This is an archive of the discontinued Mercurial Phabricator instance.

Differential D3433

httppeer: detect redirect to URL without query string (issue5860)
ClosedPublic

Authored by indygreg on Apr 30 2018, 7:31 PM.

Details

Reviewers
None
Group Reviewers
hg-reviewers
Commits
rHG6169d95dce3b: httppeer: detect redirect to URL without query string (issue5860)
Summary

197d10e157ce subtly changed the HTTP peer's handling of HTTP redirects.

Before that changeset, we instantiated an HTTP peer instance and
performed the capabilities lookup with that instance. The old code had
the following relevant properties:

  1. The HTTP request layer would automatically follow HTTP redirects.
  2. An encountered HTTP redirect would update a peer instance variable pointing to the repo URL.
  3. The peer would automagically perform a "capabilities" command request if a caller requested capabilities but capabilities were not yet defined.

The first HTTP request issued by a peer is for ?cmd=capabilities. If
the server responds with an HTTP redirect to a ?cmd=capabilities URL,
the HTTP request layer automatically followed it, retrieved a valid
capabilities response, and the peer's base URL was updated
automatically so subsequent requests used the proper URL. In other
words, things "just worked."

In the case where the server redirected to a URL without the
?cmd=capabilities query string, the HTTP request layer would follow
the redirect and likely encounter HTML. The peer's base URL would be
updated and the unexpected Content-Type would raise a RepoError. We
would catch RepoError and immediately call between() (testing the case
for pre 0.9.1 servers not supporting the "capabilities" command). e.g.

try:
    inst._fetchcaps()
except error.RepoError:
    inst.between([(nullid, nullid)])

between() would eventually call into _callstream(). And _callstream()
made a call to self.capable('httpheader'). capable() would call
self.capabilities(), which would see that no capabilities were set
(because HTML was returned for that request) and call the "capabilities"
command to fetch capabilities. Because the base URL had been updated
from the redirect, this 2nd "capabilities" command would succeed and
the client would immediately call "between," which would also succeed.
The legacy handshake succeeded. Only because "capabilities" was
successfully executed as a side effect did the peer recognize that it
was talking to a modern server. In other words, this all appeared to
work accidentally.

After 197d10e157ce, we stopped calling the "capabilities" command on
the peer instance. Instead, we made the request via a low-level opener,
detected the redirect as part of response handling code, and passed the
redirected URL into the constructed peer instance.

For cases where the redirected URL included the query string, this
"just worked." But for cases where the redirected URL stripped the query
string, we threw RepoError and because we removed the "between" handshake
fallback, we fell through to the "is a static HTTP repo" check and
performed an HTTP request for .hg/requires.

While 197d10e157ce was marked as backwards incompatible, the only
intended backwards incompatible behavior was not performing the
"between" fallback. It was not realized that the "between" command
had the side-effect of recovering from an errant redirect that
dropped the query string.

This commit restores the previous behavior and allows clients to
handle a redirect that drops the query string. In the case where
the request is redirected and the query string is dropped, we raise
a special case of RepoError. We then catch this special exception in
the handshake code and perform another "capabilities" request against
the redirected URL. If that works, all is well. Otherwise, we fall back
to the "is a static HTTP repo" check.

The new could is arguably better than before 197d10e157ce, as it is
explicit about the expected behavior and we avoid performing a
"between" request, saving a server round trip.

Diff Detail

Repository
rHG Mercurial
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

indygreg created this revision.Apr 30 2018, 7:31 PM
indygreg added a comment.Apr 30 2018, 7:38 PM

So it is documented somewhere, 197d10e157ce only regressed behavior for the "redirect drops query string case:" the new code handled HTTP redirects with the query string properly. Although it doesn't appear as if there were any tests for it. This commit adds tests for both the "good" and "bad" HTTP redirect cases.

mharbison72 added a subscriber: mharbison72.May 1 2018, 10:07 AM

This fixes the issue, thanks again. The only thing I noticed in practice is that the "real URL is xxx" notice is printed twice. The trace looks sane, (and the test captures this too), so I think it's purely cosmetic. The *.t test fails on Windows though:

