upstream/mercurial-mirror Commit - r36082:bf676267

wireprotoserver: split ssh protocol handler and server...

Gregory Szorc -

r36082:bf676267 default

parent child

mercurial/wireprotoserver.py

0 +27 -18

             # Copyright 21 May 2005 - (c) 2005 Jake Edge <jake@edge2.net>
             # Copyright 2005-2007 Matt Mackall <mpm@selenic.com>
             #
             # This software may be used and distributed according to the terms of the
             # GNU General Public License version 2 or any later version.
             from __future__ import absolute_import
             import abc
             import cgi
             import struct
             import sys
             from .i18n import _
             from . import (
                 encoding,
                 error,
                 hook,
                 pycompat,
                 util,
                 wireproto,
             )
             stringio = util.stringio
             urlerr = util.urlerr
             urlreq = util.urlreq
             HTTP_OK = 200
             HGTYPE = 'application/mercurial-0.1'
             HGTYPE2 = 'application/mercurial-0.2'
             HGERRTYPE = 'application/hg-error'
             # Names of the SSH protocol implementations.
             SSHV1 = 'ssh-v1'
             # This is advertised over the wire. Incremental the counter at the end
             # to reflect BC breakages.
             SSHV2 = 'exp-ssh-v2-0001'
             class baseprotocolhandler(object):
                 """Abstract base class for wire protocol handlers.
                 A wire protocol handler serves as an interface between protocol command
                 handlers and the wire protocol transport layer. Protocol handlers provide
                 methods to read command arguments, redirect stdio for the duration of
                 the request, handle response types, etc.
                 """
                 __metaclass__ = abc.ABCMeta
                 @abc.abstractproperty
                 def name(self):
                     """The name of the protocol implementation.
                     Used for uniquely identifying the transport type.
                     """
                 @abc.abstractmethod
                 def getargs(self, args):
                     """return the value for arguments in <args>
                     returns a list of values (same order as <args>)"""
                 @abc.abstractmethod
                 def getfile(self, fp):
                     """write the whole content of a file into a file like object
                     The file is in the form::
                         (<chunk-size>\n<chunk>)+0\n
                     chunk size is the ascii version of the int.
                     """
                 @abc.abstractmethod
                 def redirect(self):
                     """may setup interception for stdout and stderr
                     See also the `restore` method."""
                 # If the `redirect` function does install interception, the `restore`
                 # function MUST be defined. If interception is not used, this function
                 # MUST NOT be defined.
                 #
                 # left commented here on purpose
                 #
                 #def restore(self):
                 #    """reinstall previous stdout and stderr and return intercepted stdout
                 #    """
                 #    raise NotImplementedError()
             def decodevaluefromheaders(req, headerprefix):
                 """Decode a long value from multiple HTTP request headers.
                 Returns the value as a bytes, not a str.
                 """
                 chunks = []
                 i = 1
                 prefix = headerprefix.upper().replace(r'-', r'_')
                 while True:
                     v = req.env.get(r'HTTP_%s_%d' % (prefix, i))
                     if v is None:
                         break
                     chunks.append(pycompat.bytesurl(v))
                     i += 1
                 return ''.join(chunks)
             class webproto(baseprotocolhandler):
                 def __init__(self, req, ui):
                     self._req = req
                     self._ui = ui
                 @property
                 def name(self):
                     return 'http'
                 def getargs(self, args):
                     knownargs = self._args()
                     data = {}
                     keys = args.split()
                     for k in keys:
                         if k == '*':
                             star = {}
                             for key in knownargs.keys():
                                 if key != 'cmd' and key not in keys:
                                     star[key] = knownargs[key][0]
                             data['*'] = star
                         else:
                             data[k] = knownargs[k][0]
                     return [data[k] for k in keys]
                 def _args(self):
                     args = util.rapply(pycompat.bytesurl, self._req.form.copy())
                     postlen = int(self._req.env.get(r'HTTP_X_HGARGS_POST', 0))
