##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

ui: optionally quiesce ssl verification warnings on python 2.5...
Steven Stallion -
r16391:9cf7c9d5 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,1388 +1,1392
1 The Mercurial system uses a set of configuration files to control
1 The Mercurial system uses a set of configuration files to control
2 aspects of its behavior.
2 aspects of its behavior.
3
3
4 The configuration files use a simple ini-file format. A configuration
4 The configuration files use a simple ini-file format. A configuration
5 file consists of sections, led by a ``[section]`` header and followed
5 file consists of sections, led by a ``[section]`` header and followed
6 by ``name = value`` entries::
6 by ``name = value`` entries::
7
7
8 [ui]
8 [ui]
9 username = Firstname Lastname <firstname.lastname@example.net>
9 username = Firstname Lastname <firstname.lastname@example.net>
10 verbose = True
10 verbose = True
11
11
12 The above entries will be referred to as ``ui.username`` and
12 The above entries will be referred to as ``ui.username`` and
13 ``ui.verbose``, respectively. See the Syntax section below.
13 ``ui.verbose``, respectively. See the Syntax section below.
14
14
15 Files
15 Files
16 -----
16 -----
17
17
18 Mercurial reads configuration data from several files, if they exist.
18 Mercurial reads configuration data from several files, if they exist.
19 These files do not exist by default and you will have to create the
19 These files do not exist by default and you will have to create the
20 appropriate configuration files yourself: global configuration like
20 appropriate configuration files yourself: global configuration like
21 the username setting is typically put into
21 the username setting is typically put into
22 ``%USERPROFILE%\mercurial.ini`` or ``$HOME/.hgrc`` and local
22 ``%USERPROFILE%\mercurial.ini`` or ``$HOME/.hgrc`` and local
23 configuration is put into the per-repository ``<repo>/.hg/hgrc`` file.
23 configuration is put into the per-repository ``<repo>/.hg/hgrc`` file.
24
24
25 The names of these files depend on the system on which Mercurial is
25 The names of these files depend on the system on which Mercurial is
26 installed. ``*.rc`` files from a single directory are read in
26 installed. ``*.rc`` files from a single directory are read in
27 alphabetical order, later ones overriding earlier ones. Where multiple
27 alphabetical order, later ones overriding earlier ones. Where multiple
28 paths are given below, settings from earlier paths override later
28 paths are given below, settings from earlier paths override later
29 ones.
29 ones.
30
30
31 | (All) ``<repo>/.hg/hgrc``
31 | (All) ``<repo>/.hg/hgrc``
32
32
33 Per-repository configuration options that only apply in a
33 Per-repository configuration options that only apply in a
34 particular repository. This file is not version-controlled, and
34 particular repository. This file is not version-controlled, and
35 will not get transferred during a "clone" operation. Options in
35 will not get transferred during a "clone" operation. Options in
36 this file override options in all other configuration files. On
36 this file override options in all other configuration files. On
37 Plan 9 and Unix, most of this file will be ignored if it doesn't
37 Plan 9 and Unix, most of this file will be ignored if it doesn't
38 belong to a trusted user or to a trusted group. See the documentation
38 belong to a trusted user or to a trusted group. See the documentation
39 for the ``[trusted]`` section below for more details.
39 for the ``[trusted]`` section below for more details.
40
40
41 | (Plan 9) ``$home/lib/hgrc``
41 | (Plan 9) ``$home/lib/hgrc``
42 | (Unix) ``$HOME/.hgrc``
42 | (Unix) ``$HOME/.hgrc``
43 | (Windows) ``%USERPROFILE%\.hgrc``
43 | (Windows) ``%USERPROFILE%\.hgrc``
44 | (Windows) ``%USERPROFILE%\Mercurial.ini``
44 | (Windows) ``%USERPROFILE%\Mercurial.ini``
45 | (Windows) ``%HOME%\.hgrc``
45 | (Windows) ``%HOME%\.hgrc``
46 | (Windows) ``%HOME%\Mercurial.ini``
46 | (Windows) ``%HOME%\Mercurial.ini``
47
47
48 Per-user configuration file(s), for the user running Mercurial. On
48 Per-user configuration file(s), for the user running Mercurial. On
49 Windows 9x, ``%HOME%`` is replaced by ``%APPDATA%``. Options in these
49 Windows 9x, ``%HOME%`` is replaced by ``%APPDATA%``. Options in these
50 files apply to all Mercurial commands executed by this user in any
50 files apply to all Mercurial commands executed by this user in any
51 directory. Options in these files override per-system and per-installation
51 directory. Options in these files override per-system and per-installation
52 options.
52 options.
53
53
54 | (Plan 9) ``/lib/mercurial/hgrc``
54 | (Plan 9) ``/lib/mercurial/hgrc``
55 | (Plan 9) ``/lib/mercurial/hgrc.d/*.rc``
55 | (Plan 9) ``/lib/mercurial/hgrc.d/*.rc``
56 | (Unix) ``/etc/mercurial/hgrc``
56 | (Unix) ``/etc/mercurial/hgrc``
57 | (Unix) ``/etc/mercurial/hgrc.d/*.rc``
57 | (Unix) ``/etc/mercurial/hgrc.d/*.rc``
58
58
59 Per-system configuration files, for the system on which Mercurial
59 Per-system configuration files, for the system on which Mercurial
60 is running. Options in these files apply to all Mercurial commands
60 is running. Options in these files apply to all Mercurial commands
61 executed by any user in any directory. Options in these files
61 executed by any user in any directory. Options in these files
62 override per-installation options.
62 override per-installation options.
63
63
64 | (Plan 9) ``<install-root>/lib/mercurial/hgrc``
64 | (Plan 9) ``<install-root>/lib/mercurial/hgrc``
65 | (Plan 9) ``<install-root>/lib/mercurial/hgrc.d/*.rc``
65 | (Plan 9) ``<install-root>/lib/mercurial/hgrc.d/*.rc``
66 | (Unix) ``<install-root>/etc/mercurial/hgrc``
66 | (Unix) ``<install-root>/etc/mercurial/hgrc``
67 | (Unix) ``<install-root>/etc/mercurial/hgrc.d/*.rc``
67 | (Unix) ``<install-root>/etc/mercurial/hgrc.d/*.rc``
68
68
69 Per-installation configuration files, searched for in the
69 Per-installation configuration files, searched for in the
70 directory where Mercurial is installed. ``<install-root>`` is the
70 directory where Mercurial is installed. ``<install-root>`` is the
71 parent directory of the **hg** executable (or symlink) being run. For
71 parent directory of the **hg** executable (or symlink) being run. For
72 example, if installed in ``/shared/tools/bin/hg``, Mercurial will look
72 example, if installed in ``/shared/tools/bin/hg``, Mercurial will look
73 in ``/shared/tools/etc/mercurial/hgrc``. Options in these files apply
73 in ``/shared/tools/etc/mercurial/hgrc``. Options in these files apply
74 to all Mercurial commands executed by any user in any directory.
74 to all Mercurial commands executed by any user in any directory.
75
75
76 | (Windows) ``<install-dir>\Mercurial.ini`` **or**
76 | (Windows) ``<install-dir>\Mercurial.ini`` **or**
77 | (Windows) ``<install-dir>\hgrc.d\*.rc`` **or**
77 | (Windows) ``<install-dir>\hgrc.d\*.rc`` **or**
78 | (Windows) ``HKEY_LOCAL_MACHINE\SOFTWARE\Mercurial``
78 | (Windows) ``HKEY_LOCAL_MACHINE\SOFTWARE\Mercurial``
79
79
80 Per-installation/system configuration files, for the system on
80 Per-installation/system configuration files, for the system on
81 which Mercurial is running. Options in these files apply to all
81 which Mercurial is running. Options in these files apply to all
82 Mercurial commands executed by any user in any directory. Registry
82 Mercurial commands executed by any user in any directory. Registry
83 keys contain PATH-like strings, every part of which must reference
83 keys contain PATH-like strings, every part of which must reference
84 a ``Mercurial.ini`` file or be a directory where ``*.rc`` files will
84 a ``Mercurial.ini`` file or be a directory where ``*.rc`` files will
85 be read. Mercurial checks each of these locations in the specified
85 be read. Mercurial checks each of these locations in the specified
86 order until one or more configuration files are detected. If the
86 order until one or more configuration files are detected. If the
87 pywin32 extensions are not installed, Mercurial will only look for
87 pywin32 extensions are not installed, Mercurial will only look for
88 site-wide configuration in ``C:\Mercurial\Mercurial.ini``.
88 site-wide configuration in ``C:\Mercurial\Mercurial.ini``.
89
89
90 Syntax
90 Syntax
91 ------
91 ------
92
92
93 A configuration file consists of sections, led by a ``[section]`` header
93 A configuration file consists of sections, led by a ``[section]`` header
94 and followed by ``name = value`` entries (sometimes called
94 and followed by ``name = value`` entries (sometimes called
95 ``configuration keys``)::
95 ``configuration keys``)::
96
96
97 [spam]
97 [spam]
98 eggs=ham
98 eggs=ham
99 green=
99 green=
100 eggs
100 eggs
101
101
102 Each line contains one entry. If the lines that follow are indented,
102 Each line contains one entry. If the lines that follow are indented,
103 they are treated as continuations of that entry. Leading whitespace is
103 they are treated as continuations of that entry. Leading whitespace is
104 removed from values. Empty lines are skipped. Lines beginning with
104 removed from values. Empty lines are skipped. Lines beginning with
105 ``#`` or ``;`` are ignored and may be used to provide comments.
105 ``#`` or ``;`` are ignored and may be used to provide comments.
106
106
107 Configuration keys can be set multiple times, in which case Mercurial
107 Configuration keys can be set multiple times, in which case Mercurial
108 will use the value that was configured last. As an example::
108 will use the value that was configured last. As an example::
109
109
110 [spam]
110 [spam]
111 eggs=large
111 eggs=large
112 ham=serrano
112 ham=serrano
113 eggs=small
113 eggs=small
114
114
115 This would set the configuration key named ``eggs`` to ``small``.
115 This would set the configuration key named ``eggs`` to ``small``.
116
116
117 It is also possible to define a section multiple times. A section can
117 It is also possible to define a section multiple times. A section can
118 be redefined on the same and/or on different configuration files. For
118 be redefined on the same and/or on different configuration files. For
119 example::
119 example::
120
120
121 [foo]
121 [foo]
122 eggs=large
122 eggs=large
123 ham=serrano
123 ham=serrano
124 eggs=small
124 eggs=small
125
125
126 [bar]
126 [bar]
127 eggs=ham
127 eggs=ham
128 green=
128 green=
129 eggs
129 eggs
130
130
131 [foo]
131 [foo]
132 ham=prosciutto
132 ham=prosciutto
133 eggs=medium
133 eggs=medium
134 bread=toasted
134 bread=toasted
135
135
136 This would set the ``eggs``, ``ham``, and ``bread`` configuration keys
136 This would set the ``eggs``, ``ham``, and ``bread`` configuration keys
137 of the ``foo`` section to ``medium``, ``prosciutto``, and ``toasted``,
137 of the ``foo`` section to ``medium``, ``prosciutto``, and ``toasted``,
138 respectively. As you can see there only thing that matters is the last
138 respectively. As you can see there only thing that matters is the last
139 value that was set for each of the configuration keys.
139 value that was set for each of the configuration keys.
140
140
141 If a configuration key is set multiple times in different
141 If a configuration key is set multiple times in different
142 configuration files the final value will depend on the order in which
142 configuration files the final value will depend on the order in which
143 the different configuration files are read, with settings from earlier
143 the different configuration files are read, with settings from earlier
144 paths overriding later ones as described on the ``Files`` section
144 paths overriding later ones as described on the ``Files`` section
145 above.
145 above.
146
146
147 A line of the form ``%include file`` will include ``file`` into the
147 A line of the form ``%include file`` will include ``file`` into the
148 current configuration file. The inclusion is recursive, which means
148 current configuration file. The inclusion is recursive, which means
149 that included files can include other files. Filenames are relative to
149 that included files can include other files. Filenames are relative to
150 the configuration file in which the ``%include`` directive is found.
150 the configuration file in which the ``%include`` directive is found.
151 Environment variables and ``~user`` constructs are expanded in
151 Environment variables and ``~user`` constructs are expanded in
152 ``file``. This lets you do something like::
152 ``file``. This lets you do something like::
153
153
154 %include ~/.hgrc.d/$HOST.rc
154 %include ~/.hgrc.d/$HOST.rc
155
155
156 to include a different configuration file on each computer you use.
156 to include a different configuration file on each computer you use.
157
157
158 A line with ``%unset name`` will remove ``name`` from the current
158 A line with ``%unset name`` will remove ``name`` from the current
159 section, if it has been set previously.
159 section, if it has been set previously.
160
160
161 The values are either free-form text strings, lists of text strings,
161 The values are either free-form text strings, lists of text strings,
162 or Boolean values. Boolean values can be set to true using any of "1",
162 or Boolean values. Boolean values can be set to true using any of "1",
163 "yes", "true", or "on" and to false using "0", "no", "false", or "off"
163 "yes", "true", or "on" and to false using "0", "no", "false", or "off"
164 (all case insensitive).
164 (all case insensitive).
165
165
166 List values are separated by whitespace or comma, except when values are
166 List values are separated by whitespace or comma, except when values are
167 placed in double quotation marks::
167 placed in double quotation marks::
168
168
169 allow_read = "John Doe, PhD", brian, betty
169 allow_read = "John Doe, PhD", brian, betty
170
170
171 Quotation marks can be escaped by prefixing them with a backslash. Only
171 Quotation marks can be escaped by prefixing them with a backslash. Only
172 quotation marks at the beginning of a word is counted as a quotation
172 quotation marks at the beginning of a word is counted as a quotation
173 (e.g., ``foo"bar baz`` is the list of ``foo"bar`` and ``baz``).
173 (e.g., ``foo"bar baz`` is the list of ``foo"bar`` and ``baz``).
