upstream/mercurial-mirror Files · mercurial/hgweb/wsgicgi.py

sslutil: issue warning when unable to load certificates on OS X...

sslutil: issue warning when unable to load certificates on OS X Previously, failure to load system certificates on OS X would lead to a certificate verify failure and that's it. We now print a warning message with a URL that will contain information on how to configure certificates on OS X. As the inline comment states, there is room to improve here. I think we could try harder to detect Homebrew and MacPorts installed certificate files, for example. It's worth noting that Homebrew's openssl package uses `security find-certificate -a -p` during package installation to export the system keychain root CAs to etc/openssl/cert.pem. This is something we could consider adding to setup.py. We could also encourage packagers to do this. For now, I'd just like to get this warning (which matches Windows behavior) landed. We should have time to improve things before release.

Yuya Nishihara - - Load All Authors

File last commit:

r27046:37fcfe52 default


                r29499:9c5325c7

default

Download file

             wsgicgi.py
        
                    92 lines
            
             | 2.8 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / mercurial / hgweb / wsgicgi.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      # hgweb/wsgicgi.py - CGI->WSGI translator

      #

      # Copyright 2006 Eric Hopper <hopper@omnifarious.org>

      #

      # This software may be used and distributed according to the terms of the

      # GNU General Public License version 2 or any later version.

      #

      # This was originally copied from the public domain code at

      # http://www.python.org/dev/peps/pep-0333/#the-server-gateway-side

      from __future__ import absolute_import

      import os

      import sys

      from .. import (

          util,

      )

      from . import (

          common,

      )

      def launch(application):

          util.setbinary(sys.stdin)

          util.setbinary(sys.stdout)

          environ = dict(os.environ.iteritems())

          environ.setdefault('PATH_INFO', '')

          if environ.get('SERVER_SOFTWARE', '').startswith('Microsoft-IIS'):

              # IIS includes script_name in PATH_INFO

              scriptname = environ['SCRIPT_NAME']

              if environ['PATH_INFO'].startswith(scriptname):

                  environ['PATH_INFO'] = environ['PATH_INFO'][len(scriptname):]

          stdin = sys.stdin

          if environ.get('HTTP_EXPECT', '').lower() == '100-continue':

              stdin = common.continuereader(stdin, sys.stdout.write)

          environ['wsgi.input'] = stdin

          environ['wsgi.errors'] = sys.stderr

          environ['wsgi.version'] = (1, 0)

          environ['wsgi.multithread'] = False

          environ['wsgi.multiprocess'] = True

          environ['wsgi.run_once'] = True

          if environ.get('HTTPS', 'off').lower() in ('on', '1', 'yes'):

              environ['wsgi.url_scheme'] = 'https'

          else:

              environ['wsgi.url_scheme'] = 'http'

          headers_set = []

          headers_sent = []

          out = sys.stdout

          def write(data):

              if not headers_set:

                  raise AssertionError("write() before start_response()")

              elif not headers_sent:

                  # Before the first output, send the stored headers

                  status, response_headers = headers_sent[:] = headers_set

                  out.write('Status: %s\r\n' % status)

                  for header in response_headers:

                      out.write('%s: %s\r\n' % header)

                  out.write('\r\n')

              out.write(data)

              out.flush()

          def start_response(status, response_headers, exc_info=None):

              if exc_info:

                  try:

                      if headers_sent:

                          # Re-raise original exception if headers sent

                          raise exc_info[0](exc_info[1], exc_info[2])

                  finally:

                      exc_info = None     # avoid dangling circular ref

              elif headers_set:

                  raise AssertionError("Headers already set!")

              headers_set[:] = [status, response_headers]

              return write

          content = application(environ, start_response)

          try:

              for chunk in content:

                  write(chunk)

              if not headers_sent:

                  write('')   # send headers now if body was empty

          finally:

              getattr(content, 'close', lambda : None)()

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				# hgweb/wsgicgi.py - CGI->WSGI translator
				#
				# Copyright 2006 Eric Hopper <hopper@omnifarious.org>
				#
				# This software may be used and distributed according to the terms of the
				# GNU General Public License version 2 or any later version.
				#
				# This was originally copied from the public domain code at
				# http://www.python.org/dev/peps/pep-0333/#the-server-gateway-side

				from __future__ import absolute_import

				import os
				import sys

				from .. import (
				util,
				)

				from . import (
				common,
				)

				def launch(application):
				util.setbinary(sys.stdin)
				util.setbinary(sys.stdout)

				environ = dict(os.environ.iteritems())
				environ.setdefault('PATH_INFO', '')
				if environ.get('SERVER_SOFTWARE', '').startswith('Microsoft-IIS'):
				# IIS includes script_name in PATH_INFO
				scriptname = environ['SCRIPT_NAME']
				if environ['PATH_INFO'].startswith(scriptname):
				environ['PATH_INFO'] = environ['PATH_INFO'][len(scriptname):]

				stdin = sys.stdin
				if environ.get('HTTP_EXPECT', '').lower() == '100-continue':
				stdin = common.continuereader(stdin, sys.stdout.write)

				environ['wsgi.input'] = stdin
				environ['wsgi.errors'] = sys.stderr
				environ['wsgi.version'] = (1, 0)
				environ['wsgi.multithread'] = False
				environ['wsgi.multiprocess'] = True
				environ['wsgi.run_once'] = True

				if environ.get('HTTPS', 'off').lower() in ('on', '1', 'yes'):
				environ['wsgi.url_scheme'] = 'https'
				else:
				environ['wsgi.url_scheme'] = 'http'

				headers_set = []
				headers_sent = []
				out = sys.stdout

				def write(data):
				if not headers_set:
				raise AssertionError("write() before start_response()")

				elif not headers_sent:
				# Before the first output, send the stored headers
				status, response_headers = headers_sent[:] = headers_set
				out.write('Status: %s\r\n' % status)
				for header in response_headers:
				out.write('%s: %s\r\n' % header)
				out.write('\r\n')

				out.write(data)
				out.flush()

				def start_response(status, response_headers, exc_info=None):
				if exc_info:
				try:
				if headers_sent:
				# Re-raise original exception if headers sent
				raise exc_info[0](exc_info[1], exc_info[2])
				finally:
				exc_info = None # avoid dangling circular ref
				elif headers_set:
				raise AssertionError("Headers already set!")

				headers_set[:] = [status, response_headers]
				return write

				content = application(environ, start_response)
				try:
				for chunk in content:
				write(chunk)
				if not headers_sent:
				write('') # send headers now if body was empty
				finally:
				getattr(content, 'close', lambda : None)()