                     if postlen:
                         args.update(cgi.parse_qs(
                             self._req.read(postlen), keep_blank_values=True))
                         return args
                     argvalue = decodevaluefromheaders(self._req, r'X-HgArg')
                     args.update(cgi.parse_qs(argvalue, keep_blank_values=True))
                     return args
                 def getfile(self, fp):
                     length = int(self._req.env[r'CONTENT_LENGTH'])
                     # If httppostargs is used, we need to read Content-Length
                     # minus the amount that was consumed by args.
                     length -= int(self._req.env.get(r'HTTP_X_HGARGS_POST', 0))
                     for s in util.filechunkiter(self._req, limit=length):
                         fp.write(s)
                 def redirect(self):
                     self._oldio = self._ui.fout, self._ui.ferr
                     self._ui.ferr = self._ui.fout = stringio()
                 def restore(self):
                     val = self._ui.fout.getvalue()
                     self._ui.ferr, self._ui.fout = self._oldio
                     return val
                 def _client(self):
                     return 'remote:%s:%s:%s' % (
                         self._req.env.get('wsgi.url_scheme') or 'http',
                         urlreq.quote(self._req.env.get('REMOTE_HOST', '')),
                         urlreq.quote(self._req.env.get('REMOTE_USER', '')))
                 def responsetype(self, prefer_uncompressed):
                     """Determine the appropriate response type and compression settings.
                     Returns a tuple of (mediatype, compengine, engineopts).
                     """
                     # Determine the response media type and compression engine based
                     # on the request parameters.
                     protocaps = decodevaluefromheaders(self._req, r'X-HgProto').split(' ')
                     if '0.2' in protocaps:
                         # All clients are expected to support uncompressed data.
                         if prefer_uncompressed:
                             return HGTYPE2, util._noopengine(), {}
                         # Default as defined by wire protocol spec.
                         compformats = ['zlib', 'none']
                         for cap in protocaps:
                             if cap.startswith('comp='):
                                 compformats = cap[5:].split(',')
                                 break
                         # Now find an agreed upon compression format.
                         for engine in wireproto.supportedcompengines(self._ui, self,
                                                                      util.SERVERROLE):
                             if engine.wireprotosupport().name in compformats:
                                 opts = {}
                                 level = self._ui.configint('server',
                                                           '%slevel' % engine.name())
                                 if level is not None:
                                     opts['level'] = level
                                 return HGTYPE2, engine, opts
                         # No mutually supported compression format. Fall back to the
                         # legacy protocol.
                     # Don't allow untrusted settings because disabling compression or
                     # setting a very high compression level could lead to flooding
                     # the server's network or CPU.
                     opts = {'level': self._ui.configint('server', 'zliblevel')}
                     return HGTYPE, util.compengines['zlib'], opts
             def iscmd(cmd):
                 return cmd in wireproto.commands
             def parsehttprequest(repo, req, query):
                 """Parse the HTTP request for a wire protocol request.
                 If the current request appears to be a wire protocol request, this
                 function returns a dict with details about that request, including
                 an ``abstractprotocolserver`` instance suitable for handling the
                 request. Otherwise, ``None`` is returned.
                 ``req`` is a ``wsgirequest`` instance.
                 """
                 # HTTP version 1 wire protocol requests are denoted by a "cmd" query
                 # string parameter. If it isn't present, this isn't a wire protocol
                 # request.
                 if r'cmd' not in req.form:
                     return None
                 cmd = pycompat.sysbytes(req.form[r'cmd'][0])
                 # The "cmd" request parameter is used by both the wire protocol and hgweb.
                 # While not all wire protocol commands are available for all transports,
                 # if we see a "cmd" value that resembles a known wire protocol command, we
                 # route it to a protocol handler. This is better than routing possible
                 # wire protocol requests to hgweb because it prevents hgweb from using