174
174
175 Sections
175 Sections
176 --------
176 --------
177
177
178 This section describes the different sections that may appear in a
178 This section describes the different sections that may appear in a
179 Mercurial configuration file, the purpose of each section, its possible
179 Mercurial configuration file, the purpose of each section, its possible
180 keys, and their possible values.
180 keys, and their possible values.
181
181
182 ``alias``
182 ``alias``
183 """""""""
183 """""""""
184
184
185 Defines command aliases.
185 Defines command aliases.
186 Aliases allow you to define your own commands in terms of other
186 Aliases allow you to define your own commands in terms of other
187 commands (or aliases), optionally including arguments. Positional
187 commands (or aliases), optionally including arguments. Positional
188 arguments in the form of ``$1``, ``$2``, etc in the alias definition
188 arguments in the form of ``$1``, ``$2``, etc in the alias definition
189 are expanded by Mercurial before execution. Positional arguments not
189 are expanded by Mercurial before execution. Positional arguments not
190 already used by ``$N`` in the definition are put at the end of the
190 already used by ``$N`` in the definition are put at the end of the
191 command to be executed.
191 command to be executed.
192
192
193 Alias definitions consist of lines of the form::
193 Alias definitions consist of lines of the form::
194
194
195 <alias> = <command> [<argument>]...
195 <alias> = <command> [<argument>]...
196
196
197 For example, this definition::
197 For example, this definition::
198
198
199 latest = log --limit 5
199 latest = log --limit 5
200
200
201 creates a new command ``latest`` that shows only the five most recent
201 creates a new command ``latest`` that shows only the five most recent
202 changesets. You can define subsequent aliases using earlier ones::
202 changesets. You can define subsequent aliases using earlier ones::
203
203
204 stable5 = latest -b stable
204 stable5 = latest -b stable
205
205
206 .. note:: It is possible to create aliases with the same names as
206 .. note:: It is possible to create aliases with the same names as
207 existing commands, which will then override the original
207 existing commands, which will then override the original
208 definitions. This is almost always a bad idea!
208 definitions. This is almost always a bad idea!
209
209
210 An alias can start with an exclamation point (``!``) to make it a
210 An alias can start with an exclamation point (``!``) to make it a
211 shell alias. A shell alias is executed with the shell and will let you
211 shell alias. A shell alias is executed with the shell and will let you
212 run arbitrary commands. As an example, ::
212 run arbitrary commands. As an example, ::
213
213
214 echo = !echo
214 echo = !echo
215
215
216 will let you do ``hg echo foo`` to have ``foo`` printed in your
216 will let you do ``hg echo foo`` to have ``foo`` printed in your
217 terminal. A better example might be::
217 terminal. A better example might be::
218
218
219 purge = !$HG status --no-status --unknown -0 | xargs -0 rm
219 purge = !$HG status --no-status --unknown -0 | xargs -0 rm
220
220
221 which will make ``hg purge`` delete all unknown files in the
221 which will make ``hg purge`` delete all unknown files in the
222 repository in the same manner as the purge extension.
222 repository in the same manner as the purge extension.
223
223
224 Shell aliases are executed in an environment where ``$HG`` expand to
224 Shell aliases are executed in an environment where ``$HG`` expand to
225 the path of the Mercurial that was used to execute the alias. This is
225 the path of the Mercurial that was used to execute the alias. This is
226 useful when you want to call further Mercurial commands in a shell
226 useful when you want to call further Mercurial commands in a shell
227 alias, as was done above for the purge alias. In addition,
227 alias, as was done above for the purge alias. In addition,
228 ``$HG_ARGS`` expand to the arguments given to Mercurial. In the ``hg
228 ``$HG_ARGS`` expand to the arguments given to Mercurial. In the ``hg
229 echo foo`` call above, ``$HG_ARGS`` would expand to ``echo foo``.
229 echo foo`` call above, ``$HG_ARGS`` would expand to ``echo foo``.
230
230
231 .. note:: Some global configuration options such as ``-R`` are
231 .. note:: Some global configuration options such as ``-R`` are
232 processed before shell aliases and will thus not be passed to
232 processed before shell aliases and will thus not be passed to
233 aliases.
233 aliases.
234
234
235
235
236 ``annotate``
236 ``annotate``
237 """"""""""""
237 """"""""""""
238
238
239 Settings used when displaying file annotations. All values are
239 Settings used when displaying file annotations. All values are
240 Booleans and default to False. See ``diff`` section for related
240 Booleans and default to False. See ``diff`` section for related
241 options for the diff command.
241 options for the diff command.
242
242
243 ``ignorews``
243 ``ignorews``
244 Ignore white space when comparing lines.
244 Ignore white space when comparing lines.
245
245
246 ``ignorewsamount``
246 ``ignorewsamount``
247 Ignore changes in the amount of white space.
247 Ignore changes in the amount of white space.
248
248
249 ``ignoreblanklines``
249 ``ignoreblanklines``
250 Ignore changes whose lines are all blank.
250 Ignore changes whose lines are all blank.
251
251
252
252
253 ``auth``
253 ``auth``
254 """"""""
254 """"""""
255
255
256 Authentication credentials for HTTP authentication. This section
256 Authentication credentials for HTTP authentication. This section
257 allows you to store usernames and passwords for use when logging
257 allows you to store usernames and passwords for use when logging
258 *into* HTTP servers. See the ``[web]`` configuration section if
258 *into* HTTP servers. See the ``[web]`` configuration section if
259 you want to configure *who* can login to your HTTP server.
259 you want to configure *who* can login to your HTTP server.
260
260
261 Each line has the following format::
261 Each line has the following format::
262
262
263 <name>.<argument> = <value>
263 <name>.<argument> = <value>
264
264
265 where ``<name>`` is used to group arguments into authentication
265 where ``<name>`` is used to group arguments into authentication
266 entries. Example::
266 entries. Example::
267
267
268 foo.prefix = hg.intevation.org/mercurial
268 foo.prefix = hg.intevation.org/mercurial
269 foo.username = foo
269 foo.username = foo
270 foo.password = bar
270 foo.password = bar
271 foo.schemes = http https
271 foo.schemes = http https
272
272
273 bar.prefix = secure.example.org
273 bar.prefix = secure.example.org
274 bar.key = path/to/file.key
274 bar.key = path/to/file.key
275 bar.cert = path/to/file.cert
275 bar.cert = path/to/file.cert
276 bar.schemes = https
276 bar.schemes = https
277
277
278 Supported arguments:
278 Supported arguments:
279
279
280 ``prefix``
280 ``prefix``
281 Either ``*`` or a URI prefix with or without the scheme part.
281 Either ``*`` or a URI prefix with or without the scheme part.
282 The authentication entry with the longest matching prefix is used
282 The authentication entry with the longest matching prefix is used
283 (where ``*`` matches everything and counts as a match of length
283 (where ``*`` matches everything and counts as a match of length
284 1). If the prefix doesn't include a scheme, the match is performed
284 1). If the prefix doesn't include a scheme, the match is performed
285 against the URI with its scheme stripped as well, and the schemes
285 against the URI with its scheme stripped as well, and the schemes
286 argument, q.v., is then subsequently consulted.
286 argument, q.v., is then subsequently consulted.
287
287
288 ``username``
288 ``username``
289 Optional. Username to authenticate with. If not given, and the
289 Optional. Username to authenticate with. If not given, and the
290 remote site requires basic or digest authentication, the user will
290 remote site requires basic or digest authentication, the user will
291 be prompted for it. Environment variables are expanded in the
291 be prompted for it. Environment variables are expanded in the
292 username letting you do ``foo.username = $USER``. If the URI
292 username letting you do ``foo.username = $USER``. If the URI
293 includes a username, only ``[auth]`` entries with a matching
293 includes a username, only ``[auth]`` entries with a matching
294 username or without a username will be considered.
294 username or without a username will be considered.
295
295
296 ``password``
296 ``password``
297 Optional. Password to authenticate with. If not given, and the
297 Optional. Password to authenticate with. If not given, and the
298 remote site requires basic or digest authentication, the user
298 remote site requires basic or digest authentication, the user
299 will be prompted for it.
299 will be prompted for it.
300
300
301 ``key``
301 ``key``
302 Optional. PEM encoded client certificate key file. Environment
302 Optional. PEM encoded client certificate key file. Environment
303 variables are expanded in the filename.
303 variables are expanded in the filename.
304
304
305 ``cert``
305 ``cert``
306 Optional. PEM encoded client certificate chain file. Environment
306 Optional. PEM encoded client certificate chain file. Environment
307 variables are expanded in the filename.
307 variables are expanded in the filename.
308
308
309 ``schemes``
309 ``schemes``
310 Optional. Space separated list of URI schemes to use this
310 Optional. Space separated list of URI schemes to use this
311 authentication entry with. Only used if the prefix doesn't include
311 authentication entry with. Only used if the prefix doesn't include
312 a scheme. Supported schemes are http and https. They will match
312 a scheme. Supported schemes are http and https. They will match
313 static-http and static-https respectively, as well.
313 static-http and static-https respectively, as well.
314 Default: https.
314 Default: https.
315
315
316 If no suitable authentication entry is found, the user is prompted
316 If no suitable authentication entry is found, the user is prompted
317 for credentials as usual if required by the remote.
317 for credentials as usual if required by the remote.
318
318
319
319
320 ``decode/encode``
320 ``decode/encode``
321 """""""""""""""""
321 """""""""""""""""
322
322
323 Filters for transforming files on checkout/checkin. This would
323 Filters for transforming files on checkout/checkin. This would
324 typically be used for newline processing or other
324 typically be used for newline processing or other
325 localization/canonicalization of files.
325 localization/canonicalization of files.
326
326
327 Filters consist of a filter pattern followed by a filter command.
327 Filters consist of a filter pattern followed by a filter command.
328 Filter patterns are globs by default, rooted at the repository root.
328 Filter patterns are globs by default, rooted at the repository root.
329 For example, to match any file ending in ``.txt`` in the root
329 For example, to match any file ending in ``.txt`` in the root
330 directory only, use the pattern ``*.txt``. To match any file ending
330 directory only, use the pattern ``*.txt``. To match any file ending
331 in ``.c`` anywhere in the repository, use the pattern ``**.c``.
331 in ``.c`` anywhere in the repository, use the pattern ``**.c``.
332 For each file only the first matching filter applies.
332 For each file only the first matching filter applies.
333
333
334 The filter command can start with a specifier, either ``pipe:`` or
334 The filter command can start with a specifier, either ``pipe:`` or
335 ``tempfile:``. If no specifier is given, ``pipe:`` is used by default.
335 ``tempfile:``. If no specifier is given, ``pipe:`` is used by default.
336
336
337 A ``pipe:`` command must accept data on stdin and return the transformed
337 A ``pipe:`` command must accept data on stdin and return the transformed
338 data on stdout.
338 data on stdout.
339
339
340 Pipe example::
340 Pipe example::
341
341
342 [encode]
342 [encode]
343 # uncompress gzip files on checkin to improve delta compression
343 # uncompress gzip files on checkin to improve delta compression
344 # note: not necessarily a good idea, just an example
344 # note: not necessarily a good idea, just an example
345 *.gz = pipe: gunzip
345 *.gz = pipe: gunzip
346
346
347 [decode]
347 [decode]
348 # recompress gzip files when writing them to the working dir (we
348 # recompress gzip files when writing them to the working dir (we
349 # can safely omit "pipe:", because it's the default)
349 # can safely omit "pipe:", because it's the default)
350 *.gz = gzip
350 *.gz = gzip
351
351
352 A ``tempfile:`` command is a template. The string ``INFILE`` is replaced
352 A ``tempfile:`` command is a template. The string ``INFILE`` is replaced
353 with the name of a temporary file that contains the data to be
353 with the name of a temporary file that contains the data to be
354 filtered by the command. The string ``OUTFILE`` is replaced with the name
354 filtered by the command. The string ``OUTFILE`` is replaced with the name
355 of an empty temporary file, where the filtered data must be written by
355 of an empty temporary file, where the filtered data must be written by
356 the command.
356 the command.
357
357
358 .. note:: The tempfile mechanism is recommended for Windows systems,
358 .. note:: The tempfile mechanism is recommended for Windows systems,
359 where the standard shell I/O redirection operators often have
359 where the standard shell I/O redirection operators often have
360 strange effects and may corrupt the contents of your files.
360 strange effects and may corrupt the contents of your files.
361
361
362 This filter mechanism is used internally by the ``eol`` extension to
362 This filter mechanism is used internally by the ``eol`` extension to
363 translate line ending characters between Windows (CRLF) and Unix (LF)
363 translate line ending characters between Windows (CRLF) and Unix (LF)
364 format. We suggest you use the ``eol`` extension for convenience.
364 format. We suggest you use the ``eol`` extension for convenience.
365
365
366
366
367 ``defaults``
367 ``defaults``
368 """"""""""""
368 """"""""""""
369
369
370 (defaults are deprecated. Don't use them. Use aliases instead)
370 (defaults are deprecated. Don't use them. Use aliases instead)
371
371
372 Use the ``[defaults]`` section to define command defaults, i.e. the
372 Use the ``[defaults]`` section to define command defaults, i.e. the
373 default options/arguments to pass to the specified commands.
373 default options/arguments to pass to the specified commands.
374
374
375 The following example makes :hg:`log` run in verbose mode, and
375 The following example makes :hg:`log` run in verbose mode, and
376 :hg:`status` show only the modified files, by default::
376 :hg:`status` show only the modified files, by default::
377
377
378 [defaults]
378 [defaults]
379 log = -v
379 log = -v
380 status = -m
380 status = -m
381
381
382 The actual commands, instead of their aliases, must be used when
382 The actual commands, instead of their aliases, must be used when
383 defining command defaults. The command defaults will also be applied
383 defining command defaults. The command defaults will also be applied
384 to the aliases of the commands defined.
384 to the aliases of the commands defined.
