.dispatch(repo, proto, request)
	927
	928	if isinstance(rsp, bytes):
	929	_sshv1respondbytes(fout, rsp)
	930	elif isinstance(rsp, wireprototypes.bytesresponse):
	931	_sshv1respondbytes(fout, rsp.data)
	932	elif isinstance(rsp, wireprototypes.streamres):
	933	_sshv1respondstream(fout, rsp)
	934	elif isinstance(rsp, wireprototypes.streamreslegacy):
	935	_sshv1respondstream(fout, rsp)
	936	elif isinstance(rsp, wireprototypes.pushres):
	937	_sshv1respondbytes(fout, b'')
	938	_sshv1respondbytes(fout, b'%d' % rsp.res)
	939	elif isinstance(rsp, wireprototypes.pusherr):
	940	_sshv1respondbytes(fout, rsp.res)
	941	elif isinstance(rsp, wireprototypes.ooberror):
	942	_sshv1respondooberror(fout, ui.ferr, rsp.message)
	943	else:
	944	raise error.ProgrammingError('unhandled response type from '
	945	'wire protocol command: %s' % rsp)
	946
	947	# For now, protocol version 2 serving just goes back to version 1.
	948	elif state == 'protov2-serving':
	949	state = 'protov1-serving'
	950	continue
	951
	952	elif state == 'upgrade-initial':
	953	# We should never transition into this state if we've switched
	954	# protocols.
	955	assert not protoswitched
	956	assert proto.name == wireprototypes.SSHV1
	957
	958	# Expected: upgrade <token> <capabilities>
	959	# If we get something else, the request is malformed. It could be
	960	# from a future client that has altered the upgrade line content.
	961	# We treat this as an unknown command.
	962	try:
	963	token, caps = request.split(b' ')[1:]
	964	except ValueError:
	965	_sshv1respondbytes(fout, b'')
	966	state = 'protov1-serving'
	967	continue
	968
	969	# Send empty response if we don't support upgrading protocols.
	970	if not ui.configbool('experimental', 'sshserver.support-v2'):
	971	_sshv1respondbytes(fout, b'')
	972	state = 'protov1-serving'
	973	continue
	974
	975	try:
	976	caps = urlreq.parseqs(caps)
	977	except ValueError:
	978	_sshv1respondbytes(fout, b'')
	979	state = 'protov1-serving'
	980	continue
	981
	982	# We don't see an upgrade request to protocol version 2. Ignore
	983	# the upgrade request.
	984	wantedprotos = caps.get(b'proto', [b''])[0]
	985	if SSHV2 not in wantedprotos:
	986	_sshv1respondbytes(fout, b'')
	987	state = 'protov1-serving'
	988	continue
	989
	990	# It looks like we can honor this upgrade request to protocol 2.
	991	# Filter the rest of the handshake protocol request lines.
	992	state = 'upgrade-v2-filter-legacy-handshake'
	993	continue
	994
	995	elif state == 'upgrade-v2-filter-legacy-handshake':
	996	# Client should have sent legacy handshake after an ``upgrade``
	997	# request. Expected lines:
	998	#
	999	# hello
	1000	# between
	1001	# pairs 81
	1002	# 0000...-0000...
	1003
	1004	ok = True
	1005	for line in (b'hello', b'between', b'pairs 81'):
	1006	request = fin.readline()[:-1]
	1007
	1008	if request != line:
	1009	_sshv1respondooberror(fout, ui.ferr,
	1010	b'malformed handshake protocol: '
	1011	b'missing %s' % line)
	1012	ok = False
	1013	state = 'shutdown'
	1014	break
	1015
	1016	if not ok:
	1017	continue
	1018
	1019	request = fin.read(81)
	1020	if request != b'%s-%s' % (b'0' * 40, b'0' * 40):
	1021	_sshv1respondooberror(fout, ui.ferr,
	1022	b'malformed handshake protocol: '
	1023	b'missing between argument value')
	1024	state = 'shutdown'
	1025	continue
	1026
	1027	state = 'upgrade-v2-finish'
	1028	continue
	1029
	1030	elif state == 'upgrade-v2-finish':
	1031	# Send the upgrade response.
	1032	fout.write(b'upgraded %s %s\n' % (token, SSHV2))
	1033	servercaps = wireproto.capabilities(repo, proto)
	1034	rsp = b'capabilities: %s' % servercaps.data
	1035	fout.write(b'%d\n%s\n' % (len(rsp), rsp))
	1036	fout.flush()
	1037
	1038	proto = sshv2protocolhandler(ui, fin, fout)
	1039	protoswitched = True
	1040
	1041	state = 'protov2-serving'
	1042	continue
	1043
	1044	elif state == 'shutdown':
	1045	break
	1046
	1047	else:
	1048	raise error.ProgrammingError('unhandled ssh server state: %s' %
	1049	state)
	1050
	1051	class sshserver(object):
	1052	def __init__(self, ui, repo, logfh=None):
	1053	self._ui = ui
	1054	self._repo = repo
	1055	self._fin = ui.fin
	1056	self._fout = ui.fout
	1057
	1058	# Log write I/O to stdout and stderr if configured.
	1059	if logfh:
	1060	self._fout = util.makeloggingfileobject(
	1061	logfh, self._fout, 'o', logdata=True)
	1062	ui.ferr = util.makeloggingfileobject(
	1063	logfh, ui.ferr, 'e', logdata=True)
	1064
	1065	hook.redirect(True)
	1066	ui.fout = repo.ui.fout = ui.ferr
	1067
	1068	# Prevent insertion/deletion of CRs
	1069	procutil.setbinary(self._fin)
	1070	procutil.setbinary(self._fout)
	1071
	1072	def serve_forever(self):
	1073	self.serveuntil(threading.Event())
	1074	sys.exit(0)
	1075
	1076	def serveuntil(self, ev):
	1077	"""Serve until a threading.Event is set."""
	1078	_runsshserver(self._ui, self._repo, self._fin, self._fout, ev)

