upstream/mercurial-mirror Commit - r9347:d0474b18

1

# url.py - HTTP handling for mercurial

1

# url.py - HTTP handling for mercurial

2

#

2

#

3

4

5

6

#

6

#

7

# This software may be used and distributed according to the terms of the

7

# This software may be used and distributed according to the terms of the

8

# GNU General Public License version 2, incorporated herein by reference.

8

# GNU General Public License version 2, incorporated herein by reference.

9

10

import urllib, urllib2, urlparse, httplib, os, re, socket, cStringIO

10

import urllib, urllib2, urlparse, httplib, os, re, socket, cStringIO

11

from i18n import _

11

from i18n import _

12

import keepalive, util

12

import keepalive, util

13

14

def hidepassword(url):

14

def hidepassword(url):

15

'''hide user credential in a url string'''

15

'''hide user credential in a url string'''

16

scheme, netloc, path, params, query, fragment = urlparse.urlparse(url)

16

scheme, netloc, path, params, query, fragment = urlparse.urlparse(url)

17

netloc = re.sub('([^:]*):([^@]*)@(.*)', r'\1:***@\3', netloc)

17

netloc = re.sub('([^:]*):([^@]*)@(.*)', r'\1:***@\3', netloc)

18

return urlparse.urlunparse((scheme, netloc, path, params, query, fragment))

18

return urlparse.urlunparse((scheme, netloc, path, params, query, fragment))

19

20

def removeauth(url):

20

def removeauth(url):

21

'''remove all authentication information from a url string'''

21

'''remove all authentication information from a url string'''

22

scheme, netloc, path, params, query, fragment = urlparse.urlparse(url)

22

scheme, netloc, path, params, query, fragment = urlparse.urlparse(url)

23

netloc = netloc[netloc.find('@')+1:]

23

netloc = netloc[netloc.find('@')+1:]

24

return urlparse.urlunparse((scheme, netloc, path, params, query, fragment))

24

return urlparse.urlunparse((scheme, netloc, path, params, query, fragment))

25

26

def netlocsplit(netloc):

26

def netlocsplit(netloc):

27

'''split [user[:passwd]@]host[:port] into 4-tuple.'''

27

'''split [user[:passwd]@]host[:port] into 4-tuple.'''

28

29

a = netloc.find('@')

29

a = netloc.find('@')

30

if a == -1:

30

if a == -1:

31

user, passwd = None, None

31

user, passwd = None, None

32

else:

32

else:

33

userpass, netloc = netloc[:a], netloc[a+1:]

33

userpass, netloc = netloc[:a], netloc[a+1:]

34

c = userpass.find(':')

34

c = userpass.find(':')

35

if c == -1:

35

if c == -1:

36

user, passwd = urllib.unquote(userpass), None

36

user, passwd = urllib.unquote(userpass), None

37

else:

37

else:

38

user = urllib.unquote(userpass[:c])

38

user = urllib.unquote(userpass[:c])

39

passwd = urllib.unquote(userpass[c+1:])

39

passwd = urllib.unquote(userpass[c+1:])

40

c = netloc.find(':')

40

c = netloc.find(':')

41

if c == -1:

41

if c == -1:

42

host, port = netloc, None

42

host, port = netloc, None

43

else:

43

else:

44

host, port = netloc[:c], netloc[c+1:]

44

host, port = netloc[:c], netloc[c+1:]

45

return host, port, user, passwd

45

return host, port, user, passwd

46

47

def netlocunsplit(host, port, user=None, passwd=None):

47

def netlocunsplit(host, port, user=None, passwd=None):

48

'''turn host, port, user, passwd into [user[:passwd]@]host[:port].'''

48

'''turn host, port, user, passwd into [user[:passwd]@]host[:port].'''

49

if port:

49

if port:

50

hostport = host + ':' + port

50

hostport = host + ':' + port

51

else:

51

else:

52

hostport = host

52

hostport = host

53

if user:

53

if user:

54

if passwd:

54

if passwd:

55

userpass = urllib.quote(user) + ':' + urllib.quote(passwd)

55

userpass = urllib.quote(user) + ':' + urllib.quote(passwd)

56

else:

56

else:

57

userpass = urllib.quote(user)

57

userpass = urllib.quote(user)

58

return userpass + '@' + hostport

58

return userpass + '@' + hostport

59

return hostport

59

return hostport

60

61

_safe = ('abcdefghijklmnopqrstuvwxyz'

61

_safe = ('abcdefghijklmnopqrstuvwxyz'

62

'ABCDEFGHIJKLMNOPQRSTUVWXYZ'

62

'ABCDEFGHIJKLMNOPQRSTUVWXYZ'

63

'0123456789' '_.-/')

63

'0123456789' '_.-/')

64

_safeset = None

64

_safeset = None

65

_hex = None

65

_hex = None

66

def quotepath(path):

66

def quotepath(path):

67

'''quote the path part of a URL

67

'''quote the path part of a URL

68

69

This is similar to urllib.quote, but it also tries to avoid

69

This is similar to urllib.quote, but it also tries to avoid

70

quoting things twice (inspired by wget):

70

quoting things twice (inspired by wget):

71

72

>>> quotepath('abc def')

72

>>> quotepath('abc def')

73

'abc%20def'

73

'abc%20def'

74

>>> quotepath('abc%20def')

74

>>> quotepath('abc%20def')

75

'abc%20def'

75

'abc%20def'

76

>>> quotepath('abc%20 def')

76

>>> quotepath('abc%20 def')

77

'abc%20%20def'

77

'abc%20%20def'

78

>>> quotepath('abc def%20')

78

>>> quotepath('abc def%20')

79

'abc%20def%20'

79

'abc%20def%20'

80

>>> quotepath('abc def%2')

80

>>> quotepath('abc def%2')

81

'abc%20def%252'

81

'abc%20def%252'

82

>>> quotepath('abc def%')

82

>>> quotepath('abc def%')

83

'abc%20def%25'

83

'abc%20def%25'

84

'''

84

'''

85

global _safeset, _hex

85

global _safeset, _hex

86

if _safeset is None:

86

if _safeset is None:

87

_safeset = set(_safe)

87

_safeset = set(_safe)

88

_hex = set('abcdefABCDEF0123456789')

88

_hex = set('abcdefABCDEF0123456789')

89

l = list(path)

89

l = list(path)

90

for i in xrange(len(l)):

90

for i in xrange(len(l)):

91

c = l[i]

91

c = l[i]

92

if c == '%' and i + 2 < len(l) and (l[i+1] in _hex and l[i+2] in _hex):

92

if c == '%' and i + 2 < len(l) and (l[i+1] in _hex and l[i+2] in _hex):

93

pass

93

pass

94

elif c not in _safeset:

94

elif c not in _safeset:

95

l[i] = '%%%02X' % ord(c)

95

l[i] = '%%%02X' % ord(c)

96

return ''.join(l)

96

return ''.join(l)

97

98

class passwordmgr(urllib2.HTTPPasswordMgrWithDefaultRealm):

98

class passwordmgr(urllib2.HTTPPasswordMgrWithDefaultRealm):

