Mercurial > hg-stable
changeset 29553:cd3e58862cab
hgweb: pass ui into preparehttpserver
Upcoming patches will need the built-in HTTPS server to be more
configurable.
| author | Gregory Szorc <gregory.szorc@gmail.com> |
|---|---|
| date | Wed, 13 Jul 2016 00:14:50 -0700 |
| parents | db26925bdbb0 |
| children | 4a7b0c696fbc |
| files | mercurial/hgweb/server.py tests/test-https.t |
| diffstat | 2 files changed, 10 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/mercurial/hgweb/server.py Thu Jul 14 03:12:09 2016 -0700 +++ b/mercurial/hgweb/server.py Wed Jul 13 00:14:50 2016 -0700 @@ -58,7 +58,7 @@ url_scheme = 'http' @staticmethod - def preparehttpserver(httpserver, ssl_cert): + def preparehttpserver(httpserver, ui): """Prepare .socket of new HTTPServer instance""" pass @@ -222,15 +222,17 @@ url_scheme = 'https' @staticmethod - def preparehttpserver(httpserver, ssl_cert): + def preparehttpserver(httpserver, ui): try: import ssl ssl.wrap_socket except ImportError: raise error.Abort(_("SSL support is unavailable")) + + certfile = ui.config('web', 'certificate') httpserver.socket = ssl.wrap_socket( httpserver.socket, server_side=True, - certfile=ssl_cert, ssl_version=ssl.PROTOCOL_TLSv1) + certfile=certfile, ssl_version=ssl.PROTOCOL_TLSv1) def setup(self): self.connection = self.request @@ -264,7 +266,7 @@ self.daemon_threads = True self.application = app - handler.preparehttpserver(self, ui.config('web', 'certificate')) + handler.preparehttpserver(self, ui) prefix = ui.config('web', 'prefix', '') if prefix:
--- a/tests/test-https.t Thu Jul 14 03:12:09 2016 -0700 +++ b/tests/test-https.t Wed Jul 13 00:14:50 2016 -0700 @@ -404,12 +404,13 @@ > from mercurial.hgweb import server > class _httprequesthandlersslclientcert(server._httprequesthandlerssl): > @staticmethod - > def preparehttpserver(httpserver, ssl_cert): + > def preparehttpserver(httpserver, ui): + > certfile = ui.config('web', 'certificate') > sslcontext = ssl.SSLContext(ssl.PROTOCOL_TLSv1) > sslcontext.verify_mode = ssl.CERT_REQUIRED - > sslcontext.load_cert_chain(ssl_cert) + > sslcontext.load_cert_chain(certfile) > # verify clients by server certificate - > sslcontext.load_verify_locations(ssl_cert) + > sslcontext.load_verify_locations(certfile) > httpserver.socket = sslcontext.wrap_socket(httpserver.socket, > server_side=True) > server._httprequesthandlerssl = _httprequesthandlersslclientcert