385
385
386
386
387 ``diff``
387 ``diff``
388 """"""""
388 """"""""
389
389
390 Settings used when displaying diffs. Everything except for ``unified``
390 Settings used when displaying diffs. Everything except for ``unified``
391 is a Boolean and defaults to False. See ``annotate`` section for
391 is a Boolean and defaults to False. See ``annotate`` section for
392 related options for the annotate command.
392 related options for the annotate command.
393
393
394 ``git``
394 ``git``
395 Use git extended diff format.
395 Use git extended diff format.
396
396
397 ``nodates``
397 ``nodates``
398 Don't include dates in diff headers.
398 Don't include dates in diff headers.
399
399
400 ``showfunc``
400 ``showfunc``
401 Show which function each change is in.
401 Show which function each change is in.
402
402
403 ``ignorews``
403 ``ignorews``
404 Ignore white space when comparing lines.
404 Ignore white space when comparing lines.
405
405
406 ``ignorewsamount``
406 ``ignorewsamount``
407 Ignore changes in the amount of white space.
407 Ignore changes in the amount of white space.
408
408
409 ``ignoreblanklines``
409 ``ignoreblanklines``
410 Ignore changes whose lines are all blank.
410 Ignore changes whose lines are all blank.
411
411
412 ``unified``
412 ``unified``
413 Number of lines of context to show.
413 Number of lines of context to show.
414
414
415 ``email``
415 ``email``
416 """""""""
416 """""""""
417
417
418 Settings for extensions that send email messages.
418 Settings for extensions that send email messages.
419
419
420 ``from``
420 ``from``
421 Optional. Email address to use in "From" header and SMTP envelope
421 Optional. Email address to use in "From" header and SMTP envelope
422 of outgoing messages.
422 of outgoing messages.
423
423
424 ``to``
424 ``to``
425 Optional. Comma-separated list of recipients' email addresses.
425 Optional. Comma-separated list of recipients' email addresses.
426
426
427 ``cc``
427 ``cc``
428 Optional. Comma-separated list of carbon copy recipients'
428 Optional. Comma-separated list of carbon copy recipients'
429 email addresses.
429 email addresses.
430
430
431 ``bcc``
431 ``bcc``
432 Optional. Comma-separated list of blind carbon copy recipients'
432 Optional. Comma-separated list of blind carbon copy recipients'
433 email addresses.
433 email addresses.
434
434
435 ``method``
435 ``method``
436 Optional. Method to use to send email messages. If value is ``smtp``
436 Optional. Method to use to send email messages. If value is ``smtp``
437 (default), use SMTP (see the ``[smtp]`` section for configuration).
437 (default), use SMTP (see the ``[smtp]`` section for configuration).
438 Otherwise, use as name of program to run that acts like sendmail
438 Otherwise, use as name of program to run that acts like sendmail
439 (takes ``-f`` option for sender, list of recipients on command line,
439 (takes ``-f`` option for sender, list of recipients on command line,
440 message on stdin). Normally, setting this to ``sendmail`` or
440 message on stdin). Normally, setting this to ``sendmail`` or
441 ``/usr/sbin/sendmail`` is enough to use sendmail to send messages.
441 ``/usr/sbin/sendmail`` is enough to use sendmail to send messages.
442
442
443 ``charsets``
443 ``charsets``
444 Optional. Comma-separated list of character sets considered
444 Optional. Comma-separated list of character sets considered
445 convenient for recipients. Addresses, headers, and parts not
445 convenient for recipients. Addresses, headers, and parts not
446 containing patches of outgoing messages will be encoded in the
446 containing patches of outgoing messages will be encoded in the
447 first character set to which conversion from local encoding
447 first character set to which conversion from local encoding
448 (``$HGENCODING``, ``ui.fallbackencoding``) succeeds. If correct
448 (``$HGENCODING``, ``ui.fallbackencoding``) succeeds. If correct
449 conversion fails, the text in question is sent as is. Defaults to
449 conversion fails, the text in question is sent as is. Defaults to
450 empty (explicit) list.
450 empty (explicit) list.
451
451
452 Order of outgoing email character sets:
452 Order of outgoing email character sets:
453
453
454 1. ``us-ascii``: always first, regardless of settings
454 1. ``us-ascii``: always first, regardless of settings
455 2. ``email.charsets``: in order given by user
455 2. ``email.charsets``: in order given by user
456 3. ``ui.fallbackencoding``: if not in email.charsets
456 3. ``ui.fallbackencoding``: if not in email.charsets
457 4. ``$HGENCODING``: if not in email.charsets
457 4. ``$HGENCODING``: if not in email.charsets
458 5. ``utf-8``: always last, regardless of settings
458 5. ``utf-8``: always last, regardless of settings
459
459
460 Email example::
460 Email example::
461
461
462 [email]
462 [email]
463 from = Joseph User <joe.user@example.com>
463 from = Joseph User <joe.user@example.com>
464 method = /usr/sbin/sendmail
464 method = /usr/sbin/sendmail
465 # charsets for western Europeans
465 # charsets for western Europeans
466 # us-ascii, utf-8 omitted, as they are tried first and last
466 # us-ascii, utf-8 omitted, as they are tried first and last
467 charsets = iso-8859-1, iso-8859-15, windows-1252
467 charsets = iso-8859-1, iso-8859-15, windows-1252
468
468
469
469
470 ``extensions``
470 ``extensions``
471 """"""""""""""
471 """"""""""""""
472
472
473 Mercurial has an extension mechanism for adding new features. To
473 Mercurial has an extension mechanism for adding new features. To
474 enable an extension, create an entry for it in this section.
474 enable an extension, create an entry for it in this section.
475
475
476 If you know that the extension is already in Python's search path,
476 If you know that the extension is already in Python's search path,
477 you can give the name of the module, followed by ``=``, with nothing
477 you can give the name of the module, followed by ``=``, with nothing
478 after the ``=``.
478 after the ``=``.
479
479
480 Otherwise, give a name that you choose, followed by ``=``, followed by
480 Otherwise, give a name that you choose, followed by ``=``, followed by
481 the path to the ``.py`` file (including the file name extension) that
481 the path to the ``.py`` file (including the file name extension) that
482 defines the extension.
482 defines the extension.
483
483
484 To explicitly disable an extension that is enabled in an hgrc of
484 To explicitly disable an extension that is enabled in an hgrc of
485 broader scope, prepend its path with ``!``, as in ``foo = !/ext/path``
485 broader scope, prepend its path with ``!``, as in ``foo = !/ext/path``
486 or ``foo = !`` when path is not supplied.
486 or ``foo = !`` when path is not supplied.
487
487
488 Example for ``~/.hgrc``::
488 Example for ``~/.hgrc``::
489
489
490 [extensions]
490 [extensions]
491 # (the mq extension will get loaded from Mercurial's path)
491 # (the mq extension will get loaded from Mercurial's path)
492 mq =
492 mq =
493 # (this extension will get loaded from the file specified)
493 # (this extension will get loaded from the file specified)
494 myfeature = ~/.hgext/myfeature.py
494 myfeature = ~/.hgext/myfeature.py
495
495
496
496
497 ``format``
497 ``format``
498 """"""""""
498 """"""""""
499
499
500 ``usestore``
500 ``usestore``
501 Enable or disable the "store" repository format which improves
501 Enable or disable the "store" repository format which improves
502 compatibility with systems that fold case or otherwise mangle
502 compatibility with systems that fold case or otherwise mangle
503 filenames. Enabled by default. Disabling this option will allow
503 filenames. Enabled by default. Disabling this option will allow
504 you to store longer filenames in some situations at the expense of
504 you to store longer filenames in some situations at the expense of
505 compatibility and ensures that the on-disk format of newly created
505 compatibility and ensures that the on-disk format of newly created
506 repositories will be compatible with Mercurial before version 0.9.4.
506 repositories will be compatible with Mercurial before version 0.9.4.
507
507
508 ``usefncache``
508 ``usefncache``
509 Enable or disable the "fncache" repository format which enhances
509 Enable or disable the "fncache" repository format which enhances
510 the "store" repository format (which has to be enabled to use
510 the "store" repository format (which has to be enabled to use
511 fncache) to allow longer filenames and avoids using Windows
511 fncache) to allow longer filenames and avoids using Windows
512 reserved names, e.g. "nul". Enabled by default. Disabling this
512 reserved names, e.g. "nul". Enabled by default. Disabling this
513 option ensures that the on-disk format of newly created
513 option ensures that the on-disk format of newly created
514 repositories will be compatible with Mercurial before version 1.1.
514 repositories will be compatible with Mercurial before version 1.1.
515
515
516 ``dotencode``
516 ``dotencode``
517 Enable or disable the "dotencode" repository format which enhances
517 Enable or disable the "dotencode" repository format which enhances
518 the "fncache" repository format (which has to be enabled to use
518 the "fncache" repository format (which has to be enabled to use
519 dotencode) to avoid issues with filenames starting with ._ on
519 dotencode) to avoid issues with filenames starting with ._ on
520 Mac OS X and spaces on Windows. Enabled by default. Disabling this
520 Mac OS X and spaces on Windows. Enabled by default. Disabling this
521 option ensures that the on-disk format of newly created
521 option ensures that the on-disk format of newly created
522 repositories will be compatible with Mercurial before version 1.7.
522 repositories will be compatible with Mercurial before version 1.7.
523
523
524 ``graph``
524 ``graph``
525 """""""""
525 """""""""
526
526
527 Web graph view configuration. This section let you change graph
527 Web graph view configuration. This section let you change graph
528 elements display properties by branches, for instance to make the
528 elements display properties by branches, for instance to make the
529 ``default`` branch stand out.
529 ``default`` branch stand out.
530
530
531 Each line has the following format::
531 Each line has the following format::
532
532
533 <branch>.<argument> = <value>
533 <branch>.<argument> = <value>
534
534
535 where ``<branch>`` is the name of the branch being
535 where ``<branch>`` is the name of the branch being
536 customized. Example::
536 customized. Example::
537
537
538 [graph]
538 [graph]
539 # 2px width
539 # 2px width
540 default.width = 2
540 default.width = 2
541 # red color
541 # red color
542 default.color = FF0000
542 default.color = FF0000
543
543
544 Supported arguments:
544 Supported arguments:
545
545
546 ``width``
546 ``width``
547 Set branch edges width in pixels.
547 Set branch edges width in pixels.
548
548
549 ``color``
549 ``color``
550 Set branch edges color in hexadecimal RGB notation.
550 Set branch edges color in hexadecimal RGB notation.
551
551
552 ``hooks``
552 ``hooks``
553 """""""""
553 """""""""
554
554
555 Commands or Python functions that get automatically executed by
555 Commands or Python functions that get automatically executed by
556 various actions such as starting or finishing a commit. Multiple
556 various actions such as starting or finishing a commit. Multiple
557 hooks can be run for the same action by appending a suffix to the
557 hooks can be run for the same action by appending a suffix to the
558 action. Overriding a site-wide hook can be done by changing its
558 action. Overriding a site-wide hook can be done by changing its
559 value or setting it to an empty string. Hooks can be prioritized
559 value or setting it to an empty string. Hooks can be prioritized
560 by adding a prefix of ``priority`` to the hook name on a new line
560 by adding a prefix of ``priority`` to the hook name on a new line
561 and setting the priority. The default priority is 0 if
561 and setting the priority. The default priority is 0 if
562 not specified.
562 not specified.
563
563
564 Example ``.hg/hgrc``::
564 Example ``.hg/hgrc``::
565
565
566 [hooks]
566 [hooks]
567 # update working directory after adding changesets
567 # update working directory after adding changesets
568 changegroup.update = hg update
568 changegroup.update = hg update
569 # do not use the site-wide hook
569 # do not use the site-wide hook
570 incoming =
570 incoming =
571 incoming.email = /my/email/hook
571 incoming.email = /my/email/hook
572 incoming.autobuild = /my/build/hook
572 incoming.autobuild = /my/build/hook
573 # force autobuild hook to run before other incoming hooks
573 # force autobuild hook to run before other incoming hooks
574 priority.incoming.autobuild = 1
574 priority.incoming.autobuild = 1
575
575
576 Most hooks are run with environment variables set that give useful
576 Most hooks are run with environment variables set that give useful
577 additional information. For each hook below, the environment
577 additional information. For each hook below, the environment
578 variables it is passed are listed with names of the form ``$HG_foo``.
578 variables it is passed are listed with names of the form ``$HG_foo``.
579
579
580 ``changegroup``
580 ``changegroup``
581 Run after a changegroup has been added via push, pull or unbundle.
581 Run after a changegroup has been added via push, pull or unbundle.
582 ID of the first new changeset is in ``$HG_NODE``. URL from which
582 ID of the first new changeset is in ``$HG_NODE``. URL from which
583 changes came is in ``$HG_URL``.
583 changes came is in ``$HG_URL``.
584
584
585 ``commit``
585 ``commit``
586 Run after a changeset has been created in the local repository. ID
586 Run after a changeset has been created in the local repository. ID
587 of the newly created changeset is in ``$HG_NODE``. Parent changeset
587 of the newly created changeset is in ``$HG_NODE``. Parent changeset
588 IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
588 IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
589
589
590 ``incoming``
590 ``incoming``
591 Run after a changeset has been pulled, pushed, or unbundled into
591 Run after a changeset has been pulled, pushed, or unbundled into
592 the local repository. The ID of the newly arrived changeset is in
592 the local repository. The ID of the newly arrived changeset is in
593 ``$HG_NODE``. URL that was source of changes came is in ``$HG_URL``.
593 ``$HG_NODE``. URL that was source of changes came is in ``$HG_URL``.
594
594
595 ``outgoing``
595 ``outgoing``
596 Run after sending changes from local repository to another. ID of
596 Run after sending changes from local repository to another. ID of
597 first changeset sent is in ``$HG_NODE``. Source of operation is in
597 first changeset sent is in ``$HG_NODE``. Source of operation is in
598 ``$HG_SOURCE``; see "preoutgoing" hook for description.