99

def __init__(self, ui):

99

def __init__(self, ui):

100

urllib2.HTTPPasswordMgrWithDefaultRealm.__init__(self)

100

urllib2.HTTPPasswordMgrWithDefaultRealm.__init__(self)

101

self.ui = ui

101

self.ui = ui

102

103

def find_user_password(self, realm, authuri):

103

def find_user_password(self, realm, authuri):

104

authinfo = urllib2.HTTPPasswordMgrWithDefaultRealm.find_user_password(

104

authinfo = urllib2.HTTPPasswordMgrWithDefaultRealm.find_user_password(

105

self, realm, authuri)

105

self, realm, authuri)

106

user, passwd = authinfo

106

user, passwd = authinfo

107

if user and passwd:

107

if user and passwd:

108

self._writedebug(user, passwd)

108

self._writedebug(user, passwd)

109

return (user, passwd)

109

return (user, passwd)

110

111

if not user:

111

if not user:

112

auth = self.readauthtoken(authuri)

112

auth = self.readauthtoken(authuri)

113

if auth:

113

if auth:

114

user, passwd = auth.get('username'), auth.get('password')

114

user, passwd = auth.get('username'), auth.get('password')

115

if not user or not passwd:

115

if not user or not passwd:

116

if not self.ui.interactive():

116

if not self.ui.interactive():

117

raise util.Abort(_('http authorization required'))

117

raise util.Abort(_('http authorization required'))

118

119

self.ui.write(_("http authorization required\n"))

119

self.ui.write(_("http authorization required\n"))

120

self.ui.status(_("realm: %s\n") % realm)

120

self.ui.status(_("realm: %s\n") % realm)

121

if user:

121

if user:

122

self.ui.status(_("user: %s\n") % user)

122

self.ui.status(_("user: %s\n") % user)

123

else:

123

else:

124

user = self.ui.prompt(_("user:"), default=None)

124

user = self.ui.prompt(_("user:"), default=None)

125

126

if not passwd:

126

if not passwd:

127

passwd = self.ui.getpass()

127

passwd = self.ui.getpass()

128

129

self.add_password(realm, authuri, user, passwd)

129

self.add_password(realm, authuri, user, passwd)

130

self._writedebug(user, passwd)

130

self._writedebug(user, passwd)

131

return (user, passwd)

131

return (user, passwd)

132

133

def _writedebug(self, user, passwd):

133

def _writedebug(self, user, passwd):

134

msg = _('http auth: user %s, password %s\n')

134

msg = _('http auth: user %s, password %s\n')

135

self.ui.debug(msg % (user, passwd and '*' * len(passwd) or 'not set'))

135

self.ui.debug(msg % (user, passwd and '*' * len(passwd) or 'not set'))

136

137

def readauthtoken(self, uri):

137

def readauthtoken(self, uri):

138

# Read configuration

138

# Read configuration

139

config = dict()

139

config = dict()

140

for key, val in self.ui.configitems('auth'):

140

for key, val in self.ui.configitems('auth'):

141

group, setting = key.split('.', 1)

141

group, setting = key.split('.', 1)

142

gdict = config.setdefault(group, dict())

142

gdict = config.setdefault(group, dict())

143

gdict[setting] = val

143

gdict[setting] = val

144

145

# Find the best match

145

# Find the best match

146

scheme, hostpath = uri.split('://', 1)

146

scheme, hostpath = uri.split('://', 1)

147

bestlen = 0

147

bestlen = 0

148

bestauth = None

148

bestauth = None

149

for auth in config.itervalues():

149

for auth in config.itervalues():

150

prefix = auth.get('prefix')

150

prefix = auth.get('prefix')

151

if not prefix: continue

151

if not prefix: continue

152

p = prefix.split('://', 1)

152

p = prefix.split('://', 1)

153

if len(p) > 1:

153

if len(p) > 1:

154

schemes, prefix = [p[0]], p[1]

154

schemes, prefix = [p[0]], p[1]

155

else:

155

else:

156

schemes = (auth.get('schemes') or 'https').split()

156

schemes = (auth.get('schemes') or 'https').split()

157

if (prefix == '*' or hostpath.startswith(prefix)) and \

157

if (prefix == '*' or hostpath.startswith(prefix)) and \

158

len(prefix) > bestlen and scheme in schemes:

158

len(prefix) > bestlen and scheme in schemes:

159

bestlen = len(prefix)

159

bestlen = len(prefix)

160

bestauth = auth

160

bestauth = auth

161

return bestauth

161

return bestauth

162

163

class proxyhandler(urllib2.ProxyHandler):

163

class proxyhandler(urllib2.ProxyHandler):

164

def __init__(self, ui):

164

def __init__(self, ui):

165

proxyurl = ui.config("http_proxy", "host") or os.getenv('http_proxy')

165

proxyurl = ui.config("http_proxy", "host") or os.getenv('http_proxy')

166

# XXX proxyauthinfo = None

166

# XXX proxyauthinfo = None

167

168

if proxyurl:

168

if proxyurl:

169

# proxy can be proper url or host[:port]

169

# proxy can be proper url or host[:port]

170

if not (proxyurl.startswith('http:') or

170

if not (proxyurl.startswith('http:') or

171

proxyurl.startswith('https:')):

171

proxyurl.startswith('https:')):

172

proxyurl = 'http://' + proxyurl + '/'

172

proxyurl = 'http://' + proxyurl + '/'

173

snpqf = urlparse.urlsplit(proxyurl)

173

snpqf = urlparse.urlsplit(proxyurl)

174

proxyscheme, proxynetloc, proxypath, proxyquery, proxyfrag = snpqf

174

proxyscheme, proxynetloc, proxypath, proxyquery, proxyfrag = snpqf

175

hpup = netlocsplit(proxynetloc)

175

hpup = netlocsplit(proxynetloc)

176

177

proxyhost, proxyport, proxyuser, proxypasswd = hpup

177

proxyhost, proxyport, proxyuser, proxypasswd = hpup

178

if not proxyuser:

178

if not proxyuser:

179

proxyuser = ui.config("http_proxy", "user")

179

proxyuser = ui.config("http_proxy", "user")

180

proxypasswd = ui.config("http_proxy", "passwd")

180

proxypasswd = ui.config("http_proxy", "passwd")

181

182

# see if we should use a proxy for this url

182

# see if we should use a proxy for this url

183

no_list = [ "localhost", "127.0.0.1" ]

183

no_list = [ "localhost", "127.0.0.1" ]

184

no_list.extend([p.lower() for

184

no_list.extend([p.lower() for

185

p in ui.configlist("http_proxy", "no")])

185

p in ui.configlist("http_proxy", "no")])

186

no_list.extend([p.strip().lower() for

186

no_list.extend([p.strip().lower() for

187

p in os.getenv("no_proxy", '').split(',')

187

p in os.getenv("no_proxy", '').split(',')

188

if p.strip()])

188

if p.strip()])

189

# "http_proxy.always" config is for running tests on localhost

189

# "http_proxy.always" config is for running tests on localhost

190

if ui.configbool("http_proxy", "always"):

190

if ui.configbool("http_proxy", "always"):

