hgweb: do not ignore [auth] if url has a username (issue2822) The [auth] section was ignored when handling URLs like: http://user@example.com/foo Instead, we look in [auth] for an entry matching the URL and supplied user name. Entries without username can match URL with a username. Prefix length ties are resolved in favor of entries matching the username. With: foo.prefix = http://example.org foo.username = user foo.password = password bar.prefix = http://example.org/bar and the input URL: http://user@example.org/bar the 'bar' entry will be selected because of prefix length, therefore prompting for a password. This behaviour ensure that entries selection is consistent when looking for credentials or for certificates, and that certificates can be picked even if their entries do no define usernames while the URL does. Additionally, entries without a username matched against a username are returned as if they did have requested username set to avoid prompting again for a username if the password is not set. v2: reparse the URL in readauthforuri() to handle HTTP and HTTPS similarly. v3: allow unset usernames to match URL usernames to pick certificates. Resolve prefix length ties in favor of entries with usernames.

  $ hg init

  $ python -c 'print "confuse str.splitlines\nembedded\rnewline"' > a
  $ hg ci -Ama -d '1 0'
  adding a

  $ echo clean diff >> a
  $ hg ci -mb -d '2 0'

  $ hg diff -r0 -r1
  diff -r 107ba6f817b5 -r 310ce7989cdc a
  --- a/a	Thu Jan 01 00:00:01 1970 +0000
  +++ b/a	Thu Jan 01 00:00:02 1970 +0000
  @@ -1,2 +1,3 @@
   confuse str.splitlines
   embedded\rnewline (esc)
  +clean diff