|
Size: 2589
Comment:
|
Size: 4994
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| == Extension Name == | == Keyring Extension == |
| Line 3: | Line 3: |
| '''This extension is/is not distributed with Mercurial.''' | '''This extension is not distributed with Mercurial.''' |
| Line 7: | Line 7: |
| Download site: http://bitbucket.org/Mekk/mercurial_keyring/ | Download site: http://pypi.python.org/pypi/mercurial_keyring Source repository: http://bitbucket.org/Mekk/mercurial_keyring/ ''For the most up to date documentation see [[http://pypi.python.org/pypi/mercurial_keyring|documentation on PyPi]] or, equivalently [[http://bitbucket.org/Mekk/mercurial_keyring/src/tip/README.txt|README.txt]].'' ''If you are on Windows, we recommend you use TortoiseHg. THG ships with Windows specific keyring backends, without which the mercurial-keyring extension cannot function properly on Windows. The mercurial-keyring extension itself is shipped with TortoiseHg since version 0.10. '' |
| Line 12: | Line 23: |
| to securely save authentication passwords (HTTP/HTTPS at the moment, SMTP passwords are considered) | to securely save authentication passwords (HTTP/HTTPS and SMTP) |
| Line 15: | Line 26: |
=== What it does === The extension prompts for the HTTP password on the first pull/push to/from given remote repository (just like it is done by default), but saves the password (keyed by the combination of username and remote repository url) in the password database. On the next run it checks for the username in ``.hg/hgrc``, then for suitable password in the password database, and uses those credentials if found. Similarly, while sending emails via SMTP server which requires authorization, it prompts for the password on first use of given server, then saves it in the password database and reuses on successive runs. In case password turns out incorrect (either because it was invalid, or because it was changed on the server) it just prompts the user again. |
|
| Line 24: | Line 53: |
| (or use any other method to install it [[http://pypi.python.org/pypi/keyring|from PIP]]) | (or use any other method to install it [[http://pypi.python.org/pypi/keyring|from PIP]]). On Debian "Sid" the library can be also installed from the official archive (packages python-keyring, python-keyring-gnome and python-keyring-kwallet). |
| Line 26: | Line 57: |
| Then download [[http://bitbucket.org/Mekk/mercurial_keyring/src/tip/mercurial_keyring.py|mercurial_keyring.py]] and save it anywhere on the system (preferably in hgext directory). |
Then use one of the two options: |
| Line 29: | Line 59: |
| === Configuration === | a) Install {{{mercurial_keyring}}} as a module from PyPi: |
| Line 31: | Line 61: |
| Configure your .hgrc to enable the extension by adding following lines: | {{{ easy_install mercurial_keyring }}} and configure your {{{.hgrc}}} so: {{{ [extensions] mercurial_keyring = }}} b) Download [[http://bitbucket.org/Mekk/mercurial_keyring/raw/default/mercurial_keyring.py]], save this file anywhere on the system (preferably in hgext directory), and configure your {{{.hgrc}}} to enable the extension by adding following lines: |
| Line 38: | Line 81: |
=== Password backend configuration === |
|
| Line 41: | Line 87: |
| the current user). Refer to [http://pypi.python.org/pypi/keyring|keyring docs] for more details. | the current user). Refer to [[http://pypi.python.org/pypi/keyring|keyring docs]] for more details. |
| Line 47: | Line 93: |
| === Repository configuration === | === Repository configuration (HTTP) === |
| Line 53: | Line 99: |
| [paths] myremote = https://my.server.com/hgrepo/someproject |
[paths] myremote = https://my.server.com/hgrepo/someproject |
| Line 56: | Line 102: |
| [auth] myremote.schemes = http https myremote.prefix = my.server.com/hgrepo myremote.username = mekk |
[auth] myremote.schemes = http https myremote.prefix = my.server.com/hgrepo myremote.username = mekk |
| Line 65: | Line 111: |
| [paths] bitbucket = https://User@bitbucket.org/User/project_name/ |
[paths] bitbucket = https://User@bitbucket.org/User/project_name/ |
| Line 72: | Line 118: |
| saving the password. | saving the password. So, in both cases, it is effectively reverting to the default behaviour. === Repository configuration (SMTP) === Edit either repository-local ``.hg/hgrc``, or ``~/.hgrc`` (the latter is usually preferable) and set there all standard email and smtp properties, including smtp username, but without smtp password. For example: {{{ [email] method = smtp from = Joe Doe <Joe.Doe@remote.com> [smtp] host = smtp.gmail.com port = 587 username = JoeDoe@gmail.com tls = true }}} Just as in case of HTTP, you ''must'' set username, but ''must not'' set password here to use the extension, in other cases it will revert to the default behaviour. |
| Line 76: | Line 145: |
| Configure the repository as above, then just pull and push. | Configure the repository as above, then just pull and push (or email) |
Keyring Extension
This extension is not distributed with Mercurial.