598 ``$HG_SOURCE``; see "preoutgoing" hook for description.
599
599
600 ``post-<command>``
600 ``post-<command>``
601 Run after successful invocations of the associated command. The
601 Run after successful invocations of the associated command. The
602 contents of the command line are passed as ``$HG_ARGS`` and the result
602 contents of the command line are passed as ``$HG_ARGS`` and the result
603 code in ``$HG_RESULT``. Parsed command line arguments are passed as
603 code in ``$HG_RESULT``. Parsed command line arguments are passed as
604 ``$HG_PATS`` and ``$HG_OPTS``. These contain string representations of
604 ``$HG_PATS`` and ``$HG_OPTS``. These contain string representations of
605 the python data internally passed to <command>. ``$HG_OPTS`` is a
605 the python data internally passed to <command>. ``$HG_OPTS`` is a
606 dictionary of options (with unspecified options set to their defaults).
606 dictionary of options (with unspecified options set to their defaults).
607 ``$HG_PATS`` is a list of arguments. Hook failure is ignored.
607 ``$HG_PATS`` is a list of arguments. Hook failure is ignored.
608
608
609 ``pre-<command>``
609 ``pre-<command>``
610 Run before executing the associated command. The contents of the
610 Run before executing the associated command. The contents of the
611 command line are passed as ``$HG_ARGS``. Parsed command line arguments
611 command line are passed as ``$HG_ARGS``. Parsed command line arguments
612 are passed as ``$HG_PATS`` and ``$HG_OPTS``. These contain string
612 are passed as ``$HG_PATS`` and ``$HG_OPTS``. These contain string
613 representations of the data internally passed to <command>. ``$HG_OPTS``
613 representations of the data internally passed to <command>. ``$HG_OPTS``
614 is a dictionary of options (with unspecified options set to their
614 is a dictionary of options (with unspecified options set to their
615 defaults). ``$HG_PATS`` is a list of arguments. If the hook returns
615 defaults). ``$HG_PATS`` is a list of arguments. If the hook returns
616 failure, the command doesn't execute and Mercurial returns the failure
616 failure, the command doesn't execute and Mercurial returns the failure
617 code.
617 code.
618
618
619 ``prechangegroup``
619 ``prechangegroup``
620 Run before a changegroup is added via push, pull or unbundle. Exit
620 Run before a changegroup is added via push, pull or unbundle. Exit
621 status 0 allows the changegroup to proceed. Non-zero status will
621 status 0 allows the changegroup to proceed. Non-zero status will
622 cause the push, pull or unbundle to fail. URL from which changes
622 cause the push, pull or unbundle to fail. URL from which changes
623 will come is in ``$HG_URL``.
623 will come is in ``$HG_URL``.
624
624
625 ``precommit``
625 ``precommit``
626 Run before starting a local commit. Exit status 0 allows the
626 Run before starting a local commit. Exit status 0 allows the
627 commit to proceed. Non-zero status will cause the commit to fail.
627 commit to proceed. Non-zero status will cause the commit to fail.
628 Parent changeset IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
628 Parent changeset IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
629
629
630 ``prelistkeys``
630 ``prelistkeys``
631 Run before listing pushkeys (like bookmarks) in the
631 Run before listing pushkeys (like bookmarks) in the
632 repository. Non-zero status will cause failure. The key namespace is
632 repository. Non-zero status will cause failure. The key namespace is
633 in ``$HG_NAMESPACE``.
633 in ``$HG_NAMESPACE``.
634
634
635 ``preoutgoing``
635 ``preoutgoing``
636 Run before collecting changes to send from the local repository to
636 Run before collecting changes to send from the local repository to
637 another. Non-zero status will cause failure. This lets you prevent
637 another. Non-zero status will cause failure. This lets you prevent
638 pull over HTTP or SSH. Also prevents against local pull, push
638 pull over HTTP or SSH. Also prevents against local pull, push
639 (outbound) or bundle commands, but not effective, since you can
639 (outbound) or bundle commands, but not effective, since you can
640 just copy files instead then. Source of operation is in
640 just copy files instead then. Source of operation is in
641 ``$HG_SOURCE``. If "serve", operation is happening on behalf of remote
641 ``$HG_SOURCE``. If "serve", operation is happening on behalf of remote
642 SSH or HTTP repository. If "push", "pull" or "bundle", operation
642 SSH or HTTP repository. If "push", "pull" or "bundle", operation
643 is happening on behalf of repository on same system.
643 is happening on behalf of repository on same system.
644
644
645 ``prepushkey``
645 ``prepushkey``
646 Run before a pushkey (like a bookmark) is added to the
646 Run before a pushkey (like a bookmark) is added to the
647 repository. Non-zero status will cause the key to be rejected. The
647 repository. Non-zero status will cause the key to be rejected. The
648 key namespace is in ``$HG_NAMESPACE``, the key is in ``$HG_KEY``,
648 key namespace is in ``$HG_NAMESPACE``, the key is in ``$HG_KEY``,
649 the old value (if any) is in ``$HG_OLD``, and the new value is in
649 the old value (if any) is in ``$HG_OLD``, and the new value is in
650 ``$HG_NEW``.
650 ``$HG_NEW``.
651
651
652 ``pretag``
652 ``pretag``
653 Run before creating a tag. Exit status 0 allows the tag to be
653 Run before creating a tag. Exit status 0 allows the tag to be
654 created. Non-zero status will cause the tag to fail. ID of
654 created. Non-zero status will cause the tag to fail. ID of
655 changeset to tag is in ``$HG_NODE``. Name of tag is in ``$HG_TAG``. Tag is
655 changeset to tag is in ``$HG_NODE``. Name of tag is in ``$HG_TAG``. Tag is
656 local if ``$HG_LOCAL=1``, in repository if ``$HG_LOCAL=0``.
656 local if ``$HG_LOCAL=1``, in repository if ``$HG_LOCAL=0``.
657
657
658 ``pretxnchangegroup``
658 ``pretxnchangegroup``
659 Run after a changegroup has been added via push, pull or unbundle,
659 Run after a changegroup has been added via push, pull or unbundle,
660 but before the transaction has been committed. Changegroup is
660 but before the transaction has been committed. Changegroup is
661 visible to hook program. This lets you validate incoming changes
661 visible to hook program. This lets you validate incoming changes
662 before accepting them. Passed the ID of the first new changeset in
662 before accepting them. Passed the ID of the first new changeset in
663 ``$HG_NODE``. Exit status 0 allows the transaction to commit. Non-zero
663 ``$HG_NODE``. Exit status 0 allows the transaction to commit. Non-zero
664 status will cause the transaction to be rolled back and the push,
664 status will cause the transaction to be rolled back and the push,
665 pull or unbundle will fail. URL that was source of changes is in
665 pull or unbundle will fail. URL that was source of changes is in
666 ``$HG_URL``.
666 ``$HG_URL``.
667
667
668 ``pretxncommit``
668 ``pretxncommit``
669 Run after a changeset has been created but the transaction not yet
669 Run after a changeset has been created but the transaction not yet
670 committed. Changeset is visible to hook program. This lets you
670 committed. Changeset is visible to hook program. This lets you
671 validate commit message and changes. Exit status 0 allows the
671 validate commit message and changes. Exit status 0 allows the
672 commit to proceed. Non-zero status will cause the transaction to
672 commit to proceed. Non-zero status will cause the transaction to
673 be rolled back. ID of changeset is in ``$HG_NODE``. Parent changeset
673 be rolled back. ID of changeset is in ``$HG_NODE``. Parent changeset
674 IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
674 IDs are in ``$HG_PARENT1`` and ``$HG_PARENT2``.
675
675
676 ``preupdate``
676 ``preupdate``
677 Run before updating the working directory. Exit status 0 allows
677 Run before updating the working directory. Exit status 0 allows
678 the update to proceed. Non-zero status will prevent the update.
678 the update to proceed. Non-zero status will prevent the update.
679 Changeset ID of first new parent is in ``$HG_PARENT1``. If merge, ID
679 Changeset ID of first new parent is in ``$HG_PARENT1``. If merge, ID
680 of second new parent is in ``$HG_PARENT2``.
680 of second new parent is in ``$HG_PARENT2``.
681
681
682 ``listkeys``
682 ``listkeys``
683 Run after listing pushkeys (like bookmarks) in the repository. The
683 Run after listing pushkeys (like bookmarks) in the repository. The
684 key namespace is in ``$HG_NAMESPACE``. ``$HG_VALUES`` is a
684 key namespace is in ``$HG_NAMESPACE``. ``$HG_VALUES`` is a
685 dictionary containing the keys and values.
685 dictionary containing the keys and values.
686
686
687 ``pushkey``
687 ``pushkey``
688 Run after a pushkey (like a bookmark) is added to the
688 Run after a pushkey (like a bookmark) is added to the
689 repository. The key namespace is in ``$HG_NAMESPACE``, the key is in
689 repository. The key namespace is in ``$HG_NAMESPACE``, the key is in
690 ``$HG_KEY``, the old value (if any) is in ``$HG_OLD``, and the new
690 ``$HG_KEY``, the old value (if any) is in ``$HG_OLD``, and the new
691 value is in ``$HG_NEW``.
691 value is in ``$HG_NEW``.
692
692
693 ``tag``
693 ``tag``
694 Run after a tag is created. ID of tagged changeset is in ``$HG_NODE``.
694 Run after a tag is created. ID of tagged changeset is in ``$HG_NODE``.
695 Name of tag is in ``$HG_TAG``. Tag is local if ``$HG_LOCAL=1``, in
695 Name of tag is in ``$HG_TAG``. Tag is local if ``$HG_LOCAL=1``, in
696 repository if ``$HG_LOCAL=0``.
696 repository if ``$HG_LOCAL=0``.
697
697
698 ``update``
698 ``update``
699 Run after updating the working directory. Changeset ID of first
699 Run after updating the working directory. Changeset ID of first
700 new parent is in ``$HG_PARENT1``. If merge, ID of second new parent is
700 new parent is in ``$HG_PARENT1``. If merge, ID of second new parent is
701 in ``$HG_PARENT2``. If the update succeeded, ``$HG_ERROR=0``. If the
701 in ``$HG_PARENT2``. If the update succeeded, ``$HG_ERROR=0``. If the
702 update failed (e.g. because conflicts not resolved), ``$HG_ERROR=1``.
702 update failed (e.g. because conflicts not resolved), ``$HG_ERROR=1``.
703
703
704 .. note:: It is generally better to use standard hooks rather than the
704 .. note:: It is generally better to use standard hooks rather than the
705 generic pre- and post- command hooks as they are guaranteed to be
705 generic pre- and post- command hooks as they are guaranteed to be
706 called in the appropriate contexts for influencing transactions.
706 called in the appropriate contexts for influencing transactions.
707 Also, hooks like "commit" will be called in all contexts that
707 Also, hooks like "commit" will be called in all contexts that
708 generate a commit (e.g. tag) and not just the commit command.
708 generate a commit (e.g. tag) and not just the commit command.
709
709
710 .. note:: Environment variables with empty values may not be passed to
710 .. note:: Environment variables with empty values may not be passed to
711 hooks on platforms such as Windows. As an example, ``$HG_PARENT2``
711 hooks on platforms such as Windows. As an example, ``$HG_PARENT2``
712 will have an empty value under Unix-like platforms for non-merge
712 will have an empty value under Unix-like platforms for non-merge
713 changesets, while it will not be available at all under Windows.
713 changesets, while it will not be available at all under Windows.
714
714
715 The syntax for Python hooks is as follows::
715 The syntax for Python hooks is as follows::
716
716
717 hookname = python:modulename.submodule.callable
717 hookname = python:modulename.submodule.callable
718 hookname = python:/path/to/python/module.py:callable
718 hookname = python:/path/to/python/module.py:callable
719
719
720 Python hooks are run within the Mercurial process. Each hook is
720 Python hooks are run within the Mercurial process. Each hook is
721 called with at least three keyword arguments: a ui object (keyword
721 called with at least three keyword arguments: a ui object (keyword
722 ``ui``), a repository object (keyword ``repo``), and a ``hooktype``
722 ``ui``), a repository object (keyword ``repo``), and a ``hooktype``
723 keyword that tells what kind of hook is used. Arguments listed as
723 keyword that tells what kind of hook is used. Arguments listed as
724 environment variables above are passed as keyword arguments, with no
724 environment variables above are passed as keyword arguments, with no
725 ``HG_`` prefix, and names in lower case.
725 ``HG_`` prefix, and names in lower case.
726
726
727 If a Python hook returns a "true" value or raises an exception, this
727 If a Python hook returns a "true" value or raises an exception, this
728 is treated as a failure.
728 is treated as a failure.
729
729
730
730
731 ``hostfingerprints``
731 ``hostfingerprints``
732 """"""""""""""""""""
732 """"""""""""""""""""
733
733
734 Fingerprints of the certificates of known HTTPS servers.
734 Fingerprints of the certificates of known HTTPS servers.
735 A HTTPS connection to a server with a fingerprint configured here will
735 A HTTPS connection to a server with a fingerprint configured here will
736 only succeed if the servers certificate matches the fingerprint.
736 only succeed if the servers certificate matches the fingerprint.
737 This is very similar to how ssh known hosts works.
737 This is very similar to how ssh known hosts works.
738 The fingerprint is the SHA-1 hash value of the DER encoded certificate.
738 The fingerprint is the SHA-1 hash value of the DER encoded certificate.
739 The CA chain and web.cacerts is not used for servers with a fingerprint.
739 The CA chain and web.cacerts is not used for servers with a fingerprint.
740
740
741 For example::
741 For example::
742
742
743 [hostfingerprints]
743 [hostfingerprints]
744 hg.intevation.org = 38:76:52:7c:87:26:9a:8f:4a:f8:d3:de:08:45:3b:ea:d6:4b:ee:cc
744 hg.intevation.org = 38:76:52:7c:87:26:9a:8f:4a:f8:d3:de:08:45:3b:ea:d6:4b:ee:cc
745
745
746 This feature is only supported when using Python 2.6 or later.
746 This feature is only supported when using Python 2.6 or later.
747
747
748
748
749 ``http_proxy``
749 ``http_proxy``
750 """"""""""""""
750 """"""""""""""
751
751
752 Used to access web-based Mercurial repositories through a HTTP
752 Used to access web-based Mercurial repositories through a HTTP
753 proxy.
753 proxy.
754
754
755 ``host``
755 ``host``
756 Host name and (optional) port of the proxy server, for example
756 Host name and (optional) port of the proxy server, for example
757 "myproxy:8000".
757 "myproxy:8000".
758
758
759 ``no``
759 ``no``
760 Optional. Comma-separated list of host names that should bypass
760 Optional. Comma-separated list of host names that should bypass
761 the proxy.
761 the proxy.
762
762
763 ``passwd``
763 ``passwd``
764 Optional. Password to authenticate with at the proxy server.
764 Optional. Password to authenticate with at the proxy server.
765
765
766 ``user``
766 ``user``
767 Optional. User name to authenticate with at the proxy server.
767 Optional. User name to authenticate with at the proxy server.
768
768
769 ``always``
769 ``always``
770 Optional. Always use the proxy, even for localhost and any entries
770 Optional. Always use the proxy, even for localhost and any entries
771 in ``http_proxy.no``. True or False. Default: False.
771 in ``http_proxy.no``. True or False. Default: False.
772
772
773 ``merge-patterns``
773 ``merge-patterns``
774 """"""""""""""""""
774 """"""""""""""""""
775
775
776 This section specifies merge tools to associate with particular file
776 This section specifies merge tools to associate with particular file
777 patterns. Tools matched here will take precedence over the default
777 patterns. Tools matched here will take precedence over the default
778 merge tool. Patterns are globs by default, rooted at the repository
778 merge tool. Patterns are globs by default, rooted at the repository
779 root.
779 root.
780
780
781 Example::
781 Example::
782
782
783 [merge-patterns]
783 [merge-patterns]
784 **.c = kdiff3
784 **.c = kdiff3
785 **.jpg = myimgmerge
785 **.jpg = myimgmerge
786
786
787 ``merge-tools``
787 ``merge-tools``
788 """""""""""""""
788 """""""""""""""
789
789
790 This section configures external merge tools to use for file-level
790 This section configures external merge tools to use for file-level
791 merges.
791 merges.
792
792
793 Example ``~/.hgrc``::
793 Example ``~/.hgrc``::
794
794
795 [merge-tools]
795 [merge-tools]
796 # Override stock tool location
796 # Override stock tool location
797 kdiff3.executable = ~/bin/kdiff3
797 kdiff3.executable = ~/bin/kdiff3
798 # Specify command line
798 # Specify command line
799 kdiff3.args = $base $local $other -o $output
799 kdiff3.args = $base $local $other -o $output
800 # Give higher priority
800 # Give higher priority
801 kdiff3.priority = 1
801 kdiff3.priority = 1
802
802
803 # Define new tool
803 # Define new tool
804 myHtmlTool.args = -m $local $other $base $output
804 myHtmlTool.args = -m $local $other $base $output
805 myHtmlTool.regkey = Software\FooSoftware\HtmlMerge
805 myHtmlTool.regkey = Software\FooSoftware\HtmlMerge
806 myHtmlTool.priority = 1
806 myHtmlTool.priority = 1
807
807
808 Supported arguments:
808 Supported arguments:
809
809
810 ``priority``
810 ``priority``
811 The priority in which to evaluate this tool.
811 The priority in which to evaluate this tool.
812 Default: 0.
812 Default: 0.
813
813
814 ``executable``
814 ``executable``
815 Either just the name of the executable or its pathname. On Windows,
815 Either just the name of the executable or its pathname. On Windows,
816 the path can use environment variables with ${ProgramFiles} syntax.
816 the path can use environment variables with ${ProgramFiles} syntax.
817 Default: the tool name.
817 Default: the tool name.
818
818
819 ``args``
819 ``args``
820 The arguments to pass to the tool executable. You can refer to the
820 The arguments to pass to the tool executable. You can refer to the
821 files being merged as well as the output file through these
821 files being merged as well as the output file through these
822 variables: ``$base``, ``$local``, ``$other``, ``$output``.
822 variables: ``$base``, ``$local``, ``$other``, ``$output``.
823 Default: ``$local $base $other``
823 Default: ``$local $base $other``
824
824
825 ``premerge``
825 ``premerge``
826 Attempt to run internal non-interactive 3-way merge tool before
826 Attempt to run internal non-interactive 3-way merge tool before
827 launching external tool. Options are ``true``, ``false``, or ``keep``
827 launching external tool. Options are ``true``, ``false``, or ``keep``
828 to leave markers in the file if the premerge fails.
828 to leave markers in the file if the premerge fails.
829 Default: True
829 Default: True
830
830
831 ``binary``
831 ``binary``
832 This tool can merge binary files. Defaults to False, unless tool
832 This tool can merge binary files. Defaults to False, unless tool
833 was selected by file pattern match.
833 was selected by file pattern match.
834
834
835 ``symlink``
835 ``symlink``
836 This tool can merge symlinks. Defaults to False, even if tool was
836 This tool can merge symlinks. Defaults to False, even if tool was
837 selected by file pattern match.
837 selected by file pattern match.
838
838
839 ``check``
839 ``check``
840 A list of merge success-checking options:
840 A list of merge success-checking options:
841
841
842 ``changed``
842 ``changed``
843 Ask whether merge was successful when the merged file shows no changes.
843 Ask whether merge was successful when the merged file shows no changes.
844 ``conflicts``
844 ``conflicts``
845 Check whether there are conflicts even though the tool reported success.
845 Check whether there are conflicts even though the tool reported success.
846 ``prompt``
846 ``prompt``
847 Always prompt for merge success, regardless of success reported by tool.
847 Always prompt for merge success, regardless of success reported by tool.
848
848
849 ``checkchanged``
849 ``checkchanged``
850 True is equivalent to ``check = changed``.
850 True is equivalent to ``check = changed``.
851 Default: False
851 Default: False
852
852
853 ``checkconflicts``
853 ``checkconflicts``
854 True is equivalent to ``check = conflicts``.
854 True is equivalent to ``check = conflicts``.
855 Default: False
855 Default: False
856
856
857 ``fixeol``
857 ``fixeol``
858 Attempt to fix up EOL changes caused by the merge tool.
858 Attempt to fix up EOL changes caused by the merge tool.
859 Default: False
859 Default: False
860
860
861 ``gui``
861 ``gui``
862 This tool requires a graphical interface to run. Default: False
862 This tool requires a graphical interface to run. Default: False
863
863
864 ``regkey``
864 ``regkey``
865 Windows registry key which describes install location of this
865 Windows registry key which describes install location of this
866 tool. Mercurial will search for this key first under
866 tool. Mercurial will search for this key first under
867 ``HKEY_CURRENT_USER`` and then under ``HKEY_LOCAL_MACHINE``.
867 ``HKEY_CURRENT_USER`` and then under ``HKEY_LOCAL_MACHINE``.
868 Default: None
868 Default: None
869
869
870 ``regkeyalt``
870 ``regkeyalt``
871 An alternate Windows registry key to try if the first key is not
871 An alternate Windows registry key to try if the first key is not
872 found. The alternate key uses the same ``regname`` and ``regappend``
872 found. The alternate key uses the same ``regname`` and ``regappend``
873 semantics of the primary key. The most common use for this key
873 semantics of the primary key. The most common use for this key
874 is to search for 32bit applications on 64bit operating systems.
874 is to search for 32bit applications on 64bit operating systems.
875 Default: None
875 Default: None
876
876
877 ``regname``
877 ``regname``
878 Name of value to read from specified registry key. Defaults to the
878 Name of value to read from specified registry key. Defaults to the
879 unnamed (default) value.
879 unnamed (default) value.
880
880
881 ``regappend``
881 ``regappend``
882 String to append to the value read from the registry, typically
882 String to append to the value read from the registry, typically
883 the executable name of the tool.
883 the executable name of the tool.
884 Default: None
884 Default: None
885
885
886
886
887 ``patch``
887 ``patch``
888 """""""""
888 """""""""
889
889
890 Settings used when applying patches, for instance through the 'import'
890 Settings used when applying patches, for instance through the 'import'
891 command or with Mercurial Queues extension.
891 command or with Mercurial Queues extension.
892
892
893 ``eol``
893 ``eol``
894 When set to 'strict' patch content and patched files end of lines
894 When set to 'strict' patch content and patched files end of lines
895 are preserved. When set to ``lf`` or ``crlf``, both files end of
895 are preserved. When set to ``lf`` or ``crlf``, both files end of
896 lines are ignored when patching and the result line endings are
896 lines are ignored when patching and the result line endings are
897 normalized to either LF (Unix) or CRLF (Windows). When set to
897 normalized to either LF (Unix) or CRLF (Windows). When set to
898 ``auto``, end of lines are again ignored while patching but line
898 ``auto``, end of lines are again ignored while patching but line
899 endings in patched files are normalized to their original setting
899 endings in patched files are normalized to their original setting
900 on a per-file basis. If target file does not exist or has no end
900 on a per-file basis. If target file does not exist or has no end
901 of line, patch line endings are preserved.
901 of line, patch line endings are preserved.
902 Default: strict.
902 Default: strict.
903
903
904
904
905 ``paths``
905 ``paths``
906 """""""""
906 """""""""
907
907
908 Assigns symbolic names to repositories. The left side is the
908 Assigns symbolic names to repositories. The left side is the
909 symbolic name, and the right gives the directory or URL that is the
909 symbolic name, and the right gives the directory or URL that is the
910 location of the repository. Default paths can be declared by setting
910 location of the repository. Default paths can be declared by setting
911 the following entries.
911 the following entries.
912
912
913 ``default``
913 ``default``
914 Directory or URL to use when pulling if no source is specified.
914 Directory or URL to use when pulling if no source is specified.
915 Default is set to repository from which the current repository was
915 Default is set to repository from which the current repository was
916 cloned.
916 cloned.
917
917
918 ``default-push``
918 ``default-push``
919 Optional. Directory or URL to use when pushing if no destination
919 Optional. Directory or URL to use when pushing if no destination
920 is specified.
920 is specified.
921
921
922 ``phases``
922 ``phases``
923 """"""""""
923 """"""""""
924
924
925 Specifies default handling of phases. See :hg:`help phases` for more
925 Specifies default handling of phases. See :hg:`help phases` for more
926 information about working with phases.
926 information about working with phases.
927
927
928 ``publish``
928 ``publish``
929 Controls draft phase behavior when working as a server. When true,
929 Controls draft phase behavior when working as a server. When true,
930 pushed changesets are set to public in both client and server and
930 pushed changesets are set to public in both client and server and
931 pulled or cloned changesets are set to public in the client.
931 pulled or cloned changesets are set to public in the client.
932 Default: True
932 Default: True
933
933
934 ``new-commit``
934 ``new-commit``
935 Phase of newly-created commits.
935 Phase of newly-created commits.
936 Default: draft
936 Default: draft
937
937
938 ``profiling``
938 ``profiling``
939 """""""""""""
939 """""""""""""
940
940
941 Specifies profiling format and file output. In this section
941 Specifies profiling format and file output. In this section
942 description, 'profiling data' stands for the raw data collected
942 description, 'profiling data' stands for the raw data collected
943 during profiling, while 'profiling report' stands for a statistical
943 during profiling, while 'profiling report' stands for a statistical
944 text report generated from the profiling data. The profiling is done
944 text report generated from the profiling data. The profiling is done
945 using lsprof.
945 using lsprof.
946
946
947 ``format``
947 ``format``
948 Profiling format.
948 Profiling format.
949 Default: text.
949 Default: text.
950
950
951 ``text``
951 ``text``
952 Generate a profiling report. When saving to a file, it should be
952 Generate a profiling report. When saving to a file, it should be
953 noted that only the report is saved, and the profiling data is
953 noted that only the report is saved, and the profiling data is
954 not kept.
954 not kept.
955 ``kcachegrind``
955 ``kcachegrind``
956 Format profiling data for kcachegrind use: when saving to a
956 Format profiling data for kcachegrind use: when saving to a
957 file, the generated file can directly be loaded into
957 file, the generated file can directly be loaded into
958 kcachegrind.
958 kcachegrind.
959
959
960 ``output``
960 ``output``
961 File path where profiling data or report should be saved. If the
961 File path where profiling data or report should be saved. If the
962 file exists, it is replaced. Default: None, data is printed on
962 file exists, it is replaced. Default: None, data is printed on
963 stderr
963 stderr
964
964
965 ``revsetalias``
965 ``revsetalias``
966 """""""""""""""
966 """""""""""""""
967
967
968 Alias definitions for revsets. See :hg:`help revsets` for details.
968 Alias definitions for revsets. See :hg:`help revsets` for details.
969
969
970 ``server``
970 ``server``
971 """"""""""
971 """"""""""
972
972
973 Controls generic server settings.
973 Controls generic server settings.
974
974
975 ``uncompressed``
975 ``uncompressed``
976 Whether to allow clients to clone a repository using the
976 Whether to allow clients to clone a repository using the
977 uncompressed streaming protocol. This transfers about 40% more
977 uncompressed streaming protocol. This transfers about 40% more
978 data than a regular clone, but uses less memory and CPU on both
978 data than a regular clone, but uses less memory and CPU on both
979 server and client. Over a LAN (100 Mbps or better) or a very fast
979 server and client. Over a LAN (100 Mbps or better) or a very fast
980 WAN, an uncompressed streaming clone is a lot faster (~10x) than a
980 WAN, an uncompressed streaming clone is a lot faster (~10x) than a
981 regular clone. Over most WAN connections (anything slower than
981 regular clone. Over most WAN connections (anything slower than
982 about 6 Mbps), uncompressed streaming is slower, because of the
982 about 6 Mbps), uncompressed streaming is slower, because of the
983 extra data transfer overhead. This mode will also temporarily hold
983 extra data transfer overhead. This mode will also temporarily hold
984 the write lock while determining what data to transfer.
