annotate hgext/gpg.py @ 29559:7dec5e441bf7

sslutil: config option to specify TLS protocol version Currently, Mercurial will use TLS 1.0 or newer when connecting to remote servers, selecting the highest TLS version supported by both peers. On older Pythons, only TLS 1.0 is available. On newer Pythons, TLS 1.1 and 1.2 should be available. Security-minded people may want to not take any risks running TLS 1.0 (or even TLS 1.1). This patch gives those people a config option to explicitly control which TLS versions Mercurial should use. By providing this option, one can require newer TLS versions before they are formally deprecated by Mercurial/Python/OpenSSL/etc and lower their security exposure. This option also provides an easy mechanism to change protocol policies in Mercurial. If there is a 0-day and TLS 1.0 is completely broken, we can act quickly without changing much code. Because setting the minimum TLS protocol is something you'll likely want to do globally, this patch introduces a global config option under [hostsecurity] for that purpose. wrapserversocket() has been taught a hidden config option to define the explicit protocol to use. This is queried in this function and not passed as an argument because I don't want to expose this dangerous option as part of the Python API. There is a risk someone could footgun themselves. But the config option is a devel option, has a warning comment, and I doubt most people are using `hg serve` to run a production HTTPS server (I would have something not Mercurial/Python handle TLS). If this is problematic, we can go back to using a custom extension in tests to coerce the server into bad behavior.
author Gregory Szorc <gregory.szorc@gmail.com>
date Thu, 14 Jul 2016 20:47:22 -0700
parents ecf296652080
children d5883fd055c6
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
1 # Copyright 2005, 2006 Benoit Boissinot <benoit.boissinot@ens-lyon.org>
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
2 #
8225
46293a0c7e9f updated license to be explicit about GPL version 2
Martin Geisler <mg@lazybytes.net>
parents: 8210
diff changeset
3 # This software may be used and distributed according to the terms of the
10263
25e572394f5c Update license to GPLv2+
Matt Mackall <mpm@selenic.com>
parents: 9183
diff changeset
4 # GNU General Public License version 2 or any later version.
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
5
8934
9dda4c73fc3b extensions: change descriptions for extensions providing a few commands
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8894
diff changeset
6 '''commands to sign and verify changesets'''
8873
e872ef2e6758 help: add/fix docstrings for a bunch of extensions
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 8808
diff changeset
7
29124
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
8 from __future__ import absolute_import
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
9
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
10 import binascii
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
11 import os
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
12 import tempfile
29205
a0939666b836 py3: move up symbol imports to enforce import-checker rules
Yuya Nishihara <yuya@tcha.org>
parents: 29124
diff changeset
13
a0939666b836 py3: move up symbol imports to enforce import-checker rules
Yuya Nishihara <yuya@tcha.org>
parents: 29124
diff changeset
14 from mercurial.i18n import _
29124
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
15 from mercurial import (
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
16 cmdutil,
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
17 commands,
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
18 error,
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
19 match,
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
20 node as hgnode,
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
21 util,
555ab813c237 py3: make hgext/gpg.py use absolute_import
Pulkit Goyal <7895pulkit@gmail.com>
parents: 27814
diff changeset
22 )
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
23
14299
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
24 cmdtable = {}
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
25 command = cmdutil.command(cmdtable)
25186
80c5b2666a96 extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents: 25149
diff changeset
26 # Note for extension authors: ONLY specify testedwith = 'internal' for
80c5b2666a96 extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents: 25149
diff changeset
27 # extensions which SHIP WITH MERCURIAL. Non-mainline extensions should
80c5b2666a96 extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents: 25149
diff changeset
28 # be specifying the version(s) of Mercurial they are tested with, or
80c5b2666a96 extensions: document that `testedwith = 'internal'` is special
Augie Fackler <augie@google.com>
parents: 25149
diff changeset
29 # leave the attribute unspecified.
16743
38caf405d010 hgext: mark all first-party extensions as such
Augie Fackler <raf@durin42.com>
parents: 16688
diff changeset
30 testedwith = 'internal'
14299
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
31
8778
c5f36402daad use new style classes
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 8706
diff changeset
32 class gpg(object):
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
33 def __init__(self, path, key=None):
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
34 self.path = path
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
35 self.key = (key and " --local-user \"%s\"" % key) or ""
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
36
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
37 def sign(self, data):
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
38 gpgcmd = "%s --sign --detach-sign%s" % (self.path, self.key)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
39 return util.filter(data, gpgcmd)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
40
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
41 def verify(self, data, sig):
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
42 """ returns of the good and bad signatures"""
2231
9a2f4b2e7cf1 gpg extension: Always remove temporary files created by 'hg sigcheck'.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2165
diff changeset
43 sigfile = datafile = None
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
44 try:
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
45 # create temporary files
2165
d821918e3bee Use better names (hg-{usage}-{random}.{suffix}) for temporary files.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 1685
diff changeset
46 fd, sigfile = tempfile.mkstemp(prefix="hg-gpg-", suffix=".sig")
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
47 fp = os.fdopen(fd, 'wb')
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
48 fp.write(sig)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
49 fp.close()
2165
d821918e3bee Use better names (hg-{usage}-{random}.{suffix}) for temporary files.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 1685
diff changeset
50 fd, datafile = tempfile.mkstemp(prefix="hg-gpg-", suffix=".txt")
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
51 fp = os.fdopen(fd, 'wb')
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
52 fp.write(data)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
53 fp.close()
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
54 gpgcmd = ("%s --logger-fd 1 --status-fd 1 --verify "
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
55 "\"%s\" \"%s\"" % (self.path, sigfile, datafile))
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
56 ret = util.filter("", gpgcmd)
2231
9a2f4b2e7cf1 gpg extension: Always remove temporary files created by 'hg sigcheck'.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2165
diff changeset
57 finally:
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
58 for f in (sigfile, datafile):
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
59 try:
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 10263
diff changeset
60 if f:
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 10263
diff changeset
61 os.unlink(f)
16688
cfb6682961b8 cleanup: replace naked excepts with more specific ones
Brodie Rao <brodie@sf.io>
parents: 14299
diff changeset
62 except OSError:
10282
08a0f04b56bd many, many trivial check-code fixups
Matt Mackall <mpm@selenic.com>
parents: 10263
diff changeset
63 pass
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
64 keys = []
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
65 key, fingerprint = None, None
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
66 for l in ret.splitlines():
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
67 # see DETAILS in the gnupg documentation
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
68 # filter the logger output
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
69 if not l.startswith("[GNUPG:]"):
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
70 continue
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
71 l = l[9:]
19441
8b312c080adb gpg: treat "ERRSIG" as a valid key id but no fingerprint
Wei, Elson <elson.wei@gmail.com>
parents: 16991
diff changeset
72 if l.startswith("VALIDSIG"):
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
73 # fingerprint of the primary key
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
74 fingerprint = l.split()[10]
19441
8b312c080adb gpg: treat "ERRSIG" as a valid key id but no fingerprint
Wei, Elson <elson.wei@gmail.com>
parents: 16991
diff changeset
75 elif l.startswith("ERRSIG"):
8b312c080adb gpg: treat "ERRSIG" as a valid key id but no fingerprint
Wei, Elson <elson.wei@gmail.com>
parents: 16991
diff changeset
76 key = l.split(" ", 3)[:2]
8b312c080adb gpg: treat "ERRSIG" as a valid key id but no fingerprint
Wei, Elson <elson.wei@gmail.com>
parents: 16991
diff changeset
77 key.append("")
8b312c080adb gpg: treat "ERRSIG" as a valid key id but no fingerprint
Wei, Elson <elson.wei@gmail.com>
parents: 16991
diff changeset
78 fingerprint = None
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
79 elif (l.startswith("GOODSIG") or
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
80 l.startswith("EXPSIG") or
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
81 l.startswith("EXPKEYSIG") or
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
82 l.startswith("BADSIG")):
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
83 if key is not None:
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
84 keys.append(key + [fingerprint])
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
85 key = l.split(" ", 2)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
86 fingerprint = None
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
87 if key is not None:
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
88 keys.append(key + [fingerprint])
19442
33c72f054e16 gpg: getkeys() removes unused returning value "err"
Wei, Elson <elson.wei@gmail.com>
parents: 19441
diff changeset
89 return keys
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
90
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
91 def newgpg(ui, **opts):
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
92 """create a new gpg instance"""
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
93 gpgpath = ui.config("gpg", "cmd", "gpg")
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
94 gpgkey = opts.get('key')
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
95 if not gpgkey:
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
96 gpgkey = ui.config("gpg", "key", None)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
97 return gpg(gpgpath, gpgkey)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
98
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
99 def sigwalk(repo):
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
100 """
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
101 walk over every sigs, yields a couple
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
102 ((node, version, sig), (filename, linenumber))
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
103 """
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
104 def parsefile(fileiter, context):
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
105 ln = 1
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
106 for l in fileiter:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
107 if not l:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
108 continue
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
109 yield (l.split(" ", 2), (context, ln))
10394
4612cded5176 fix coding style (reported by pylint)
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 10282
diff changeset
110 ln += 1
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
111
8210
344751cd8cb8 replace various uses of list.reverse()
Matt Mackall <mpm@selenic.com>
parents: 6760
diff changeset
112 # read the heads
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
113 fl = repo.file(".hgsigs")
8210
344751cd8cb8 replace various uses of list.reverse()
Matt Mackall <mpm@selenic.com>
parents: 6760
diff changeset
114 for r in reversed(fl.heads()):
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
115 fn = ".hgsigs|%s" % hgnode.short(r)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
116 for item in parsefile(fl.read(r).splitlines(), fn):
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
117 yield item
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
118 try:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
119 # read local signatures
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
120 fn = "localsigs"
23877
7cc77030c557 localrepo: remove all external users of localrepo.opener
Angel Ezquerra <angel.ezquerra@gmail.com>
parents: 22683
diff changeset
121 for item in parsefile(repo.vfs(fn), fn):
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
122 yield item
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
123 except IOError:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
124 pass
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
125
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
126 def getkeys(ui, repo, mygpg, sigdata, context):
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
127 """get the keys who signed a data"""
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
128 fn, ln = context
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
129 node, version, sig = sigdata
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
130 prefix = "%s:%d" % (fn, ln)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
131 node = hgnode.bin(node)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
132
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
133 data = node2txt(repo, node, version)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
134 sig = binascii.a2b_base64(sig)
19442
33c72f054e16 gpg: getkeys() removes unused returning value "err"
Wei, Elson <elson.wei@gmail.com>
parents: 19441
diff changeset
135 keys = mygpg.verify(data, sig)
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
136
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
137 validkeys = []
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
138 # warn for expired key and/or sigs
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
139 for key in keys:
19444
f9e04a4e28d0 gpg: show "Unknown key ID xxxxxxxx" when the status is ERRSIG
Wei, Elson <elson.wei@gmail.com>
parents: 19443
diff changeset
140 if key[0] == "ERRSIG":
f9e04a4e28d0 gpg: show "Unknown key ID xxxxxxxx" when the status is ERRSIG
Wei, Elson <elson.wei@gmail.com>
parents: 19443
diff changeset
141 ui.write(_("%s Unknown key ID \"%s\"\n")
f9e04a4e28d0 gpg: show "Unknown key ID xxxxxxxx" when the status is ERRSIG
Wei, Elson <elson.wei@gmail.com>
parents: 19443
diff changeset
142 % (prefix, shortkey(ui, key[1][:15])))
f9e04a4e28d0 gpg: show "Unknown key ID xxxxxxxx" when the status is ERRSIG
Wei, Elson <elson.wei@gmail.com>
parents: 19443
diff changeset
143 continue
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
144 if key[0] == "BADSIG":
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
145 ui.write(_("%s Bad signature from \"%s\"\n") % (prefix, key[2]))
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
146 continue
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
147 if key[0] == "EXPSIG":
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
148 ui.write(_("%s Note: Signature has expired"
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
149 " (signed by: \"%s\")\n") % (prefix, key[2]))
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
150 elif key[0] == "EXPKEYSIG":
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
151 ui.write(_("%s Note: This key has expired"
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
152 " (signed by: \"%s\")\n") % (prefix, key[2]))
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
153 validkeys.append((key[1], key[2], key[3]))
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
154 return validkeys
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
155
14299
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
156 @command("sigs", [], _('hg sigs'))
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
157 def sigs(ui, repo):
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
158 """list signed changesets"""
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
159 mygpg = newgpg(ui)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
160 revs = {}
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
161
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
162 for data, context in sigwalk(repo):
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
163 node, version, sig = data
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
164 fn, ln = context
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
165 try:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
166 n = repo.lookup(node)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
167 except KeyError:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
168 ui.warn(_("%s:%d node does not exist\n") % (fn, ln))
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
169 continue
