Mercurial > hg
annotate hgext/gpg.py @ 29559:7dec5e441bf7
sslutil: config option to specify TLS protocol version
Currently, Mercurial will use TLS 1.0 or newer when connecting to
remote servers, selecting the highest TLS version supported by both
peers. On older Pythons, only TLS 1.0 is available. On newer Pythons,
TLS 1.1 and 1.2 should be available.
Security-minded people may want to not take any risks running
TLS 1.0 (or even TLS 1.1). This patch gives those people a config
option to explicitly control which TLS versions Mercurial should use.
By providing this option, one can require newer TLS versions
before they are formally deprecated by Mercurial/Python/OpenSSL/etc
and lower their security exposure. This option also provides an
easy mechanism to change protocol policies in Mercurial. If there
is a 0-day and TLS 1.0 is completely broken, we can act quickly
without changing much code.
Because setting the minimum TLS protocol is something you'll likely
want to do globally, this patch introduces a global config option under
[hostsecurity] for that purpose.
wrapserversocket() has been taught a hidden config option to define
the explicit protocol to use. This is queried in this function and
not passed as an argument because I don't want to expose this dangerous
option as part of the Python API. There is a risk someone could footgun
themselves. But the config option is a devel option, has a warning
comment, and I doubt most people are using `hg serve` to run a
production HTTPS server (I would have something not Mercurial/Python
handle TLS). If this is problematic, we can go back to using a
custom extension in tests to coerce the server into bad behavior.
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Thu, 14 Jul 2016 20:47:22 -0700 |
parents | ecf296652080 |
children | d5883fd055c6 |
rev | line source |
---|---|
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
1 # Copyright 2005, 2006 Benoit Boissinot <benoit.boissinot@ens-lyon.org> |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
2 # |
8225
46293a0c7e9f
updated license to be explicit about GPL version 2
Martin Geisler <mg@lazybytes.net>
parents:
8210
diff
changeset
|
3 # This software may be used and distributed according to the terms of the |
10263 | 4 # GNU General Public License version 2 or any later version. |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
5 |
8934
9dda4c73fc3b
extensions: change descriptions for extensions providing a few commands
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
8894
diff
changeset
|
6 '''commands to sign and verify changesets''' |
8873
e872ef2e6758
help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
8808
diff
changeset
|
7 |
29124
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
8 from __future__ import absolute_import |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
9 |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
10 import binascii |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
11 import os |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
12 import tempfile |
29205
a0939666b836
py3: move up symbol imports to enforce import-checker rules
Yuya Nishihara <yuya@tcha.org>
parents:
29124
diff
changeset
|
13 |
a0939666b836
py3: move up symbol imports to enforce import-checker rules
Yuya Nishihara <yuya@tcha.org>
parents:
29124
diff
changeset
|
14 from mercurial.i18n import _ |
29124
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
15 from mercurial import ( |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
16 cmdutil, |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
17 commands, |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
18 error, |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
19 match, |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
20 node as hgnode, |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
21 util, |
555ab813c237
py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents:
27814
diff
changeset
|
22 ) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
23 |
14299
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
24 cmdtable = {} |
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
25 command = cmdutil.command(cmdtable) |
25186
80c5b2666a96
extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents:
25149
diff
changeset
|
26 # Note for extension authors: ONLY specify testedwith = 'internal' for |
80c5b2666a96
extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents:
25149
diff
changeset
|
27 # extensions which SHIP WITH MERCURIAL. Non-mainline extensions should |
80c5b2666a96
extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents:
25149
diff
changeset
|
28 # be specifying the version(s) of Mercurial they are tested with, or |
80c5b2666a96
extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents:
25149
diff
changeset
|
29 # leave the attribute unspecified. |
16743
38caf405d010
hgext: mark all first-party extensions as such
Augie Fackler <raf@durin42.com>
parents:
16688
diff
changeset
|
30 testedwith = 'internal' |
14299
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
31 |
8778
c5f36402daad
use new style classes
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
8706
diff
changeset
|
32 class gpg(object): |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
33 def __init__(self, path, key=None): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
34 self.path = path |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
35 self.key = (key and " --local-user \"%s\"" % key) or "" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
36 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
37 def sign(self, data): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
38 gpgcmd = "%s --sign --detach-sign%s" % (self.path, self.key) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
39 return util.filter(data, gpgcmd) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
40 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
41 def verify(self, data, sig): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
42 """ returns of the good and bad signatures""" |
2231
9a2f4b2e7cf1
gpg extension: Always remove temporary files created by 'hg sigcheck'.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2165
diff
changeset
|
43 sigfile = datafile = None |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
44 try: |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
45 # create temporary files |
2165
d821918e3bee
Use better names (hg-{usage}-{random}.{suffix}) for temporary files.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
1685
diff
changeset
|
46 fd, sigfile = tempfile.mkstemp(prefix="hg-gpg-", suffix=".sig") |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
47 fp = os.fdopen(fd, 'wb') |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
48 fp.write(sig) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
49 fp.close() |
2165
d821918e3bee
Use better names (hg-{usage}-{random}.{suffix}) for temporary files.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
1685
diff
changeset
|
50 fd, datafile = tempfile.mkstemp(prefix="hg-gpg-", suffix=".txt") |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
51 fp = os.fdopen(fd, 'wb') |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
52 fp.write(data) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
53 fp.close() |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
54 gpgcmd = ("%s --logger-fd 1 --status-fd 1 --verify " |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
55 "\"%s\" \"%s\"" % (self.path, sigfile, datafile)) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
56 ret = util.filter("", gpgcmd) |
2231
9a2f4b2e7cf1
gpg extension: Always remove temporary files created by 'hg sigcheck'.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2165
diff
changeset
|
57 finally: |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
58 for f in (sigfile, datafile): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
59 try: |
10282
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
10263
diff
changeset
|
60 if f: |
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
10263
diff
changeset
|
61 os.unlink(f) |
16688
cfb6682961b8
cleanup: replace naked excepts with more specific ones
Brodie Rao <brodie@sf.io>
parents:
14299
diff
changeset
|
62 except OSError: |
10282
08a0f04b56bd
many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents:
10263
diff
changeset
|
63 pass |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
64 keys = [] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
65 key, fingerprint = None, None |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
66 for l in ret.splitlines(): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
67 # see DETAILS in the gnupg documentation |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
68 # filter the logger output |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
69 if not l.startswith("[GNUPG:]"): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
70 continue |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
71 l = l[9:] |
19441
8b312c080adb
gpg: treat "ERRSIG" as a valid key id but no fingerprint
Wei, Elson <elson.wei@gmail.com>
parents:
16991
diff
changeset
|
72 if l.startswith("VALIDSIG"): |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
73 # fingerprint of the primary key |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
74 fingerprint = l.split()[10] |
19441
8b312c080adb
gpg: treat "ERRSIG" as a valid key id but no fingerprint
Wei, Elson <elson.wei@gmail.com>
parents:
16991
diff
changeset
|
75 elif l.startswith("ERRSIG"): |
8b312c080adb
gpg: treat "ERRSIG" as a valid key id but no fingerprint
Wei, Elson <elson.wei@gmail.com>
parents:
16991
diff
changeset
|
76 key = l.split(" ", 3)[:2] |
8b312c080adb
gpg: treat "ERRSIG" as a valid key id but no fingerprint
Wei, Elson <elson.wei@gmail.com>
parents:
16991
diff
changeset
|
77 key.append("") |
8b312c080adb
gpg: treat "ERRSIG" as a valid key id but no fingerprint
Wei, Elson <elson.wei@gmail.com>
parents:
16991
diff
changeset
|
78 fingerprint = None |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
79 elif (l.startswith("GOODSIG") or |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
80 l.startswith("EXPSIG") or |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
81 l.startswith("EXPKEYSIG") or |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
82 l.startswith("BADSIG")): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
83 if key is not None: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
84 keys.append(key + [fingerprint]) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
85 key = l.split(" ", 2) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
86 fingerprint = None |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
87 if key is not None: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
88 keys.append(key + [fingerprint]) |
19442
33c72f054e16
gpg: getkeys() removes unused returning value "err"
Wei, Elson <elson.wei@gmail.com>
parents:
19441
diff
changeset
|
89 return keys |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
90 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
91 def newgpg(ui, **opts): |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
92 """create a new gpg instance""" |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
93 gpgpath = ui.config("gpg", "cmd", "gpg") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
94 gpgkey = opts.get('key') |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
95 if not gpgkey: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
96 gpgkey = ui.config("gpg", "key", None) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
