Mercurial > hg

diff mercurial/httpconnection.py @ 15005:4a43e23b8c55 stable 1.9.1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hgweb: do not ignore [auth] if url has a username (issue2822) The [auth] section was ignored when handling URLs like: http://user@example.com/foo Instead, we look in [auth] for an entry matching the URL and supplied user name. Entries without username can match URL with a username. Prefix length ties are resolved in favor of entries matching the username. With: foo.prefix = http://example.org foo.username = user foo.password = password bar.prefix = http://example.org/bar and the input URL: http://user@example.org/bar the 'bar' entry will be selected because of prefix length, therefore prompting for a password. This behaviour ensure that entries selection is consistent when looking for credentials or for certificates, and that certificates can be picked even if their entries do no define usernames while the URL does. Additionally, entries without a username matched against a username are returned as if they did have requested username set to avoid prompting again for a username if the password is not set. v2: reparse the URL in readauthforuri() to handle HTTP and HTTPS similarly. v3: allow unset usernames to match URL usernames to pick certificates. Resolve prefix length ties in favor of entries with usernames.
author Patrick Mezard <pmezard@gmail.com>
date Mon, 01 Aug 2011 23:58:50 +0200
parents c864f5e743ef
children 0593e8f81c71
line wrap: on
line diff
--- a/mercurial/httpconnection.py	Sun Jul 31 01:46:52 2011 +0200
+++ b/mercurial/httpconnection.py	Mon Aug 01 23:58:50 2011 +0200
@@ -72,10 +72,19 @@
         gdict[setting] = val
 
     # Find the best match
+    uri = util.url(uri)
+    user = uri.user
+    uri.user = uri.password = None
+    uri = str(uri)
     scheme, hostpath = uri.split('://', 1)
+    bestuser = None
     bestlen = 0
     bestauth = None
     for group, auth in config.iteritems():
+        if user and user != auth.get('username', user):
+            # If a username was set in the URI, the entry username
+            # must either match it or be unset
+            continue
         prefix = auth.get('prefix')
         if not prefix:
             continue
@@ -85,9 +94,14 @@
         else:
             schemes = (auth.get('schemes') or 'https').split()
         if (prefix == '*' or hostpath.startswith(prefix)) and \
-            len(prefix) > bestlen and scheme in schemes:
+            (len(prefix) > bestlen or (len(prefix) == bestlen and \
+                not bestuser and 'username' in auth)) \
+             and scheme in schemes:
             bestlen = len(prefix)
             bestauth = group, auth
+            bestuser = auth.get('username')
+            if user and not bestuser:
+                auth['username'] = user
     return bestauth
 
 # Mercurial (at least until we can remove the old codepath) requires