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
170 r = repo.changelog.rev(n)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
171 keys = getkeys(ui, repo, mygpg, data, context)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
172 if not keys:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
173 continue
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
174 revs.setdefault(r, [])
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
175 revs[r].extend(keys)
8303
db52cc4f2f97 gpg: use reverse kwarg to sort sigs in reversed order
Martin Geisler <mg@lazybytes.net>
parents: 8301
diff changeset
176 for rev in sorted(revs, reverse=True):
1682
ca1cda9220d5 fix an exception in gpg.py with multiples sigs for the same cset
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1681
diff changeset
177 for k in revs[rev]:
ca1cda9220d5 fix an exception in gpg.py with multiples sigs for the same cset
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1681
diff changeset
178 r = "%5d:%s" % (rev, hgnode.hex(repo.changelog.node(rev)))
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
179 ui.write("%-30s %s\n" % (keystr(ui, k), r))
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
180
16991
1aae34f109fd consistency: use REV instead of REVISION
Thomas Arendsen Hein <thomas@intevation.de>
parents: 16927
diff changeset
181 @command("sigcheck", [], _('hg sigcheck REV'))
27117
ad2627f4af27 gpg: rename sigcheck function
timeless <timeless@mozdev.org>
parents: 26587
diff changeset
182 def sigcheck(ui, repo, rev):
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
183 """verify all the signatures there may be for a particular revision"""
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
184 mygpg = newgpg(ui)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
185 rev = repo.lookup(rev)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
186 hexrev = hgnode.hex(rev)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
187 keys = []
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
188
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
189 for data, context in sigwalk(repo):
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
190 node, version, sig = data
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
191 if node == hexrev:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
192 k = getkeys(ui, repo, mygpg, data, context)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
193 if k:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
194 keys.extend(k)
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
195
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
196 if not keys:
16927
7922004a46b8 gpg: lowercase messages
Martin Geisler <mg@aragost.com>
parents: 16743
diff changeset
197 ui.write(_("no valid signature for %s\n") % hgnode.short(rev))
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
198 return
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
199
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
200 # print summary
29239
ecf296652080 gpg: make a message translatable
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 29205
diff changeset
201 ui.write(_("%s is signed by:\n") % hgnode.short(rev))
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
202 for key in keys:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
203 ui.write(" %s\n" % keystr(ui, key))
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
204
1681
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
205 def keystr(ui, key):
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
206 """associate a string to a key (username, comment)"""
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
207 keyid, user, fingerprint = key
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
208 comment = ui.config("gpg", fingerprint, None)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
209 if comment:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
210 return "%s (%s)" % (user, comment)
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
211 else:
98eef041f9c7 fixes for gpg.py extension
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 1676
diff changeset
212 return user
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
213
14299
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
214 @command("sign",
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
215 [('l', 'local', None, _('make the signature local')),
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
216 ('f', 'force', None, _('sign even if the sigfile is modified')),
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
217 ('', 'no-commit', None, _('do not commit the sigfile after signing')),
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
218 ('k', 'key', '',
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
219 _('the key id to sign with'), _('ID')),
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
220 ('m', 'message', '',
21951
59af0b21ec31 doc: unify help text for "--message" option
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 21711
diff changeset
221 _('use text as commit message'), _('TEXT')),
21711
0986af9e7006 gpg: accept '--edit' like other commands creating new changeset
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 19444
diff changeset
222 ('e', 'edit', False, _('invoke editor on commit messages')),
14299
f3ba4125d9e9 gpg: use cmdutil.command decorator
Martin Geisler <mg@aragost.com>
parents: 14168
diff changeset
223 ] + commands.commitopts2,
16991
1aae34f109fd consistency: use REV instead of REVISION
Thomas Arendsen Hein <thomas@intevation.de>
parents: 16927
diff changeset
224 _('hg sign [OPTION]... [REV]...'))
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
225 def sign(ui, repo, *revs, **opts):
3916
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
226 """add a signature for the current or given revision
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
227
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
228 If no revision is given, the parent of the working directory is used,
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
229 or tip if no revision is checked out.
6163
1f733c2f0165 Document log date ranges and mention 'hg help dates' for all commands (issue998)
Thomas Arendsen Hein <thomas@intevation.de>
parents: 6139
diff changeset
230
25791
917be0574d7f gpg: mention undocumented options
Matt Mackall <mpm@selenic.com>
parents: 25660
diff changeset
231 The ``gpg.cmd`` config setting can be used to specify the command
917be0574d7f gpg: mention undocumented options
Matt Mackall <mpm@selenic.com>
parents: 25660
diff changeset
232 to run. A default key can be specified with ``gpg.key``.
