Patchwork url: drop support for proxying HTTP (not HTTPS) over CONNECT tunneling

login
register
mail settings
Submitter Yuya Nishihara
Date July 18, 2016, 2:32 p.m.
Message ID <d3cab47fba4d6e22bcc5.1468852351@mimosa>
Download mbox | patch
Permalink /patch/15941/
State Accepted
Headers show

Comments

Yuya Nishihara - July 18, 2016, 2:32 p.m.
# HG changeset patch
# User Yuya Nishihara <yuya@tcha.org>
# Date 1465097348 -32400
#      Sun Jun 05 12:29:08 2016 +0900
# Node ID d3cab47fba4d6e22bcc5e99ff33e8debf83130da
# Parent  978d5fc0b3544fc038293821a74c1aa2b36b11c3
url: drop support for proxying HTTP (not HTTPS) over CONNECT tunneling

It's been broken since cca59ef27e60, which made ui argument mandatory. I've
tried several combinations of HTTP/HTTPS proxying on old/new Python versions,
but I couldn't figure out how to reach this code path. Also, wrapping HTTP
connection by SSLSocket seems wrong. My understanding is that self.realhostport
is set by _generic_start_transaction() if HTTPS connection is tunneled.

This patch removes proxy tunneling from httpconnection.connect() assuming
that it was dead code from the beginning. Note that HTTPS over tunneling
should be handled by httpsconnection class.
Matt Mackall - July 19, 2016, 3:52 a.m.
On Mon, 2016-07-18 at 23:32 +0900, Yuya Nishihara wrote:
> # HG changeset patch
> # User Yuya Nishihara <yuya@tcha.org>
> # Date 1465097348 -32400
> #      Sun Jun 05 12:29:08 2016 +0900
> # Node ID d3cab47fba4d6e22bcc5e99ff33e8debf83130da
> # Parent  978d5fc0b3544fc038293821a74c1aa2b36b11c3
> url: drop support for proxying HTTP (not HTTPS) over CONNECT tunneling

Sure, queued.

-- 
Mathematics is the supreme nostalgia of our time.

Patch

diff --git a/mercurial/url.py b/mercurial/url.py
--- a/mercurial/url.py
+++ b/mercurial/url.py
@@ -185,17 +185,6 @@  class httpconnection(keepalive.HTTPConne
     # must be able to send big bundle as stream.
     send = _gen_sendfile(keepalive.HTTPConnection.send)
 
-    def connect(self):
-        if has_https and self.realhostport: # use CONNECT proxy
-            self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-            self.sock.connect((self.host, self.port))
-            if _generic_proxytunnel(self):
-                # we do not support client X.509 certificates
-                self.sock = sslutil.wrapsocket(self.sock, None, None, None,
-                                               serverhostname=self.host)
-        else:
-            keepalive.HTTPConnection.connect(self)
-
     def getresponse(self):
         proxyres = getattr(self, 'proxyres', None)
         if proxyres: