D4776: wireprotov2: client support for advertising redirect targets
indygreg (Gregory Szorc)
phabricator at mercurial-scm.org
Wed Oct 3 15:30:22 UTC 2018
This revision was automatically updated to reflect the committed changes.
Closed by commit rHG86b22a4cfab1: wireprotov2: client support for advertising redirect targets (authored by indygreg, committed by ).
REPOSITORY
rHG Mercurial
CHANGES SINCE LAST UPDATE
https://phab.mercurial-scm.org/D4776?vs=11447&id=11627
REVISION DETAIL
https://phab.mercurial-scm.org/D4776
AFFECTED FILES
mercurial/httppeer.py
mercurial/wireprotoframing.py
mercurial/wireprotov2peer.py
tests/test-wireproto-clientreactor.py
tests/test-wireproto-content-redirects.t
CHANGE DETAILS
diff --git a/tests/test-wireproto-content-redirects.t b/tests/test-wireproto-content-redirects.t
--- a/tests/test-wireproto-content-redirects.t
+++ b/tests/test-wireproto-content-redirects.t
@@ -57,16 +57,17 @@
s> Content-Length: 1970\r\n
s> \r\n
s> \xa3GapibaseDapi/Dapis\xa1Pexp-http-v2-0002\xa6Hcommands\xaaIbranchmap\xa2Dargs\xa0Kpermissions\x81DpullLcapabilities\xa2Dargs\xa0Kpermissions\x81DpullMchangesetdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x84IbookmarksGparentsEphaseHrevisionInoderange\xa3Gdefault\xf6Hrequired\xf4DtypeDlistEnodes\xa3Gdefault\xf6Hrequired\xf4DtypeDlistJnodesdepth\xa3Gdefault\xf6Hrequired\xf4DtypeCintKpermissions\x81DpullHfiledata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDpath\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullEheads\xa2Dargs\xa1Jpubliconly\xa3Gdefault\xf4Hrequired\xf4DtypeDboolKpermissions\x81DpullEknown\xa2Dargs\xa1Enodes\xa3Gdefault\x80Hrequired\xf4DtypeDlistKpermissions\x81DpullHlistkeys\xa2Dargs\xa1Inamespace\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullFlookup\xa2Dargs\xa1Ckey\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullLmanifestdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDtree\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullGpushkey\xa2Dargs\xa4Ckey\xa2Hrequired\xf5DtypeEbytesInamespace\xa2Hrequired\xf5DtypeEbytesCnew\xa2Hrequired\xf5DtypeEbytesCold\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpushKcompression\x82\xa1DnameDzstd\xa1DnameDzlibQframingmediatypes\x81X&application/mercurial-exp-framing-0005Rpathfilterprefixes\xd9\x01\x02\x82Epath:Lrootfilesin:Nrawrepoformats\x82LgeneraldeltaHrevlogv1Hredirect\xa2Fhashes\x82Fsha256Dsha1Gtargets\x81\xa5DnameHtarget-aHprotocolDhttpKsnirequired\xf4Ktlsversions\x82C1.2C1.3Duris\x81Shttp://example.com/Nv1capabilitiesY\x01\xd8batch branchmap $USUAL_BUNDLE2_CAPS$ changegroupsubset compression=$BUNDLE2_COMPRESSIONS$ getbundle httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx known lookup pushkey streamreqs=generaldelta,revlogv1 unbundle=HG10GZ,HG10BZ,HG10UN unbundlehash
+ (remote redirect target target-a is compatible)
sending capabilities command
s> POST /api/exp-http-v2-0002/ro/capabilities HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> accept: application/mercurial-exp-framing-0005\r\n
s> content-type: application/mercurial-exp-framing-0005\r\n
- s> content-length: 27\r\n
+ s> content-length: 75\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> user-agent: Mercurial debugwireproto\r\n
s> \r\n
- s> \x13\x00\x00\x01\x00\x01\x01\x11\xa1DnameLcapabilities
+ s> C\x00\x00\x01\x00\x01\x01\x11\xa2DnameLcapabilitiesHredirect\xa2Fhashes\x82Fsha256Dsha1Gtargets\x81Htarget-a
s> makefile('rb', None)
s> HTTP/1.1 200 OK\r\n
s> Server: testing stub value\r\n
@@ -308,6 +309,8 @@
}
]
+Unknown protocol is filtered from compatible targets
+
$ cat > redirects.py << EOF
> [
> {
@@ -344,16 +347,18 @@
s> Content-Length: 1997\r\n
s> \r\n