--- e:/Projects/hg/tests/test-http-protocol.t
+++ e:/Projects/hg/tests/test-http-protocol.t.err
@@ -395,19 +395,42 @@
   s>     Content-Length: 10\r\n
   s>     \r\n
   s>     redirected
-  s>     GET /redirected?cmd=capabilities HTTP/1.1\r\n
-  s>     Accept-Encoding: identity\r\n
-  s>     user-agent: test\r\n
-  s>     host: $LOCALIP:$HGPORT\r\n (glob)
-  s>     \r\n
-  s> makefile('rb', None)
-  s>     HTTP/1.1 200 Script output follows\r\n
-  s>     Server: testing stub value\r\n
-  s>     Date: $HTTP_DATE$\r\n
-  s>     Content-Type: application/mercurial-0.1\r\n
-  s>     Content-Length: 453\r\n
-  s>     \r\n
-  s>     batch branchmap $USUAL_BUNDLE2_CAPS_SERVER$ changegroupsubset compression=$BUNDLE2_COMPRESSIONS$ get
bundle httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx known lookup pushkey streamreqs=generaldelta,revlogv1 u
nbundle=HG10GZ,HG10BZ,HG10UN unbundlehash
+  ** Unknown exception encountered with possibly-broken third-party extension drawdag
+  ** which supports versions unknown of Mercurial.
+  ** Please disable drawdag and try your action again.
+  ** If that fixes the bug please report it to the extension author.
+  ** Python 2.7.13 (v2.7.13:a06454b1afa1, Dec 17 2016, 20:42:59) [MSC v.1500 32 bit (Intel)]
+  ** Mercurial Distributed SCM (version 4.6rc1+5-80695628adcb)
+  ** Extensions loaded: drawdag
+  Traceback (most recent call last):
+    File "e:/Projects/hg/hg", line 41, in <module>
+      dispatch.run()
+    File "e:\Projects\hg\mercurial\dispatch.py", line 90, in run
+      status = (dispatch(req) or 0)
+    File "e:\Projects\hg\mercurial\dispatch.py", line 210, in dispatch
+      ret = _runcatch(req)
+    File "e:\Projects\hg\mercurial\dispatch.py", line 351, in _runcatch
+      return _callcatch(ui, _runcatchfunc)
+    File "e:\Projects\hg\mercurial\dispatch.py", line 359, in _callcatch
+      return scmutil.callcatch(ui, func)
+    File "e:\Projects\hg\mercurial\scmutil.py", line 160, in callcatch
+      return func()
+    File "e:\Projects\hg\mercurial\dispatch.py", line 341, in _runcatchfunc
+      return _dispatch(req)
+    File "e:\Projects\hg\mercurial\dispatch.py", line 971, in _dispatch
+      cmdpats, cmdoptions)
+    File "e:\Projects\hg\mercurial\dispatch.py", line 727, in runcommand
+      ret = _runcommand(ui, options, cmd, d)
+    File "e:\Projects\hg\mercurial\dispatch.py", line 979, in _runcommand
+      return cmdfunc()
+    File "e:\Projects\hg\mercurial\dispatch.py", line 968, in <lambda>
+      d = lambda: util.checksignature(func)(ui, *args, **strcmdopt)
+    File "e:\Projects\hg\mercurial\util.py", line 1553, in check
+      return func(*args, **kwargs)
+    File "e:\Projects\hg\mercurial\debugcommands.py", line 3091, in debugwireproto
+      e.read()
+  AttributeError: 'URLError' object has no attribute 'read'
+  [1]
indygreg added a comment.May 2 2018, 12:53 PM

I have no clue how this test would be failing on Windows but not on other platforms :/

mharbison72 added a comment.May 2 2018, 1:28 PM
In D3433#54703, @indygreg wrote:

I have no clue how this test would be failing on Windows but not on other platforms :/

Me either. But I didn't see it in the docs for this class, or when I ran dir(URLError). (I also tried on FreeBSD 11, where the test works.) So maybe this is being added in at runtime? While I'd like to see the tests green on stable, I'm more worried about if this is laying on other error paths for non-debug commands on Windows, that generally aren't exercised.

mharbison72 added a comment.May 2 2018, 10:44 PM

It looks like the redirect is subtly changing the host. I printed req.get_full_url() in keepalive.do_open(), and got:

keepalive: http://$LOCALIP:$HGPORT/redirector?cmd=capabilities
s>     GET /redirector?cmd=capabilities HTTP/1.1\r\n
s>     Accept-Encoding: identity\r\n
s>     user-agent: test\r\n
s>     host: $LOCALIP:$HGPORT\r\n (glob)
s>     \r\n
s> makefile('rb', None)
s>     HTTP/1.1 301 Redirect\r\n
s>     Server: testing stub value\r\n
s>     Date: $HTTP_DATE$\r\n
s>     Location: http://$LOCALIP:$HGPORT/redirected?cmd=capabilities\r\n (glob)
s>     Content-Type: text/plain\r\n
s>     Content-Length: 10\r\n
s>     \r\n
s>     redirected
keepalive: http://Envy:$HGPORT/redirected?cmd=capabilities

The subsequent httppeer test is failing with connection refused. This looks like as promising a lead as any. I wonder if this e.read() (and any others) needs to check that the attribute exists first, in case of failures without data available.

mharbison72 added a comment.May 2 2018, 11:10 PM

With these fixes, it works on Windows. I'm not sure if the advertisedbaseurl a couple lines above needs to be adjusted too.

I've got no idea why there seems to be a subtle difference between baseurl and advertisedbaseurl on Windows. Nor why what I think is the raw redirect header in the output seemingly correct with advertisedbaseurl. I did use baseurl in the LFS server though, because I think I saw this subtle difference.

tests/test-http-protocol.t
361

If this is changed to req.baseurl, it works.

375

$DAEMON_PIDS

475

$DAEMON_PIDS

indygreg planned changes to this revision.May 3 2018, 3:17 PM

Thanks for the info @mharbison72! It's really helpful. I'll try to get updated patches out in the next few hours.

FWIW it looks like this is the sole blocker to releasing 4.6. So if you could keep an eye out for updates and can verify patches when they are submitted, it would be appreciated.

indygreg added inline comments.May 3 2018, 3:34 PM
tests/test-http-protocol.t
361

The distinction between these URLs is that one uses the host:port as it actually is and the other uses the host:port as identified by the client. Since we are sending a URL back to the client, we should be using the advertised host:port.

The fact that the advertised host:port is being mangled seemingly points to a bug with the formulation of the advertised* variables. This is likely the result of code somewhere using gethostname() to populate a hostname field. I'm not sure if this is happening on the client or server. And I'm not sure why it would only be happening on Windows.

It is something to keep our eye on. But I think it is an issue in the test harness and not the hgweb code. We have unit test coverage for URL formulation in test-wsgirequest.py and I'm pretty confident it adheres to PEP 3333.

375

We run killdaemons.py above, so overwriting $DAEMON_PIDS should be fine.

FWIW, I have patches queued up to change killdaemons.py behavior so it removes the file by default. Will send those once the 3.7 window opens.

mharbison72 added a comment.May 3 2018, 3:51 PM

I'll probably be at work for another ~2 hours if you need me to test with SCM Manager, but I can stay later if needed.

tests/test-http-protocol.t
361

That makes sense. And test-wsgirequest.py does run on Windows.

What baffles me is that the header that's printed (e.g. line 393) is correct on Windows with either URL. So I have no idea where it could have divergent behavior.

Should I change the LFS behavior now, or punt because it's experimental?

indygreg updated this revision to Diff 8452.May 3 2018, 4:38 PM
indygreg added inline comments.May 3 2018, 4:40 PM
tests/test-http-protocol.t
361

You should consider changing it. But since it is experimental, it isn't critical. We can always do it in 4.6.1 if it is a problem in the wild.

mharbison72 added a comment.May 3 2018, 5:43 PM

Just to confirm that phabimport brought this in correctly, the only thing you changed is advertisedurl to baseurl? If that's the case, the LFS change will have to be punted.

I can confirm that 'test-http*' now runs on Windows, and both Windows and FreeBSD can now clone a repo+subrepo from SCM Manager with this change.

Thanks again for this.

indygreg added a comment.May 3 2018, 5:59 PM

Yes, I just changed the advertised URL bit in the test extension.

martinvonz added a subscriber: martinvonz.May 4 2018, 1:17 PM

Queued with s/new could/new code/ in the commit message. Thanks!

Closed by commit rHG6169d95dce3b: httppeer: detect redirect to URL without query string (issue5860) (authored by indygreg). · Explain WhyMay 4 2018, 1:25 PM
This revision was automatically updated to reflect the committed changes.
yuja added a subscriber: yuja.May 4 2018, 8:57 PM
yuja added inline comments.
mercurial/httppeer.py
894

Nit: baseurl=url seems not correct here since we've explicitly followed the redirect.

Anyway, this isn't a blocker as the baseurl (and safeurl) are used only for error
reporting.

mharbison72 added inline comments.May 4 2018, 11:33 PM
tests/test-http-protocol.t
361

The fact that the advertised host:port is being mangled seemingly points to a bug
with the formulation of the advertised* variables. This is likely the result of code
somewhere using gethostname() to populate a hostname field. I'm not sure if this
is happening on the client or server. And I'm not sure why it would only be
happening on Windows.

The plot thickens...

I stripped down the *.t, ran it with --keep, and then launched a non-daemon hg serve + client from the leftover repo, without the test harness. If I use baseurl, it succeeds as expected, using 127.0.0.1. If I use advertisedbaseurl, it redirects to the hostname, and the access log shows the external IP address. So it seems like more than a test harness issue. (Though in the test harness, this fails with a connection refused. But ProcessExplorer says it is listening on 0.0.0.0.)

There aren't too many uses of 'gethostname' (insensitive) in python 2.7.15, and none of them seem like an obvious problem. None of the hits in hg code are relevant.