191

self.no_list = []

191

self.no_list = []

192

else:

192

else:

193

self.no_list = no_list

193

self.no_list = no_list

194

195

proxyurl = urlparse.urlunsplit((

195

proxyurl = urlparse.urlunsplit((

196

proxyscheme, netlocunsplit(proxyhost, proxyport,

196

proxyscheme, netlocunsplit(proxyhost, proxyport,

197

proxyuser, proxypasswd or ''),

197

proxyuser, proxypasswd or ''),

198

proxypath, proxyquery, proxyfrag))

198

proxypath, proxyquery, proxyfrag))

199

proxies = {'http': proxyurl, 'https': proxyurl}

199

proxies = {'http': proxyurl, 'https': proxyurl}

200

ui.debug(_('proxying through http://%s:%s\n') %

200

ui.debug(_('proxying through http://%s:%s\n') %

201

(proxyhost, proxyport))

201

(proxyhost, proxyport))

202

else:

202

else:

203

proxies = {}

203

proxies = {}

204

205

# urllib2 takes proxy values from the environment and those

205

# urllib2 takes proxy values from the environment and those

206

# will take precedence if found, so drop them

206

# will take precedence if found, so drop them

207

for env in ["HTTP_PROXY", "http_proxy", "no_proxy"]:

207

for env in ["HTTP_PROXY", "http_proxy", "no_proxy"]:

208

try:

208

try:

209

if env in os.environ:

209

if env in os.environ:

210

del os.environ[env]

210

del os.environ[env]

211

except OSError:

211

except OSError:

212

pass

212

pass

213

214

urllib2.ProxyHandler.__init__(self, proxies)

214

urllib2.ProxyHandler.__init__(self, proxies)

215

self.ui = ui

215

self.ui = ui

216

217

def proxy_open(self, req, proxy, type_):

217

def proxy_open(self, req, proxy, type_):

218

host = req.get_host().split(':')[0]

218

host = req.get_host().split(':')[0]

219

if host in self.no_list:

219

if host in self.no_list:

220

return None

220

return None

221

222

# work around a bug in Python < 2.4.2

222

# work around a bug in Python < 2.4.2

223

# (it leaves a "\n" at the end of Proxy-authorization headers)

223

# (it leaves a "\n" at the end of Proxy-authorization headers)

224

baseclass = req.__class__

224

baseclass = req.__class__

225

class _request(baseclass):

225

class _request(baseclass):

226

def add_header(self, key, val):

226

def add_header(self, key, val):

227

if key.lower() == 'proxy-authorization':

227

if key.lower() == 'proxy-authorization':

228

val = val.strip()

228

val = val.strip()

229

return baseclass.add_header(self, key, val)

229

return baseclass.add_header(self, key, val)

230

req.__class__ = _request

230

req.__class__ = _request

231

232

return urllib2.ProxyHandler.proxy_open(self, req, proxy, type_)

232

return urllib2.ProxyHandler.proxy_open(self, req, proxy, type_)

233

234

class httpsendfile(file):

234

class httpsendfile(file):

235

def __len__(self):

235

def __len__(self):

236

return os.fstat(self.fileno()).st_size

236

return os.fstat(self.fileno()).st_size

237

238

def _gen_sendfile(connection):

238

def _gen_sendfile(connection):

239

def _sendfile(self, data):

239

def _sendfile(self, data):

240

# send a file

240

# send a file

241

if isinstance(data, httpsendfile):

241

if isinstance(data, httpsendfile):

242

# if auth required, some data sent twice, so rewind here

242

# if auth required, some data sent twice, so rewind here

243

data.seek(0)

243

data.seek(0)

244

for chunk in util.filechunkiter(data):

244

for chunk in util.filechunkiter(data):

245

connection.send(self, chunk)

245

connection.send(self, chunk)

246

else:

246

else:

247

connection.send(self, data)

247

connection.send(self, data)

248

return _sendfile

248

return _sendfile

249

250

has_https = hasattr(urllib2, 'HTTPSHandler')

250

has_https = hasattr(urllib2, 'HTTPSHandler')

251

if has_https:

251

if has_https:

252

try:

252

try:

253

# avoid using deprecated/broken FakeSocket in python 2.6

253

# avoid using deprecated/broken FakeSocket in python 2.6

254

import ssl

254

import ssl

255

_ssl_wrap_socket = ssl.wrap_socket

255

_ssl_wrap_socket = ssl.wrap_socket

256

except ImportError:

256

except ImportError:

257

def _ssl_wrap_socket(sock, key_file, cert_file):

257

def _ssl_wrap_socket(sock, key_file, cert_file):

258

ssl = socket.ssl(sock, key_file, cert_file)

258

ssl = socket.ssl(sock, key_file, cert_file)

259

return httplib.FakeSocket(sock, ssl)

259

return httplib.FakeSocket(sock, ssl)

260

261

class httpconnection(keepalive.HTTPConnection):

261

class httpconnection(keepalive.HTTPConnection):

262

# must be able to send big bundle as stream.

262

# must be able to send big bundle as stream.

263

send = _gen_sendfile(keepalive.HTTPConnection)

263

send = _gen_sendfile(keepalive.HTTPConnection)

264

265

def _proxytunnel(self):

265

def _proxytunnel(self):

266

proxyheaders = dict(

266

proxyheaders = dict(

267

[(x, self.headers[x]) for x in self.headers

267

[(x, self.headers[x]) for x in self.headers

268

if x.lower().startswith('proxy-')])

268

if x.lower().startswith('proxy-')])

269

self._set_hostport(self.host, self.port)

269

self._set_hostport(self.host, self.port)

270

self.send('CONNECT %s:%d HTTP/1.0\r\n' % (self.realhost, self.realport))

270

self.send('CONNECT %s:%d HTTP/1.0\r\n' % (self.realhost, self.realport))

271

for header in proxyheaders.iteritems():

271

for header in proxyheaders.iteritems():

272

self.send('%s: %s\r\n' % header)

272

self.send('%s: %s\r\n' % header)

273

self.send('\r\n')

273

self.send('\r\n')

274

275

# majority of the following code is duplicated from

275

# majority of the following code is duplicated from

276

# httplib.HTTPConnection as there are no adequate places to

276

# httplib.HTTPConnection as there are no adequate places to

277

# override functions to provide the needed functionality

277

# override functions to provide the needed functionality

278

res = self.response_class(self.sock,

278

res = self.response_class(self.sock,

279

strict=self.strict,

279

strict=self.strict,

280

method=self._method)

280

method=self._method)

281

282

while True:

282

while True:

283

version, status, reason = res._read_status()

283

version, status, reason = res._read_status()

284

if status != httplib.CONTINUE:

284

if status != httplib.CONTINUE:

285

break

285

break

286

while True:

286

while True:

287

skip = res.fp.readline().strip()

287

skip = res.fp.readline().strip()

288

if not skip:

288

if not skip:

289

break

289

break

290

res.status = status

290

res.status = status

291

res.reason = reason.strip()

291

res.reason = reason.strip()

292

293

if res.status == 200:

293

if res.status == 200:

