# HG changeset patch # User Matt Harbison # Date 1542408996 18000 # Node ID c53f0ead5781d5e90e7aa2dc2ad79c4755e4c342 # Parent 93e5d18251d61b8abb2f6c6c9828a1c2f4f6fb57 http: allow 'auth.prefix' to have a username consistent with the URI It may be a little weird to put a username in the prefix, but the documentation doesn't disallow it, and silently disallowing it has caused confusion[1]. The username must match what is passed in (which seems to be from the URI via a circuitous route), as well as 'auth.username' if it was specified. I thought about printing a warning for a mismatch, but we already don't print a warning if the 'auth.username' and URI username don't match. This change allows the first and second last new test cases to work as expected. It looks like this would have been a problem since at least 0593e8f81c71. [1] https://www.mercurial-scm.org/pipermail/mercurial/2018-November/051069.html diff -r 93e5d18251d6 -r c53f0ead5781 mercurial/httpconnection.py --- a/mercurial/httpconnection.py Thu Nov 15 18:14:57 2018 -0500 +++ b/mercurial/httpconnection.py Fri Nov 16 17:56:36 2018 -0500 @@ -92,6 +92,18 @@ prefix = auth.get('prefix') if not prefix: continue + + prefixurl = util.url(prefix) + if prefixurl.user and prefixurl.user != user: + # If a username was set in the prefix, it must match the username in + # the URI. + continue + + # The URI passed in has been stripped of credentials, so erase the user + # here to allow simpler matching. + prefixurl.user = None + prefix = bytes(prefixurl) + p = prefix.split('://', 1) if len(p) > 1: schemes, prefix = [p[0]], p[1] diff -r 93e5d18251d6 -r c53f0ead5781 tests/test-hgweb-auth.py --- a/tests/test-hgweb-auth.py Thu Nov 15 18:14:57 2018 -0500 +++ b/tests/test-hgweb-auth.py Fri Nov 16 17:56:36 2018 -0500 @@ -104,6 +104,39 @@ 'y.password': 'ypassword'}, urls=['http://y@example.org/foo/bar']) +print('\n*** Test user matching with name in prefix\n') + +# prefix, username and URL have the same user +test({'x.prefix': 'https://example.org/foo', + 'x.username': None, + 'x.password': 'xpassword', + 'y.prefix': 'http://y@example.org/foo', + 'y.username': 'y', + 'y.password': 'ypassword'}, + urls=['http://y@example.org/foo']) +# Prefix has a different user from username and URL +test({'y.prefix': 'http://z@example.org/foo', + 'y.username': 'y', + 'y.password': 'ypassword'}, + urls=['http://y@example.org/foo']) +# Prefix has a different user from URL; no username +test({'y.prefix': 'http://z@example.org/foo', + 'y.password': 'ypassword'}, + urls=['http://y@example.org/foo']) +# Prefix and URL have same user, but doesn't match username +test({'y.prefix': 'http://y@example.org/foo', + 'y.username': 'z', + 'y.password': 'ypassword'}, + urls=['http://y@example.org/foo']) +# Prefix and URL have the same user; no username +test({'y.prefix': 'http://y@example.org/foo', + 'y.password': 'ypassword'}, + urls=['http://y@example.org/foo']) +# Prefix user, but no URL user or username +test({'y.prefix': 'http://y@example.org/foo', + 'y.password': 'ypassword'}, + urls=['http://example.org/foo']) + def testauthinfo(fullurl, authurl): print('URIs:', fullurl, authurl) pm = urlreq.httppasswordmgrwithdefaultrealm() diff -r 93e5d18251d6 -r c53f0ead5781 tests/test-hgweb-auth.py.out --- a/tests/test-hgweb-auth.py.out Thu Nov 15 18:14:57 2018 -0500 +++ b/tests/test-hgweb-auth.py.out Fri Nov 16 17:56:36 2018 -0500 @@ -190,6 +190,27 @@ URI: http://y@example.org/foo/bar ('y', 'xpassword') +*** Test user matching with name in prefix + +CFG: {b'x.password': b'xpassword', b'x.prefix': b'https://example.org/foo', b'x.username': None, b'y.password': b'ypassword', b'y.prefix': b'http://y@example.org/foo', b'y.username': b'y'} +URI: http://y@example.org/foo + ('y', 'ypassword') +CFG: {b'y.password': b'ypassword', b'y.prefix': b'http://z@example.org/foo', b'y.username': b'y'} +URI: http://y@example.org/foo + abort +CFG: {b'y.password': b'ypassword', b'y.prefix': b'http://z@example.org/foo'} +URI: http://y@example.org/foo + abort +CFG: {b'y.password': b'ypassword', b'y.prefix': b'http://y@example.org/foo', b'y.username': b'z'} +URI: http://y@example.org/foo + abort +CFG: {b'y.password': b'ypassword', b'y.prefix': b'http://y@example.org/foo'} +URI: http://y@example.org/foo + ('y', 'ypassword') +CFG: {b'y.password': b'ypassword', b'y.prefix': b'http://y@example.org/foo'} +URI: http://example.org/foo + abort + *** Test urllib2 and util.url URIs: http://user@example.com:8080/foo http://example.com:8080/foo