Revision Contents
Changeset List

PathPackages
Mmercurial/httppeer.py (55 lines)
Mtests/test-http-protocol.t (391 lines)

Diff 8453

mercurial/httppeer.py

dbg(line % ' finished in %.4f seconds (%d)' dbg(line % ' finished in %.4f seconds (%d)'
% (util.timer() - start, res.code)) % (util.timer() - start, res.code))
# Insert error handlers for common I/O failures. # Insert error handlers for common I/O failures.
_wraphttpresponse(res) _wraphttpresponse(res)
return res return res
class RedirectedRepoError(error.RepoError):
def __init__(self, msg, respurl):
super(RedirectedRepoError, self).__init__(msg)
self.respurl = respurl
def parsev1commandresponse(ui, baseurl, requrl, qs, resp, compressible, def parsev1commandresponse(ui, baseurl, requrl, qs, resp, compressible,
allowcbor=False): allowcbor=False):
# record the url we got redirected to # record the url we got redirected to
redirected = False
respurl = pycompat.bytesurl(resp.geturl()) respurl = pycompat.bytesurl(resp.geturl())
if respurl.endswith(qs): if respurl.endswith(qs):
respurl = respurl[:-len(qs)] respurl = respurl[:-len(qs)]
qsdropped = False
else:
qsdropped = True
if baseurl.rstrip('/') != respurl.rstrip('/'): if baseurl.rstrip('/') != respurl.rstrip('/'):
redirected = True
if not ui.quiet: if not ui.quiet:
ui.warn(_('real URL is %s\n') % respurl) ui.warn(_('real URL is %s\n') % respurl)
try: try:
proto = pycompat.bytesurl(resp.getheader(r'content-type', r'')) proto = pycompat.bytesurl(resp.getheader(r'content-type', r''))
except AttributeError: except AttributeError:
proto = pycompat.bytesurl(resp.headers.get(r'content-type', r'')) proto = pycompat.bytesurl(resp.headers.get(r'content-type', r''))
safeurl = util.hidepassword(baseurl) safeurl = util.hidepassword(baseurl)
if proto.startswith('application/hg-error'): if proto.startswith('application/hg-error'):
raise error.OutOfBandError(resp.read()) raise error.OutOfBandError(resp.read())
# Pre 1.0 versions of Mercurial used text/plain and # Pre 1.0 versions of Mercurial used text/plain and
# application/hg-changegroup. We don't support such old servers. # application/hg-changegroup. We don't support such old servers.
if not proto.startswith('application/mercurial-'): if not proto.startswith('application/mercurial-'):
ui.debug("requested URL: '%s'\n" % util.hidepassword(requrl)) ui.debug("requested URL: '%s'\n" % util.hidepassword(requrl))
raise error.RepoError( msg = _("'%s' does not appear to be an hg repository:\n"
_("'%s' does not appear to be an hg repository:\n" "---%%<--- (%s)\n%s\n---%%<---\n") % (
"---%%<--- (%s)\n%s\n---%%<---\n") safeurl, proto or 'no content-type', resp.read(1024))
% (safeurl, proto or 'no content-type', resp.read(1024)))
# Some servers may strip the query string from the redirect. We
# raise a special error type so callers can react to this specially.
if redirected and qsdropped:
raise RedirectedRepoError(msg, respurl)
else:
raise error.RepoError(msg)
try: try:
subtype = proto.split('-', 1)[1] subtype = proto.split('-', 1)[1]
# Unless we end up supporting CBOR in the legacy wire protocol, # Unless we end up supporting CBOR in the legacy wire protocol,
# this should ONLY be encountered for the initial capabilities # this should ONLY be encountered for the initial capabilities
# request during handshake. # request during handshake.
if subtype == 'cbor': if subtype == 'cbor':
# Begin of ipeercommands interface. # Begin of ipeercommands interface.
def capabilities(self): def capabilities(self):
return self._caps return self._caps
# End of ipeercommands interface. # End of ipeercommands interface.
# look up capabilities only when needed
def _callstream(self, cmd, _compressible=False, **args): def _callstream(self, cmd, _compressible=False, **args):
args = pycompat.byteskwargs(args) args = pycompat.byteskwargs(args)
req, cu, qs = makev1commandrequest(self.ui, self._requestbuilder, req, cu, qs = makev1commandrequest(self.ui, self._requestbuilder,
self._caps, self.capable, self._caps, self.capable,
self._url, cmd, args) self._url, cmd, args)
resp = sendrequest(self.ui, self._urlopener, req) resp = sendrequest(self.ui, self._urlopener, req)
'X-HgUpgrade', 'X-HgUpgrade',
# We don't know the header limit this early. # We don't know the header limit this early.
# So make it small. # So make it small.
1024)) 1024))
req, requrl, qs = makev1commandrequest(ui, requestbuilder, caps, req, requrl, qs = makev1commandrequest(ui, requestbuilder, caps,
capable, url, 'capabilities', capable, url, 'capabilities',
args) args)
resp = sendrequest(ui, opener, req) resp = sendrequest(ui, opener, req)
# The server may redirect us to the repo root, stripping the
# ?cmd=capabilities query string from the URL. The server would likely
# return HTML in this case and ``parsev1commandresponse()`` would raise.
# We catch this special case and re-issue the capabilities request against
# the new URL.
#
# We should ideally not do this, as a redirect that drops the query
# string from the URL is arguably a server bug. (Garbage in, garbage out).
# However, Mercurial clients for several years appeared to handle this
# issue without behavior degradation. And according to issue 5860, it may
# be a longstanding bug in some server implementations. So we allow a
# redirect that drops the query string to "just work."
try:
respurl, ct, resp = parsev1commandresponse(ui, url, requrl, qs, resp,
compressible=False,
allowcbor=advertisev2)
except RedirectedRepoError as e:
req, requrl, qs = makev1commandrequest(ui, requestbuilder, caps,
capable, e.respurl,
'capabilities', args)
resp = sendrequest(ui, opener, req)
respurl, ct, resp = parsev1commandresponse(ui, url, requrl, qs, resp, respurl, ct, resp = parsev1commandresponse(ui, url, requrl, qs, resp,
yujaUnsubmitted
Not Done