294

while True:

294

while True:

295

line = res.fp.readline()

295

line = res.fp.readline()

296

if line == '\r\n':

296

if line == '\r\n':

297

break

297

break

298

return True

298

return True

299

300

if version == 'HTTP/1.0':

300

if version == 'HTTP/1.0':

301

res.version = 10

301

res.version = 10

302

elif version.startswith('HTTP/1.'):

302

elif version.startswith('HTTP/1.'):

303

res.version = 11

303

res.version = 11

304

elif version == 'HTTP/0.9':

304

elif version == 'HTTP/0.9':

305

res.version = 9

305

res.version = 9

306

else:

306

else:

307

raise httplib.UnknownProtocol(version)

307

raise httplib.UnknownProtocol(version)

308

309

if res.version == 9:

309

if res.version == 9:

310

res.length = None

310

res.length = None

311

res.chunked = 0

311

res.chunked = 0

312

res.will_close = 1

312

res.will_close = 1

313

res.msg = httplib.HTTPMessage(cStringIO.StringIO())

313

res.msg = httplib.HTTPMessage(cStringIO.StringIO())

314

return False

314

return False

315

316

res.msg = httplib.HTTPMessage(res.fp)

316

res.msg = httplib.HTTPMessage(res.fp)

317

res.msg.fp = None

317

res.msg.fp = None

318

319

# are we using the chunked-style of transfer encoding?

319

# are we using the chunked-style of transfer encoding?

320

trenc = res.msg.getheader('transfer-encoding')

320

trenc = res.msg.getheader('transfer-encoding')

321

if trenc and trenc.lower() == "chunked":

321

if trenc and trenc.lower() == "chunked":

322

res.chunked = 1

322

res.chunked = 1

323

res.chunk_left = None

323

res.chunk_left = None

324

else:

324

else:

325

res.chunked = 0

325

res.chunked = 0

326

327

# will the connection close at the end of the response?

327

# will the connection close at the end of the response?

328

res.will_close = res._check_close()

328

res.will_close = res._check_close()

329

330

# do we have a Content-Length?

330

# do we have a Content-Length?

331

# NOTE: RFC 2616, S4.4, #3 says we ignore this if tr_enc is "chunked"

331

# NOTE: RFC 2616, S4.4, #3 says we ignore this if tr_enc is "chunked"

332

length = res.msg.getheader('content-length')

332

length = res.msg.getheader('content-length')

333

if length and not res.chunked:

333

if length and not res.chunked:

334

try:

334

try:

335

res.length = int(length)

335

res.length = int(length)

336

except ValueError:

336

except ValueError:

337

res.length = None

337

res.length = None

338

else:

338

else:

339

if res.length < 0: # ignore nonsensical negative lengths

339

if res.length < 0: # ignore nonsensical negative lengths

340

res.length = None

340

res.length = None

341

else:

341

else:

342

res.length = None

342

res.length = None

343

344

# does the body have a fixed length? (of zero)

344

# does the body have a fixed length? (of zero)

345

if (status == httplib.NO_CONTENT or status == httplib.NOT_MODIFIED or

345

if (status == httplib.NO_CONTENT or status == httplib.NOT_MODIFIED or

346

100 <= status < 200 or # 1xx codes

346

100 <= status < 200 or # 1xx codes

347

res._method == 'HEAD'):

347

res._method == 'HEAD'):

348

res.length = 0

348

res.length = 0

349

350

# if the connection remains open, and we aren't using chunked, and

350

# if the connection remains open, and we aren't using chunked, and

351

# a content-length was not provided, then assume that the connection

351

# a content-length was not provided, then assume that the connection

352

# WILL close.

352

# WILL close.

353

if (not res.will_close and

353

if (not res.will_close and

354

not res.chunked and

354

not res.chunked and

355

res.length is None):

355

res.length is None):

356

res.will_close = 1

356

res.will_close = 1

357

358

self.proxyres = res

358

self.proxyres = res

359

360

return False

360

return False

361

362

def connect(self):

362

def connect(self):

363

if has_https and self.realhost: # use CONNECT proxy

363

if has_https and self.realhost: # use CONNECT proxy

364

self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

364

self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

365

self.sock.connect((self.host, self.port))

365

self.sock.connect((self.host, self.port))

366

if self._proxytunnel():

366

if self._proxytunnel():

367

# we do not support client x509 certificates

367

# we do not support client x509 certificates

368

self.sock = _ssl_wrap_socket(self.sock, None, None)

368

self.sock = _ssl_wrap_socket(self.sock, None, None)

369

else:

369

else:

370

keepalive.HTTPConnection.connect(self)

370

keepalive.HTTPConnection.connect(self)

371

372

def getresponse(self):

372

def getresponse(self):

373

proxyres = getattr(self, 'proxyres', None)

373

proxyres = getattr(self, 'proxyres', None)

374

if proxyres:

374

if proxyres:

375

if proxyres.will_close:

375

if proxyres.will_close:

376

self.close()

376

self.close()

377

self.proxyres = None

377

self.proxyres = None

378

return proxyres

378

return proxyres

379

return keepalive.HTTPConnection.getresponse(self)

379

return keepalive.HTTPConnection.getresponse(self)

380

381

class httphandler(keepalive.HTTPHandler):

381

class httphandler(keepalive.HTTPHandler):

382

def http_open(self, req):

382

def http_open(self, req):

383

return self.do_open(httpconnection, req)

383

return self.do_open(httpconnection, req)

384

385

def _start_transaction(self, h, req):

385

def _start_transaction(self, h, req):

386

if req.get_selector() == req.get_full_url(): # has proxy

386

if req.get_selector() == req.get_full_url(): # has proxy

387

urlparts = urlparse.urlparse(req.get_selector())

387

urlparts = urlparse.urlparse(req.get_selector())

388

if urlparts[0] == 'https': # only use CONNECT for HTTPS

388

if urlparts[0] == 'https': # only use CONNECT for HTTPS

389

if ':' in urlparts[1]:

389

if ':' in urlparts[1]:

390

realhost, realport = urlparts[1].split(':')

390

realhost, realport = urlparts[1].split(':')

391

realport = int(realport)

391

realport = int(realport)

392

else:

392

else:

393

realhost = urlparts[1]

393

realhost = urlparts[1]

394

realport = 443

394

realport = 443

395

396

h.realhost = realhost

396

h.realhost = realhost

397

h.realport = realport

397

h.realport = realport

398

h.headers = req.headers.copy()

398

h.headers = req.headers.copy()

399

h.headers.update(self.parent.addheaders)

399

h.headers.update(self.parent.addheaders)

400

return keepalive.HTTPHandler._start_transaction(self, h, req)

400

return keepalive.HTTPHandler._start_transaction(self, h, req)

401

402

h.realhost = None

402

h.realhost = None

403

h.realport = None

403

h.realport = None

404

h.headers = None

404

h.headers = None

405

return keepalive.HTTPHandler._start_transaction(self, h, req)

405

return keepalive.HTTPHandler._start_transaction(self, h, req)

406

407

def __del__(self):

407

def __del__(self):

408

self.close_all()

408

self.close_all()

