lfs: add an experimental knob to disable blob serving
The use case here is the server admin may want to store the blobs elsewhere. As
it stands now, the `lfs.url` config on the client side is all that enforces this
(the web.allow-* permissions aren't able to block LFS blobs without also
blocking normal hg traffic). The real solution to this is to implement the
'verify' action on the client and server, but that's not a near term goal.
Whether this is useful in its own right, and should be promoted out of
experimental at some point is TBD.
Since the other two tests that deal with LFS and `hg serve` are already complex
and have #testcases, this seems like a good time to start a new test dedicated
to access checks against the server. Instead of conditionally wrapping the
wire protocol handler, I put this in the handler because I'd still like to bring
the annotations in from the evolve extension in order to set up the wrapping.
The 400 status probably isn't great, but that's what it would be for existing
`hg serve` instances without support for serving blobs.
#require killdaemons
$ hgserve() {
> hg serve -a localhost -p $HGPORT1 -d --pid-file=hg.pid \
> -E errors.log -v $@ > startup.log
> # Grepping hg serve stdout would hang on Windows
> grep -v 'listening at' startup.log
> cat hg.pid >> "$DAEMON_PIDS"
> }
$ hg init a
$ hg --encoding utf-8 -R a branch æ
marked working directory as branch \xc3\xa6 (esc)
(branches are permanent and global, did you want a bookmark?)
$ echo foo > a/foo
$ hg -R a ci -Am foo
adding foo
$ hgserve -R a --config web.push_ssl=False --config web.allow_push=* --encoding latin1
$ hg --encoding utf-8 clone http://localhost:$HGPORT1 b
requesting all changes
adding changesets
adding manifests
adding file changes
added 1 changesets with 1 changes to 1 files
new changesets 867c11ce77b8
updating to branch \xc3\xa6 (esc)
1 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg --encoding utf-8 -R b log
changeset: 0:867c11ce77b8
branch: \xc3\xa6 (esc)
tag: tip
user: test
date: Thu Jan 01 00:00:00 1970 +0000
summary: foo
$ echo bar >> b/foo
$ hg -R b ci -m bar
$ hg --encoding utf-8 -R b push
pushing to http://localhost:$HGPORT1/
searching for changes
remote: adding changesets
remote: adding manifests
remote: adding file changes
remote: added 1 changesets with 1 changes to 1 files
$ hg -R a --encoding utf-8 log
changeset: 1:58e7c90d67cb
branch: \xc3\xa6 (esc)
tag: tip
user: test
date: Thu Jan 01 00:00:00 1970 +0000
summary: bar
changeset: 0:867c11ce77b8
branch: \xc3\xa6 (esc)
user: test
date: Thu Jan 01 00:00:00 1970 +0000
summary: foo
$ killdaemons.py hg.pid
verify 7e7d56fe4833 (encoding fallback in branchmap to maintain compatibility with 1.3.x)
$ cat <<EOF > oldhg
> import sys
> from mercurial import ui, hg, commands
>
> class StdoutWrapper(object):
> def __init__(self, stdout):
> self._file = stdout
>
> def write(self, data):
> if data == b'47\n':
> # latin1 encoding is one %xx (3 bytes) shorter
> data = b'44\n'
> elif data.startswith(b'%C3%A6 '):
> # translate to latin1 encoding
> data = b'%%E6 %s' % data[7:]
> self._file.write(data)
>
> def __getattr__(self, name):
> return getattr(self._file, name)
>
> sys.stdout = StdoutWrapper(getattr(sys.stdout, 'buffer', sys.stdout))
> sys.stderr = StdoutWrapper(getattr(sys.stderr, 'buffer', sys.stderr))
>
> myui = ui.ui.load()
> repo = hg.repository(myui, b'a')
> commands.serve(myui, repo, stdio=True, cmdserver=False)
> EOF
$ echo baz >> b/foo
$ hg -R b ci -m baz
$ hg push -R b -e "\"$PYTHON\" oldhg" ssh://dummy/ --encoding latin1
pushing to ssh://dummy/
searching for changes
remote: adding changesets
remote: adding manifests
remote: adding file changes
remote: added 1 changesets with 1 changes to 1 files