917be0574d7f gpg: mention undocumented options
Matt Mackall <mpm@selenic.com>
parents: 25660
diff changeset
233
11193
687c7d395f20 Use our custom hg reStructuredText role some more
Martin Geisler <mg@aragost.com>
parents: 10532
diff changeset
234 See :hg:`help dates` for a list of formats valid for -d/--date.
3916
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
235 """
27814
a72735028336 with: use context manager for wlock in sign
Bryan O'Sullivan <bryano@fb.com>
parents: 27196
diff changeset
236 with repo.wlock():
27196
7b4a61570d61 gpg: make sign acquire wlock before processing
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 27117
diff changeset
237 return _dosign(ui, repo, *revs, **opts)
3916
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
238
27196
7b4a61570d61 gpg: make sign acquire wlock before processing
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 27117
diff changeset
239 def _dosign(ui, repo, *revs, **opts):
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
240 mygpg = newgpg(ui, **opts)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
241 sigver = "0"
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
242 sigmessage = ""
6139
989467e8e3a9 Fix bad behaviour when specifying an invalid date (issue700)
Thomas Arendsen Hein <thomas@intevation.de>
parents: 5475
diff changeset
243
989467e8e3a9 Fix bad behaviour when specifying an invalid date (issue700)
Thomas Arendsen Hein <thomas@intevation.de>
parents: 5475
diff changeset
244 date = opts.get('date')
989467e8e3a9 Fix bad behaviour when specifying an invalid date (issue700)
Thomas Arendsen Hein <thomas@intevation.de>
parents: 5475
diff changeset
245 if date:
989467e8e3a9 Fix bad behaviour when specifying an invalid date (issue700)
Thomas Arendsen Hein <thomas@intevation.de>
parents: 5475
diff changeset
246 opts['date'] = util.parsedate(date)
989467e8e3a9 Fix bad behaviour when specifying an invalid date (issue700)
Thomas Arendsen Hein <thomas@intevation.de>
parents: 5475
diff changeset
247
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
248 if revs:
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
249 nodes = [repo.lookup(n) for n in revs]
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
250 else:
3916
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
251 nodes = [node for node in repo.dirstate.parents()
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
252 if node != hgnode.nullid]
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
253 if len(nodes) > 1:
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25791
diff changeset
254 raise error.Abort(_('uncommitted merge - please provide a '
3916
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
255 'specific revision'))
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
256 if not nodes:
b1806b211910 Make 'hg sign' behave like other commands: Default to current parent.
Thomas Arendsen Hein <thomas@intevation.de>
parents: 2875
diff changeset
257 nodes = [repo.changelog.tip()]
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
258
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
259 for n in nodes:
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
260 hexnode = hgnode.hex(n)
16927
7922004a46b8 gpg: lowercase messages
Martin Geisler <mg@aragost.com>
parents: 16743
diff changeset
261 ui.write(_("signing %d:%s\n") % (repo.changelog.rev(n),
10510
f77f3383c666 i18n: mark more strings for translation
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 10394
diff changeset
262 hgnode.short(n)))
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
263 # build data
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
264 data = node2txt(repo, n, sigver)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
265 sig = mygpg.sign(data)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
266 if not sig:
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25791
diff changeset
267 raise error.Abort(_("error while signing"))
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
268 sig = binascii.b2a_base64(sig)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
269 sig = sig.replace("\n", "")
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
270 sigmessage += "%s %s %s\n" % (hexnode, sigver, sig)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
271
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
272 # write it
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
273 if opts['local']:
23877
7cc77030c557 localrepo: remove all external users of localrepo.opener
Angel Ezquerra <angel.ezquerra@gmail.com>
parents: 22683
diff changeset
274 repo.vfs.append("localsigs", sigmessage)
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
275 return
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
276
22682
9c89ac99690e gpg: move test of force before status call
Matt Mackall <mpm@selenic.com>
parents: 22681
diff changeset
277 if not opts["force"]:
9c89ac99690e gpg: move test of force before status call
Matt Mackall <mpm@selenic.com>
parents: 22681
diff changeset
278 msigs = match.exact(repo.root, '', ['.hgsigs'])
25149
3f0744eeaeaf cleanup: use __builtins__.any instead of util.any
Augie Fackler <augie@google.com>
parents: 23877
diff changeset
279 if any(repo.status(match=msigs, unknown=True, ignored=True)):
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25791
diff changeset
280 raise error.Abort(_("working copy of .hgsigs is changed "),
22683
f1872fdc1c3c gpg: use an abort hint and don't mention --force
Matt Mackall <mpm@selenic.com>
parents: 22682
diff changeset
281 hint=_("please commit .hgsigs manually"))
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
282
13400
14f3795a5ed7 explicitly close files
Dan Villiom Podlaski Christiansen <danchr@gmail.com>
parents: 12965
diff changeset
283 sigsfile = repo.wfile(".hgsigs", "ab")
14f3795a5ed7 explicitly close files
Dan Villiom Podlaski Christiansen <danchr@gmail.com>
parents: 12965
diff changeset
284 sigsfile.write(sigmessage)
14f3795a5ed7 explicitly close files
Dan Villiom Podlaski Christiansen <danchr@gmail.com>
parents: 12965
diff changeset
285 sigsfile.close()
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
286
4906
30847b8af7ca dirstate: add __contains__ and make __getitem__ more useful
Matt Mackall <mpm@selenic.com>
parents: 4730
diff changeset
287 if '.hgsigs' not in repo.dirstate:
11303
a1aad8333864 move working dir/dirstate methods from localrepo to workingctx
Dirkjan Ochtman <dirkjan@ochtman.nl>
parents: 11193
diff changeset
288 repo[None].add([".hgsigs"])
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
289
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
290 if opts["no_commit"]:
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
291 return
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
292
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
293 message = opts['message']
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
294 if not message:
9183
d0225fa2f6c4 do not translate commit messages
Martin Geisler <mg@lazybytes.net>
parents: 8934
diff changeset
295 # we don't translate commit messages
d0225fa2f6c4 do not translate commit messages
Martin Geisler <mg@lazybytes.net>
parents: 8934
diff changeset
296 message = "\n".join(["Added signature for changeset %s"
5475
3aa5c45874c6 gpg: use the same log message format as hg tag
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents: 5147
diff changeset
297 % hgnode.short(n)
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
298 for n in nodes])
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
299 try:
22001
135176a198d0 gpg: pass 'editform' argument to 'cmdutil.getcommiteditor'
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 21951
diff changeset
300 editor = cmdutil.getcommiteditor(editform='gpg.sign', **opts)
21711
0986af9e7006 gpg: accept '--edit' like other commands creating new changeset
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 19444
diff changeset
301 repo.commit(message, opts['user'], opts['date'], match=msigs,
22001
135176a198d0 gpg: pass 'editform' argument to 'cmdutil.getcommiteditor'
FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
parents: 21951
diff changeset
302 editor=editor)
25660
328739ea70c3 global: mass rewrite to use modern exception syntax
Gregory Szorc <gregory.szorc@gmail.com>
parents: 25186
diff changeset
303 except ValueError as inst:
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25791
diff changeset
304 raise error.Abort(str(inst))
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
305
19443
2a7fd31ac548 gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents: 19442
diff changeset
306 def shortkey(ui, key):
2a7fd31ac548 gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents: 19442
diff changeset
307 if len(key) != 16:
2a7fd31ac548 gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents: 19442
diff changeset
308 ui.debug("key ID \"%s\" format error\n" % key)
2a7fd31ac548 gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents: 19442
diff changeset
309 return key
2a7fd31ac548 gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents: 19442
diff changeset
310
2a7fd31ac548 gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents: 19442
diff changeset
311 return key[-8:]
2a7fd31ac548 gpg: add shortkey() to convert from long id to short
Wei, Elson <elson.wei@gmail.com>
parents: 19442
diff changeset
312
1592
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
313 def node2txt(repo, node, ver):
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
314 """map a manifest into some text"""
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
315 if ver == "0":
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
316 return "%s\n" % hgnode.hex(node)
347c44611348 gpg signing extension for hg
Benoit Boissinot <benoit.boissinot@ens-lyon.org>
parents:
diff changeset
317 else:
26587
56b2bcea2529 error: get Abort from 'error' instead of 'util'
Pierre-Yves David <pierre-yves.david@fb.com>
parents: 25791
diff changeset
318 raise error.Abort(_("unknown signature version"))