409

410

if has_https:

410

if has_https:

411

class httpsconnection(httplib.HTTPSConnection):

411

class httpsconnection(httplib.HTTPSConnection):

412

response_class = keepalive.HTTPResponse

412

response_class = keepalive.HTTPResponse

413

# must be able to send big bundle as stream.

413

# must be able to send big bundle as stream.

414

send = _gen_sendfile(httplib.HTTPSConnection)

414

send = _gen_sendfile(httplib.HTTPSConnection)

415

416

class httpshandler(keepalive.KeepAliveHandler, urllib2.HTTPSHandler):

416

class httpshandler(keepalive.KeepAliveHandler, urllib2.HTTPSHandler):

417

def __init__(self, ui):

417

def __init__(self, ui):

418

keepalive.KeepAliveHandler.__init__(self)

418

keepalive.KeepAliveHandler.__init__(self)

419

urllib2.HTTPSHandler.__init__(self)

419

urllib2.HTTPSHandler.__init__(self)

420

self.ui = ui

420

self.ui = ui

421

self.pwmgr = passwordmgr(self.ui)

421

self.pwmgr = passwordmgr(self.ui)

422

423

def https_open(self, req):

423

def https_open(self, req):

424

self.auth = self.pwmgr.readauthtoken(req.get_full_url())

424

self.auth = self.pwmgr.readauthtoken(req.get_full_url())

425

return self.do_open(self._makeconnection, req)

425

return self.do_open(self._makeconnection, req)

426

427

def _makeconnection(self, host, port=443, *args, **kwargs):

427

def _makeconnection(self, host, port=443, *args, **kwargs):

428

keyfile = None

428

keyfile = None

429

certfile = None

429

certfile = None

430

431

if args: # key_file

431

if args: # key_file

432

keyfile = args.pop(0)

432

keyfile = args.pop(0)

433

if args: # cert_file

433

if args: # cert_file

434

certfile = args.pop(0)

434

certfile = args.pop(0)

435

436

# if the user has specified different key/cert files in

436

# if the user has specified different key/cert files in

437

# hgrc, we prefer these

437

# hgrc, we prefer these

438

if self.auth and 'key' in self.auth and 'cert' in self.auth:

438

if self.auth and 'key' in self.auth and 'cert' in self.auth:

439

keyfile = self.auth['key']

439

keyfile = self.auth['key']

440

certfile = self.auth['cert']

440

certfile = self.auth['cert']

441

442

# let host port take precedence

442

# let host port take precedence

443

if ':' in host and '[' not in host or ']:' in host:

443

if ':' in host and '[' not in host or ']:' in host:

444

host, port = host.rsplit(':', 1)

444

host, port = host.rsplit(':', 1)

445

port = int(port)

445

port = int(port)

446

if '[' in host:

446

if '[' in host:

447

host = host[1:-1]

447

host = host[1:-1]

448

449

return httpsconnection(host, port, keyfile, certfile, *args, **kwargs)

449

return httpsconnection(host, port, keyfile, certfile, *args, **kwargs)

450

451

# In python < 2.5 AbstractDigestAuthHandler raises a ValueError if

451

# In python < 2.5 AbstractDigestAuthHandler raises a ValueError if

452

# it doesn't know about the auth type requested. This can happen if

452

# it doesn't know about the auth type requested. This can happen if

453

# somebody is using BasicAuth and types a bad password.

453

# somebody is using BasicAuth and types a bad password.

454

class httpdigestauthhandler(urllib2.HTTPDigestAuthHandler):

454

class httpdigestauthhandler(urllib2.HTTPDigestAuthHandler):

455

def http_error_auth_reqed(self, auth_header, host, req, headers):

455

def http_error_auth_reqed(self, auth_header, host, req, headers):

456

try:

456

try:

457

return urllib2.HTTPDigestAuthHandler.http_error_auth_reqed(

457

return urllib2.HTTPDigestAuthHandler.http_error_auth_reqed(

458

self, auth_header, host, req, headers)

458

self, auth_header, host, req, headers)

459

except ValueError, inst:

459

except ValueError, inst:

460

arg = inst.args[0]

460

arg = inst.args[0]

461

if arg.startswith("AbstractDigestAuthHandler doesn't know "):

461

if arg.startswith("AbstractDigestAuthHandler doesn't know "):

462

return

462

return

463

raise

463

raise

464

465

def getauthinfo(path):

465

def getauthinfo(path):

466

scheme, netloc, urlpath, query, frag = urlparse.urlsplit(path)

466

scheme, netloc, urlpath, query, frag = urlparse.urlsplit(path)

467

if not urlpath:

467

if not urlpath:

468

urlpath = '/'

468

urlpath = '/'

469

if scheme != 'file':

469

if scheme != 'file':

470

# XXX: why are we quoting the path again with some smart

470

# XXX: why are we quoting the path again with some smart

471

# heuristic here? Anyway, it cannot be done with file://

471

# heuristic here? Anyway, it cannot be done with file://

472

# urls since path encoding is os/fs dependent (see

472

# urls since path encoding is os/fs dependent (see

473

# urllib.pathname2url() for details).

473

# urllib.pathname2url() for details).

474

urlpath = quotepath(urlpath)

474

urlpath = quotepath(urlpath)

475

host, port, user, passwd = netlocsplit(netloc)

475

host, port, user, passwd = netlocsplit(netloc)

476

477

# urllib cannot handle URLs with embedded user or passwd

477

# urllib cannot handle URLs with embedded user or passwd

478

url = urlparse.urlunsplit((scheme, netlocunsplit(host, port),

478

url = urlparse.urlunsplit((scheme, netlocunsplit(host, port),

479

urlpath, query, frag))

479

urlpath, query, frag))

480

if user:

480

if user:

481

netloc = host

481

netloc = host

482

if port:

482

if port:

483

netloc += ':' + port

483

netloc += ':' + port

484

# Python < 2.4.3 uses only the netloc to search for a password

484

# Python < 2.4.3 uses only the netloc to search for a password

485

authinfo = (None, (url, netloc), user, passwd or '')

485

authinfo = (None, (url, netloc), user, passwd or '')

486

else:

486

else:

487

authinfo = None

487

authinfo = None

488

return url, authinfo

488

return url, authinfo

489

490

handlerfuncs = []

491

490

def opener(ui, authinfo=None):

492

def opener(ui, authinfo=None):

491

'''

493

'''

492

construct an opener suitable for urllib2

494

construct an opener suitable for urllib2

493

authinfo will be added to the password manager

495

authinfo will be added to the password manager

494

'''

496

'''

495

handlers = [httphandler()]

497

handlers = [httphandler()]

496

if has_https:

498

if has_https:

497

handlers.append(httpshandler(ui))

499

handlers.append(httpshandler(ui))

498

500

499

handlers.append(proxyhandler(ui))

501

handlers.append(proxyhandler(ui))

500

502

501

passmgr = passwordmgr(ui)

503

passmgr = passwordmgr(ui)

502

if authinfo is not None:

504

if authinfo is not None:

503

passmgr.add_password(*authinfo)

505

passmgr.add_password(*authinfo)

504

user, passwd = authinfo[2:4]

506

user, passwd = authinfo[2:4]

505

ui.debug(_('http auth: user %s, password %s\n') %

507

ui.debug(_('http auth: user %s, password %s\n') %

506

(user, passwd and '*' * len(passwd) or 'not set'))

508

(user, passwd and '*' * len(passwd) or 'not set'))

507

509

508

handlers.extend((urllib2.HTTPBasicAuthHandler(passmgr),

510

handlers.extend((urllib2.HTTPBasicAuthHandler(passmgr),

509

httpdigestauthhandler(passmgr)))

511

httpdigestauthhandler(passmgr)))

512

handlers.extend([h(ui, passmgr) for h in handlerfuncs])

510

opener = urllib2.build_opener(*handlers)

513

opener = urllib2.build_opener(*handlers)

511

514

512

# 1.0 here is the _protocol_ version

515

# 1.0 here is the _protocol_ version

513

opener.addheaders = [('User-agent', 'mercurial/proto-1.0')]

516

opener.addheaders = [('User-agent', 'mercurial/proto-1.0')]

514

opener.addheaders.append(('Accept', 'application/mercurial-0.1'))

517

opener.addheaders.append(('Accept', 'application/mercurial-0.1'))

515

return opener

518

return opener

516

519

517

scheme_re = re.compile(r'^([a-zA-Z0-9+-.]+)://')

520

scheme_re = re.compile(r'^([a-zA-Z0-9+-.]+)://')

518

521

519

def open(ui, url, data=None):

522

def open(ui, url, data=None):

520

scheme = None

523

scheme = None

521

m = scheme_re.search(url)

524

m = scheme_re.search(url)

522

if m:

525

if m:

523

scheme = m.group(1).lower()

526

scheme = m.group(1).lower()

524

if not scheme:

527

if not scheme:

525

path = util.normpath(os.path.abspath(url))

528

path = util.normpath(os.path.abspath(url))

526

url = 'file://' + urllib.pathname2url(path)

529

url = 'file://' + urllib.pathname2url(path)

527

authinfo = None

530

authinfo = None

528

else:

531

else:

529

url, authinfo = getauthinfo(url)

532

url, authinfo = getauthinfo(url)

530

return opener(ui, authinfo).open(url, data)

533

return opener(ui, authinfo).open(url, data)

