Show More
| @@ -58,7 +58,7 b' class _httprequesthandler(BaseHTTPServer' | |||||
| 58 | url_scheme = 'http' |
|
58 | url_scheme = 'http' | |
| 59 |
|
59 | |||
| 60 | @staticmethod |
|
60 | @staticmethod | |
| 61 |
def preparehttpserver(httpserver, |
|
61 | def preparehttpserver(httpserver, ui): | |
| 62 | """Prepare .socket of new HTTPServer instance""" |
|
62 | """Prepare .socket of new HTTPServer instance""" | |
| 63 | pass |
|
63 | pass | |
| 64 |
|
64 | |||
| @@ -222,15 +222,17 b' class _httprequesthandlerssl(_httpreques' | |||||
| 222 | url_scheme = 'https' |
|
222 | url_scheme = 'https' | |
| 223 |
|
223 | |||
| 224 | @staticmethod |
|
224 | @staticmethod | |
| 225 |
def preparehttpserver(httpserver, |
|
225 | def preparehttpserver(httpserver, ui): | |
| 226 | try: |
|
226 | try: | |
| 227 | import ssl |
|
227 | import ssl | |
| 228 | ssl.wrap_socket |
|
228 | ssl.wrap_socket | |
| 229 | except ImportError: |
|
229 | except ImportError: | |
| 230 | raise error.Abort(_("SSL support is unavailable")) |
|
230 | raise error.Abort(_("SSL support is unavailable")) | |
|
|
231 | ||||
|
|
232 | certfile = ui.config('web', 'certificate') | |||
| 231 | httpserver.socket = ssl.wrap_socket( |
|
233 | httpserver.socket = ssl.wrap_socket( | |
| 232 | httpserver.socket, server_side=True, |
|
234 | httpserver.socket, server_side=True, | |
| 233 |
certfile= |
|
235 | certfile=certfile, ssl_version=ssl.PROTOCOL_TLSv1) | |
| 234 |
|
236 | |||
| 235 | def setup(self): |
|
237 | def setup(self): | |
| 236 | self.connection = self.request |
|
238 | self.connection = self.request | |
| @@ -264,7 +266,7 b' class MercurialHTTPServer(object, _mixin' | |||||
| 264 | self.daemon_threads = True |
|
266 | self.daemon_threads = True | |
| 265 | self.application = app |
|
267 | self.application = app | |
| 266 |
|
268 | |||
| 267 |
handler.preparehttpserver(self, ui |
|
269 | handler.preparehttpserver(self, ui) | |
| 268 |
|
270 | |||
| 269 | prefix = ui.config('web', 'prefix', '') |
|
271 | prefix = ui.config('web', 'prefix', '') | |
| 270 | if prefix: |
|
272 | if prefix: | |
| @@ -404,12 +404,13 b' Start patched hgweb that requires client' | |||||
| 404 | > from mercurial.hgweb import server |
|
404 | > from mercurial.hgweb import server | |
| 405 | > class _httprequesthandlersslclientcert(server._httprequesthandlerssl): |
|
405 | > class _httprequesthandlersslclientcert(server._httprequesthandlerssl): | |
| 406 | > @staticmethod |
|
406 | > @staticmethod | |
| 407 |
> def preparehttpserver(httpserver, |
|
407 | > def preparehttpserver(httpserver, ui): | |
|
|
408 | > certfile = ui.config('web', 'certificate') | |||
| 408 | > sslcontext = ssl.SSLContext(ssl.PROTOCOL_TLSv1) |
|
409 | > sslcontext = ssl.SSLContext(ssl.PROTOCOL_TLSv1) | |
| 409 | > sslcontext.verify_mode = ssl.CERT_REQUIRED |
|
410 | > sslcontext.verify_mode = ssl.CERT_REQUIRED | |
| 410 |
> sslcontext.load_cert_chain( |
|
411 | > sslcontext.load_cert_chain(certfile) | |
| 411 | > # verify clients by server certificate |
|
412 | > # verify clients by server certificate | |
| 412 |
> sslcontext.load_verify_locations( |
|
413 | > sslcontext.load_verify_locations(certfile) | |
| 413 | > httpserver.socket = sslcontext.wrap_socket(httpserver.socket, |
|
414 | > httpserver.socket = sslcontext.wrap_socket(httpserver.socket, | |
| 414 | > server_side=True) |
|
415 | > server_side=True) | |
| 415 | > server._httprequesthandlerssl = _httprequesthandlersslclientcert |
|
416 | > server._httprequesthandlerssl = _httprequesthandlersslclientcert | |
General Comments 0
You need to be logged in to leave comments.
Login now