97 return gpg(gpgpath, gpgkey) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
98 |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
99 def sigwalk(repo): |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
100 """ |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
101 walk over every sigs, yields a couple |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
102 ((node, version, sig), (filename, linenumber)) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
103 """ |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
104 def parsefile(fileiter, context): |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
105 ln = 1 |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
106 for l in fileiter: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
107 if not l: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
108 continue |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
109 yield (l.split(" ", 2), (context, ln)) |
10394
4612cded5176
fix coding style (reported by pylint)
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
10282
diff
changeset
|
110 ln += 1 |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
111 |
8210
344751cd8cb8
replace various uses of list.reverse()
Matt Mackall <mpm@selenic.com>
parents:
6760
diff
changeset
|
112 # read the heads |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
113 fl = repo.file(".hgsigs") |
8210
344751cd8cb8
replace various uses of list.reverse()
Matt Mackall <mpm@selenic.com>
parents:
6760
diff
changeset
|
114 for r in reversed(fl.heads()): |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
115 fn = ".hgsigs|%s" % hgnode.short(r) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
116 for item in parsefile(fl.read(r).splitlines(), fn): |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
117 yield item |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
118 try: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
119 # read local signatures |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
120 fn = "localsigs" |
23877
7cc77030c557
localrepo: remove all external users of localrepo.opener
Angel Ezquerra <angel.ezquerra@gmail.com>
parents:
22683
diff
changeset
|
121 for item in parsefile(repo.vfs(fn), fn): |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
122 yield item |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
123 except IOError: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
124 pass |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
125 |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
126 def getkeys(ui, repo, mygpg, sigdata, context): |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
127 """get the keys who signed a data""" |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
128 fn, ln = context |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
129 node, version, sig = sigdata |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
130 prefix = "%s:%d" % (fn, ln) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
131 node = hgnode.bin(node) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
132 |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
133 data = node2txt(repo, node, version) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
134 sig = binascii.a2b_base64(sig) |
19442
33c72f054e16
gpg: getkeys() removes unused returning value "err"
Wei, Elson <elson.wei@gmail.com>
parents:
19441
diff
changeset
|
135 keys = mygpg.verify(data, sig) |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
136 |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
137 validkeys = [] |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
138 # warn for expired key and/or sigs |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
139 for key in keys: |
19444
f9e04a4e28d0
gpg: show "Unknown key ID xxxxxxxx" when the status is ERRSIG
Wei, Elson <elson.wei@gmail.com>
parents:
19443
diff
changeset
|
140 if key[0] == "ERRSIG": |
f9e04a4e28d0
gpg: show "Unknown key ID xxxxxxxx" when the status is ERRSIG
Wei, Elson <elson.wei@gmail.com>
parents:
19443
diff
changeset
|
141 ui.write(_("%s Unknown key ID \"%s\"\n") |
f9e04a4e28d0
gpg: show "Unknown key ID xxxxxxxx" when the status is ERRSIG
Wei, Elson <elson.wei@gmail.com>
parents:
19443
diff
changeset
|
142 % (prefix, shortkey(ui, key[1][:15]))) |
f9e04a4e28d0
gpg: show "Unknown key ID xxxxxxxx" when the status is ERRSIG
Wei, Elson <elson.wei@gmail.com>
parents:
19443
diff
changeset
|
143 continue |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
144 if key[0] == "BADSIG": |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
145 ui.write(_("%s Bad signature from \"%s\"\n") % (prefix, key[2])) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
146 continue |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
147 if key[0] == "EXPSIG": |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
148 ui.write(_("%s Note: Signature has expired" |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
149 " (signed by: \"%s\")\n") % (prefix, key[2])) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
150 elif key[0] == "EXPKEYSIG": |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
151 ui.write(_("%s Note: This key has expired" |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
152 " (signed by: \"%s\")\n") % (prefix, key[2])) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
153 validkeys.append((key[1], key[2], key[3])) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
154 return validkeys |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
155 |
14299
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
156 @command("sigs", [], _('hg sigs')) |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
157 def sigs(ui, repo): |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
158 """list signed changesets""" |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