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # url.py - HTTP handling for mercurial
             #
             # Copyright 2005, 2006, 2007, 2008 Matt Mackall <mpm@selenic.com>
             # Copyright 2006, 2007 Alexis S. L. Carvalho <alexis@cecm.usp.br>
             # Copyright 2006 Vadim Gelfer <vadim.gelfer@gmail.com>
             #
             # This software may be used and distributed according to the terms of the
             # GNU General Public License version 2, incorporated herein by reference.
             import urllib, urllib2, urlparse, httplib, os, re, socket, cStringIO
             from i18n import _
             import keepalive, util
             def hidepassword(url):
                 '''hide user credential in a url string'''
                 scheme, netloc, path, params, query, fragment = urlparse.urlparse(url)
                 netloc = re.sub('([^:]*):([^@]*)@(.*)', r'\1:***@\3', netloc)
                 return urlparse.urlunparse((scheme, netloc, path, params, query, fragment))
             def removeauth(url):
                 '''remove all authentication information from a url string'''
                 scheme, netloc, path, params, query, fragment = urlparse.urlparse(url)
                 netloc = netloc[netloc.find('@')+1:]
                 return urlparse.urlunparse((scheme, netloc, path, params, query, fragment))
             def netlocsplit(netloc):
                 '''split [user[:passwd]@]host[:port] into 4-tuple.'''
                 a = netloc.find('@')
                 if a == -1:
                     user, passwd = None, None
                 else:
                     userpass, netloc = netloc[:a], netloc[a+1:]
                     c = userpass.find(':')
                     if c == -1:
                         user, passwd = urllib.unquote(userpass), None
                     else:
                         user = urllib.unquote(userpass[:c])
                         passwd = urllib.unquote(userpass[c+1:])
                 c = netloc.find(':')
                 if c == -1:
                     host, port = netloc, None
                 else:
                     host, port = netloc[:c], netloc[c+1:]
                 return host, port, user, passwd
             def netlocunsplit(host, port, user=None, passwd=None):
                 '''turn host, port, user, passwd into [user[:passwd]@]host[:port].'''
                 if port:
                     hostport = host + ':' + port
                 else:
                     hostport = host
                 if user:
                     if passwd:
                         userpass = urllib.quote(user) + ':' + urllib.quote(passwd)
                     else:
                         userpass = urllib.quote(user)
                     return userpass + '@' + hostport
                 return hostport
             _safe = ('abcdefghijklmnopqrstuvwxyz'
                      'ABCDEFGHIJKLMNOPQRSTUVWXYZ'
                      '0123456789' '_.-/')
             _safeset = None
             _hex = None
             def quotepath(path):
                 '''quote the path part of a URL
                 This is similar to urllib.quote, but it also tries to avoid
                 quoting things twice (inspired by wget):
                 >>> quotepath('abc def')
                 'abc%20def'
                 >>> quotepath('abc%20def')
                 'abc%20def'
                 >>> quotepath('abc%20 def')
                 'abc%20%20def'
                 >>> quotepath('abc def%20')
                 'abc%20def%20'
                 >>> quotepath('abc def%2')
                 'abc%20def%252'
                 >>> quotepath('abc def%')
                 'abc%20def%25'
                 '''
                 global _safeset, _hex
                 if _safeset is None:
                     _safeset = set(_safe)
                     _hex = set('abcdefABCDEF0123456789')
                 l = list(path)
                 for i in xrange(len(l)):
                     c = l[i]
                     if c == '%' and i + 2 < len(l) and (l[i+1] in _hex and l[i+2] in _hex):
                         pass
                     elif c not in _safeset:
                         l[i] = '%%%02X' % ord(c)
                 return ''.join(l)
             class passwordmgr(urllib2.HTTPPasswordMgrWithDefaultRealm):
                 def __init__(self, ui):
                     urllib2.HTTPPasswordMgrWithDefaultRealm.__init__(self)
                     self.ui = ui
                 def find_user_password(self, realm, authuri):
                     authinfo = urllib2.HTTPPasswordMgrWithDefaultRealm.find_user_password(
                         self, realm, authuri)
                     user, passwd = authinfo
                     if user and passwd:
                         self._writedebug(user, passwd)
                         return (user, passwd)
                     if not user:
                         auth = self.readauthtoken(authuri)
                         if auth:
                             user, passwd = auth.get('username'), auth.get('password')
                     if not user or not passwd:
                         if not self.ui.interactive():
                             raise util.Abort(_('http authorization required'))
                         self.ui.write(_("http authorization required\n"))
                         self.ui.status(_("realm: %s\n") % realm)
                         if user:
                             self.ui.status(_("user: %s\n") % user)
                         else:
                             user = self.ui.prompt(_("user:"), default=None)
                         if not passwd:
                             passwd = self.ui.getpass()
                     self.add_password(realm, authuri, user, passwd)
                     self._writedebug(user, passwd)
                     return (user, passwd)
                 def _writedebug(self, user, passwd):
                     msg = _('http auth: user %s, password %s\n')
                     self.ui.debug(msg % (user, passwd and '*' * len(passwd) or 'not set'))
                 def readauthtoken(self, uri):
                     # Read configuration
                     config = dict()
                     for key, val in self.ui.configitems('auth'):
                         group, setting = key.split('.', 1)
                         gdict = config.setdefault(group, dict())
                         gdict[setting] = val
                     # Find the best match
                     scheme, hostpath = uri.split('://', 1)
                     bestlen = 0
                     bestauth = None
                     for auth in config.itervalues():
                         prefix = auth.get('prefix')
                         if not prefix: continue
                         p = prefix.split('://', 1)
                         if len(p) > 1:
                             schemes, prefix = [p[0]], p[1]
                         else:
                             schemes = (auth.get('schemes') or 'https').split()
                         if (prefix == '*' or hostpath.startswith(prefix)) and \
                             len(prefix) > bestlen and scheme in schemes:
                             bestlen = len(prefix)
                             bestauth = auth
                     return bestauth
             class proxyhandler(urllib2.ProxyHandler):
                 def __init__(self, ui):
                     proxyurl = ui.config("http_proxy", "host") or os.getenv('http_proxy')
                     # XXX proxyauthinfo = None
                     if proxyurl:
                         # proxy can be proper url or host[:port]
                         if not (proxyurl.startswith('http:') or
                                 proxyurl.startswith('https:')):
                             proxyurl = 'http://' + proxyurl + '/'
                         snpqf = urlparse.urlsplit(proxyurl)
                         proxyscheme, proxynetloc, proxypath, proxyquery, proxyfrag = snpqf
                         hpup = netlocsplit(proxynetloc)
                         proxyhost, proxyport, proxyuser, proxypasswd = hpup
                         if not proxyuser:
                             proxyuser = ui.config("http_proxy", "user")
                             proxypasswd = ui.config("http_proxy", "passwd")
                         # see if we should use a proxy for this url
                         no_list = [ "localhost", "127.0.0.1" ]
                         no_list.extend([p.lower() for
                                         p in ui.configlist("http_proxy", "no")])
                         no_list.extend([p.strip().lower() for
                                         p in os.getenv("no_proxy", '').split(',')
                                         if p.strip()])
                         # "http_proxy.always" config is for running tests on localhost
                         if ui.configbool("http_proxy", "always"):
                             self.no_list = []
                         else:
                             self.no_list = no_list
                         proxyurl = urlparse.urlunsplit((
                             proxyscheme, netlocunsplit(proxyhost, proxyport,
                                                             proxyuser, proxypasswd or ''),
                             proxypath, proxyquery, proxyfrag))
                         proxies = {'http': proxyurl, 'https': proxyurl}
                         ui.debug(_('proxying through http://%s:%s\n') %
                                   (proxyhost, proxyport))
                     else:
                         proxies = {}
                     # urllib2 takes proxy values from the environment and those
                     # will take precedence if found, so drop them
                     for env in ["HTTP_PROXY", "http_proxy", "no_proxy"]:
                         try:
                             if env in os.environ:
                                 del os.environ[env]
                         except OSError:
                             pass
                     urllib2.ProxyHandler.__init__(self, proxies)
                     self.ui = ui
                 def proxy_open(self, req, proxy, type_):
                     host = req.get_host().split(':')[0]
                     if host in self.no_list:
                         return None
                     # work around a bug in Python < 2.4.2
                     # (it leaves a "\n" at the end of Proxy-authorization headers)
                     baseclass = req.__class__
                     class _request(baseclass):
                         def add_header(self, key, val):
                             if key.lower() == 'proxy-authorization':
                                 val = val.strip()
                             return baseclass.add_header(self, key, val)
                     req.__class__ = _request
                     return urllib2.ProxyHandler.proxy_open(self, req, proxy, type_)
             class httpsendfile(file):
                 def __len__(self):
                     return os.fstat(self.fileno()).st_size
             def _gen_sendfile(connection):
                 def _sendfile(self, data):
                     # send a file
                     if isinstance(data, httpsendfile):
                         # if auth required, some data sent twice, so rewind here
                         data.seek(0)
                         for chunk in util.filechunkiter(data):
                             connection.send(self, chunk)
                     else:
                         connection.send(self, data)
                 return _sendfile
             has_https = hasattr(urllib2, 'HTTPSHandler')
             if has_https:
                 try:
                     # avoid using deprecated/broken FakeSocket in python 2.6
                     import ssl
                     _ssl_wrap_socket = ssl.wrap_socket
                 except ImportError:
                     def _ssl_wrap_socket(sock, key_file, cert_file):
                         ssl = socket.ssl(sock, key_file, cert_file)
                         return httplib.FakeSocket(sock, ssl)
             class httpconnection(keepalive.HTTPConnection):
                 # must be able to send big bundle as stream.
                 send = _gen_sendfile(keepalive.HTTPConnection)
                 def _proxytunnel(self):
                     proxyheaders = dict(