                 # known wire protocol commands and it is less confusing for machine
                 # clients.
                 if cmd not in wireproto.commands:
                     return None
                 proto = webproto(req, repo.ui)
                 return {
                     'cmd': cmd,
                     'proto': proto,
                     'dispatch': lambda: _callhttp(repo, req, proto, cmd),
                     'handleerror': lambda ex: _handlehttperror(ex, req, cmd),
                 }
             def _callhttp(repo, req, proto, cmd):
                 def genversion2(gen, engine, engineopts):
                     # application/mercurial-0.2 always sends a payload header
                     # identifying the compression engine.
                     name = engine.wireprotosupport().name
                     assert 0 < len(name) < 256
                     yield struct.pack('B', len(name))
                     yield name
                     for chunk in gen:
                         yield chunk
                 rsp = wireproto.dispatch(repo, proto, cmd)
                 if not wireproto.commands.commandavailable(cmd, proto):
                     req.respond(HTTP_OK, HGERRTYPE,
                                 body=_('requested wire protocol command is not available '
                                        'over HTTP'))
                     return []
                 if isinstance(rsp, bytes):
                     req.respond(HTTP_OK, HGTYPE, body=rsp)
                     return []
                 elif isinstance(rsp, wireproto.streamres_legacy):
                     gen = rsp.gen
                     req.respond(HTTP_OK, HGTYPE)
                     return gen
                 elif isinstance(rsp, wireproto.streamres):
                     gen = rsp.gen
                     # This code for compression should not be streamres specific. It
                     # is here because we only compress streamres at the moment.
                     mediatype, engine, engineopts = proto.responsetype(
                         rsp.prefer_uncompressed)
                     gen = engine.compressstream(gen, engineopts)
                     if mediatype == HGTYPE2:
                         gen = genversion2(gen, engine, engineopts)
                     req.respond(HTTP_OK, mediatype)
                     return gen
                 elif isinstance(rsp, wireproto.pushres):
                     val = proto.restore()
                     rsp = '%d\n%s' % (rsp.res, val)
                     req.respond(HTTP_OK, HGTYPE, body=rsp)
                     return []
                 elif isinstance(rsp, wireproto.pusherr):
                     # This is the httplib workaround documented in _handlehttperror().
                     req.drain()
                     proto.restore()
                     rsp = '0\n%s\n' % rsp.res
                     req.respond(HTTP_OK, HGTYPE, body=rsp)
                     return []
                 elif isinstance(rsp, wireproto.ooberror):
                     rsp = rsp.message
                     req.respond(HTTP_OK, HGERRTYPE, body=rsp)
                     return []
                 raise error.ProgrammingError('hgweb.protocol internal failure', rsp)
             def _handlehttperror(e, req, cmd):
                 """Called when an ErrorResponse is raised during HTTP request processing."""
                 # Clients using Python's httplib are stateful: the HTTP client
                 # won't process an HTTP response until all request data is
                 # sent to the server. The intent of this code is to ensure
                 # we always read HTTP request data from the client, thus
                 # ensuring httplib transitions to a state that allows it to read
                 # the HTTP response. In other words, it helps prevent deadlocks
                 # on clients using httplib.
                 if (req.env[r'REQUEST_METHOD'] == r'POST' and
                     # But not if Expect: 100-continue is being used.
                     (req.env.get('HTTP_EXPECT',
                                  '').lower() != '100-continue') or
                     # Or the non-httplib HTTP library is being advertised by
                     # the client.
                     req.env.get('X-HgHttp2', '')):
                     req.drain()
                 else:
                     req.headers.append((r'Connection', r'Close'))
                 # TODO This response body assumes the failed command was
                 # "unbundle." That assumption is not always valid.
                 req.respond(e, HGTYPE, body='0\n%s\n' % e)
                 return ''
             def _sshv1respondbytes(fout, value):
                 """Send a bytes response for protocol version 1."""
                 fout.write('%d\n' % len(value))
                 fout.write(value)
                 fout.flush()
             def _sshv1respondstream(fout, source):
                 write = fout.write
                 for chunk in source.gen:
                     write(chunk)
                 fout.flush()
