Mercurial > hg

view mercurial/exewrapper.c @ 29289:3536673a25ae

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslutil: move and change warning when cert verification is disabled A short time ago, validatesocket() didn't know the reasons why cert verification was disabled. Multiple code paths could lead to cert verification being disabled. e.g. --insecure and lack of loaded CAs. With the recent refactorings to sslutil.py, we now know the reasons behind security settings. This means we can recognize when the user requested security be disabled (as opposed to being unable to provide certificate verification due to lack of CAs). This patch moves the check for certificate verification being disabled and changes the wording to distinguish it from other states. The warning message is purposefully more dangerous sounding in order to help discourage people from disabling security outright. We may want to add a URL or hint to this message. I'm going to wait until additional changes to security defaults before committing to something.
author Gregory Szorc <gregory.szorc@gmail.com>
date Mon, 30 May 2016 13:15:53 -0700
parents 210bb28ca4fb
children 0241dd94ed38
line wrap: on
line source

/*
 exewrapper.c - wrapper for calling a python script on Windows

 Copyright 2012 Adrian Buehlmann <adrian@cadifra.com> and others

 This software may be used and distributed according to the terms of the
 GNU General Public License version 2 or any later version.
*/

#include <stdio.h>
#include <windows.h>

#include "hgpythonlib.h"

#ifdef __GNUC__
int strcat_s(char *d, size_t n, const char *s)
{
	return !strncat(d, s, n);
}
int strcpy_s(char *d, size_t n, const char *s)
{
	return !strncpy(d, s, n);
}
#endif


static char pyscript[MAX_PATH + 10];
static char pyhome[MAX_PATH + 10];
static char envpyhome[MAX_PATH + 10];
static char pydllfile[MAX_PATH + 10];

int main(int argc, char *argv[])
{
	char *p;
	int ret;
	int i;
	int n;
	char **pyargv;
	WIN32_FIND_DATA fdata;
	HANDLE hfind;
	const char *err;
	HMODULE pydll;
	void (__cdecl *Py_SetPythonHome)(char *home);
	int (__cdecl *Py_Main)(int argc, char *argv[]);

	if (GetModuleFileName(NULL, pyscript, sizeof(pyscript)) == 0)
	{
		err = "GetModuleFileName failed";
		goto bail;
	}

	p = strrchr(pyscript, '.');
	if (p == NULL) {
		err = "malformed module filename";
		goto bail;
	}
	*p = 0; /* cut trailing ".exe" */
	strcpy_s(pyhome, sizeof(pyhome), pyscript);

	hfind = FindFirstFile(pyscript, &fdata);
	if (hfind != INVALID_HANDLE_VALUE) {
		/* pyscript exists, close handle */
		FindClose(hfind);
	} else {
		/* file pyscript isn't there, take <pyscript>exe.py */
		strcat_s(pyscript, sizeof(pyscript), "exe.py");
	}

	pydll = NULL;
	/*
	We first check, that environment variable PYTHONHOME is *not* set.
	This just mimicks the behavior of the regular python.exe, which uses
	PYTHONHOME to find its installation directory (if it has been set).
	Note: Users of HackableMercurial are expected to *not* set PYTHONHOME!
	*/
	if (GetEnvironmentVariable("PYTHONHOME", envpyhome,
				   sizeof(envpyhome)) == 0)
	{
		/*
		Environment var PYTHONHOME is *not* set. Let's see if we are
		running inside a HackableMercurial.
		*/

		p = strrchr(pyhome, '\\');
		if (p == NULL) {
			err = "can't find backslash in module filename";
			goto bail;
		}
		*p = 0; /* cut at directory */

		/* check for private Python of HackableMercurial */
		strcat_s(pyhome, sizeof(pyhome), "\\hg-python");

		hfind = FindFirstFile(pyhome, &fdata);
		if (hfind != INVALID_HANDLE_VALUE) {
			/* path pyhome exists, let's use it */
			FindClose(hfind);
			strcpy_s(pydllfile, sizeof(pydllfile), pyhome);
			strcat_s(pydllfile, sizeof(pydllfile),
				 "\\" HGPYTHONLIB ".dll");
			pydll = LoadLibrary(pydllfile);
			if (pydll == NULL) {
				err = "failed to load private Python DLL "
				      HGPYTHONLIB ".dll";
				goto bail;
			}
			Py_SetPythonHome = (void*)GetProcAddress(pydll,
							"Py_SetPythonHome");
			if (Py_SetPythonHome == NULL) {
				err = "failed to get Py_SetPythonHome";
				goto bail;
			}
			Py_SetPythonHome(pyhome);
		}
	}

	if (pydll == NULL) {
		pydll = LoadLibrary(HGPYTHONLIB ".dll");
		if (pydll == NULL) {
			err = "failed to load Python DLL " HGPYTHONLIB ".dll";
			goto bail;
		}
	}

	Py_Main = (void*)GetProcAddress(pydll, "Py_Main");
	if (Py_Main == NULL) {
		err = "failed to get Py_Main";
		goto bail;
	}

	/*
	Only add the pyscript to the args, if it's not already there. It may
	already be there, if the script spawned a child process of itself, in
	the same way as it got called, that is, with the pyscript already in
	place. So we optionally accept the pyscript as the first argument
	(argv[1]), letting our exe taking the role of the python interpreter.
	*/
	if (argc >= 2 && strcmp(argv[1], pyscript) == 0) {
		/*
		pyscript is already in the args, so there is no need to copy
		the args and we can directly call the python interpreter with
		the original args.
		*/
		return Py_Main(argc, argv);
	}

	/*
	Start assembling the args for the Python interpreter call. We put the
	name of our exe (argv[0]) in the position where the python.exe
	canonically is, and insert the pyscript next.
	*/
	pyargv = malloc((argc + 5) * sizeof(char*));
	if (pyargv == NULL) {
		err = "not enough memory";
		goto bail;
	}
	n = 0;
	pyargv[n++] = argv[0];
	pyargv[n++] = pyscript;

	/* copy remaining args from the command line */
	for (i = 1; i < argc; i++)
		pyargv[n++] = argv[i];
	/* argv[argc] is guaranteed to be NULL, so we forward that guarantee */
	pyargv[n] = NULL;

	ret = Py_Main(n, pyargv); /* The Python interpreter call */

	free(pyargv);
	return ret;

bail:
	fprintf(stderr, "abort: %s\n", err);
	return 255;
}