984 the write lock while determining what data to transfer.
985 Default is True.
985 Default is True.
986
986
987 ``preferuncompressed``
987 ``preferuncompressed``
988 When set, clients will try to use the uncompressed streaming
988 When set, clients will try to use the uncompressed streaming
989 protocol. Default is False.
989 protocol. Default is False.
990
990
991 ``validate``
991 ``validate``
992 Whether to validate the completeness of pushed changesets by
992 Whether to validate the completeness of pushed changesets by
993 checking that all new file revisions specified in manifests are
993 checking that all new file revisions specified in manifests are
994 present. Default is False.
994 present. Default is False.
995
995
996 ``smtp``
996 ``smtp``
997 """"""""
997 """"""""
998
998
999 Configuration for extensions that need to send email messages.
999 Configuration for extensions that need to send email messages.
1000
1000
1001 ``host``
1001 ``host``
1002 Host name of mail server, e.g. "mail.example.com".
1002 Host name of mail server, e.g. "mail.example.com".
1003
1003
1004 ``port``
1004 ``port``
1005 Optional. Port to connect to on mail server. Default: 25.
1005 Optional. Port to connect to on mail server. Default: 25.
1006
1006
1007 ``tls``
1007 ``tls``
1008 Optional. Method to enable TLS when connecting to mail server: starttls,
1008 Optional. Method to enable TLS when connecting to mail server: starttls,
1009 smtps or none. Default: none.
1009 smtps or none. Default: none.
1010
1010
1011 ``username``
1011 ``username``
1012 Optional. User name for authenticating with the SMTP server.
1012 Optional. User name for authenticating with the SMTP server.
1013 Default: none.
1013 Default: none.
1014
1014
1015 ``password``
1015 ``password``
1016 Optional. Password for authenticating with the SMTP server. If not
1016 Optional. Password for authenticating with the SMTP server. If not
1017 specified, interactive sessions will prompt the user for a
1017 specified, interactive sessions will prompt the user for a
1018 password; non-interactive sessions will fail. Default: none.
1018 password; non-interactive sessions will fail. Default: none.
1019
1019
1020 ``local_hostname``
1020 ``local_hostname``
1021 Optional. It's the hostname that the sender can use to identify
1021 Optional. It's the hostname that the sender can use to identify
1022 itself to the MTA.
1022 itself to the MTA.
1023
1023
1024
1024
1025 ``subpaths``
1025 ``subpaths``
1026 """"""""""""
1026 """"""""""""
1027
1027
1028 Defines subrepositories source locations rewriting rules of the form::
1028 Defines subrepositories source locations rewriting rules of the form::
1029
1029
1030 <pattern> = <replacement>
1030 <pattern> = <replacement>
1031
1031
1032 Where ``pattern`` is a regular expression matching the source and
1032 Where ``pattern`` is a regular expression matching the source and
1033 ``replacement`` is the replacement string used to rewrite it. Groups
1033 ``replacement`` is the replacement string used to rewrite it. Groups
1034 can be matched in ``pattern`` and referenced in ``replacements``. For
1034 can be matched in ``pattern`` and referenced in ``replacements``. For
1035 instance::
1035 instance::
1036
1036
1037 http://server/(.*)-hg/ = http://hg.server/\1/
1037 http://server/(.*)-hg/ = http://hg.server/\1/
1038
1038
1039 rewrites ``http://server/foo-hg/`` into ``http://hg.server/foo/``.
1039 rewrites ``http://server/foo-hg/`` into ``http://hg.server/foo/``.
1040
1040
1041 All patterns are applied in definition order.
1041 All patterns are applied in definition order.
1042
1042
1043 ``trusted``
1043 ``trusted``
1044 """""""""""
1044 """""""""""
1045
1045
1046 Mercurial will not use the settings in the
1046 Mercurial will not use the settings in the
1047 ``.hg/hgrc`` file from a repository if it doesn't belong to a trusted
1047 ``.hg/hgrc`` file from a repository if it doesn't belong to a trusted
1048 user or to a trusted group, as various hgrc features allow arbitrary
1048 user or to a trusted group, as various hgrc features allow arbitrary
1049 commands to be run. This issue is often encountered when configuring
1049 commands to be run. This issue is often encountered when configuring
1050 hooks or extensions for shared repositories or servers. However,
1050 hooks or extensions for shared repositories or servers. However,
1051 the web interface will use some safe settings from the ``[web]``
1051 the web interface will use some safe settings from the ``[web]``
1052 section.
1052 section.
1053
1053
1054 This section specifies what users and groups are trusted. The
1054 This section specifies what users and groups are trusted. The
1055 current user is always trusted. To trust everybody, list a user or a
1055 current user is always trusted. To trust everybody, list a user or a
1056 group with name ``*``. These settings must be placed in an
1056 group with name ``*``. These settings must be placed in an
1057 *already-trusted file* to take effect, such as ``$HOME/.hgrc`` of the
1057 *already-trusted file* to take effect, such as ``$HOME/.hgrc`` of the
1058 user or service running Mercurial.
1058 user or service running Mercurial.
1059
1059
1060 ``users``
1060 ``users``
1061 Comma-separated list of trusted users.
1061 Comma-separated list of trusted users.
1062
1062
1063 ``groups``
1063 ``groups``
1064 Comma-separated list of trusted groups.
1064 Comma-separated list of trusted groups.
1065
1065
1066
1066
1067 ``ui``
1067 ``ui``
1068 """"""
1068 """"""
1069
1069
1070 User interface controls.
1070 User interface controls.
1071
1071
1072 ``archivemeta``
1072 ``archivemeta``
1073 Whether to include the .hg_archival.txt file containing meta data
1073 Whether to include the .hg_archival.txt file containing meta data
1074 (hashes for the repository base and for tip) in archives created
1074 (hashes for the repository base and for tip) in archives created
1075 by the :hg:`archive` command or downloaded via hgweb.
1075 by the :hg:`archive` command or downloaded via hgweb.
1076 Default is True.
1076 Default is True.
1077
1077
1078 ``askusername``
1078 ``askusername``
1079 Whether to prompt for a username when committing. If True, and
1079 Whether to prompt for a username when committing. If True, and
1080 neither ``$HGUSER`` nor ``$EMAIL`` has been specified, then the user will
1080 neither ``$HGUSER`` nor ``$EMAIL`` has been specified, then the user will
1081 be prompted to enter a username. If no username is entered, the
1081 be prompted to enter a username. If no username is entered, the
1082 default ``USER@HOST`` is used instead.
1082 default ``USER@HOST`` is used instead.
1083 Default is False.
1083 Default is False.
1084
1084
1085 ``commitsubrepos``
1085 ``commitsubrepos``
1086 Whether to commit modified subrepositories when committing the
1086 Whether to commit modified subrepositories when committing the
1087 parent repository. If False and one subrepository has uncommitted
1087 parent repository. If False and one subrepository has uncommitted
1088 changes, abort the commit.
1088 changes, abort the commit.
1089 Default is False.
1089 Default is False.
1090
1090
1091 ``debug``
1091 ``debug``
1092 Print debugging information. True or False. Default is False.
1092 Print debugging information. True or False. Default is False.
1093
1093
1094 ``editor``
1094 ``editor``
1095 The editor to use during a commit. Default is ``$EDITOR`` or ``vi``.
1095 The editor to use during a commit. Default is ``$EDITOR`` or ``vi``.
1096
1096
1097 ``fallbackencoding``
1097 ``fallbackencoding``
1098 Encoding to try if it's not possible to decode the changelog using
1098 Encoding to try if it's not possible to decode the changelog using
1099 UTF-8. Default is ISO-8859-1.
1099 UTF-8. Default is ISO-8859-1.
1100
1100
1101 ``ignore``
1101 ``ignore``
1102 A file to read per-user ignore patterns from. This file should be
1102 A file to read per-user ignore patterns from. This file should be
1103 in the same format as a repository-wide .hgignore file. This
1103 in the same format as a repository-wide .hgignore file. This
1104 option supports hook syntax, so if you want to specify multiple
1104 option supports hook syntax, so if you want to specify multiple
1105 ignore files, you can do so by setting something like
1105 ignore files, you can do so by setting something like
1106 ``ignore.other = ~/.hgignore2``. For details of the ignore file
1106 ``ignore.other = ~/.hgignore2``. For details of the ignore file
1107 format, see the ``hgignore(5)`` man page.
1107 format, see the ``hgignore(5)`` man page.
1108
1108
1109 ``interactive``
1109 ``interactive``
1110 Allow to prompt the user. True or False. Default is True.
1110 Allow to prompt the user. True or False. Default is True.
1111
1111
1112 ``logtemplate``
1112 ``logtemplate``
1113 Template string for commands that print changesets.
1113 Template string for commands that print changesets.
1114
1114
1115 ``merge``
1115 ``merge``
1116 The conflict resolution program to use during a manual merge.
1116 The conflict resolution program to use during a manual merge.
1117 For more information on merge tools see :hg:`help merge-tools`.
1117 For more information on merge tools see :hg:`help merge-tools`.
1118 For configuring merge tools see the ``[merge-tools]`` section.
1118 For configuring merge tools see the ``[merge-tools]`` section.
1119
1119
1120 ``portablefilenames``
1120 ``portablefilenames``
1121 Check for portable filenames. Can be ``warn``, ``ignore`` or ``abort``.
1121 Check for portable filenames. Can be ``warn``, ``ignore`` or ``abort``.
1122 Default is ``warn``.
1122 Default is ``warn``.
1123 If set to ``warn`` (or ``true``), a warning message is printed on POSIX
1123 If set to ``warn`` (or ``true``), a warning message is printed on POSIX
1124 platforms, if a file with a non-portable filename is added (e.g. a file
1124 platforms, if a file with a non-portable filename is added (e.g. a file
1125 with a name that can't be created on Windows because it contains reserved
1125 with a name that can't be created on Windows because it contains reserved
1126 parts like ``AUX``, reserved characters like ``:``, or would cause a case
1126 parts like ``AUX``, reserved characters like ``:``, or would cause a case
1127 collision with an existing file).
1127 collision with an existing file).
1128 If set to ``ignore`` (or ``false``), no warning is printed.
1128 If set to ``ignore`` (or ``false``), no warning is printed.
1129 If set to ``abort``, the command is aborted.
1129 If set to ``abort``, the command is aborted.
1130 On Windows, this configuration option is ignored and the command aborted.
1130 On Windows, this configuration option is ignored and the command aborted.
1131
1131
1132 ``quiet``
1132 ``quiet``
1133 Reduce the amount of output printed. True or False. Default is False.
1133 Reduce the amount of output printed. True or False. Default is False.
1134
1134
1135 ``remotecmd``
1135 ``remotecmd``
1136 remote command to use for clone/push/pull operations. Default is ``hg``.
1136 remote command to use for clone/push/pull operations. Default is ``hg``.
1137
1137
1138 ``reportoldssl``
1139 Warn if an SSL certificate is unable to be due to using Python
1140 2.5 or earlier. True or False. Default is True.
1141
1138 ``report_untrusted``
1142 ``report_untrusted``
1139 Warn if a ``.hg/hgrc`` file is ignored due to not being owned by a
1143 Warn if a ``.hg/hgrc`` file is ignored due to not being owned by a
1140 trusted user or group. True or False. Default is True.
1144 trusted user or group. True or False. Default is True.
1141
1145
1142 ``slash``
1146 ``slash``
1143 Display paths using a slash (``/``) as the path separator. This
1147 Display paths using a slash (``/``) as the path separator. This
1144 only makes a difference on systems where the default path
1148 only makes a difference on systems where the default path
1145 separator is not the slash character (e.g. Windows uses the
1149 separator is not the slash character (e.g. Windows uses the
1146 backslash character (``\``)).
1150 backslash character (``\``)).
1147 Default is False.
1151 Default is False.
1148
1152
1149 ``ssh``
1153 ``ssh``
1150 command to use for SSH connections. Default is ``ssh``.
1154 command to use for SSH connections. Default is ``ssh``.
1151
1155
1152 ``strict``
1156 ``strict``
1153 Require exact command names, instead of allowing unambiguous
1157 Require exact command names, instead of allowing unambiguous
1154 abbreviations. True or False. Default is False.
1158 abbreviations. True or False. Default is False.
1155
1159
1156 ``style``
1160 ``style``
1157 Name of style to use for command output.
1161 Name of style to use for command output.
1158
1162
1159 ``timeout``
1163 ``timeout``
1160 The timeout used when a lock is held (in seconds), a negative value
1164 The timeout used when a lock is held (in seconds), a negative value
1161 means no timeout. Default is 600.
1165 means no timeout. Default is 600.
1162
1166
1163 ``traceback``
1167 ``traceback``
1164 Mercurial always prints a traceback when an unknown exception
1168 Mercurial always prints a traceback when an unknown exception
1165 occurs. Setting this to True will make Mercurial print a traceback
1169 occurs. Setting this to True will make Mercurial print a traceback
1166 on all exceptions, even those recognized by Mercurial (such as
1170 on all exceptions, even those recognized by Mercurial (such as
1167 IOError or MemoryError). Default is False.
1171 IOError or MemoryError). Default is False.
1168
1172
1169 ``username``
1173 ``username``
1170 The committer of a changeset created when running "commit".
1174 The committer of a changeset created when running "commit".
1171 Typically a person's name and email address, e.g. ``Fred Widget
1175 Typically a person's name and email address, e.g. ``Fred Widget
1172 <fred@example.com>``. Default is ``$EMAIL`` or ``username@hostname``. If
1176 <fred@example.com>``. Default is ``$EMAIL`` or ``username@hostname``. If
1173 the username in hgrc is empty, it has to be specified manually or
1177 the username in hgrc is empty, it has to be specified manually or
1174 in a different hgrc file (e.g. ``$HOME/.hgrc``, if the admin set
1178 in a different hgrc file (e.g. ``$HOME/.hgrc``, if the admin set
1175 ``username =`` in the system hgrc). Environment variables in the
1179 ``username =`` in the system hgrc). Environment variables in the
1176 username are expanded.
1180 username are expanded.
1177
1181
1178 ``verbose``
1182 ``verbose``
1179 Increase the amount of output printed. True or False. Default is False.
1183 Increase the amount of output printed. True or False. Default is False.
1180
1184
1181
1185
1182 ``web``
1186 ``web``
1183 """""""
1187 """""""
1184
1188
1185 Web interface configuration. The settings in this section apply to
1189 Web interface configuration. The settings in this section apply to
1186 both the builtin webserver (started by :hg:`serve`) and the script you
1190 both the builtin webserver (started by :hg:`serve`) and the script you
1187 run through a webserver (``hgweb.cgi`` and the derivatives for FastCGI
1191 run through a webserver (``hgweb.cgi`` and the derivatives for FastCGI
1188 and WSGI).
1192 and WSGI).
1189
1193
1190 The Mercurial webserver does no authentication (it does not prompt for
1194 The Mercurial webserver does no authentication (it does not prompt for
1191 usernames and passwords to validate *who* users are), but it does do
1195 usernames and passwords to validate *who* users are), but it does do
1192 authorization (it grants or denies access for *authenticated users*
1196 authorization (it grants or denies access for *authenticated users*
1193 based on settings in this section). You must either configure your
1197 based on settings in this section). You must either configure your
1194 webserver to do authentication for you, or disable the authorization
1198 webserver to do authentication for you, or disable the authorization
1195 checks.
1199 checks.
1196
1200
1197 For a quick setup in a trusted environment, e.g., a private LAN, where
1201 For a quick setup in a trusted environment, e.g., a private LAN, where
1198 you want it to accept pushes from anybody, you can use the following
1202 you want it to accept pushes from anybody, you can use the following
1199 command line::
1203 command line::
1200
1204
1201 $ hg --config web.allow_push=* --config web.push_ssl=False serve
1205 $ hg --config web.allow_push=* --config web.push_ssl=False serve
1202
1206
1203 Note that this will allow anybody to push anything to the server and
1207 Note that this will allow anybody to push anything to the server and
1204 that this should not be used for public servers.
1208 that this should not be used for public servers.
1205
1209
1206 The full set of options is:
1210 The full set of options is:
1207
1211
1208 ``accesslog``
1212 ``accesslog``
1209 Where to output the access log. Default is stdout.
1213 Where to output the access log. Default is stdout.
1210
1214
1211 ``address``
1215 ``address``
1212 Interface address to bind to. Default is all.
1216 Interface address to bind to. Default is all.
1213
1217
1214 ``allow_archive``
1218 ``allow_archive``
1215 List of archive format (bz2, gz, zip) allowed for downloading.
1219 List of archive format (bz2, gz, zip) allowed for downloading.
1216 Default is empty.
1220 Default is empty.
1217
1221
1218 ``allowbz2``
1222 ``allowbz2``
1219 (DEPRECATED) Whether to allow .tar.bz2 downloading of repository
1223 (DEPRECATED) Whether to allow .tar.bz2 downloading of repository
1220 revisions.
1224 revisions.
1221 Default is False.
1225 Default is False.
1222
1226
1223 ``allowgz``
1227 ``allowgz``
1224 (DEPRECATED) Whether to allow .tar.gz downloading of repository
1228 (DEPRECATED) Whether to allow .tar.gz downloading of repository
1225 revisions.
1229 revisions.
1226 Default is False.
1230 Default is False.
1227
1231
1228 ``allowpull``
1232 ``allowpull``
1229 Whether to allow pulling from the repository. Default is True.
1233 Whether to allow pulling from the repository. Default is True.
1230
1234
1231 ``allow_push``
1235 ``allow_push``
1232 Whether to allow pushing to the repository. If empty or not set,
1236 Whether to allow pushing to the repository. If empty or not set,
1233 push is not allowed. If the special value ``*``, any remote user can
1237 push is not allowed. If the special value ``*``, any remote user can
1234 push, including unauthenticated users. Otherwise, the remote user
1238 push, including unauthenticated users. Otherwise, the remote user
1235 must have been authenticated, and the authenticated user name must
1239 must have been authenticated, and the authenticated user name must
1236 be present in this list. The contents of the allow_push list are
1240 be present in this list. The contents of the allow_push list are
1237 examined after the deny_push list.
1241 examined after the deny_push list.
1238
1242
1239 ``guessmime``
1243 ``guessmime``
1240 Control MIME types for raw download of file content.
1244 Control MIME types for raw download of file content.
1241 Set to True to let hgweb guess the content type from the file
1245 Set to True to let hgweb guess the content type from the file
1242 extension. This will serve HTML files as ``text/html`` and might
1246 extension. This will serve HTML files as ``text/html`` and might
1243 allow cross-site scripting attacks when serving untrusted
1247 allow cross-site scripting attacks when serving untrusted
1244 repositories. Default is False.
1248 repositories. Default is False.
1245
1249
1246 ``allow_read``
1250 ``allow_read``
1247 If the user has not already been denied repository access due to
1251 If the user has not already been denied repository access due to
1248 the contents of deny_read, this list determines whether to grant
1252 the contents of deny_read, this list determines whether to grant
1249 repository access to the user. If this list is not empty, and the
1253 repository access to the user. If this list is not empty, and the
1250 user is unauthenticated or not present in the list, then access is
1254 user is unauthenticated or not present in the list, then access is
1251 denied for the user. If the list is empty or not set, then access
1255 denied for the user. If the list is empty or not set, then access
1252 is permitted to all users by default. Setting allow_read to the
1256 is permitted to all users by default. Setting allow_read to the
1253 special value ``*`` is equivalent to it not being set (i.e. access
1257 special value ``*`` is equivalent to it not being set (i.e. access
1254 is permitted to all users). The contents of the allow_read list are
1258 is permitted to all users). The contents of the allow_read list are
1255 examined after the deny_read list.
1259 examined after the deny_read list.
1256
1260
1257 ``allowzip``
1261 ``allowzip``
1258 (DEPRECATED) Whether to allow .zip downloading of repository
1262 (DEPRECATED) Whether to allow .zip downloading of repository
1259 revisions. Default is False. This feature creates temporary files.
1263 revisions. Default is False. This feature creates temporary files.
1260
1264
1261 ``baseurl``
1265 ``baseurl``
1262 Base URL to use when publishing URLs in other locations, so
1266 Base URL to use when publishing URLs in other locations, so
1263 third-party tools like email notification hooks can construct
1267 third-party tools like email notification hooks can construct
1264 URLs. Example: ``http://hgserver/repos/``.
1268 URLs. Example: ``http://hgserver/repos/``.
1265
1269
1266 ``cacerts``
1270 ``cacerts``
1267 Path to file containing a list of PEM encoded certificate
1271 Path to file containing a list of PEM encoded certificate
1268 authority certificates. Environment variables and ``~user``
1272 authority certificates. Environment variables and ``~user``
1269 constructs are expanded in the filename. If specified on the
1273 constructs are expanded in the filename. If specified on the
1270 client, then it will verify the identity of remote HTTPS servers
1274 client, then it will verify the identity of remote HTTPS servers
1271 with these certificates. The form must be as follows::
1275 with these certificates. The form must be as follows::
1272
1276
1273 -----BEGIN CERTIFICATE-----
1277 -----BEGIN CERTIFICATE-----
1274 ... (certificate in base64 PEM encoding) ...
1278 ... (certificate in base64 PEM encoding) ...
1275 -----END CERTIFICATE-----
1279 -----END CERTIFICATE-----
1276 -----BEGIN CERTIFICATE-----
1280 -----BEGIN CERTIFICATE-----
1277 ... (certificate in base64 PEM encoding) ...
1281 ... (certificate in base64 PEM encoding) ...
1278 -----END CERTIFICATE-----
1282 -----END CERTIFICATE-----
1279
1283
1280 This feature is only supported when using Python 2.6 or later. If you wish
1284 This feature is only supported when using Python 2.6 or later. If you wish
1281 to use it with earlier versions of Python, install the backported
1285 to use it with earlier versions of Python, install the backported
1282 version of the ssl library that is available from
1286 version of the ssl library that is available from
1283 ``http://pypi.python.org``.
1287 ``http://pypi.python.org``.
1284
1288
1285 You can use OpenSSL's CA certificate file if your platform has one.
1289 You can use OpenSSL's CA certificate file if your platform has one.
1286 On most Linux systems this will be ``/etc/ssl/certs/ca-certificates.crt``.
1290 On most Linux systems this will be ``/etc/ssl/certs/ca-certificates.crt``.
1287 Otherwise you will have to generate this file manually.
1291 Otherwise you will have to generate this file manually.
1288
1292
1289 To disable SSL verification temporarily, specify ``--insecure`` from
1293 To disable SSL verification temporarily, specify ``--insecure`` from
1290 command line.
1294 command line.
1291
1295
1292 ``cache``
1296 ``cache``
1293 Whether to support caching in hgweb. Defaults to True.
1297 Whether to support caching in hgweb. Defaults to True.
1294
1298
1295 ``contact``
1299 ``contact``
1296 Name or email address of the person in charge of the repository.
1300 Name or email address of the person in charge of the repository.
1297 Defaults to ui.username or ``$EMAIL`` or "unknown" if unset or empty.
1301 Defaults to ui.username or ``$EMAIL`` or "unknown" if unset or empty.
1298
1302
1299 ``deny_push``
1303 ``deny_push``
1300 Whether to deny pushing to the repository. If empty or not set,
1304 Whether to deny pushing to the repository. If empty or not set,
1301 push is not denied. If the special value ``*``, all remote users are
1305 push is not denied. If the special value ``*``, all remote users are
1302 denied push. Otherwise, unauthenticated users are all denied, and
1306 denied push. Otherwise, unauthenticated users are all denied, and
1303 any authenticated user name present in this list is also denied. The
1307 any authenticated user name present in this list is also denied. The
1304 contents of the deny_push list are examined before the allow_push list.
1308 contents of the deny_push list are examined before the allow_push list.
1305
1309
1306 ``deny_read``
1310 ``deny_read``
1307 Whether to deny reading/viewing of the repository. If this list is
1311 Whether to deny reading/viewing of the repository. If this list is
1308 not empty, unauthenticated users are all denied, and any
1312 not empty, unauthenticated users are all denied, and any
1309 authenticated user name present in this list is also denied access to
1313 authenticated user name present in this list is also denied access to
1310 the repository. If set to the special value ``*``, all remote users
1314 the repository. If set to the special value ``*``, all remote users
1311 are denied access (rarely needed ;). If deny_read is empty or not set,
1315 are denied access (rarely needed ;). If deny_read is empty or not set,
1312 the determination of repository access depends on the presence and
1316 the determination of repository access depends on the presence and
1313 content of the allow_read list (see description). If both
1317 content of the allow_read list (see description). If both
1314 deny_read and allow_read are empty or not set, then access is
1318 deny_read and allow_read are empty or not set, then access is
1315 permitted to all users by default. If the repository is being
1319 permitted to all users by default. If the repository is being
1316 served via hgwebdir, denied users will not be able to see it in
1320 served via hgwebdir, denied users will not be able to see it in
1317 the list of repositories. The contents of the deny_read list have
1321 the list of repositories. The contents of the deny_read list have
1318 priority over (are examined before) the contents of the allow_read
1322 priority over (are examined before) the contents of the allow_read
1319 list.
1323 list.
1320
1324
1321 ``descend``
1325 ``descend``
1322 hgwebdir indexes will not descend into subdirectories. Only repositories
1326 hgwebdir indexes will not descend into subdirectories. Only repositories
1323 directly in the current path will be shown (other repositories are still
1327 directly in the current path will be shown (other repositories are still
1324 available from the index corresponding to their containing path).
1328 available from the index corresponding to their containing path).
1325
1329
1326 ``description``
1330 ``description``
1327 Textual description of the repository's purpose or contents.
1331 Textual description of the repository's purpose or contents.
1328 Default is "unknown".
1332 Default is "unknown".
1329
1333
1330 ``encoding``
1334 ``encoding``
1331 Character encoding name. Default is the current locale charset.
1335 Character encoding name. Default is the current locale charset.
1332 Example: "UTF-8"
1336 Example: "UTF-8"
1333
1337
1334 ``errorlog``
1338 ``errorlog``
1335 Where to output the error log. Default is stderr.
1339 Where to output the error log. Default is stderr.
1336
1340
1337 ``hidden``
1341 ``hidden``
1338 Whether to hide the repository in the hgwebdir index.
1342 Whether to hide the repository in the hgwebdir index.
1339 Default is False.
1343 Default is False.
1340
1344
1341 ``ipv6``
1345 ``ipv6``
1342 Whether to use IPv6. Default is False.
1346 Whether to use IPv6. Default is False.
1343
1347
1344 ``logoimg``
1348 ``logoimg``
1345 File name of the logo image that some templates display on each page.
1349 File name of the logo image that some templates display on each page.
1346 The file name is relative to ``staticurl``. That is, the full path to
1350 The file name is relative to ``staticurl``. That is, the full path to
1347 the logo image is "staticurl/logoimg".
1351 the logo image is "staticurl/logoimg".
1348 If unset, ``hglogo.png`` will be used.
1352 If unset, ``hglogo.png`` will be used.
1349
1353
1350 ``logourl``
1354 ``logourl``
1351 Base URL to use for logos. If unset, ``http://mercurial.selenic.com/``
1355 Base URL to use for logos. If unset, ``http://mercurial.selenic.com/``
1352 will be used.
1356 will be used.
1353
1357
1354 ``name``
1358 ``name``
1355 Repository name to use in the web interface. Default is current
1359 Repository name to use in the web interface. Default is current
1356 working directory.
1360 working directory.
1357
1361
1358 ``maxchanges``
1362 ``maxchanges``
1359 Maximum number of changes to list on the changelog. Default is 10.
1363 Maximum number of changes to list on the changelog. Default is 10.
1360
1364
1361 ``maxfiles``
1365 ``maxfiles``
1362 Maximum number of files to list per changeset. Default is 10.
1366 Maximum number of files to list per changeset. Default is 10.
1363
1367
1364 ``port``
1368 ``port``
1365 Port to listen on. Default is 8000.
1369 Port to listen on. Default is 8000.
1366
1370
1367 ``prefix``
1371 ``prefix``
1368 Prefix path to serve from. Default is '' (server root).
1372 Prefix path to serve from. Default is '' (server root).
1369
1373
1370 ``push_ssl``
1374 ``push_ssl``
1371 Whether to require that inbound pushes be transported over SSL to
1375 Whether to require that inbound pushes be transported over SSL to
1372 prevent password sniffing. Default is True.
1376 prevent password sniffing. Default is True.
1373
1377
1374 ``staticurl``
1378 ``staticurl``
1375 Base URL to use for static files. If unset, static files (e.g. the
1379 Base URL to use for static files. If unset, static files (e.g. the
1376 hgicon.png favicon) will be served by the CGI script itself. Use
1380 hgicon.png favicon) will be served by the CGI script itself. Use
1377 this setting to serve them directly with the HTTP server.
1381 this setting to serve them directly with the HTTP server.
1378 Example: ``http://hgserver/static/``.
1382 Example: ``http://hgserver/static/``.
1379
1383
1380 ``stripes``
1384 ``stripes``
1381 How many lines a "zebra stripe" should span in multiline output.
1385 How many lines a "zebra stripe" should span in multiline output.
1382 Default is 1; set to 0 to disable.
1386 Default is 1; set to 0 to disable.
1383
1387
1384 ``style``
1388 ``style``
1385 Which template map style to use.
1389 Which template map style to use.
1386
1390
1387 ``templates``
1391 ``templates``
1388 Where to find the HTML templates. Default is install path.
1392 Where to find the HTML templates. Default is install path.
Show file before | Show file after | Hide comments
@@ -1,142 +1,143
1 # sslutil.py - SSL handling for mercurial
1 # sslutil.py - SSL handling for mercurial
2 #
2 #
3 # Copyright 2005, 2006, 2007, 2008 Matt Mackall <mpm@selenic.com>
3 # Copyright 2005, 2006, 2007, 2008 Matt Mackall <mpm@selenic.com>
4 # Copyright 2006, 2007 Alexis S. L. Carvalho <alexis@cecm.usp.br>
4 # Copyright 2006, 2007 Alexis S. L. Carvalho <alexis@cecm.usp.br>
5 # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
5 # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
6 #
6 #
7 # This software may be used and distributed according to the terms of the
7 # This software may be used and distributed according to the terms of the
8 # GNU General Public License version 2 or any later version.
8 # GNU General Public License version 2 or any later version.
9 import os
9 import os
10
10
11 from mercurial import util
11 from mercurial import util
12 from mercurial.i18n import _
12 from mercurial.i18n import _
13 try:
13 try:
14 # avoid using deprecated/broken FakeSocket in python 2.6
14 # avoid using deprecated/broken FakeSocket in python 2.6
15 import ssl
15 import ssl
16 CERT_REQUIRED = ssl.CERT_REQUIRED
16 CERT_REQUIRED = ssl.CERT_REQUIRED
17 def ssl_wrap_socket(sock, keyfile, certfile,
17 def ssl_wrap_socket(sock, keyfile, certfile,
18 cert_reqs=ssl.CERT_NONE, ca_certs=None):
18 cert_reqs=ssl.CERT_NONE, ca_certs=None):
19 sslsocket = ssl.wrap_socket(sock, keyfile, certfile,
19 sslsocket = ssl.wrap_socket(sock, keyfile, certfile,
20 cert_reqs=cert_reqs, ca_certs=ca_certs)
20 cert_reqs=cert_reqs, ca_certs=ca_certs)
21 # check if wrap_socket failed silently because socket had been closed
21 # check if wrap_socket failed silently because socket had been closed
22 # - see http://bugs.python.org/issue13721
22 # - see http://bugs.python.org/issue13721
23 if not sslsocket.cipher():
23 if not sslsocket.cipher():
24 raise util.Abort(_('ssl connection failed'))
24 raise util.Abort(_('ssl connection failed'))
25 return sslsocket
25 return sslsocket
26 except ImportError:
26 except ImportError:
27 CERT_REQUIRED = 2
27 CERT_REQUIRED = 2
28
28
29 import socket, httplib
29 import socket, httplib
30
30
31 def ssl_wrap_socket(sock, key_file, cert_file,
31 def ssl_wrap_socket(sock, key_file, cert_file,
32 cert_reqs=CERT_REQUIRED, ca_certs=None):
32 cert_reqs=CERT_REQUIRED, ca_certs=None):
33 if not util.safehasattr(socket, 'ssl'):
33 if not util.safehasattr(socket, 'ssl'):
34 raise util.Abort(_('Python SSL support not found'))
34 raise util.Abort(_('Python SSL support not found'))
35 if ca_certs:
35 if ca_certs:
36 raise util.Abort(_(
36 raise util.Abort(_(
37 'certificate checking requires Python 2.6'))
37 'certificate checking requires Python 2.6'))
38
38
39 ssl = socket.ssl(sock, key_file, cert_file)
39 ssl = socket.ssl(sock, key_file, cert_file)
40 return httplib.FakeSocket(sock, ssl)
40 return httplib.FakeSocket(sock, ssl)
41
41
42 def _verifycert(cert, hostname):
42 def _verifycert(cert, hostname):
43 '''Verify that cert (in socket.getpeercert() format) matches hostname.
43 '''Verify that cert (in socket.getpeercert() format) matches hostname.
44 CRLs is not handled.
44 CRLs is not handled.
45
45
46 Returns error message if any problems are found and None on success.
46 Returns error message if any problems are found and None on success.
47 '''
47 '''
48 if not cert:
48 if not cert:
49 return _('no certificate received')
49 return _('no certificate received')
50 dnsname = hostname.lower()
50 dnsname = hostname.lower()
51 def matchdnsname(certname):
51 def matchdnsname(certname):
52 return (certname == dnsname or
52 return (certname == dnsname or
53 '.' in dnsname and certname == '*.' + dnsname.split('.', 1)[1])
53 '.' in dnsname and certname == '*.' + dnsname.split('.', 1)[1])
54
54
55 san = cert.get('subjectAltName', [])
55 san = cert.get('subjectAltName', [])
56 if san:
56 if san:
57 certnames = [value.lower() for key, value in san if key == 'DNS']
57 certnames = [value.lower() for key, value in san if key == 'DNS']
58 for name in certnames:
58 for name in certnames:
59 if matchdnsname(name):
59 if matchdnsname(name):
60 return None
60 return None
61 if certnames:
61 if certnames:
62 return _('certificate is for %s') % ', '.join(certnames)
62 return _('certificate is for %s') % ', '.join(certnames)
63
63
64 # subject is only checked when subjectAltName is empty
64 # subject is only checked when subjectAltName is empty
65 for s in cert.get('subject', []):
65 for s in cert.get('subject', []):
66 key, value = s[0]
66 key, value = s[0]
67 if key == 'commonName':
67 if key == 'commonName':
68 try:
68 try:
69 # 'subject' entries are unicode
69 # 'subject' entries are unicode
70 certname = value.lower().encode('ascii')
70 certname = value.lower().encode('ascii')
71 except UnicodeEncodeError:
71 except UnicodeEncodeError:
72 return _('IDN in certificate not supported')
72 return _('IDN in certificate not supported')
73 if matchdnsname(certname):
73 if matchdnsname(certname):
74 return None
74 return None
75 return _('certificate is for %s') % certname
75 return _('certificate is for %s') % certname
76 return _('no commonName or subjectAltName found in certificate')
76 return _('no commonName or subjectAltName found in certificate')
77
77
78
78
79 # CERT_REQUIRED means fetch the cert from the server all the time AND
79 # CERT_REQUIRED means fetch the cert from the server all the time AND
80 # validate it against the CA store provided in web.cacerts.
80 # validate it against the CA store provided in web.cacerts.
81 #
81 #
82 # We COMPLETELY ignore CERT_REQUIRED on Python <= 2.5, as it's totally
82 # We COMPLETELY ignore CERT_REQUIRED on Python <= 2.5, as it's totally
83 # busted on those versions.
83 # busted on those versions.
84
84
85 def sslkwargs(ui, host):
85 def sslkwargs(ui, host):
86 cacerts = ui.config('web', 'cacerts')
86 cacerts = ui.config('web', 'cacerts')
87 hostfingerprint = ui.config('hostfingerprints', host)
87 hostfingerprint = ui.config('hostfingerprints', host)
88 if cacerts and not hostfingerprint:
88 if cacerts and not hostfingerprint:
89 cacerts = util.expandpath(cacerts)
89 cacerts = util.expandpath(cacerts)
90 if not os.path.exists(cacerts):
90 if not os.path.exists(cacerts):
91 raise util.Abort(_('could not find web.cacerts: %s') % cacerts)
91 raise util.Abort(_('could not find web.cacerts: %s') % cacerts)
92 return {'ca_certs': cacerts,
92 return {'ca_certs': cacerts,
93 'cert_reqs': CERT_REQUIRED,
93 'cert_reqs': CERT_REQUIRED,
94 }
94 }
95 return {}
95 return {}
96
96
97 class validator(object):
97 class validator(object):
98 def __init__(self, ui, host):
98 def __init__(self, ui, host):
99 self.ui = ui
99 self.ui = ui
100 self.host = host
100 self.host = host
101
101
102 def __call__(self, sock):
102 def __call__(self, sock):
103 host = self.host
103 host = self.host
104 cacerts = self.ui.config('web', 'cacerts')
104 cacerts = self.ui.config('web', 'cacerts')
105 hostfingerprint = self.ui.config('hostfingerprints', host)
105 hostfingerprint = self.ui.config('hostfingerprints', host)
106 if not getattr(sock, 'getpeercert', False): # python 2.5 ?
106 if not getattr(sock, 'getpeercert', False): # python 2.5 ?
107 if hostfingerprint:
107 if hostfingerprint:
108 raise util.Abort(_("host fingerprint for %s can't be "
108 raise util.Abort(_("host fingerprint for %s can't be "
109 "verified (Python too old)") % host)
109 "verified (Python too old)") % host)
110 self.ui.warn(_("warning: certificate for %s can't be verified "
110 if self.ui.configbool('ui', 'reportoldssl', True):
111 "(Python too old)\n") % host)
111 self.ui.warn(_("warning: certificate for %s can't be verified "
112 "(Python too old)\n") % host)
112 return
113 return
113 if not sock.cipher(): # work around http://bugs.python.org/issue13721
114 if not sock.cipher(): # work around http://bugs.python.org/issue13721
114 raise util.Abort(_('%s ssl connection error') % host)
115 raise util.Abort(_('%s ssl connection error') % host)
115 peercert = sock.getpeercert(True)
116 peercert = sock.getpeercert(True)
116 if not peercert:
117 if not peercert:
117 raise util.Abort(_('%s certificate error: '
118 raise util.Abort(_('%s certificate error: '
118 'no certificate received') % host)
119 'no certificate received') % host)
119 peerfingerprint = util.sha1(peercert).hexdigest()
120 peerfingerprint = util.sha1(peercert).hexdigest()
120 nicefingerprint = ":".join([peerfingerprint[x:x + 2]
121 nicefingerprint = ":".join([peerfingerprint[x:x + 2]
121 for x in xrange(0, len(peerfingerprint), 2)])
122 for x in xrange(0, len(peerfingerprint), 2)])
122 if hostfingerprint:
123 if hostfingerprint:
123 if peerfingerprint.lower() != \
124 if peerfingerprint.lower() != \
124 hostfingerprint.replace(':', '').lower():
125 hostfingerprint.replace(':', '').lower():
125 raise util.Abort(_('certificate for %s has unexpected '
126 raise util.Abort(_('certificate for %s has unexpected '
126 'fingerprint %s') % (host, nicefingerprint),
127 'fingerprint %s') % (host, nicefingerprint),
127 hint=_('check hostfingerprint configuration'))
128 hint=_('check hostfingerprint configuration'))
128 self.ui.debug('%s certificate matched fingerprint %s\n' %
129 self.ui.debug('%s certificate matched fingerprint %s\n' %
129 (host, nicefingerprint))
130 (host, nicefingerprint))
130 elif cacerts:
131 elif cacerts:
131 msg = _verifycert(sock.getpeercert(), host)
132 msg = _verifycert(sock.getpeercert(), host)
132 if msg:
133 if msg:
133 raise util.Abort(_('%s certificate error: %s') % (host, msg),
134 raise util.Abort(_('%s certificate error: %s') % (host, msg),
134 hint=_('configure hostfingerprint %s or use '
135 hint=_('configure hostfingerprint %s or use '
135 '--insecure to connect insecurely') %
136 '--insecure to connect insecurely') %
136 nicefingerprint)
137 nicefingerprint)
137 self.ui.debug('%s certificate successfully verified\n' % host)
138 self.ui.debug('%s certificate successfully verified\n' % host)
138 else:
139 else:
139 self.ui.warn(_('warning: %s certificate with fingerprint %s not '
140 self.ui.warn(_('warning: %s certificate with fingerprint %s not '
140 'verified (check hostfingerprints or web.cacerts '
141 'verified (check hostfingerprints or web.cacerts '
141 'config setting)\n') %
142 'config setting)\n') %
142 (host, nicefingerprint))
143 (host, nicefingerprint))
General Comments 0
You need to be logged in to leave comments. Login now