equal
deleted
inserted
replaced
402 $ cat << EOT > reqclientcert.py |
402 $ cat << EOT > reqclientcert.py |
403 > import ssl |
403 > import ssl |
404 > from mercurial.hgweb import server |
404 > from mercurial.hgweb import server |
405 > class _httprequesthandlersslclientcert(server._httprequesthandlerssl): |
405 > class _httprequesthandlersslclientcert(server._httprequesthandlerssl): |
406 > @staticmethod |
406 > @staticmethod |
407 > def preparehttpserver(httpserver, ssl_cert): |
407 > def preparehttpserver(httpserver, ui): |
|
408 > certfile = ui.config('web', 'certificate') |
408 > sslcontext = ssl.SSLContext(ssl.PROTOCOL_TLSv1) |
409 > sslcontext = ssl.SSLContext(ssl.PROTOCOL_TLSv1) |
409 > sslcontext.verify_mode = ssl.CERT_REQUIRED |
410 > sslcontext.verify_mode = ssl.CERT_REQUIRED |
410 > sslcontext.load_cert_chain(ssl_cert) |
411 > sslcontext.load_cert_chain(certfile) |
411 > # verify clients by server certificate |
412 > # verify clients by server certificate |
412 > sslcontext.load_verify_locations(ssl_cert) |
413 > sslcontext.load_verify_locations(certfile) |
413 > httpserver.socket = sslcontext.wrap_socket(httpserver.socket, |
414 > httpserver.socket = sslcontext.wrap_socket(httpserver.socket, |
414 > server_side=True) |
415 > server_side=True) |
415 > server._httprequesthandlerssl = _httprequesthandlersslclientcert |
416 > server._httprequesthandlerssl = _httprequesthandlersslclientcert |
416 > EOT |
417 > EOT |
417 $ cd test |
418 $ cd test |