159 mygpg = newgpg(ui) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
160 revs = {} |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
161 |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
162 for data, context in sigwalk(repo): |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
163 node, version, sig = data |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
164 fn, ln = context |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
165 try: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
166 n = repo.lookup(node) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
167 except KeyError: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
168 ui.warn(_("%s:%d node does not exist\n") % (fn, ln)) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
169 continue |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
170 r = repo.changelog.rev(n) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
171 keys = getkeys(ui, repo, mygpg, data, context) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
172 if not keys: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
173 continue |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
174 revs.setdefault(r, []) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
175 revs[r].extend(keys) |
8303
db52cc4f2f97
gpg: use reverse kwarg to sort sigs in reversed order
Martin Geisler <mg@lazybytes.net>
parents:
8301
diff
changeset
|
176 for rev in sorted(revs, reverse=True): |
1682
ca1cda9220d5
fix an exception in gpg.py with multiples sigs for the same cset
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1681
diff
changeset
|
177 for k in revs[rev]: |
ca1cda9220d5
fix an exception in gpg.py with multiples sigs for the same cset
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1681
diff
changeset
|
178 r = "%5d:%s" % (rev, hgnode.hex(repo.changelog.node(rev))) |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
179 ui.write("%-30s %s\n" % (keystr(ui, k), r)) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
180 |
16991
1aae34f109fd
consistency: use REV instead of REVISION
Thomas Arendsen Hein <thomas@intevation.de>
parents:
16927
diff
changeset
|
181 @command("sigcheck", [], _('hg sigcheck REV')) |
27117
ad2627f4af27
gpg: rename sigcheck function
timeless <timeless@mozdev.org>
parents:
26587
diff
changeset
|
182 def sigcheck(ui, repo, rev): |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
183 """verify all the signatures there may be for a particular revision""" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
184 mygpg = newgpg(ui) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
185 rev = repo.lookup(rev) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
186 hexrev = hgnode.hex(rev) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
187 keys = [] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
188 |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
189 for data, context in sigwalk(repo): |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
190 node, version, sig = data |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
191 if node == hexrev: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
192 k = getkeys(ui, repo, mygpg, data, context) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
193 if k: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
194 keys.extend(k) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
195 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
196 if not keys: |
16927 | 197 ui.write(_("no valid signature for %s\n") % hgnode.short(rev)) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
198 return |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
199 |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
200 # print summary |
29239
ecf296652080
gpg: make a message translatable
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents:
29205
diff
changeset
|
201 ui.write(_("%s is signed by:\n") % hgnode.short(rev)) |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
202 for key in keys: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
203 ui.write(" %s\n" % keystr(ui, key)) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
204 |
1681
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
205 def keystr(ui, key): |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
206 """associate a string to a key (username, comment)""" |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
207 keyid, user, fingerprint = key |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
208 comment = ui.config("gpg", fingerprint, None) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
209 if comment: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
210 return "%s (%s)" % (user, comment) |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
211 else: |
98eef041f9c7
fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
1676
diff
changeset
|
212 return user |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
213 |
14299
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
214 @command("sign", |
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
215 [('l', 'local', None, _('make the signature local')), |
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
216 ('f', 'force', None, _('sign even if the sigfile is modified')), |
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
217 ('', 'no-commit', None, _('do not commit the sigfile after signing')), |
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
218 ('k', 'key', '', |
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
219 _('the key id to sign with'), _('ID')), |
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
220 ('m', 'message', '', |
21951
59af0b21ec31
doc: unify help text for "--message" option
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents:
21711
diff
changeset
|
221 _('use text as commit message'), _('TEXT')), |
