upstream/mercurial-mirror Files · hgext/graphlog.py

sslutil: issue warning when [hostfingerprint] is used...

sslutil: issue warning when [hostfingerprint] is used Mercurial 3.9 added the [hostsecurity] section, which is better than [hostfingerprints] in every way. One of the ways that [hostsecurity] is better is that it supports SHA-256 and SHA-512 fingerprints, not just SHA-1 fingerprints. The world is moving away from SHA-1 because it is borderline secure. Mercurial should be part of that movement. This patch adds a warning when a valid SHA-1 fingerprint from the [hostfingerprints] section is being used. The warning informs users to switch to [hostsecurity]. It even prints the config option they should set. It uses the SHA-256 fingerprint because recommending a SHA-1 fingerprint in 2017 would be ill-advised. The warning will print itself on every connection to a server until it is fixed. There is no way to suppress the warning. I admit this is annoying. But given the security implications of sticking with SHA-1, I think this is justified. If this patch is accepted, I'll likely send a follow-up to start warning on SHA-1 certificates in [hostsecurity] as well. Then sometime down the road, we can drop support for SHA-1 fingerprints. Credit for this idea comes from timeless in issue 5466.

Augie Fackler - - Load All Authors

File last commit:

r29841:d5883fd0 default


                r31290:f819aa9d

default

Download file

             graphlog.py
        
                    69 lines
            
             | 2.5 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / hgext / graphlog.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      # ASCII graph log extension for Mercurial

      #

      # Copyright 2007 Joel Rosdahl <joel@rosdahl.net>

      #

      # This software may be used and distributed according to the terms of the

      # GNU General Public License version 2 or any later version.

      '''command to view revision graphs from a shell (DEPRECATED)

      The functionality of this extension has been include in core Mercurial

      since version 2.3. Please use :hg:`log -G ...` instead.

      This extension adds a --graph option to the incoming, outgoing and log

      commands. When this options is given, an ASCII representation of the

      revision graph is also shown.

      '''

      from __future__ import absolute_import

      from mercurial.i18n import _

      from mercurial import (

          cmdutil,

          commands,

      )

      cmdtable = {}

      command = cmdutil.command(cmdtable)

      # Note for extension authors: ONLY specify testedwith = 'ships-with-hg-core' for

      # extensions which SHIP WITH MERCURIAL. Non-mainline extensions should

      # be specifying the version(s) of Mercurial they are tested with, or

      # leave the attribute unspecified.

      testedwith = 'ships-with-hg-core'

      @command('glog',

          [('f', 'follow', None,

           _('follow changeset history, or file history across copies and renames')),

          ('', 'follow-first', None,

           _('only follow the first parent of merge changesets (DEPRECATED)')),

          ('d', 'date', '', _('show revisions matching date spec'), _('DATE')),

          ('C', 'copies', None, _('show copied files')),

          ('k', 'keyword', [],

           _('do case-insensitive search for a given text'), _('TEXT')),

          ('r', 'rev', [], _('show the specified revision or revset'), _('REV')),

          ('', 'removed', None, _('include revisions where files were removed')),

          ('m', 'only-merges', None, _('show only merges (DEPRECATED)')),

          ('u', 'user', [], _('revisions committed by user'), _('USER')),

          ('', 'only-branch', [],

           _('show only changesets within the given named branch (DEPRECATED)'),

           _('BRANCH')),

          ('b', 'branch', [],

           _('show changesets within the given named branch'), _('BRANCH')),

          ('P', 'prune', [],

           _('do not display revision or any of its ancestors'), _('REV')),

          ] + commands.logopts + commands.walkopts,

          _('[OPTION]... [FILE]'),

          inferrepo=True)

      def glog(ui, repo, *pats, **opts):

          """show revision history alongside an ASCII revision graph

          Print a revision history alongside a revision graph drawn with

          ASCII characters.

          Nodes printed as an @ character are parents of the working

          directory.

          This is an alias to :hg:`log -G`.

          """

          opts['graph'] = True

          return commands.log(ui, repo, *pats, **opts)

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				# ASCII graph log extension for Mercurial
				#
				# Copyright 2007 Joel Rosdahl <joel@rosdahl.net>
				#
				# This software may be used and distributed according to the terms of the
				# GNU General Public License version 2 or any later version.

				'''command to view revision graphs from a shell (DEPRECATED)

				The functionality of this extension has been include in core Mercurial
				since version 2.3. Please use :hg:`log -G ...` instead.

				This extension adds a --graph option to the incoming, outgoing and log
				commands. When this options is given, an ASCII representation of the
				revision graph is also shown.
				'''

				from __future__ import absolute_import

				from mercurial.i18n import _
				from mercurial import (
				cmdutil,
				commands,
				)

				cmdtable = {}
				command = cmdutil.command(cmdtable)
				# Note for extension authors: ONLY specify testedwith = 'ships-with-hg-core' for
				# extensions which SHIP WITH MERCURIAL. Non-mainline extensions should
				# be specifying the version(s) of Mercurial they are tested with, or
				# leave the attribute unspecified.
				testedwith = 'ships-with-hg-core'

				@command('glog',
				[('f', 'follow', None,
				_('follow changeset history, or file history across copies and renames')),
				('', 'follow-first', None,
				_('only follow the first parent of merge changesets (DEPRECATED)')),
				('d', 'date', '', _('show revisions matching date spec'), _('DATE')),
				('C', 'copies', None, _('show copied files')),
				('k', 'keyword', [],
				_('do case-insensitive search for a given text'), _('TEXT')),
				('r', 'rev', [], _('show the specified revision or revset'), _('REV')),
				('', 'removed', None, _('include revisions where files were removed')),
				('m', 'only-merges', None, _('show only merges (DEPRECATED)')),
				('u', 'user', [], _('revisions committed by user'), _('USER')),
				('', 'only-branch', [],
				_('show only changesets within the given named branch (DEPRECATED)'),
				_('BRANCH')),
				('b', 'branch', [],
				_('show changesets within the given named branch'), _('BRANCH')),
				('P', 'prune', [],
				_('do not display revision or any of its ancestors'), _('REV')),
				] + commands.logopts + commands.walkopts,
				_('[OPTION]... [FILE]'),
				inferrepo=True)
				def glog(ui, repo, pats, *opts):
				"""show revision history alongside an ASCII revision graph

				Print a revision history alongside a revision graph drawn with
				ASCII characters.

				Nodes printed as an @ character are parents of the working
				directory.

				This is an alias to :hg:`log -G`.
				"""
				opts['graph'] = True
				return commands.log(ui, repo, pats, *opts)