tests/test-check-interfaces.py

0 +3 -2

             # Test that certain objects conform to well-defined interfaces.
             from __future__ import absolute_import, print_function
             import os
             from mercurial.thirdparty.zope import (
                 interface as zi,
             )
             from mercurial.thirdparty.zope.interface import (
                 verify as ziverify,
             )
             from mercurial import (
                 bundlerepo,
                 filelog,
                 httppeer,
                 localrepo,
                 repository,
                 sshpeer,
                 statichttprepo,
                 ui as uimod,
                 unionrepo,
                 vfs as vfsmod,
                 wireprotoserver,
                 wireprototypes,
+                wireprotov2server,
             )
             rootdir = os.path.normpath(os.path.join(os.path.dirname(__file__), '..'))
             def checkzobject(o, allowextra=False):
                 """Verify an object with a zope interface."""
                 ifaces = zi.providedBy(o)
                 if not ifaces:
                     print('%r does not provide any zope interfaces' % o)
                     return
                 # Run zope.interface's built-in verification routine. This verifies that
                 # everything that is supposed to be present is present.
                 for iface in ifaces:
                     ziverify.verifyObject(iface, o)
                 if allowextra:
                     return
                 # Now verify that the object provides no extra public attributes that
                 # aren't declared as part of interfaces.
                 allowed = set()
                 for iface in ifaces:
                     allowed |= set(iface.names(all=True))
                 public = {a for a in dir(o) if not a.startswith('_')}
                 for attr in sorted(public - allowed):
                     print('public attribute not declared in interfaces: %s.%s' % (
                         o.__class__.__name__, attr))
             # Facilitates testing localpeer.
             class dummyrepo(object):
                 def __init__(self):
                     self.ui = uimod.ui()
                 def filtered(self, name):
                     pass
                 def _restrictcapabilities(self, caps):
                     pass
             class dummyopener(object):
                 handlers = []
             # Facilitates testing sshpeer without requiring an SSH server.
             class badpeer(httppeer.httppeer):
                 def __init__(self):
                     super(badpeer, self).__init__(None, None, None, dummyopener())
                     self.badattribute = True
                 def badmethod(self):
                     pass
             class dummypipe(object):
                 def close(self):
                     pass
             def main():
                 ui = uimod.ui()
                 # Needed so we can open a local repo with obsstore without a warning.
                 ui.setconfig('experimental', 'evolution.createmarkers', True)
                 checkzobject(badpeer())
                 ziverify.verifyClass(repository.ipeerbaselegacycommands,
                                      httppeer.httppeer)
                 checkzobject(httppeer.httppeer(None, None, None, dummyopener()))
                 ziverify.verifyClass(repository.ipeerbase,
                                      localrepo.localpeer)
                 checkzobject(localrepo.localpeer(dummyrepo()))
                 ziverify.verifyClass(repository.ipeerbaselegacycommands,
                                      sshpeer.sshv1peer)
                 checkzobject(sshpeer.sshv1peer(ui, 'ssh://localhost/foo', None, dummypipe(),
                                                dummypipe(), None, None))
                 ziverify.verifyClass(repository.ipeerbaselegacycommands,
                                      sshpeer.sshv2peer)
                 checkzobject(sshpeer.sshv2peer(ui, 'ssh://localhost/foo', None, dummypipe(),
                                                dummypipe(), None, None))
                 ziverify.verifyClass(repository.ipeerbase, bundlerepo.bundlepeer)
                 checkzobject(bundlerepo.bundlepeer(dummyrepo()))
                 ziverify.verifyClass(repository.ipeerbase, statichttprepo.statichttppeer)
                 checkzobject(statichttprepo.statichttppeer(dummyrepo()))
                 ziverify.verifyClass(repository.ipeerbase, unionrepo.unionpeer)
                 checkzobject(unionrepo.unionpeer(dummyrepo()))
                 ziverify.verifyClass(repository.completelocalrepository,
                                      localrepo.localrepository)
                 repo = localrepo.localrepository(ui, rootdir)
                 checkzobject(repo)
                 ziverify.verifyClass(wireprototypes.baseprotocolhandler,
                                      wireprotoserver.sshv1protocolhandler)
                 ziverify.verifyClass(wireprototypes.baseprotocolhandler,
                                      wireprotoserver.sshv2protocolhandler)
                 ziverify.verifyClass(wireprototypes.baseprotocolhandler,
                                      wireprotoserver.httpv1protocolhandler)
                 ziverify.verifyClass(wireprototypes.baseprotocolhandler,
-                                     wireprotoserver.httpv2protocolhandler)
+                                     wireprotov2server.httpv2protocolhandler)
                 sshv1 = wireprotoserver.sshv1protocolhandler(None, None, None)
                 checkzobject(sshv1)
                 sshv2 = wireprotoserver.sshv2protocolhandler(None, None, None)
                 checkzobject(sshv2)
                 httpv1 = wireprotoserver.httpv1protocolhandler(None, None, None)
                 checkzobject(httpv1)
-                httpv2 = wireprotoserver.httpv2protocolhandler(None, None)
+                httpv2 = wireprotov2server.httpv2protocolhandler(None, None)
                 checkzobject(httpv2)
                 ziverify.verifyClass(repository.ifilestorage, filelog.filelog)
                 vfs = vfsmod.vfs('.')
                 fl = filelog.filelog(vfs, 'dummy.i')
                 checkzobject(fl, allowextra=True)
             main()

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages