annotate hgext/factotum.py @ 32053:52902059edc7 stable

Merge stable with security patch.
author Augie Fackler <augie@google.com>
date Tue, 18 Apr 2017 11:22:42 -0400
parents 2c019aac6b99
children 21b568820a3c
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
1 # factotum.py - Plan 9 factotum integration for Mercurial
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
2 #
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
3 # Copyright (C) 2012 Steven Stallion <sstallion@gmail.com>
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
4 #
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
5 # This program is free software; you can redistribute it and/or modify it
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
6 # under the terms of the GNU General Public License as published by the
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
7 # Free Software Foundation; either version 2 of the License, or (at your
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
8 # option) any later version.
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
9 #
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
10 # This program is distributed in the hope that it will be useful, but
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
13 # Public License for more details.
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
14 #
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
15 # You should have received a copy of the GNU General Public License along
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
16 # with this program; if not, write to the Free Software Foundation, Inc.,
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
17 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
18
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
19 '''http authentication with factotum
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
20
16582
cbb916e2d7c5 factotum: add man reference to help output
Steven Stallion <sstallion@gmail.com>
parents: 16463
diff changeset
21 This extension allows the factotum(4) facility on Plan 9 from Bell Labs
cbb916e2d7c5 factotum: add man reference to help output
Steven Stallion <sstallion@gmail.com>
parents: 16463
diff changeset
22 platforms to provide authentication information for HTTP access. Configuration
cbb916e2d7c5 factotum: add man reference to help output
Steven Stallion <sstallion@gmail.com>
parents: 16463
diff changeset
23 entries specified in the auth section as well as authentication information
cbb916e2d7c5 factotum: add man reference to help output
Steven Stallion <sstallion@gmail.com>
parents: 16463
diff changeset
24 provided in the repository URL are fully supported. If no prefix is specified,
cbb916e2d7c5 factotum: add man reference to help output
Steven Stallion <sstallion@gmail.com>
parents: 16463
diff changeset
25 a value of "*" will be assumed.
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
26
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
27 By default, keys are specified as::
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
28
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
29 proto=pass service=hg prefix=<prefix> user=<username> !password=<password>
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
30
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
31 If the factotum extension is unable to read the required key, one will be
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
32 requested interactively.
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
33
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
34 A configuration section is available to customize runtime behavior. By
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
35 default, these entries are::
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
36
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
37 [factotum]
16463
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
38 executable = /bin/auth/factotum
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
39 mountpoint = /mnt/factotum
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
40 service = hg
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
41
16463
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
42 The executable entry defines the full path to the factotum binary. The
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
43 mountpoint entry defines the path to the factotum file service. Lastly, the
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
44 service entry controls the service name used when reading keys.
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
45
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
46 '''
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
47
28971
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
48 from __future__ import absolute_import
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
49
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
50 import os
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
51 from mercurial.i18n import _
28971
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
52 from mercurial import (
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
53 error,
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
54 httpconnection,
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
55 url,
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
56 util,
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
57 )
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
58
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
59 urlreq = util.urlreq
bacca31f4835 py3: make factotum use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 26587
diff changeset
60 passwordmgr = url.passwordmgr
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
61
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
62 ERRMAX = 128
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
63
21228
be561a622100 factotum: initialize global variables to suppress pyflakes warning
Yuya Nishihara <yuya@tcha.org>
parents: 19614
diff changeset
64 _executable = _mountpoint = _service = None
be561a622100 factotum: initialize global variables to suppress pyflakes warning
Yuya Nishihara <yuya@tcha.org>
parents: 19614
diff changeset
65
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
66 def auth_getkey(self, params):
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
67 if not self.ui.interactive():
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25078
diff changeset
68 raise error.Abort(_('factotum not interactive'))
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
69 if 'user=' not in params:
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
70 params = '%s user?' % params
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
71 params = '%s !password?' % params
16463
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
72 os.system("%s -g '%s'" % (_executable, params))
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
73
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
74 def auth_getuserpasswd(self, getkey, params):
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
75 params = 'proto=pass %s' % params
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
76 while True:
16463
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
77 fd = os.open('%s/rpc' % _mountpoint, os.O_RDWR)
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
78 try:
25078
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
79 os.write(fd, 'start %s' % params)
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
80 l = os.read(fd, ERRMAX).split()
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
81 if l[0] == 'ok':
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
82 os.write(fd, 'read')
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
83 status, user, passwd = os.read(fd, ERRMAX).split(None, 2)
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
84 if status == 'ok':
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
85 if passwd.startswith("'"):
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
86 if passwd.endswith("'"):
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
87 passwd = passwd[1:-1].replace("''", "'")
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
88 else:
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25078
diff changeset
89 raise error.Abort(_('malformed password string'))
25078
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
90 return (user, passwd)
e8348f1cc228 factotum: use try/except/finally
Matt Mackall <mpm@selenic.com>
parents: 23393
diff changeset
91 except (OSError, IOError):
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25078
diff changeset
92 raise error.Abort(_('factotum not responding'))
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
93 finally:
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
94 os.close(fd)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
95 getkey(self, params)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
96
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
97 def monkeypatch_method(cls):
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
98 def decorator(func):
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
99 setattr(cls, func.__name__, func)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
100 return func
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
101 return decorator
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
102
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
103 @monkeypatch_method(passwordmgr)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
104 def find_user_password(self, realm, authuri):
29377
2c019aac6b99 url: extract password database from password manager
liscju <piotr.listkiewicz@gmail.com>
parents: 28971
diff changeset
105 user, passwd = self.passwddb.find_user_password(realm, authuri)
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
106 if user and passwd:
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
107 self._writedebug(user, passwd)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
108 return (user, passwd)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
109
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
110 prefix = ''
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
111 res = httpconnection.readauthforuri(self.ui, authuri, user)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
112 if res:
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
113 _, auth = res
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
114 prefix = auth.get('prefix')
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
115 user, passwd = auth.get('username'), auth.get('password')
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
116 if not user or not passwd:
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
117 if not prefix:
19614
1d50c69c1f0a factotum: clean up keychain for multiple hg repository authentication
Jeff Sickel <jas@corpus-callosum.com>
parents: 18647
diff changeset
118 prefix = realm.split(' ')[0].lower()
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
119 params = 'service=%s prefix=%s' % (_service, prefix)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
120 if user:
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
121 params = '%s user=%s' % (params, user)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
122 user, passwd = auth_getuserpasswd(self, auth_getkey, params)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
123
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
124 self.add_password(realm, authuri, user, passwd)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
125 self._writedebug(user, passwd)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
126 return (user, passwd)
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
127
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
128 def uisetup(ui):
16463
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
129 global _executable
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
130 _executable = ui.config('factotum', 'executable', '/bin/auth/factotum')
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
131 global _mountpoint
cef755f86d5c factotum: rename mount and path configuration entries
Steven Stallion <sstallion@gmail.com>
parents: 16383
diff changeset
132 _mountpoint = ui.config('factotum', 'mountpoint', '/mnt/factotum')
16383
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
133 global _service
f5dd179bfa4a plan9: initial support for plan 9 from bell labs
Steven Stallion <sstallion@gmail.com>
parents:
diff changeset
134 _service = ui.config('factotum', 'service', 'hg')