keyring extension on Windows

Steve Borho steve at borho.org
Sat Jan 9 15:29:14 CST 2010 

On Sat, Jan 9, 2010 at 2:37 PM, Steve Borho <steve at borho.org> wrote:
> Is anyone using the keyring extension on Windows?
>
> I have the keyring module installed and the mercurial_keyring
> extension loaded.  When I do an incoming --debug, I see the monkey
> patched keyring extension running, but it is not remembering any
> passwords.
>
> Is there some separate configuration I need to do on Windows to tell
> it where to store passwords?
>
> Here's my .hg/hgrc config:
>
> [paths]
> default = https://bitbucket.org/tortoisehg/tortoisehgbitbucketorg/
>
> [auth]
> bitbucket.schemes = http https
> bitbucket.prefix = bitbucket.org
> bitbucket.username = sborho
>
> And output of 'hg in --debug':
>
> using https://bitbucket.org/tortoisehg/tortoisehgbitbucketorg/
> sending between command
> keyring URL: https://bitbucket.org
> Username found in .hg/hgrc: sborho
> http authorization required
> realm: Bitbucket.org HTTP
> user: sborho (fixed in .hg/hgrc)
> password:
> Saving password for sborho to keyring
> Manually entered password. Url:
> https://bitbucket.org/tortoisehg/tortoisehgbitbucketorg/, user:
> sborho, passwd: ********
> comparing with https://bitbucket.org/tortoisehg/tortoisehgbitbucketorg/
> sending heads command
> keyring URL: https://bitbucket.org
> Cached auth data found. Url:
> https://bitbucket.org/tortoisehg/tortoisehgbitbucketorg/, user:
> sborho, passwd: ********
> searching for changes
> no changes found
>
> This looks like it worked, but it always prompts me for a password every run.

After a bit of reading and hacking, I found that I could almost make
this work by adding a file named keyringcfg.rc in my %HOME% folder
with:

[backend]
default-keyring=keyring.backend.UncryptedFileKeyring

Then I had to hack mercurial_keyring.py to disable demandimport while
it imports keyring and work around bugs in keyring.py itself to debug
further.  Adding a print statement in backend.py, I found that the
reason all of the text file backends do not work is that our
(Mercurial-keyring's) keys are not ConfigParser safe:

hg in --debug
using https://bitbucket.org/tortoisehg/tortoisehgbitbucketorg/
sending between command
keyring URL: https://bitbucket.org
Username found in .hg/hgrc: sborho
No option 'sborho@@https://bitbucket.org' in section: 'Mercurial'
http authorization required
realm: Bitbucket.org HTTP
user: sborho (fixed in .hg/hgrc)
password: interrupted!

I have a keyring_pass.cfg in my home folder (that keyring created) with:

[Mercurial]
sborho@@https://bitbucket.org = <snip>

So it seems my only options are to hack mercurial_keyring to always
use keys that are ConfigParser safe (seems not very robust) or
implement my own keyring backend in TortoiseHg, perhaps storing
encrypted keys in the registry instead of a text file as the
Win32CryptoKeyring class does.

--
Steve Borho

More information about the Mercurial mailing list