                             [(x, self.headers[x]) for x in self.headers
                              if x.lower().startswith('proxy-')])
                     self._set_hostport(self.host, self.port)
                     self.send('CONNECT %s:%d HTTP/1.0\r\n' % (self.realhost, self.realport))
                     for header in proxyheaders.iteritems():
                         self.send('%s: %s\r\n' % header)
                     self.send('\r\n')
                     # majority of the following code is duplicated from
                     # httplib.HTTPConnection as there are no adequate places to
                     # override functions to provide the needed functionality
                     res = self.response_class(self.sock,
                                               strict=self.strict,
                                               method=self._method)
                     while True:
                         version, status, reason = res._read_status()
                         if status != httplib.CONTINUE:
                             break
                         while True:
                             skip = res.fp.readline().strip()
                             if not skip:
                                 break
                     res.status = status
                     res.reason = reason.strip()
                     if res.status == 200:
                         while True:
                             line = res.fp.readline()
                             if line == '\r\n':
                                 break
                         return True
                     if version == 'HTTP/1.0':
                         res.version = 10
                     elif version.startswith('HTTP/1.'):
                         res.version = 11
                     elif version == 'HTTP/0.9':
                         res.version = 9
                     else:
                         raise httplib.UnknownProtocol(version)
                     if res.version == 9:
                         res.length = None
                         res.chunked = 0
                         res.will_close = 1
                         res.msg = httplib.HTTPMessage(cStringIO.StringIO())
                         return False
                     res.msg = httplib.HTTPMessage(res.fp)
                     res.msg.fp = None
                     # are we using the chunked-style of transfer encoding?
                     trenc = res.msg.getheader('transfer-encoding')
                     if trenc and trenc.lower() == "chunked":
                         res.chunked = 1
                         res.chunk_left = None
                     else:
                         res.chunked = 0
                     # will the connection close at the end of the response?
                     res.will_close = res._check_close()
                     # do we have a Content-Length?
                     # NOTE: RFC 2616, S4.4, #3 says we ignore this if tr_enc is "chunked"
                     length = res.msg.getheader('content-length')
                     if length and not res.chunked:
                         try:
                             res.length = int(length)
                         except ValueError:
                             res.length = None
                         else:
                             if res.length < 0:  # ignore nonsensical negative lengths
                                 res.length = None
                     else:
                         res.length = None
                     # does the body have a fixed length? (of zero)
                     if (status == httplib.NO_CONTENT or status == httplib.NOT_MODIFIED or
 <= status < 200 or # 1xx codes
                         res._method == 'HEAD'):
                         res.length = 0
                     # if the connection remains open, and we aren't using chunked, and
                     # a content-length was not provided, then assume that the connection
                     # WILL close.
                     if (not res.will_close and
                        not res.chunked and
                        res.length is None):
                         res.will_close = 1
                     self.proxyres = res
                     return False
                 def connect(self):
                     if has_https and self.realhost: # use CONNECT proxy
                         self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
                         self.sock.connect((self.host, self.port))
                         if self._proxytunnel():
                             # we do not support client x509 certificates
                             self.sock = _ssl_wrap_socket(self.sock, None, None)
                     else:
                         keepalive.HTTPConnection.connect(self)
                 def getresponse(self):
                     proxyres = getattr(self, 'proxyres', None)
                     if proxyres:
                         if proxyres.will_close:
                             self.close()
                         self.proxyres = None
                         return proxyres
                     return keepalive.HTTPConnection.getresponse(self)
             class httphandler(keepalive.HTTPHandler):
                 def http_open(self, req):
                     return self.do_open(httpconnection, req)
                 def _start_transaction(self, h, req):
                     if req.get_selector() == req.get_full_url(): # has proxy
                         urlparts = urlparse.urlparse(req.get_selector())
                         if urlparts[0] == 'https': # only use CONNECT for HTTPS
                             if ':' in urlparts[1]:
                                 realhost, realport = urlparts[1].split(':')
                                 realport = int(realport)
                             else:
                                 realhost = urlparts[1]
                                 realport = 443
                             h.realhost = realhost
                             h.realport = realport
                             h.headers = req.headers.copy()
                             h.headers.update(self.parent.addheaders)
                             return keepalive.HTTPHandler._start_transaction(self, h, req)
                     h.realhost = None
                     h.realport = None
                     h.headers = None
                     return keepalive.HTTPHandler._start_transaction(self, h, req)
                 def __del__(self):
                     self.close_all()
             if has_https:
                 class httpsconnection(httplib.HTTPSConnection):
                     response_class = keepalive.HTTPResponse
                     # must be able to send big bundle as stream.
                     send = _gen_sendfile(httplib.HTTPSConnection)
                 class httpshandler(keepalive.KeepAliveHandler, urllib2.HTTPSHandler):
                     def __init__(self, ui):
                         keepalive.KeepAliveHandler.__init__(self)
                         urllib2.HTTPSHandler.__init__(self)
                         self.ui = ui
                         self.pwmgr = passwordmgr(self.ui)
                     def https_open(self, req):
                         self.auth = self.pwmgr.readauthtoken(req.get_full_url())
                         return self.do_open(self._makeconnection, req)
                     def _makeconnection(self, host, port=443, *args, **kwargs):
                         keyfile = None
                         certfile = None
                         if args: # key_file
                             keyfile = args.pop(0)
                         if args: # cert_file
                             certfile = args.pop(0)
                         # if the user has specified different key/cert files in
                         # hgrc, we prefer these
                         if self.auth and 'key' in self.auth and 'cert' in self.auth:
                             keyfile = self.auth['key']
                             certfile = self.auth['cert']
                         # let host port take precedence
                         if ':' in host and '[' not in host or ']:' in host:
                             host, port = host.rsplit(':', 1)
                             port = int(port)
                             if '[' in host:
                                 host = host[1:-1]
                         return httpsconnection(host, port, keyfile, certfile, *args, **kwargs)
             # In python < 2.5 AbstractDigestAuthHandler raises a ValueError if
             # it doesn't know about the auth type requested.  This can happen if
             # somebody is using BasicAuth and types a bad password.
             class httpdigestauthhandler(urllib2.HTTPDigestAuthHandler):
                 def http_error_auth_reqed(self, auth_header, host, req, headers):
                     try:
                         return urllib2.HTTPDigestAuthHandler.http_error_auth_reqed(
                                     self, auth_header, host, req, headers)
                     except ValueError, inst:
                         arg = inst.args[0]
                         if arg.startswith("AbstractDigestAuthHandler doesn't know "):
                             return
                         raise
             def getauthinfo(path):
                 scheme, netloc, urlpath, query, frag = urlparse.urlsplit(path)
                 if not urlpath:
                     urlpath = '/'
                 if scheme != 'file':
                     # XXX: why are we quoting the path again with some smart
                     # heuristic here? Anyway, it cannot be done with file://
                     # urls since path encoding is os/fs dependent (see
                     # urllib.pathname2url() for details).
                     urlpath = quotepath(urlpath)
                 host, port, user, passwd = netlocsplit(netloc)
                 # urllib cannot handle URLs with embedded user or passwd
                 url = urlparse.urlunsplit((scheme, netlocunsplit(host, port),
                                           urlpath, query, frag))
                 if user:
                     netloc = host
                     if port:
                         netloc += ':' + port
                     # Python < 2.4.3 uses only the netloc to search for a password
                     authinfo = (None, (url, netloc), user, passwd or '')
                 else:
                     authinfo = None
                 return url, authinfo
+            handlerfuncs = []
             def opener(ui, authinfo=None):
                 '''
                 construct an opener suitable for urllib2
                 authinfo will be added to the password manager
                 '''
                 handlers = [httphandler()]
                 if has_https:
                     handlers.append(httpshandler(ui))
                 handlers.append(proxyhandler(ui))
                 passmgr = passwordmgr(ui)
                 if authinfo is not None:
                     passmgr.add_password(*authinfo)
                     user, passwd = authinfo[2:4]
                     ui.debug(_('http auth: user %s, password %s\n') %
                              (user, passwd and '*' * len(passwd) or 'not set'))
                 handlers.extend((urllib2.HTTPBasicAuthHandler(passmgr),
                                  httpdigestauthhandler(passmgr)))
+                handlers.extend([h(ui, passmgr) for h in handlerfuncs])
                 opener = urllib2.build_opener(*handlers)
                 # 1.0 here is the _protocol_ version
                 opener.addheaders = [('User-agent', 'mercurial/proto-1.0')]
                 opener.addheaders.append(('Accept', 'application/mercurial-0.1'))
                 return opener
             scheme_re = re.compile(r'^([a-zA-Z0-9+-.]+)://')
             def open(ui, url, data=None):
                 scheme = None
                 m = scheme_re.search(url)
                 if m:
                     scheme = m.group(1).lower()
                 if not scheme:
                     path = util.normpath(os.path.abspath(url))
                     url = 'file://' + urllib.pathname2url(path)
                     authinfo = None
                 else:
                     url, authinfo = getauthinfo(url)
                 return opener(ui, authinfo).open(url, data)