Mercurial > hg
view hgext/largefiles/localstore.py @ 29559:7dec5e441bf7
sslutil: config option to specify TLS protocol version
Currently, Mercurial will use TLS 1.0 or newer when connecting to
remote servers, selecting the highest TLS version supported by both
peers. On older Pythons, only TLS 1.0 is available. On newer Pythons,
TLS 1.1 and 1.2 should be available.
Security-minded people may want to not take any risks running
TLS 1.0 (or even TLS 1.1). This patch gives those people a config
option to explicitly control which TLS versions Mercurial should use.
By providing this option, one can require newer TLS versions
before they are formally deprecated by Mercurial/Python/OpenSSL/etc
and lower their security exposure. This option also provides an
easy mechanism to change protocol policies in Mercurial. If there
is a 0-day and TLS 1.0 is completely broken, we can act quickly
without changing much code.
Because setting the minimum TLS protocol is something you'll likely
want to do globally, this patch introduces a global config option under
[hostsecurity] for that purpose.
wrapserversocket() has been taught a hidden config option to define
the explicit protocol to use. This is queried in this function and
not passed as an argument because I don't want to expose this dangerous
option as part of the Python API. There is a risk someone could footgun
themselves. But the config option is a devel option, has a warning
comment, and I doubt most people are using `hg serve` to run a
production HTTPS server (I would have something not Mercurial/Python
handle TLS). If this is problematic, we can go back to using a
custom extension in tests to coerce the server into bad behavior.
| author | Gregory Szorc <gregory.szorc@gmail.com> |
|---|---|
| date | Thu, 14 Jul 2016 20:47:22 -0700 |
| parents | ecbbf4d56ee8 |
| children | 736f92c44656 |
line wrap: on
line source
# Copyright 2009-2010 Gregory P. Ward # Copyright 2009-2010 Intelerad Medical Systems Incorporated # Copyright 2010-2011 Fog Creek Software # Copyright 2010-2011 Unity Technologies # # This software may be used and distributed according to the terms of the # GNU General Public License version 2 or any later version. '''store class for local filesystem''' from __future__ import absolute_import from mercurial.i18n import _ from . import ( basestore, lfutil, ) class localstore(basestore.basestore): '''localstore first attempts to grab files out of the store in the remote Mercurial repository. Failing that, it attempts to grab the files from the user cache.''' def __init__(self, ui, repo, remote): self.remote = remote.local() super(localstore, self).__init__(ui, repo, self.remote.url()) def put(self, source, hash): if lfutil.instore(self.remote, hash): return lfutil.link(source, lfutil.storepath(self.remote, hash)) def exists(self, hashes): retval = {} for hash in hashes: retval[hash] = lfutil.instore(self.remote, hash) return retval def _getfile(self, tmpfile, filename, hash): path = lfutil.findfile(self.remote, hash) if not path: raise basestore.StoreError(filename, hash, self.url, _("can't get file locally")) with open(path, 'rb') as fd: return lfutil.copyandhash(fd, tmpfile) def _verifyfiles(self, contents, filestocheck): failed = False for cset, filename, expectedhash in filestocheck: storepath, exists = lfutil.findstorepath(self.repo, expectedhash) if not exists: storepath, exists = lfutil.findstorepath( self.remote, expectedhash) if not exists: self.ui.warn( _('changeset %s: %s references missing %s\n') % (cset, filename, storepath)) failed = True elif contents: actualhash = lfutil.hashfile(storepath) if actualhash != expectedhash: self.ui.warn( _('changeset %s: %s references corrupted %s\n') % (cset, filename, storepath)) failed = True return failed