Nit: baseurl=url seems not correct here since we've explicitly followed the redirect.

Anyway, this isn't a blocker as the baseurl (and safeurl) are used only for error
reporting.

yuja: Nit: `baseurl=url` seems not correct here since we've explicitly followed the redirect. Anyway…
compressible=False, compressible=False,
allowcbor=advertisev2) allowcbor=advertisev2)
try: try:
rawdata = resp.read() rawdata = resp.read()
finally: finally:
resp.close() resp.close()
if not ct.startswith('application/mercurial-'): if not ct.startswith('application/mercurial-'):
raise error.ProgrammingError('unexpected content-type: %s' % ct) raise error.ProgrammingError('unexpected content-type: %s' % ct)

tests/test-http-protocol.t

s> \xa1FstatusBok\x81T\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 s> \xa1FstatusBok\x81T\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
s> \r\n s> \r\n
received frame(size=33; request=1; stream=2; streamflags=stream-begin; type=command-response; flags=eos) received frame(size=33; request=1; stream=2; streamflags=stream-begin; type=command-response; flags=eos)
s> 0\r\n s> 0\r\n
s> \r\n s> \r\n
response: [b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'] response: [b'\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00']
$ killdaemons.py $ killdaemons.py
HTTP client follows HTTP redirect on handshake to new repo
$ cd $TESTTMP
$ hg init redirector
$ hg init redirected
$ cd redirected
$ touch foo
$ hg -q commit -A -m initial
$ cd ..
$ cat > paths.conf << EOF
> [paths]
> / = $TESTTMP/*
> EOF
$ cat > redirectext.py << EOF
> from mercurial import extensions, wireprotoserver
> def wrappedcallhttp(orig, repo, req, res, proto, cmd):
> path = req.advertisedurl[len(req.advertisedbaseurl):]
> if not path.startswith(b'/redirector'):
> return orig(repo, req, res, proto, cmd)
> relpath = path[len(b'/redirector'):]
> res.status = b'301 Redirect'
> newurl = b'%s/redirected%s' % (req.baseurl, relpath)
mharbison72Unsubmitted
Not Done

If this is changed to req.baseurl, it works.

mharbison72: If this is changed to req.baseurl, it works.
indygregAuthorUnsubmitted
Not Done

The distinction between these URLs is that one uses the host:port as it actually is and the other uses the host:port as identified by the client. Since we are sending a URL back to the client, we should be using the advertised host:port.

The fact that the advertised host:port is being mangled seemingly points to a bug with the formulation of the advertised* variables. This is likely the result of code somewhere using gethostname() to populate a hostname field. I'm not sure if this is happening on the client or server. And I'm not sure why it would only be happening on Windows.

It is something to keep our eye on. But I think it is an issue in the test harness and not the hgweb code. We have unit test coverage for URL formulation in test-wsgirequest.py and I'm pretty confident it adheres to PEP 3333.

indygreg: The distinction between these URLs is that one uses the host:port as it actually is and the…
mharbison72Unsubmitted
Not Done

That makes sense. And test-wsgirequest.py does run on Windows.

What baffles me is that the header that's printed (e.g. line 393) is correct on Windows with either URL. So I have no idea where it could have divergent behavior.

Should I change the LFS behavior now, or punt because it's experimental?

mharbison72: That makes sense. And test-wsgirequest.py does run on Windows. What baffles me is that the…
indygregAuthorUnsubmitted
Not Done

You should consider changing it. But since it is experimental, it isn't critical. We can always do it in 4.6.1 if it is a problem in the wild.

indygreg: You should consider changing it. But since it is experimental, it isn't critical. We can always…
mharbison72Unsubmitted
Not Done

The fact that the advertised host:port is being mangled seemingly points to a bug
with the formulation of the advertised* variables. This is likely the result of code
somewhere using gethostname() to populate a hostname field. I'm not sure if this
is happening on the client or server. And I'm not sure why it would only be
happening on Windows.

The plot thickens...

I stripped down the *.t, ran it with --keep, and then launched a non-daemon hg serve + client from the leftover repo, without the test harness. If I use baseurl, it succeeds as expected, using 127.0.0.1. If I use advertisedbaseurl, it redirects to the hostname, and the access log shows the external IP address. So it seems like more than a test harness issue. (Though in the test harness, this fails with a connection refused. But ProcessExplorer says it is listening on 0.0.0.0.)

