serve, HTTPS, Python 2.7, pyOpenSSL, and test-https.t
Mads Kiilerich
mads at kiilerich.com
Sat Oct 16 21:37:23 CDT 2010
I have pushed some HTTPS fixes and tests to crew. HTTPS serve was
untested and broken but is now fixed and tested - and used for testing
HTTPS urls.
I can however only make HTTPS serve work on Python 2.6, so the tests
will not be run with 2.7 (and 2.4 and 2.5).
We haven't got any reports yet, but perhaps we should mention it
somewhere if we can't/won't make HTTPS serve work on Python 2.7.
With Python2.7 and pyOpenSSL-0.9 or 0.10 built/installed from source and
openssl-1.0.0a-2.fc14.i686 I get:
$ ./hg serve -v -p 1234 --certificate=/tmp/server.pem
listening at http://localhost6.localdomain6:1234/ (bound to *:1234)
127.0.0.1 - - [17/Oct/2010 03:07:47] "GET
/?pairs=0000000000000000000000000000000000000000-0000000000000000000000000000000000000000&cmd=between
HTTP/1.1" 200 -
127.0.0.1 - - [17/Oct/2010 03:07:47] "GET
/?pairs=0000000000000000000000000000000000000000-0000000000000000000000000000000000000000&cmd=between
HTTP/1.1" 500 -
----------------------------------------
Exception happened during processing of request from ('127.0.0.1', 59607)
Traceback (most recent call last):
File "/tmp/py27/lib/python2.7/SocketServer.py", line 582, in
process_request_thread
self.finish_request(request, client_address)
File "/tmp/py27/lib/python2.7/SocketServer.py", line 323, in
finish_request
self.RequestHandlerClass(request, client_address, self)
File "/home/mk/src/hg/mercurial/hgweb/server.py", line 42, in __init__
BaseHTTPServer.BaseHTTPRequestHandler.__init__(self, *args, **kargs)
File "/tmp/py27/lib/python2.7/SocketServer.py", line 641, in __init__
self.finish()
File "/tmp/py27/lib/python2.7/SocketServer.py", line 694, in finish
self.wfile.flush()
File "/tmp/py27/lib/python2.7/socket.py", line 301, in flush
self._sock.sendall(view[write_offset:write_offset+buffer_size])
TypeError: must be string or read-only buffer, not memoryview
----------------------------------------
Exception in thread Thread-1:
Traceback (most recent call last):
File "/tmp/py27/lib/python2.7/threading.py", line 530, in
__bootstrap_inner
self.run()
File "/tmp/py27/lib/python2.7/threading.py", line 483, in run
self.__target(*self.__args, **self.__kwargs)
File "/tmp/py27/lib/python2.7/SocketServer.py", line 586, in
process_request_thread
self.shutdown_request(request)
File "/tmp/py27/lib/python2.7/SocketServer.py", line 459, in
shutdown_request
request.shutdown(socket.SHUT_WR)
TypeError: shutdown() takes exactly 0 arguments (1 given)
- when I run:
$ hg clone https://localhost:1234/
Can anyone confirm this and figure out what is going on? Do we use
pyOpenSSL correctly?
My theory is that pyOpenSSL needs a fix similar to
http://bugs.python.org/issue7133 and/or doesn't support Python 2.7.
I haven't been able to compile/install pyOpenSSL 0.11a1.