s> \xa3GapibaseDapi/Dapis\xa1Pexp-http-v2-0002\xa6Hcommands\xaaIbranchmap\xa2Dargs\xa0Kpermissions\x81DpullLcapabilities\xa2Dargs\xa0Kpermissions\x81DpullMchangesetdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x84IbookmarksGparentsEphaseHrevisionInoderange\xa3Gdefault\xf6Hrequired\xf4DtypeDlistEnodes\xa3Gdefault\xf6Hrequired\xf4DtypeDlistJnodesdepth\xa3Gdefault\xf6Hrequired\xf4DtypeCintKpermissions\x81DpullHfiledata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDpath\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullEheads\xa2Dargs\xa1Jpubliconly\xa3Gdefault\xf4Hrequired\xf4DtypeDboolKpermissions\x81DpullEknown\xa2Dargs\xa1Enodes\xa3Gdefault\x80Hrequired\xf4DtypeDlistKpermissions\x81DpullHlistkeys\xa2Dargs\xa1Inamespace\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullFlookup\xa2Dargs\xa1Ckey\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullLmanifestdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDtree\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullGpushkey\xa2Dargs\xa4Ckey\xa2Hrequired\xf5DtypeEbytesInamespace\xa2Hrequired\xf5DtypeEbytesCnew\xa2Hrequired\xf5DtypeEbytesCold\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpushKcompression\x82\xa1DnameDzstd\xa1DnameDzlibQframingmediatypes\x81X&application/mercurial-exp-framing-0005Rpathfilterprefixes\xd9\x01\x02\x82Epath:Lrootfilesin:Nrawrepoformats\x82LgeneraldeltaHrevlogv1Hredirect\xa2Fhashes\x82Fsha256Dsha1Gtargets\x82\xa3DnameHtarget-aHprotocolDhttpDuris\x81Shttp://example.com/\xa3DnameHtarget-bHprotocolGunknownDuris\x81Vunknown://example.com/Nv1capabilitiesY\x01\xd8batch branchmap $USUAL_BUNDLE2_CAPS$ changegroupsubset compression=$BUNDLE2_COMPRESSIONS$ getbundle httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx known lookup pushkey streamreqs=generaldelta,revlogv1 unbundle=HG10GZ,HG10BZ,HG10UN unbundlehash
+ (remote redirect target target-a is compatible)
+ (remote redirect target target-b uses unsupported protocol: unknown)
sending capabilities command
s> POST /api/exp-http-v2-0002/ro/capabilities HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> accept: application/mercurial-exp-framing-0005\r\n
s> content-type: application/mercurial-exp-framing-0005\r\n
- s> content-length: 27\r\n
+ s> content-length: 75\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> user-agent: Mercurial debugwireproto\r\n
s> \r\n
- s> \x13\x00\x00\x01\x00\x01\x01\x11\xa1DnameLcapabilities
+ s> C\x00\x00\x01\x00\x01\x01\x11\xa2DnameLcapabilitiesHredirect\xa2Fhashes\x82Fsha256Dsha1Gtargets\x81Htarget-a
s> makefile('rb', None)
s> HTTP/1.1 200 OK\r\n
s> Server: testing stub value\r\n
@@ -597,5 +602,586 @@
}
]
+Missing SNI support filters targets that require SNI
+
+ $ cat > nosni.py << EOF
+ > from mercurial import sslutil
+ > sslutil.hassni = False
+ > EOF
+ $ cat >> $HGRCPATH << EOF
+ > [extensions]
+ > nosni=`pwd`/nosni.py
+ > EOF
+
+ $ cat > redirects.py << EOF
+ > [
+ > {
+ > b'name': b'target-bad-tls',
+ > b'protocol': b'https',
+ > b'uris': [b'https://example.com/'],
+ > b'snirequired': True,
+ > },
+ > ]
+ > EOF
+
+ $ sendhttpv2peerhandshake << EOF
+ > command capabilities
+ > EOF
+ creating http peer for wire protocol version 2
+ s> GET /?cmd=capabilities HTTP/1.1\r\n
+ s> Accept-Encoding: identity\r\n
+ s> vary: X-HgProto-1,X-HgUpgrade-1\r\n
+ s> x-hgproto-1: cbor\r\n
+ s> x-hgupgrade-1: exp-http-v2-0002\r\n
+ s> accept: application/mercurial-0.1\r\n
+ s> host: $LOCALIP:$HGPORT\r\n (glob)
+ s> user-agent: Mercurial debugwireproto\r\n
+ s> \r\n
+ s> makefile('rb', None)
+ s> HTTP/1.1 200 OK\r\n
+ s> Server: testing stub value\r\n
+ s> Date: $HTTP_DATE$\r\n
+ s> Content-Type: application/mercurial-cbor\r\n
+ s> Content-Length: 1957\r\n
+ s> \r\n