There aren't too many uses of 'gethostname' (insensitive) in python 2.7.15, and none of them seem like an obvious problem. None of the hits in hg code are relevant.

mharbison72: > The fact that the advertised host:port is being mangled seemingly points to a bug > with the…
> if not repo.ui.configbool('testing', 'redirectqs', True) and b'?' in newurl:
> newurl = newurl[0:newurl.index(b'?')]
> res.headers[b'Location'] = newurl
> res.headers[b'Content-Type'] = b'text/plain'
> res.setbodybytes(b'redirected')
> return True
>
> extensions.wrapfunction(wireprotoserver, '_callhttp', wrappedcallhttp)
> EOF
$ hg --config extensions.redirect=$TESTTMP/redirectext.py \
> --config server.compressionengines=zlib \
> serve --web-conf paths.conf --pid-file hg.pid -p $HGPORT -d
$ cat hg.pid > $DAEMON_PIDS
mharbison72Unsubmitted
Not Done

$DAEMON_PIDS

mharbison72: >> $DAEMON_PIDS
indygregAuthorUnsubmitted
Not Done

We run killdaemons.py above, so overwriting $DAEMON_PIDS should be fine.

FWIW, I have patches queued up to change killdaemons.py behavior so it removes the file by default. Will send those once the 3.7 window opens.

indygreg: We run `killdaemons.py` above, so overwriting `$DAEMON_PIDS` should be fine. FWIW, I have…
Verify our HTTP 301 is served properly
$ hg --verbose debugwireproto --peer raw http://$LOCALIP:$HGPORT << EOF
> httprequest GET /redirector?cmd=capabilities
> user-agent: test
> EOF
using raw connection to peer
s> GET /redirector?cmd=capabilities HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> user-agent: test\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 301 Redirect\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> Location: http://$LOCALIP:$HGPORT/redirected?cmd=capabilities\r\n (glob)
s> Content-Type: text/plain\r\n
s> Content-Length: 10\r\n
s> \r\n
s> redirected
s> GET /redirected?cmd=capabilities HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> user-agent: test\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 200 Script output follows\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> Content-Type: application/mercurial-0.1\r\n
s> Content-Length: 453\r\n
s> \r\n
s> batch branchmap $USUAL_BUNDLE2_CAPS_SERVER$ changegroupsubset compression=$BUNDLE2_COMPRESSIONS$ getbundle httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx known lookup pushkey streamreqs=generaldelta,revlogv1 unbundle=HG10GZ,HG10BZ,HG10UN unbundlehash
Test with the HTTP peer
$ hg --verbose debugwireproto http://$LOCALIP:$HGPORT/redirector << EOF
> command heads
> EOF
s> GET /redirector?cmd=capabilities HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> accept: application/mercurial-0.1\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> user-agent: Mercurial debugwireproto\r\n
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 301 Redirect\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> Location: http://$LOCALIP:$HGPORT/redirected?cmd=capabilities\r\n (glob)
s> Content-Type: text/plain\r\n
s> Content-Length: 10\r\n
s> \r\n
s> redirected
s> GET /redirected?cmd=capabilities HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> accept: application/mercurial-0.1\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> user-agent: Mercurial debugwireproto\r\n
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 200 Script output follows\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> Content-Type: application/mercurial-0.1\r\n
s> Content-Length: 453\r\n
s> \r\n
real URL is http://$LOCALIP:$HGPORT/redirected (glob)
s> batch branchmap $USUAL_BUNDLE2_CAPS_SERVER$ changegroupsubset compression=$BUNDLE2_COMPRESSIONS$ getbundle httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx known lookup pushkey streamreqs=generaldelta,revlogv1 unbundle=HG10GZ,HG10BZ,HG10UN unbundlehash
sending heads command
s> GET /redirected?cmd=heads HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> vary: X-HgProto-1\r\n
s> x-hgproto-1: 0.1 0.2 comp=$USUAL_COMPRESSIONS$ partial-pull\r\n
s> accept: application/mercurial-0.1\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> user-agent: Mercurial debugwireproto\r\n
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 200 Script output follows\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> Content-Type: application/mercurial-0.1\r\n
s> Content-Length: 41\r\n
s> \r\n
s> 96ee1d7354c4ad7372047672c36a1f561e3a6a4c\n
response: [b'\x96\xee\x1dsT\xc4\xadsr\x04vr\xc3j\x1fV\x1e:jL']
$ killdaemons.py
Now test a variation where we strip the query string from the redirect URL.
(SCM Manager apparently did this and clients would recover from it)
$ hg --config extensions.redirect=$TESTTMP/redirectext.py \
> --config server.compressionengines=zlib \
> --config testing.redirectqs=false \
> serve --web-conf paths.conf --pid-file hg.pid -p $HGPORT -d
$ cat hg.pid > $DAEMON_PIDS
mharbison72Unsubmitted
Not Done