/Mads
$ cat /tmp/server.pem
-----BEGIN PRIVATE KEY-----
MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEApjCWeYGrIa/Vo7LH
aRF8ou0tbgHKE33Use/whCnKEUm34rDaXQd4lxxX6aDWg06n9tiVStAKTgQAHJY8
j/xgSwIDAQABAkBxHC6+Qlf0VJXGlb6NL16yEVVTQxqDS6hA9zqu6TZjrr0YMfzc
EGNIiZGt7HCBL0zO+cPDg/LeCZc6HQhf0KrhAiEAzlJq4hWWzvguWFIJWSoBeBUG
MF1ACazQO7PYE8M0qfECIQDONHHP0SKZzz/ZwBZcAveC5K61f/v9hONFwbeYulzR
+wIgc9SvbtgB/5Yzpp//4ZAEnR7oh5SClCvyB+KSx52K3nECICbhQphhoXmI10wy
aMTellaq0bpNMHFDziqH9RsqAHhjAiEAgYGxfzkftt5IUUn/iFK89aaIpyrpuaAh
HY8gUVkVRVs=
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIBqzCCAVWgAwIBAgIJANAXFFyWjGnRMA0GCSqGSIb3DQEBBQUAMDExEjAQBgNV
BAMMCWxvY2FsaG9zdDEbMBkGCSqGSIb3DQEJARYMaGdAbG9jYWxob3N0MB4XDTEw
MTAxNDIwMzAxNFoXDTM1MDYwNTIwMzAxNFowMTESMBAGA1UEAwwJbG9jYWxob3N0
MRswGQYJKoZIhvcNAQkBFgxoZ0Bsb2NhbGhvc3QwXDANBgkqhkiG9w0BAQEFAANL
ADBIAkEApjCWeYGrIa/Vo7LHaRF8ou0tbgHKE33Use/whCnKEUm34rDaXQd4lxxX
6aDWg06n9tiVStAKTgQAHJY8j/xgSwIDAQABo1AwTjAdBgNVHQ4EFgQUE6sA+amm
r24dGX0kpjxOgO45hzQwHwYDVR0jBBgwFoAUE6sA+ammr24dGX0kpjxOgO45hzQw
DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAANBAFArvQFiAZJgQczRsbYlG1xl
t+truk37w5B3m3Ick1ntRcQrqs+hf0CO1q6Squ144geYaQ8CDirSR92fICELI1c=
-----END CERTIFICATE-----
$ openssl x509 -in /tmp/server.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d0:17:14:5c:96:8c:69:d1
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=localhost/emailAddress=hg at localhost
Validity
Not Before: Oct 14 20:30:14 2010 GMT
Not After : Jun 5 20:30:14 2035 GMT
Subject: CN=localhost/emailAddress=hg at localhost
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (512 bit)
Modulus:
00:a6:30:96:79:81:ab:21:af:d5:a3:b2:c7:69:11:
7c:a2:ed:2d:6e:01:ca:13:7d:d4:b1:ef:f0:84:29:
ca:11:49:b7:e2:b0:da:5d:07:78:97:1c:57:e9:a0:
d6:83:4e:a7:f6:d8:95:4a:d0:0a:4e:04:00:1c:96:
3c:8f:fc:60:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:AB:00:F9:A9:A6:AF:6E:1D:19:7D:24:A6:3C:4E:80:EE:39:87:34
X509v3 Authority Key Identifier:
keyid:13:AB:00:F9:A9:A6:AF:6E:1D:19:7D:24:A6:3C:4E:80:EE:39:87:34
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
50:2b:bd:01:62:01:92:60:41:cc:d1:b1:b6:25:1b:5c:65:b7:
eb:6b:ba:4d:fb:c3:90:77:9b:72:1c:93:59:ed:45:c4:2b:aa:
cf:a1:7f:40:8e:d6:ae:92:aa:ed:78:e2:07:98:69:0f:02:0e:
2a:d2:47:dd:9f:20:21:0b:23:57
-----BEGIN CERTIFICATE-----
MIIBqzCCAVWgAwIBAgIJANAXFFyWjGnRMA0GCSqGSIb3DQEBBQUAMDExEjAQBgNV
BAMMCWxvY2FsaG9zdDEbMBkGCSqGSIb3DQEJARYMaGdAbG9jYWxob3N0MB4XDTEw
MTAxNDIwMzAxNFoXDTM1MDYwNTIwMzAxNFowMTESMBAGA1UEAwwJbG9jYWxob3N0
MRswGQYJKoZIhvcNAQkBFgxoZ0Bsb2NhbGhvc3QwXDANBgkqhkiG9w0BAQEFAANL
ADBIAkEApjCWeYGrIa/Vo7LHaRF8ou0tbgHKE33Use/whCnKEUm34rDaXQd4lxxX
6aDWg06n9tiVStAKTgQAHJY8j/xgSwIDAQABo1AwTjAdBgNVHQ4EFgQUE6sA+amm
r24dGX0kpjxOgO45hzQwHwYDVR0jBBgwFoAUE6sA+ammr24dGX0kpjxOgO45hzQw
DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAANBAFArvQFiAZJgQczRsbYlG1xl
t+truk37w5B3m3Ick1ntRcQrqs+hf0CO1q6Squ144geYaQ8CDirSR92fICELI1c=
-----END CERTIFICATE-----
More information about the Mercurial-devel
mailing list