             def _sshv1respondooberror(fout, ferr, rsp):
                 ferr.write(b'%s\n-\n' % rsp)
                 ferr.flush()
                 fout.write(b'\n')
                 fout.flush()
-            class sshserver(baseprotocolhandler):
+            class sshv1protocolhandler(baseprotocolhandler):
-                def __init__(self, ui, repo):
+                """Handler for requests services via version 1 of SSH protocol."""
+                def __init__(self, ui, fin, fout):
                     self._ui = ui
-                    self._repo = repo
+                    self._fin = fin
-                    self._fin = ui.fin
+                    self._fout = fout
-                    self._fout = ui.fout
-                    hook.redirect(True)
-                    ui.fout = repo.ui.fout = ui.ferr
-                    # Prevent insertion/deletion of CRs
-                    util.setbinary(self._fin)
-                    util.setbinary(self._fout)
                 @property
                 def name(self):
                     return 'ssh'
                 def getargs(self, args):
                     data = {}
                     keys = args.split()
                     for n in xrange(len(keys)):
                         argline = self._fin.readline()[:-1]
                         arg, l = argline.split()
                         if arg not in keys:
                             raise error.Abort(_("unexpected parameter %r") % arg)
                         if arg == '*':
                             star = {}
                             for k in xrange(int(l)):
                                 argline = self._fin.readline()[:-1]
                                 arg, l = argline.split()
                                 val = self._fin.read(int(l))
                                 star[arg] = val
                             data['*'] = star
                         else:
                             val = self._fin.read(int(l))
                             data[arg] = val
                     return [data[k] for k in keys]
                 def getfile(self, fpout):
                     _sshv1respondbytes(self._fout, b'')
                     count = int(self._fin.readline())
                     while count:
                         fpout.write(self._fin.read(count))
                         count = int(self._fin.readline())
                 def redirect(self):
                     pass
+                def _client(self):
+                    client = encoding.environ.get('SSH_CLIENT', '').split(' ', 1)[0]
+                    return 'remote:ssh:' + client
+            class sshserver(object):
+                def __init__(self, ui, repo):
+                    self._ui = ui
+                    self._repo = repo
+                    self._fin = ui.fin
+                    self._fout = ui.fout
+                    hook.redirect(True)
+                    ui.fout = repo.ui.fout = ui.ferr
+                    # Prevent insertion/deletion of CRs
+                    util.setbinary(self._fin)
+                    util.setbinary(self._fout)
+                    self._proto = sshv1protocolhandler(self._ui, self._fin, self._fout)
                 def serve_forever(self):
                     while self.serve_one():
                         pass
                     sys.exit(0)
                 def serve_one(self):
                     cmd = self._fin.readline()[:-1]
-                    if cmd and wireproto.commands.commandavailable(cmd, self):
+                    if cmd and wireproto.commands.commandavailable(cmd, self._proto):
-                        rsp = wireproto.dispatch(self._repo, self, cmd)
+                        rsp = wireproto.dispatch(self._repo, self._proto, cmd)
                         if isinstance(rsp, bytes):
                             _sshv1respondbytes(self._fout, rsp)
                         elif isinstance(rsp, wireproto.streamres):
                             _sshv1respondstream(self._fout, rsp)
                         elif isinstance(rsp, wireproto.streamres_legacy):
                             _sshv1respondstream(self._fout, rsp)
                         elif isinstance(rsp, wireproto.pushres):
                             _sshv1respondbytes(self._fout, b'')
                             _sshv1respondbytes(self._fout, bytes(rsp.res))
                         elif isinstance(rsp, wireproto.pusherr):
                             _sshv1respondbytes(self._fout, rsp.res)
                         elif isinstance(rsp, wireproto.ooberror):
                             _sshv1respondooberror(self._fout, self._ui.ferr, rsp.message)
                         else:
                             raise error.ProgrammingError('unhandled response type from '
                                                          'wire protocol command: %s' % rsp)
                     elif cmd:
                         _sshv1respondbytes(self._fout, b'')
                     return cmd != ''
-                def _client(self):
-                    client = encoding.environ.get('SSH_CLIENT', '').split(' ', 1)[0]
-                    return 'remote:ssh:' + client