$DAEMON_PIDS

mharbison72: >> $DAEMON_PIDS
$ hg --verbose debugwireproto --peer raw http://$LOCALIP:$HGPORT << EOF
> httprequest GET /redirector?cmd=capabilities
> user-agent: test
> EOF
using raw connection to peer
s> GET /redirector?cmd=capabilities HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> user-agent: test\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 301 Redirect\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> Location: http://$LOCALIP:$HGPORT/redirected\r\n (glob)
s> Content-Type: text/plain\r\n
s> Content-Length: 10\r\n
s> \r\n
s> redirected
s> GET /redirected HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> user-agent: test\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 200 Script output follows\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> ETag: W/"*"\r\n (glob)
s> Content-Type: text/html; charset=ascii\r\n
s> Transfer-Encoding: chunked\r\n
s> \r\n
s> 414\r\n
s> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">\n
s> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US">\n
s> <head>\n
s> <link rel="icon" href="/redirected/static/hgicon.png" type="image/png" />\n
s> <meta name="robots" content="index, nofollow" />\n
s> <link rel="stylesheet" href="/redirected/static/style-paper.css" type="text/css" />\n
s> <script type="text/javascript" src="/redirected/static/mercurial.js"></script>\n
s> \n
s> <title>redirected: log</title>\n
s> <link rel="alternate" type="application/atom+xml"\n
s> href="/redirected/atom-log" title="Atom feed for redirected" />\n
s> <link rel="alternate" type="application/rss+xml"\n
s> href="/redirected/rss-log" title="RSS feed for redirected" />\n
s> </head>\n
s> <body>\n
s> \n
s> <div class="container">\n
s> <div class="menu">\n
s> <div class="logo">\n
s> <a href="https://mercurial-scm.org/">\n
s> <img src="/redirected/static/hglogo.png" alt="mercurial" /></a>\n
s> </div>\n
s> <ul>\n
s> <li class="active">log</li>\n
s> <li><a href="/redirected/graph/tip">graph</a></li>\n
s> <li><a href="/redirected/tags">tags</a></li>\n
s> <li><a href="
s> \r\n
s> 810\r\n
s> /redirected/bookmarks">bookmarks</a></li>\n
s> <li><a href="/redirected/branches">branches</a></li>\n
s> </ul>\n
s> <ul>\n
s> <li><a href="/redirected/rev/tip">changeset</a></li>\n
s> <li><a href="/redirected/file/tip">browse</a></li>\n
s> </ul>\n
s> <ul>\n
s> \n
s> </ul>\n
s> <ul>\n
s> <li><a href="/redirected/help">help</a></li>\n
s> </ul>\n
s> <div class="atom-logo">\n
s> <a href="/redirected/atom-log" title="subscribe to atom feed">\n
s> <img class="atom-logo" src="/redirected/static/feed-icon-14x14.png" alt="atom feed" />\n
s> </a>\n
s> </div>\n
s> </div>\n
s> \n
s> <div class="main">\n
s> <h2 class="breadcrumb"><a href="/">Mercurial</a> &gt; <a href="/redirected">redirected</a> </h2>\n
s> <h3>log</h3>\n
s> \n
s> \n
s> <form class="search" action="/redirected/log">\n
s> \n
s> <p><input name="rev" id="search1" type="text" size="30" value="" /></p>\n
s> <div id="hint">Find changesets by keywords (author, files, the commit message), revision\n
s> number or hash, or <a href="/redirected/help/revsets">revset expression</a>.</div>\n
s> </form>\n
s> \n
s> <div class="navigate">\n
s> <a href="/redirected/shortlog/tip?revcount=30">less</a>\n
s> <a href="/redirected/shortlog/tip?revcount=120">more</a>\n
s> | rev 0: <a href="/redirected/shortlog/96ee1d7354c4">(0)</a> <a href="/redirected/shortlog/tip">tip</a> \n
s> </div>\n
s> \n
s> <table class="bigtable">\n
s> <thead>\n
s> <tr>\n
s> <th class="age">age</th>\n
s> <th class="author">author</th>\n
s> <th class="description">description</th>\n
s> </tr>\n
s> </thead>\n
s> <tbody class="stripes2">\n
s> <tr>\n
s> <td class="age">Thu, 01 Jan 1970 00:00:00 +0000</td>\n
s> <td class="author">test</td>\n
s> <td class="description">\n
s> <a href="/redirected/rev/96ee1d7354c4">initial</a>\n
s> <span class="phase">draft</span> <span class="branchhead">default</span> <span class="tag">tip</span> \n
s> </td>\n
s> </tr>\n
s> \n
s> </tbody>\n
s> </table>\n
s> \n
s> <div class="navigate">\n
s> <a href="/redirected/shortlog/tip?revcount=30">less</a>\n
s> <a href="/redirected/shortlog/tip?revcount=120">more</a>\n