+ s> \xa3GapibaseDapi/Dapis\xa1Pexp-http-v2-0002\xa6Hcommands\xaaIbranchmap\xa2Dargs\xa0Kpermissions\x81DpullLcapabilities\xa2Dargs\xa0Kpermissions\x81DpullMchangesetdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x84IbookmarksGparentsEphaseHrevisionInoderange\xa3Gdefault\xf6Hrequired\xf4DtypeDlistEnodes\xa3Gdefault\xf6Hrequired\xf4DtypeDlistJnodesdepth\xa3Gdefault\xf6Hrequired\xf4DtypeCintKpermissions\x81DpullHfiledata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDpath\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullEheads\xa2Dargs\xa1Jpubliconly\xa3Gdefault\xf4Hrequired\xf4DtypeDboolKpermissions\x81DpullEknown\xa2Dargs\xa1Enodes\xa3Gdefault\x80Hrequired\xf4DtypeDlistKpermissions\x81DpullHlistkeys\xa2Dargs\xa1Inamespace\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullFlookup\xa2Dargs\xa1Ckey\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullLmanifestdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDtree\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullGpushkey\xa2Dargs\xa4Ckey\xa2Hrequired\xf5DtypeEbytesInamespace\xa2Hrequired\xf5DtypeEbytesCnew\xa2Hrequired\xf5DtypeEbytesCold\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpushKcompression\x82\xa1DnameDzstd\xa1DnameDzlibQframingmediatypes\x81X&application/mercurial-exp-framing-0005Rpathfilterprefixes\xd9\x01\x02\x82Epath:Lrootfilesin:Nrawrepoformats\x82LgeneraldeltaHrevlogv1Hredirect\xa2Fhashes\x82Fsha256Dsha1Gtargets\x81\xa4DnameNtarget-bad-tlsHprotocolEhttpsKsnirequired\xf5Duris\x81Thttps://example.com/Nv1capabilitiesY\x01\xd8batch branchmap $USUAL_BUNDLE2_CAPS$ changegroupsubset compression=$BUNDLE2_COMPRESSIONS$ getbundle httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx known lookup pushkey streamreqs=generaldelta,revlogv1 unbundle=HG10GZ,HG10BZ,HG10UN unbundlehash
+ (redirect target target-bad-tls requires SNI, which is unsupported)
+ sending capabilities command
+ s> POST /api/exp-http-v2-0002/ro/capabilities HTTP/1.1\r\n
+ s> Accept-Encoding: identity\r\n
+ s> accept: application/mercurial-exp-framing-0005\r\n
+ s> content-type: application/mercurial-exp-framing-0005\r\n
+ s> content-length: 66\r\n
+ s> host: $LOCALIP:$HGPORT\r\n (glob)
+ s> user-agent: Mercurial debugwireproto\r\n
+ s> \r\n
+ s> :\x00\x00\x01\x00\x01\x01\x11\xa2DnameLcapabilitiesHredirect\xa2Fhashes\x82Fsha256Dsha1Gtargets\x80
+ s> makefile('rb', None)
+ s> HTTP/1.1 200 OK\r\n
+ s> Server: testing stub value\r\n
+ s> Date: $HTTP_DATE$\r\n
+ s> Content-Type: application/mercurial-exp-framing-0005\r\n
+ s> Transfer-Encoding: chunked\r\n
+ s> \r\n
+ s> 13\r\n
+ s> \x0b\x00\x00\x01\x00\x02\x011
+ s> \xa1FstatusBok
+ s> \r\n
+ received frame(size=11; request=1; stream=2; streamflags=stream-begin; type=command-response; flags=continuation)
+ s> 59e\r\n
+ s> \x96\x05\x00\x01\x00\x02\x001
+ s> \xa6Hcommands\xaaIbranchmap\xa2Dargs\xa0Kpermissions\x81DpullLcapabilities\xa2Dargs\xa0Kpermissions\x81DpullMchangesetdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x84IbookmarksGparentsEphaseHrevisionInoderange\xa3Gdefault\xf6Hrequired\xf4DtypeDlistEnodes\xa3Gdefault\xf6Hrequired\xf4DtypeDlistJnodesdepth\xa3Gdefault\xf6Hrequired\xf4DtypeCintKpermissions\x81DpullHfiledata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDpath\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullEheads\xa2Dargs\xa1Jpubliconly\xa3Gdefault\xf4Hrequired\xf4DtypeDboolKpermissions\x81DpullEknown\xa2Dargs\xa1Enodes\xa3Gdefault\x80Hrequired\xf4DtypeDlistKpermissions\x81DpullHlistkeys\xa2Dargs\xa1Inamespace\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullFlookup\xa2Dargs\xa1Ckey\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullLmanifestdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDtree\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullGpushkey\xa2Dargs\xa4Ckey\xa2Hrequired\xf5DtypeEbytesInamespace\xa2Hrequired\xf5DtypeEbytesCnew\xa2Hrequired\xf5DtypeEbytesCold\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpushKcompression\x82\xa1DnameDzstd\xa1DnameDzlibQframingmediatypes\x81X&application/mercurial-exp-framing-0005Rpathfilterprefixes\xd9\x01\x02\x82Epath:Lrootfilesin:Nrawrepoformats\x82LgeneraldeltaHrevlogv1Hredirect\xa2Fhashes\x82Fsha256Dsha1Gtargets\x81\xa4DnameNtarget-bad-tlsHprotocolEhttpsKsnirequired\xf5Duris\x81Thttps://example.com/