tests/sshprotoext.py

0 +2 -2

             # sshprotoext.py - Extension to test behavior of SSH protocol
             #
             # Copyright 2018 Gregory Szorc <gregory.szorc@gmail.com>
             #
             # This software may be used and distributed according to the terms of the
             # GNU General Public License version 2 or any later version.
             # This extension replaces the SSH server started via `hg serve --stdio`.
             # The server behaves differently depending on environment variables.
             from __future__ import absolute_import
             from mercurial import (
                 error,
                 extensions,
                 registrar,
                 sshpeer,
                 wireproto,
                 wireprotoserver,
             )
             configtable = {}
             configitem = registrar.configitem(configtable)
             configitem('sshpeer', 'mode', default=None)
             configitem('sshpeer', 'handshake-mode', default=None)
             class bannerserver(wireprotoserver.sshserver):
                 """Server that sends a banner to stdout."""
                 def serve_forever(self):
                     for i in range(10):
                         self._fout.write(b'banner: line %d\n' % i)
                     super(bannerserver, self).serve_forever()
             class prehelloserver(wireprotoserver.sshserver):
                 """Tests behavior when connecting to <0.9.1 servers.
                 The ``hello`` wire protocol command was introduced in Mercurial
 .9.1. Modern clients send the ``hello`` command when connecting
                 to SSH servers. This mock server tests behavior of the handshake
                 when ``hello`` is not supported.
                 """
                 def serve_forever(self):
                     l = self._fin.readline()
                     assert l == b'hello\n'
                     # Respond to unknown commands with an empty reply.
                     wireprotoserver._sshv1respondbytes(self._fout, b'')
                     l = self._fin.readline()
                     assert l == b'between\n'
-                    rsp = wireproto.dispatch(self._repo, self, b'between')
+                    rsp = wireproto.dispatch(self._repo, self._proto, b'between')
                     wireprotoserver._sshv1respondbytes(self._fout, rsp)
                     super(prehelloserver, self).serve_forever()
             class upgradev2server(wireprotoserver.sshserver):
                 """Tests behavior for clients that issue upgrade to version 2."""
                 def serve_forever(self):
                     name = wireprotoserver.SSHV2
                     l = self._fin.readline()
                     assert l.startswith(b'upgrade ')
                     token, caps = l[:-1].split(b' ')[1:]
                     assert caps == b'proto=%s' % name
                     # Filter hello and between requests.
                     l = self._fin.readline()
                     assert l == b'hello\n'
                     l = self._fin.readline()
                     assert l == b'between\n'
                     l = self._fin.readline()
                     assert l == 'pairs 81\n'
                     self._fin.read(81)
                     # Send the upgrade response.
                     self._fout.write(b'upgraded %s %s\n' % (token, name))
-                    servercaps = wireproto.capabilities(self._repo, self)
+                    servercaps = wireproto.capabilities(self._repo, self._proto)
                     rsp = b'capabilities: %s' % servercaps
                     self._fout.write(b'%d\n' % len(rsp))
                     self._fout.write(rsp)
                     self._fout.write(b'\n')
                     self._fout.flush()
                     super(upgradev2server, self).serve_forever()
             def performhandshake(orig, ui, stdin, stdout, stderr):
                 """Wrapped version of sshpeer._performhandshake to send extra commands."""
                 mode = ui.config(b'sshpeer', b'handshake-mode')
                 if mode == b'pre-no-args':
                     ui.debug(b'sending no-args command\n')
                     stdin.write(b'no-args\n')
                     stdin.flush()
                     return orig(ui, stdin, stdout, stderr)
                 elif mode == b'pre-multiple-no-args':
                     ui.debug(b'sending unknown1 command\n')
                     stdin.write(b'unknown1\n')
                     ui.debug(b'sending unknown2 command\n')
                     stdin.write(b'unknown2\n')
                     ui.debug(b'sending unknown3 command\n')
                     stdin.write(b'unknown3\n')
                     stdin.flush()
                     return orig(ui, stdin, stdout, stderr)
                 else:
                     raise error.ProgrammingError(b'unknown HANDSHAKECOMMANDMODE: %s' %
                                                  mode)
             def extsetup(ui):
                 # It's easier for tests to define the server behavior via environment
                 # variables than config options. This is because `hg serve --stdio`
                 # has to be invoked with a certain form for security reasons and
                 # `dummyssh` can't just add `--config` flags to the command line.
                 servermode = ui.environ.get(b'SSHSERVERMODE')
                 if servermode == b'banner':
                     wireprotoserver.sshserver = bannerserver
                 elif servermode == b'no-hello':
                     wireprotoserver.sshserver = prehelloserver
                 elif servermode == b'upgradev2':
                     wireprotoserver.sshserver = upgradev2server
                 elif servermode:
                     raise error.ProgrammingError(b'unknown server mode: %s' % servermode)
                 peermode = ui.config(b'sshpeer', b'mode')
                 if peermode == b'extra-handshake-commands':
                     extensions.wrapfunction(sshpeer, '_performhandshake', performhandshake)
                 elif peermode:
                     raise error.ProgrammingError(b'unknown peer mode: %s' % peermode)

tests/test-sshserver.py

0 +1 -1

             from __future__ import absolute_import, print_function
             import io
             import unittest
             import silenttestrunner
             from mercurial import (
                 util,
                 wireproto,
                 wireprotoserver,
             )
             class SSHServerGetArgsTests(unittest.TestCase):
                 def testparseknown(self):
                     tests = [
                         ('* 0\nnodes 0\n', ['', {}]),
                         ('* 0\nnodes 40\n1111111111111111111111111111111111111111\n',
                          ['1111111111111111111111111111111111111111', {}]),
                     ]
                     for input, expected in tests:
                         self.assertparse('known', input, expected)
                 def assertparse(self, cmd, input, expected):
                     server = mockserver(input)
                     _func, spec = wireproto.commands[cmd]
-                    self.assertEqual(server.getargs(spec), expected)
+                    self.assertEqual(server._proto.getargs(spec), expected)
             def mockserver(inbytes):
                 ui = mockui(inbytes)
                 repo = mockrepo(ui)
                 return wireprotoserver.sshserver(ui, repo)
             class mockrepo(object):
                 def __init__(self, ui):
                     self.ui = ui
             class mockui(object):
                 def __init__(self, inbytes):
                     self.fin = io.BytesIO(inbytes)
                     self.fout = io.BytesIO()
                     self.ferr = io.BytesIO()
             if __name__ == '__main__':
                 # Don't call into msvcrt to set BytesIO to binary mode
                 util.setbinary = lambda fp: True
                 silenttestrunner.main(__name__)

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages