D6343: sslutil: add support for SSLKEYLOGFILE to wrapsocket
durin42 (Augie Fackler)
phabricator at mercurial-scm.org
Sun May 5 03:42:28 UTC 2019
durin42 created this revision.
Herald added a subscriber: mercurial-devel.
Herald added a reviewer: hg-reviewers.
REVISION SUMMARY
I recently learned of a Firefox/Chrome feature that allows
wiresharking otherwise-TLS'd network connections. Gloriously, there's
a pypi module that enables this same feature on Python, so let's add
support for it to Mercurial in case we need to wireshark some HTTPs
connections.
REPOSITORY
rHG Mercurial
REVISION DETAIL
https://phab.mercurial-scm.org/D6343
AFFECTED FILES
mercurial/sslutil.py
CHANGE DETAILS
diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -16,6 +16,7 @@
from .i18n import _
from . import (
+ encoding,
error,
node,
pycompat,
@@ -348,6 +349,17 @@
if not serverhostname:
raise error.Abort(_('serverhostname argument is required'))
+ if b'SSLKEYLOGFILE' in encoding.environ:
+ try:
+ import sslkeylog
+ sslkeylog.set_keylog(pycompat.fsdecode(
+ encoding.environ[b'SSLKEYLOGFILE']))
+ ui.warn(
+ b'sslkeylog enabled by SSLKEYLOGFILE environment variable\n')
+ except ImportError:
+ ui.warn(b'sslkeylog module missing, '
+ b'but SSLKEYLOGFILE set in environment\n')
+
for f in (keyfile, certfile):
if f and not os.path.exists(f):
raise error.Abort(
To: durin42, #hg-reviewers
Cc: mercurial-devel
More information about the Mercurial-devel
mailing list