21711
0986af9e7006
gpg: accept '--edit' like other commands creating new changeset
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents:
19444
diff
changeset
|
222 ('e', 'edit', False, _('invoke editor on commit messages')), |
14299
f3ba4125d9e9
gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents:
14168
diff
changeset
|
223 ] + commands.commitopts2, |
16991
1aae34f109fd
consistency: use REV instead of REVISION
Thomas Arendsen Hein <thomas@intevation.de>
parents:
16927
diff
changeset
|
224 _('hg sign [OPTION]... [REV]...')) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
225 def sign(ui, repo, *revs, **opts): |
3916
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
226 """add a signature for the current or given revision |
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
227 |
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
228 If no revision is given, the parent of the working directory is used, |
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
229 or tip if no revision is checked out. |
6163
1f733c2f0165
Document log date ranges and mention 'hg help dates' for all commands (issue998)
Thomas Arendsen Hein <thomas@intevation.de>
parents:
6139
diff
changeset
|
230 |
25791
917be0574d7f
gpg: mention undocumented options
Matt Mackall <mpm@selenic.com>
parents:
25660
diff
changeset
|
231 The ``gpg.cmd`` config setting can be used to specify the command |
917be0574d7f
gpg: mention undocumented options
Matt Mackall <mpm@selenic.com>
parents:
25660
diff
changeset
|
232 to run. A default key can be specified with ``gpg.key``. |
917be0574d7f
gpg: mention undocumented options
Matt Mackall <mpm@selenic.com>
parents:
25660
diff
changeset
|
233 |
11193
687c7d395f20
Use our custom hg reStructuredText role some more
Martin Geisler <mg@aragost.com>
parents:
10532
diff
changeset
|
234 See :hg:`help dates` for a list of formats valid for -d/--date. |
3916
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
235 """ |
27814
a72735028336
with: use context manager for wlock in sign
Bryan O'Sullivan <bryano@fb.com>
parents:
27196
diff
changeset
|
236 with repo.wlock(): |
27196
7b4a61570d61
gpg: make sign acquire wlock before processing
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents:
27117
diff
changeset
|
237 return _dosign(ui, repo, *revs, **opts) |
3916
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
238 |
27196
7b4a61570d61
gpg: make sign acquire wlock before processing
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents:
27117
diff
changeset
|
239 def _dosign(ui, repo, *revs, **opts): |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
240 mygpg = newgpg(ui, **opts) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
241 sigver = "0" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
242 sigmessage = "" |
6139
989467e8e3a9
Fix bad behaviour when specifying an invalid date (issue700)
Thomas Arendsen Hein <thomas@intevation.de>
parents:
5475
diff
changeset
|
243 |
989467e8e3a9
Fix bad behaviour when specifying an invalid date (issue700)
Thomas Arendsen Hein <thomas@intevation.de>
parents:
5475
diff
changeset
|
244 date = opts.get('date') |
989467e8e3a9
Fix bad behaviour when specifying an invalid date (issue700)
Thomas Arendsen Hein <thomas@intevation.de>
parents:
5475
diff
changeset
|
245 if date: |
989467e8e3a9
Fix bad behaviour when specifying an invalid date (issue700)
Thomas Arendsen Hein <thomas@intevation.de>
parents:
5475
diff
changeset
|
246 opts['date'] = util.parsedate(date) |
989467e8e3a9
Fix bad behaviour when specifying an invalid date (issue700)
Thomas Arendsen Hein <thomas@intevation.de>
parents:
5475
diff
changeset
|
247 |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
248 if revs: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
249 nodes = [repo.lookup(n) for n in revs] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
250 else: |
3916
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
251 nodes = [node for node in repo.dirstate.parents() |
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
252 if node != hgnode.nullid] |
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
253 if len(nodes) > 1: |
26587
56b2bcea2529
error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents:
25791
diff
changeset
|
254 raise error.Abort(_('uncommitted merge - please provide a ' |
3916
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
255 'specific revision')) |
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
256 if not nodes: |
b1806b211910
Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents:
2875
diff
changeset
|
257 nodes = [repo.changelog.tip()] |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
258 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
259 for n in nodes: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
260 hexnode = hgnode.hex(n) |
16927 | 261 ui.write(_("signing %d:%s\n") % (repo.changelog.rev(n), |
10510
f77f3383c666
i18n: mark more strings for translation
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
10394
diff
changeset
|
262 hgnode.short(n))) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
263 # build data |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
264 data = node2txt(repo, n, sigver) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
265 sig = mygpg.sign(data) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
266 if not sig: |
26587
56b2bcea2529
error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents:
25791
diff
changeset
|
267 raise error.Abort(_("error while signing")) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
268 sig = binascii.b2a_base64(sig) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
269 sig = sig.replace("\n", "") |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
270 sigmessage += "%s %s %s\n" % (hexnode, sigver, sig) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
271 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
272 # write it |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
273 if opts['local']: |
23877
7cc77030c557
localrepo: remove all external users of localrepo.opener
Angel Ezquerra <angel.ezquerra@gmail.com>
parents:
22683
diff
changeset
|
274 repo.vfs.append("localsigs", sigmessage) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
275 return |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
276 |
22682
9c89ac99690e
gpg: move test of force before status call
Matt Mackall <mpm@selenic.com>
parents:
22681
diff
changeset
|
277 if not opts["force"]: |
9c89ac99690e
gpg: move test of force before status call
Matt Mackall <mpm@selenic.com>
parents:
22681
diff
changeset
|
278 msigs = match.exact(repo.root, '', ['.hgsigs']) |
25149
3f0744eeaeaf
cleanup: use __builtins__.any instead of util.any
Augie Fackler <augie@google.com>
parents:
23877
diff
changeset
|
279 if any(repo.status(match=msigs, unknown=True, ignored=True)): |
26587
56b2bcea2529
error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents:
25791
diff
changeset
|
280 raise error.Abort(_("working copy of .hgsigs is changed "), |
22683
f1872fdc1c3c
gpg: use an abort hint and don't mention --force
Matt Mackall <mpm@selenic.com>
parents:
22682
diff
changeset
|
281 hint=_("please commit .hgsigs manually")) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
282 |
13400
14f3795a5ed7
explicitly close files
Dan Villiom Podlaski Christiansen <danchr@gmail.com>
parents:
12965
diff
changeset
|
283 sigsfile = repo.wfile(".hgsigs", "ab") |
14f3795a5ed7
explicitly close files
Dan Villiom Podlaski Christiansen <danchr@gmail.com>
parents:
12965
diff
changeset
|
284 sigsfile.write(sigmessage) |
14f3795a5ed7
explicitly close files
Dan Villiom Podlaski Christiansen <danchr@gmail.com>
parents:
12965
diff
changeset
|
285 sigsfile.close() |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
286 |
4906
30847b8af7ca
dirstate: add __contains__ and make __getitem__ more useful
Matt Mackall <mpm@selenic.com>
parents:
4730
diff
changeset
|
287 if '.hgsigs' not in repo.dirstate: |
11303
a1aad8333864
move working dir/dirstate methods from localrepo to workingctx
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents:
11193
diff
changeset
|
288 repo[None].add([".hgsigs"]) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
289 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
290 if opts["no_commit"]: |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
291 return |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
292 |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
293 message = opts['message'] |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
294 if not message: |
9183
d0225fa2f6c4
do not translate commit messages
Martin Geisler <mg@lazybytes.net>
parents:
8934
diff
changeset
|
295 # we don't translate commit messages |
d0225fa2f6c4
do not translate commit messages
Martin Geisler <mg@lazybytes.net>
parents:
8934
diff
changeset
|
296 message = "\n".join(["Added signature for changeset %s" |
5475
3aa5c45874c6
gpg: use the same log message format as hg tag
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
5147
diff
changeset
|
297 % hgnode.short(n) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
298 for n in nodes]) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
299 try: |
22001
135176a198d0
gpg: pass 'editform' argument to 'cmdutil.getcommiteditor'
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents:
21951
diff
changeset
|
300 editor = cmdutil.getcommiteditor(editform='gpg.sign', **opts) |
21711
0986af9e7006
gpg: accept '--edit' like other commands creating new changeset
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents:
19444
diff
changeset
|
301 repo.commit(message, opts['user'], opts['date'], match=msigs, |
22001
135176a198d0
gpg: pass 'editform' argument to 'cmdutil.getcommiteditor'
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents:
21951
diff
changeset
|
302 editor=editor) |
25660
328739ea70c3
global: mass rewrite to use modern exception syntax
Gregory Szorc <gregory.szorc@gmail.com>
parents:
25186
diff
changeset
|
303 except ValueError as inst: |
26587
56b2bcea2529
error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents:
25791
diff
changeset
|
304 raise error.Abort(str(inst)) |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
305 |
19443
2a7fd31ac548
gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents:
19442
diff
changeset
|
306 def shortkey(ui, key): |
2a7fd31ac548
gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents:
19442
diff
changeset
|
307 if len(key) != 16: |
2a7fd31ac548
gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents:
19442
diff
changeset
|
308 ui.debug("key ID \"%s\" format error\n" % key) |
2a7fd31ac548
gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents:
19442
diff
changeset
|
309 return key |
2a7fd31ac548
gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents:
19442
diff
changeset
|
310 |
2a7fd31ac548
gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents:
19442
diff
changeset
|
311 return key[-8:] |
2a7fd31ac548
gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents:
19442
diff
changeset
|
312 |
1592
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
313 def node2txt(repo, node, ver): |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
314 """map a manifest into some text""" |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
315 if ver == "0": |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
316 return "%s\n" % hgnode.hex(node) |
347c44611348
gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff
changeset
|
317 else: |
26587
56b2bcea2529
error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents:
25791
diff
changeset
|
318 raise error.Abort(_("unknown signature version")) |