+ s> \r\n
+ received frame(size=1430; request=1; stream=2; streamflags=; type=command-response; flags=continuation)
+ s> 8\r\n
+ s> \x00\x00\x00\x01\x00\x02\x002
+ s> \r\n
+ s> 0\r\n
+ s> \r\n
+ received frame(size=0; request=1; stream=2; streamflags=; type=command-response; flags=eos)
+ response: gen[
+ {
+ b'commands': {
+ b'branchmap': {
+ b'args': {},
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'capabilities': {
+ b'args': {},
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'changesetdata': {
+ b'args': {
+ b'fields': {
+ b'default': set([]),
+ b'required': False,
+ b'type': b'set',
+ b'validvalues': set([
+ b'bookmarks',
+ b'parents',
+ b'phase',
+ b'revision'
+ ])
+ },
+ b'noderange': {
+ b'default': None,
+ b'required': False,
+ b'type': b'list'
+ },
+ b'nodes': {
+ b'default': None,
+ b'required': False,
+ b'type': b'list'
+ },
+ b'nodesdepth': {
+ b'default': None,
+ b'required': False,
+ b'type': b'int'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'filedata': {
+ b'args': {
+ b'fields': {
+ b'default': set([]),
+ b'required': False,
+ b'type': b'set',
+ b'validvalues': set([
+ b'parents',
+ b'revision'
+ ])
+ },
+ b'haveparents': {
+ b'default': False,
+ b'required': False,
+ b'type': b'bool'
+ },
+ b'nodes': {
+ b'required': True,
+ b'type': b'list'
+ },
+ b'path': {
+ b'required': True,
+ b'type': b'bytes'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'heads': {
+ b'args': {
+ b'publiconly': {
+ b'default': False,
+ b'required': False,
+ b'type': b'bool'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'known': {
+ b'args': {
+ b'nodes': {
+ b'default': [],
+ b'required': False,
+ b'type': b'list'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'listkeys': {
+ b'args': {
+ b'namespace': {
+ b'required': True,
+ b'type': b'bytes'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'lookup': {
+ b'args': {
+ b'key': {
+ b'required': True,
+ b'type': b'bytes'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'manifestdata': {
+ b'args': {
+ b'fields': {
+ b'default': set([]),
+ b'required': False,
+ b'type': b'set',
+ b'validvalues': set([
+ b'parents',
+ b'revision'
+ ])
+ },
+ b'haveparents': {
+ b'default': False,
+ b'required': False,
+ b'type': b'bool'
+ },
+ b'nodes': {
+ b'required': True,
+ b'type': b'list'
+ },
+ b'tree': {
+ b'required': True,
+ b'type': b'bytes'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'pushkey': {
+ b'args': {
+ b'key': {
+ b'required': True,
+ b'type': b'bytes'
+ },
+ b'namespace': {
+ b'required': True,
+ b'type': b'bytes'
+ },
+ b'new': {
+ b'required': True,
+ b'type': b'bytes'
+ },
+ b'old': {
+ b'required': True,
+ b'type': b'bytes'
+ }
+ },
+ b'permissions': [
+ b'push'
+ ]
+ }
+ },
+ b'compression': [
+ {
+ b'name': b'zstd'
+ },
+ {
+ b'name': b'zlib'
+ }
+ ],
+ b'framingmediatypes': [
+ b'application/mercurial-exp-framing-0005'
+ ],
+ b'pathfilterprefixes': set([
+ b'path:',
+ b'rootfilesin:'
+ ]),
+ b'rawrepoformats': [
+ b'generaldelta',
+ b'revlogv1'
+ ],
+ b'redirect': {
+ b'hashes': [
+ b'sha256',
+ b'sha1'
+ ],
+ b'targets': [
+ {
+ b'name': b'target-bad-tls',
+ b'protocol': b'https',
+ b'snirequired': True,
+ b'uris': [
+ b'https://example.com/'
+ ]
+ }
+ ]
+ }
+ }
+ ]
+
+ $ cat >> $HGRCPATH << EOF
+ > [extensions]
+ > nosni=!
+ > EOF
+
+Unknown tls value is filtered from compatible targets
+
+ $ cat > redirects.py << EOF
+ > [
+ > {
+ > b'name': b'target-bad-tls',
+ > b'protocol': b'https',
+ > b'uris': [b'https://example.com/'],
+ > b'tlsversions': [b'42', b'39'],
+ > },
+ > ]
+ > EOF
+
+ $ sendhttpv2peerhandshake << EOF
+ > command capabilities
+ > EOF
+ creating http peer for wire protocol version 2
+ s> GET /?cmd=capabilities HTTP/1.1\r\n
+ s> Accept-Encoding: identity\r\n
+ s> vary: X-HgProto-1,X-HgUpgrade-1\r\n
+ s> x-hgproto-1: cbor\r\n
+ s> x-hgupgrade-1: exp-http-v2-0002\r\n
+ s> accept: application/mercurial-0.1\r\n
+ s> host: $LOCALIP:$HGPORT\r\n (glob)
+ s> user-agent: Mercurial debugwireproto\r\n
+ s> \r\n
+ s> makefile('rb', None)
+ s> HTTP/1.1 200 OK\r\n
+ s> Server: testing stub value\r\n
+ s> Date: $HTTP_DATE$\r\n
+ s> Content-Type: application/mercurial-cbor\r\n
+ s> Content-Length: 1963\r\n
+ s> \r\n
+ s> \xa3GapibaseDapi/Dapis\xa1Pexp-http-v2-0002\xa6Hcommands\xaaIbranchmap\xa2Dargs\xa0Kpermissions\x81DpullLcapabilities\xa2Dargs\xa0Kpermissions\x81DpullMchangesetdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x84IbookmarksGparentsEphaseHrevisionInoderange\xa3Gdefault\xf6Hrequired\xf4DtypeDlistEnodes\xa3Gdefault\xf6Hrequired\xf4DtypeDlistJnodesdepth\xa3Gdefault\xf6Hrequired\xf4DtypeCintKpermissions\x81DpullHfiledata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDpath\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullEheads\xa2Dargs\xa1Jpubliconly\xa3Gdefault\xf4Hrequired\xf4DtypeDboolKpermissions\x81DpullEknown\xa2Dargs\xa1Enodes\xa3Gdefault\x80Hrequired\xf4DtypeDlistKpermissions\x81DpullHlistkeys\xa2Dargs\xa1Inamespace\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullFlookup\xa2Dargs\xa1Ckey\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullLmanifestdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDtree\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullGpushkey\xa2Dargs\xa4Ckey\xa2Hrequired\xf5DtypeEbytesInamespace\xa2Hrequired\xf5DtypeEbytesCnew\xa2Hrequired\xf5DtypeEbytesCold\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpushKcompression\x82\xa1DnameDzstd\xa1DnameDzlibQframingmediatypes\x81X&application/mercurial-exp-framing-0005Rpathfilterprefixes\xd9\x01\x02\x82Epath:Lrootfilesin:Nrawrepoformats\x82LgeneraldeltaHrevlogv1Hredirect\xa2Fhashes\x82Fsha256Dsha1Gtargets\x81\xa4DnameNtarget-bad-tlsHprotocolEhttpsKtlsversions\x82B42B39Duris\x81Thttps://example.com/Nv1capabilitiesY\x01\xd8batch branchmap $USUAL_BUNDLE2_CAPS$ changegroupsubset compression=$BUNDLE2_COMPRESSIONS$ getbundle httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx known lookup pushkey streamreqs=generaldelta,revlogv1 unbundle=HG10GZ,HG10BZ,HG10UN unbundlehash
+ (remote redirect target target-bad-tls requires unsupported TLS versions: 39, 42)
+ sending capabilities command
+ s> POST /api/exp-http-v2-0002/ro/capabilities HTTP/1.1\r\n
+ s> Accept-Encoding: identity\r\n
+ s> accept: application/mercurial-exp-framing-0005\r\n
+ s> content-type: application/mercurial-exp-framing-0005\r\n
+ s> content-length: 66\r\n
+ s> host: $LOCALIP:$HGPORT\r\n (glob)
+ s> user-agent: Mercurial debugwireproto\r\n
+ s> \r\n
+ s> :\x00\x00\x01\x00\x01\x01\x11\xa2DnameLcapabilitiesHredirect\xa2Fhashes\x82Fsha256Dsha1Gtargets\x80
+ s> makefile('rb', None)
+ s> HTTP/1.1 200 OK\r\n
+ s> Server: testing stub value\r\n
+ s> Date: $HTTP_DATE$\r\n
+ s> Content-Type: application/mercurial-exp-framing-0005\r\n
+ s> Transfer-Encoding: chunked\r\n
+ s> \r\n
+ s> 13\r\n
+ s> \x0b\x00\x00\x01\x00\x02\x011
+ s> \xa1FstatusBok
+ s> \r\n
+ received frame(size=11; request=1; stream=2; streamflags=stream-begin; type=command-response; flags=continuation)
+ s> 5a4\r\n
+ s> \x9c\x05\x00\x01\x00\x02\x001
+ s> \xa6Hcommands\xaaIbranchmap\xa2Dargs\xa0Kpermissions\x81DpullLcapabilities\xa2Dargs\xa0Kpermissions\x81DpullMchangesetdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x84IbookmarksGparentsEphaseHrevisionInoderange\xa3Gdefault\xf6Hrequired\xf4DtypeDlistEnodes\xa3Gdefault\xf6Hrequired\xf4DtypeDlistJnodesdepth\xa3Gdefault\xf6Hrequired\xf4DtypeCintKpermissions\x81DpullHfiledata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDpath\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullEheads\xa2Dargs\xa1Jpubliconly\xa3Gdefault\xf4Hrequired\xf4DtypeDboolKpermissions\x81DpullEknown\xa2Dargs\xa1Enodes\xa3Gdefault\x80Hrequired\xf4DtypeDlistKpermissions\x81DpullHlistkeys\xa2Dargs\xa1Inamespace\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullFlookup\xa2Dargs\xa1Ckey\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullLmanifestdata\xa2Dargs\xa4Ffields\xa4Gdefault\xd9\x01\x02\x80Hrequired\xf4DtypeCsetKvalidvalues\xd9\x01\x02\x82GparentsHrevisionKhaveparents\xa3Gdefault\xf4Hrequired\xf4DtypeDboolEnodes\xa2Hrequired\xf5DtypeDlistDtree\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpullGpushkey\xa2Dargs\xa4Ckey\xa2Hrequired\xf5DtypeEbytesInamespace\xa2Hrequired\xf5DtypeEbytesCnew\xa2Hrequired\xf5DtypeEbytesCold\xa2Hrequired\xf5DtypeEbytesKpermissions\x81DpushKcompression\x82\xa1DnameDzstd\xa1DnameDzlibQframingmediatypes\x81X&application/mercurial-exp-framing-0005Rpathfilterprefixes\xd9\x01\x02\x82Epath:Lrootfilesin:Nrawrepoformats\x82LgeneraldeltaHrevlogv1Hredirect\xa2Fhashes\x82Fsha256Dsha1Gtargets\x81\xa4DnameNtarget-bad-tlsHprotocolEhttpsKtlsversions\x82B42B39Duris\x81Thttps://example.com/
+ s> \r\n
+ received frame(size=1436; request=1; stream=2; streamflags=; type=command-response; flags=continuation)
+ s> 8\r\n
+ s> \x00\x00\x00\x01\x00\x02\x002
+ s> \r\n
+ s> 0\r\n
+ s> \r\n
+ received frame(size=0; request=1; stream=2; streamflags=; type=command-response; flags=eos)
+ response: gen[
+ {
+ b'commands': {
+ b'branchmap': {
+ b'args': {},
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'capabilities': {
+ b'args': {},
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'changesetdata': {
+ b'args': {
+ b'fields': {
+ b'default': set([]),
+ b'required': False,
+ b'type': b'set',
+ b'validvalues': set([
+ b'bookmarks',
+ b'parents',
+ b'phase',
+ b'revision'
+ ])
+ },
+ b'noderange': {
+ b'default': None,
+ b'required': False,
+ b'type': b'list'
+ },
+ b'nodes': {
+ b'default': None,
+ b'required': False,
+ b'type': b'list'
+ },
+ b'nodesdepth': {
+ b'default': None,
+ b'required': False,
+ b'type': b'int'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'filedata': {
+ b'args': {
+ b'fields': {
+ b'default': set([]),
+ b'required': False,
+ b'type': b'set',
+ b'validvalues': set([
+ b'parents',
+ b'revision'
+ ])
+ },
+ b'haveparents': {
+ b'default': False,
+ b'required': False,
+ b'type': b'bool'
+ },
+ b'nodes': {
+ b'required': True,
+ b'type': b'list'
+ },
+ b'path': {
+ b'required': True,
+ b'type': b'bytes'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'heads': {
+ b'args': {
+ b'publiconly': {
+ b'default': False,
+ b'required': False,
+ b'type': b'bool'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'known': {
+ b'args': {
+ b'nodes': {
+ b'default': [],
+ b'required': False,
+ b'type': b'list'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'listkeys': {
+ b'args': {
+ b'namespace': {
+ b'required': True,
+ b'type': b'bytes'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'lookup': {
+ b'args': {
+ b'key': {
+ b'required': True,
+ b'type': b'bytes'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'manifestdata': {
+ b'args': {
+ b'fields': {
+ b'default': set([]),
+ b'required': False,
+ b'type': b'set',
+ b'validvalues': set([
+ b'parents',
+ b'revision'
+ ])
+ },
+ b'haveparents': {
+ b'default': False,
+ b'required': False,
+ b'type': b'bool'
+ },
+ b'nodes': {
+ b'required': True,
+ b'type': b'list'
+ },
+ b'tree': {
+ b'required': True,
+ b'type': b'bytes'
+ }
+ },
+ b'permissions': [
+ b'pull'
+ ]
+ },
+ b'pushkey': {
+ b'args': {
+ b'key': {
+ b'required': True,
+ b'type': b'bytes'
+ },
+ b'namespace': {
+ b'required': True,
+ b'type': b'bytes'
+ },
+ b'new': {
+ b'required': True,
+ b'type': b'bytes'
+ },
+ b'old': {
+ b'required': True,
+ b'type': b'bytes'
+ }
+ },
+ b'permissions': [
+ b'push'
+ ]
+ }
+ },
+ b'compression': [
+ {
+ b'name': b'zstd'
+ },
+ {
+ b'name': b'zlib'
+ }
+ ],
+ b'framingmediatypes': [
+ b'application/mercurial-exp-framing-0005'
+ ],
+ b'pathfilterprefixes': set([
+ b'path:',
+ b'rootfilesin:'
+ ]),
+ b'rawrepoformats': [
+ b'generaldelta',
+ b'revlogv1'
+ ],
+ b'redirect': {
+ b'hashes': [
+ b'sha256',
+ b'sha1'
+ ],
+ b'targets': [
+ {
+ b'name': b'target-bad-tls',
+ b'protocol': b'https',
+ b'tlsversions': [
+ b'42',
+ b'39'
+ ],
+ b'uris': [
+ b'https://example.com/'
+ ]
+ }
+ ]
+ }
+ }
+ ]
+
$ cat error.log
$ killdaemons.py
diff --git a/tests/test-wireproto-clientreactor.py b/tests/test-wireproto-clientreactor.py
--- a/tests/test-wireproto-clientreactor.py
+++ b/tests/test-wireproto-clientreactor.py
@@ -139,6 +139,29 @@
ffs(b'%d 0 0 command-response eos bar' % request.requestid))
self.assertEqual(action, b'responsedata')
+class RedirectTests(unittest.TestCase):
+ def testredirect(self):
+ reactor = framing.clientreactor(buffersends=False)
+
+ redirect = {
+ b'targets': [b'a', b'b'],
+ b'hashes': [b'sha256'],
+ }
+
+ request, action, meta = reactor.callcommand(
+ b'foo', {}, redirect=redirect)
+
+ self.assertEqual(action, b'sendframes')
+
+ frames = list(meta[b'framegen'])
+ self.assertEqual(len(frames), 1)
+
+ self.assertEqual(frames[0],
+ ffs(b'1 1 stream-begin command-request new '
+ b"cbor:{b'name': b'foo', "
+ b"b'redirect': {b'targets': [b'a', b'b'], "
+ b"b'hashes': [b'sha256']}}"))
+
if __name__ == '__main__':
import silenttestrunner
silenttestrunner.main(__name__)
diff --git a/mercurial/wireprotov2peer.py b/mercurial/wireprotov2peer.py
--- a/mercurial/wireprotov2peer.py
+++ b/mercurial/wireprotov2peer.py
@@ -13,6 +13,7 @@
from . import (
encoding,
error,
+ sslutil,
wireprotoframing,
)
from .utils import (
@@ -34,6 +35,74 @@
return b''.join(chunks)
+SUPPORTED_REDIRECT_PROTOCOLS = {
+ b'http',
+ b'https',
+}
+
+SUPPORTED_CONTENT_HASHES = {
+ b'sha1',
+ b'sha256',
+}
+
+def redirecttargetsupported(ui, target):
+ """Determine whether a redirect target entry is supported.
+
+ ``target`` should come from the capabilities data structure emitted by
+ the server.
+ """
+ if target.get(b'protocol') not in SUPPORTED_REDIRECT_PROTOCOLS:
+ ui.note(_('(remote redirect target %s uses unsupported protocol: %s)\n')
+ % (target[b'name'], target.get(b'protocol', b'')))
+ return False
+
+ if target.get(b'snirequired') and not sslutil.hassni:
+ ui.note(_('(redirect target %s requires SNI, which is unsupported)\n') %
+ target[b'name'])
+ return False
+
+ if b'tlsversions' in target:
+ tlsversions = set(target[b'tlsversions'])
+ supported = set()
+
+ for v in sslutil.supportedprotocols:
+ assert v.startswith(b'tls')
+ supported.add(v[3:])
+
+ if not tlsversions & supported:
+ ui.note(_('(remote redirect target %s requires unsupported TLS '
+ 'versions: %s)\n') % (
+ target[b'name'], b', '.join(sorted(tlsversions))))
+ return False
+
+ ui.note(_('(remote redirect target %s is compatible)\n') % target[b'name'])
+
+ return True
+
+def supportedredirects(ui, apidescriptor):
+ """Resolve the "redirect" command request key given an API descriptor.
+
+ Given an API descriptor returned by the server, returns a data structure
+ that can be used in hte "redirect" field of command requests to advertise
+ support for compatible redirect targets.
+
+ Returns None if no redirect targets are remotely advertised or if none are
+ supported.
+ """
+ if not apidescriptor or b'redirect' not in apidescriptor:
+ return None
+
+ targets = [t[b'name'] for t in apidescriptor[b'redirect'][b'targets']
+ if redirecttargetsupported(ui, t)]
+
+ hashes = [h for h in apidescriptor[b'redirect'][b'hashes']
+ if h in SUPPORTED_CONTENT_HASHES]
+
+ return {
+ b'targets': targets,
+ b'hashes': hashes,
+ }
+
class commandresponse(object):
"""Represents the response to a command request.
@@ -87,9 +156,12 @@
def _handleinitial(self, o):
self._seeninitial = True
- if o[b'status'] == 'ok':
+ if o[b'status'] == b'ok':
return
+ elif o[b'status'] == b'redirect':
+ raise error.Abort(_('redirect responses not yet supported'))
+
atoms = [{'msg': o[b'error'][b'message']}]
if b'args' in o[b'error']:
atoms[0]['args'] = o[b'error'][b'args']
@@ -150,12 +222,13 @@
self._responses = {}
self._frameseof = False
- def callcommand(self, command, args, f):
+ def callcommand(self, command, args, f, redirect=None):
"""Register a request to call a command.
Returns an iterable of frames that should be sent over the wire.
"""
- request, action, meta = self._reactor.callcommand(command, args)
+ request, action, meta = self._reactor.callcommand(command, args,
+ redirect=redirect)
if action != 'noop':
raise error.ProgrammingError('%s not yet supported' % action)
diff --git a/mercurial/wireprotoframing.py b/mercurial/wireprotoframing.py
--- a/mercurial/wireprotoframing.py
+++ b/mercurial/wireprotoframing.py
@@ -280,7 +280,8 @@
payload)
def createcommandframes(stream, requestid, cmd, args, datafh=None,
- maxframesize=DEFAULT_MAX_FRAME_SIZE):
+ maxframesize=DEFAULT_MAX_FRAME_SIZE,
+ redirect=None):
"""Create frames necessary to transmit a request to run a command.
This is a generator of bytearrays. Each item represents a frame
@@ -290,6 +291,9 @@
if args:
data[b'args'] = args
+ if redirect:
+ data[b'redirect'] = redirect
+
data = b''.join(cborutil.streamencode(data))
offset = 0
@@ -1135,11 +1139,12 @@
class commandrequest(object):
"""Represents a request to run a command."""
- def __init__(self, requestid, name, args, datafh=None):
+ def __init__(self, requestid, name, args, datafh=None, redirect=None):
self.requestid = requestid
self.name = name
self.args = args
self.datafh = datafh
+ self.redirect = redirect
self.state = 'pending'
class clientreactor(object):
@@ -1178,7 +1183,7 @@
self._activerequests = {}
self._incomingstreams = {}
- def callcommand(self, name, args, datafh=None):
+ def callcommand(self, name, args, datafh=None, redirect=None):
"""Request that a command be executed.
Receives the command name, a dict of arguments to pass to the command,
@@ -1192,7 +1197,8 @@
requestid = self._nextrequestid
self._nextrequestid += 2
- request = commandrequest(requestid, name, args, datafh=datafh)
+ request = commandrequest(requestid, name, args, datafh=datafh,
+ redirect=redirect)
if self._buffersends:
self._pendingrequests.append(request)
@@ -1256,7 +1262,8 @@
request.requestid,
request.name,
request.args,
- request.datafh)
+ datafh=request.datafh,
+ redirect=request.redirect)
for frame in res:
yield frame
diff --git a/mercurial/httppeer.py b/mercurial/httppeer.py
--- a/mercurial/httppeer.py
+++ b/mercurial/httppeer.py
@@ -508,7 +508,8 @@
def _abort(self, exception):
raise exception
-def sendv2request(ui, opener, requestbuilder, apiurl, permission, requests):
+def sendv2request(ui, opener, requestbuilder, apiurl, permission, requests,
+ redirect):
reactor = wireprotoframing.clientreactor(hasmultiplesend=False,
buffersends=True)
@@ -525,7 +526,8 @@
for command, args, f in requests:
ui.debug('sending command %s: %s\n' % (
command, stringutil.pprint(args, indent=2)))
- assert not list(handler.callcommand(command, args, f))
+ assert not list(handler.callcommand(command, args, f,
+ redirect=redirect))
# TODO stream this.
body = b''.join(map(bytes, handler.flushcommands()))
@@ -567,12 +569,14 @@
@interfaceutil.implementer(repository.ipeercommandexecutor)
class httpv2executor(object):
- def __init__(self, ui, opener, requestbuilder, apiurl, descriptor):
+ def __init__(self, ui, opener, requestbuilder, apiurl, descriptor,
+ redirect):
self._ui = ui
self._opener = opener
self._requestbuilder = requestbuilder
self._apiurl = apiurl
self._descriptor = descriptor
+ self._redirect = redirect
self._sent = False
self._closed = False
self._neededpermissions = set()
@@ -672,7 +676,7 @@
handler, resp = sendv2request(
self._ui, self._opener, self._requestbuilder, self._apiurl,
- permission, calls)
+ permission, calls, self._redirect)
# TODO we probably want to validate the HTTP code, media type, etc.
@@ -734,6 +738,8 @@
self._requestbuilder = requestbuilder
self._descriptor = apidescriptor
+ self._redirect = wireprotov2peer.supportedredirects(ui, apidescriptor)
+
# Start of ipeerconnection.
def url(self):
@@ -791,7 +797,7 @@
def commandexecutor(self):
return httpv2executor(self.ui, self._opener, self._requestbuilder,
- self._apiurl, self._descriptor)
+ self._apiurl, self._descriptor, self._redirect)
# Registry of API service names to metadata about peers that handle it.
#
To: indygreg, #hg-reviewers
Cc: mercurial-devel
More information about the Mercurial-devel
mailing list