s> | rev 0: <a href="/redirected/shortlog/96ee1d7354c4">(0)</a> <a href="/redirected/shortlog/tip">tip</a> \n
s> </div>\n
s> \n
s> <script type="text/javascript">\n
s> ajaxScrollInit(\n
s> \'/redirected/shortlog/%next%\',\n
s> \'\', <!-- NEXTHASH\n
s> function (htmlText) {
s> \r\n
s> 14a\r\n
s> \n
s> var m = htmlText.match(/\'(\\w+)\', <!-- NEXTHASH/);\n
s> return m ? m[1] : null;\n
s> },\n
s> \'.bigtable > tbody\',\n
s> \'<tr class="%class%">\\\n
s> <td colspan="3" style="text-align: center;">%text%</td>\\\n
s> </tr>\'\n
s> );\n
s> </script>\n
s> \n
s> </div>\n
s> </div>\n
s> \n
s> \n
s> \n
s> </body>\n
s> </html>\n
s> \n
s> \r\n
s> 0\r\n
s> \r\n
$ hg --verbose debugwireproto http://$LOCALIP:$HGPORT/redirector << EOF
> command heads
> EOF
s> GET /redirector?cmd=capabilities HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> accept: application/mercurial-0.1\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> user-agent: Mercurial debugwireproto\r\n
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 301 Redirect\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> Location: http://$LOCALIP:$HGPORT/redirected\r\n (glob)
s> Content-Type: text/plain\r\n
s> Content-Length: 10\r\n
s> \r\n
s> redirected
s> GET /redirected HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> accept: application/mercurial-0.1\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> user-agent: Mercurial debugwireproto\r\n
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 200 Script output follows\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> ETag: W/"*"\r\n (glob)
s> Content-Type: text/html; charset=ascii\r\n
s> Transfer-Encoding: chunked\r\n
s> \r\n
real URL is http://$LOCALIP:$HGPORT/redirected (glob)
s> 414\r\n
s> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">\n
s> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US">\n
s> <head>\n
s> <link rel="icon" href="/redirected/static/hgicon.png" type="image/png" />\n
s> <meta name="robots" content="index, nofollow" />\n
s> <link rel="stylesheet" href="/redirected/static/style-paper.css" type="text/css" />\n
s> <script type="text/javascript" src="/redirected/static/mercurial.js"></script>\n
s> \n
s> <title>redirected: log</title>\n
s> <link rel="alternate" type="application/atom+xml"\n
s> href="/redirected/atom-log" title="Atom feed for redirected" />\n
s> <link rel="alternate" type="application/rss+xml"\n
s> href="/redirected/rss-log" title="RSS feed for redirected" />\n
s> </head>\n
s> <body>\n
s> \n
s> <div class="container">\n
s> <div class="menu">\n
s> <div class="logo">\n
s> <a href="https://mercurial-scm.org/">\n
s> <img src="/redirected/static/hglogo.png" alt="mercurial" /></a>\n
s> </div>\n
s> <ul>\n
s> <li class="active">log</li>\n
s> <li><a href="/redirected/graph/tip">graph</a></li>\n
s> <li><a href="/redirected/tags">tags</a
s> GET /redirected?cmd=capabilities HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> accept: application/mercurial-0.1\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> user-agent: Mercurial debugwireproto\r\n
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 200 Script output follows\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> Content-Type: application/mercurial-0.1\r\n
s> Content-Length: 453\r\n
s> \r\n
real URL is http://$LOCALIP:$HGPORT/redirected (glob)
s> batch branchmap $USUAL_BUNDLE2_CAPS_SERVER$ changegroupsubset compression=$BUNDLE2_COMPRESSIONS$ getbundle httpheader=1024 httpmediatype=0.1rx,0.1tx,0.2tx known lookup pushkey streamreqs=generaldelta,revlogv1 unbundle=HG10GZ,HG10BZ,HG10UN unbundlehash
sending heads command
s> GET /redirected?cmd=heads HTTP/1.1\r\n
s> Accept-Encoding: identity\r\n
s> vary: X-HgProto-1\r\n
s> x-hgproto-1: 0.1 0.2 comp=$USUAL_COMPRESSIONS$ partial-pull\r\n
s> accept: application/mercurial-0.1\r\n
s> host: $LOCALIP:$HGPORT\r\n (glob)
s> user-agent: Mercurial debugwireproto\r\n
s> \r\n
s> makefile('rb', None)
s> HTTP/1.1 200 Script output follows\r\n
s> Server: testing stub value\r\n
s> Date: $HTTP_DATE$\r\n
s> Content-Type: application/mercurial-0.1\r\n
s> Content-Length: 41\r\n
s> \r\n
s> 96ee1d7354c4ad7372047672c36a1f561e3a6a4c\n
response: [b'\x96\xee\x1dsT\xc4\xadsr\x04vr\xc3j\x1fV\x1e:jL']