Author: Marcin Kasperski
Download site: http://pypi.python.org/pypi/mercurial_keyring
Source repository: http://bitbucket.org/Mekk/mercurial_keyring/
For the most up to date documentation see documentation on PyPi or, equivalently README.txt.
If you are on Windows, we recommend you use TortoiseHg. THG ships with Windows specific keyring backends, without which the mercurial-keyring extension cannot function properly on Windows. The mercurial-keyring extension itself is shipped with TortoiseHg since version 0.10.
1. Overview
Keyring extension uses services of the keyring library to securely save authentication passwords (HTTP/HTTPS and SMTP) using system specific password database (Gnome Keyring, KDE KWallet, OSXKeyChain, dedicated solutions for Win32 and command line).
2. What it does
The extension prompts for the HTTP password on the first pull/push to/from given remote repository (just like it is done by default), but saves the password (keyed by the combination of username and remote repository url) in the password database. On the next run it checks for the username in .hg/hgrc, then for suitable password in the password database, and uses those credentials if found.
Similarly, while sending emails via SMTP server which requires authorization, it prompts for the password on first use of given server, then saves it in the password database and reuses on successive runs.
In case password turns out incorrect (either because it was invalid, or because it was changed on the server) it just prompts the user again.
3. Installation
Install the keyring library:
easy_install keyring
(or use any other method to install it from PIP). On Debian "Sid" the library can be also installed from the official archive (packages python-keyring, python-keyring-gnome and python-keyring-kwallet).
Then use one of the two options:
a) Install mercurial_keyring as a module from PyPi:
easy_install mercurial_keyring
and configure your .hgrc so:
[extensions] mercurial_keyring =
b) Download http://bitbucket.org/Mekk/mercurial_keyring/raw/default/mercurial_keyring.py, save this file anywhere on the system (preferably in hgext directory), and configure your .hgrc to enable the extension by adding following lines:
[extensions] hgext.mercurial_keyring = /path/to/mercurial_keyring.py
4. Password backend configuration
The most appropriate password backend should usually be picked automatically, without configuration. Still, if necessary, it can be configured using ~/keyringrc.cfg file (keyringrc.cfg in the home directory of the current user). Refer to keyring docs for more details.
I considered handling similar options in hgrc, but decided that single person may use more than one keyring-based script. Still, I am open to suggestions.
5. Repository configuration (HTTP)
Edit repository-local .hg/hgrc and save there the remote repository path and the username, but do not save the password. For example:
[paths] myremote = https://my.server.com/hgrepo/someproject [auth] myremote.schemes = http https myremote.prefix = my.server.com/hgrepo myremote.username = mekk
Simpler form with url-embedded name can also be used:
[paths] bitbucket = https://User@bitbucket.org/User/project_name/
Note: if both username and password are given in .hg/hgrc, extension will use them without using the password database. If username is not given, extension will prompt for credentials every time, also without saving the password. So, in both cases, it is effectively reverting to the default behaviour.
6. Repository configuration (SMTP)
Edit either repository-local .hg/hgrc, or ~/.hgrc (the latter is usually preferable) and set there all standard email and smtp properties, including smtp username, but without smtp password. For example:
[email]
method = smtp
from = Joe Doe <Joe.Doe@remote.com>
[smtp]
host = smtp.gmail.com
port = 587
username = JoeDoe@gmail.com
tls = trueJust as in case of HTTP, you must set username, but must not set password here to use the extension, in other cases it will revert to the default behaviour.
7. Usage
Configure the repository as above, then just pull and push (or email) You should be asked for the password only once (per every username+remote_repository_url combination).