From 7d94b03a0430e98933b1bb9d6f82863adb1fa1f7 Mon Sep 17 00:00:00 2001
From: Sebastian Sdorra <sebastian.sdorra@cloudogu.com>
Date: Fri, 23 Feb 2018 08:44:22 +0100
Subject: [PATCH 1/2] #959 added option to disable ssl validation for scm
 mercurial hook

---
 .../main/java/sonia/scm/repository/HgConfig.java   | 14 ++++++++++++++
 .../src/main/java/sonia/scm/web/HgCGIServlet.java  | 12 +++++++++++-
 .../src/main/resources/sonia/scm/hg.config.js      | 13 ++++++++++++-
 3 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/scm-plugins/scm-hg-plugin/src/main/java/sonia/scm/repository/HgConfig.java b/scm-plugins/scm-hg-plugin/src/main/java/sonia/scm/repository/HgConfig.java
index b9bd650925..ed336ff203 100644
--- a/scm-plugins/scm-hg-plugin/src/main/java/sonia/scm/repository/HgConfig.java
+++ b/scm-plugins/scm-hg-plugin/src/main/java/sonia/scm/repository/HgConfig.java
@@ -123,6 +123,10 @@ public class HgConfig extends SimpleRepositoryConfig
     return useOptimizedBytecode;
   }
 
+  public boolean isDisableHookSSLValidation() {
+    return disableHookSSLValidation;
+  }
+
   /**
    * Method description
    *
@@ -204,6 +208,10 @@ public class HgConfig extends SimpleRepositoryConfig
     this.useOptimizedBytecode = useOptimizedBytecode;
   }
 
+  public void setDisableHookSSLValidation(boolean disableHookSSLValidation) {
+    this.disableHookSSLValidation = disableHookSSLValidation;
+  }
+
   //~--- fields ---------------------------------------------------------------
 
   /** Field description */
@@ -223,4 +231,10 @@ public class HgConfig extends SimpleRepositoryConfig
 
   /** Field description */
   private boolean showRevisionInId = false;
+
+  /**
+   * disable validation of ssl certificates for mercurial hook
+   * @see <a href="https://goo.gl/zH5eY8">Issue 959</a>
+   */
+  private boolean disableHookSSLValidation = false;
 }
diff --git a/scm-plugins/scm-hg-plugin/src/main/java/sonia/scm/web/HgCGIServlet.java b/scm-plugins/scm-hg-plugin/src/main/java/sonia/scm/web/HgCGIServlet.java
index 4ba165c630..f6023dd0ae 100644
--- a/scm-plugins/scm-hg-plugin/src/main/java/sonia/scm/web/HgCGIServlet.java
+++ b/scm-plugins/scm-hg-plugin/src/main/java/sonia/scm/web/HgCGIServlet.java
@@ -63,6 +63,7 @@ import java.io.File;
 import java.io.IOException;
 
 import java.util.Enumeration;
+import java.util.Map;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -78,6 +79,8 @@ import javax.servlet.http.HttpSession;
 public class HgCGIServlet extends HttpServlet
 {
 
+  private static final String ENV_PYTHON_HTTPS_VERIFY = "PYTHONHTTPSVERIFY";
+
   /** Field description */
   public static final String ENV_REPOSITORY_NAME = "REPO_NAME";
 
@@ -268,9 +271,16 @@ public class HgCGIServlet extends HttpServlet
       directory.getAbsolutePath());
 
     // add hook environment
+    Map<String, String> environment = executor.getEnvironment().asMutableMap();
+    if (handler.getConfig().isDisableHookSSLValidation()) {
+      // disable ssl validation
+      // Issue 959: https://goo.gl/zH5eY8
+      environment.put(ENV_PYTHON_HTTPS_VERIFY, "0");
+    }
+
     //J-
     HgEnvironment.prepareEnvironment(
-      executor.getEnvironment().asMutableMap(),
+      environment,
       handler,
       hookManager, 
       request
diff --git a/scm-plugins/scm-hg-plugin/src/main/resources/sonia/scm/hg.config.js b/scm-plugins/scm-hg-plugin/src/main/resources/sonia/scm/hg.config.js
index f8aa46e0a8..58a73ea8e9 100644
--- a/scm-plugins/scm-hg-plugin/src/main/resources/sonia/scm/hg.config.js
+++ b/scm-plugins/scm-hg-plugin/src/main/resources/sonia/scm/hg.config.js
@@ -46,6 +46,8 @@ Sonia.hg.ConfigPanel = Ext.extend(Sonia.config.ConfigForm, {
   encodingText: 'Encoding',
   disabledText: 'Disabled',
   showRevisionInIdText: 'Show Revision',
+  // TODO: i18n
+  disableHookSSLValidationText: 'Disable SSL Validation on Hooks',
 
   // helpText
   hgBinaryHelpText: 'Location of Mercurial binary.',
@@ -58,6 +60,9 @@ Sonia.hg.ConfigPanel = Ext.extend(Sonia.config.ConfigForm, {
                     Note you have to reload the page, after changing this value.',
   showRevisionInIdHelpText: 'Show revision as part of the node id. Note: \n\
           You have to restart the ApplicationServer to affect cached changesets.',
+  // TODO: i18n
+  disableHookSSLValidationHelpText: 'Disables the validation of ssl certificates for the mercurial hook, which forwards the repository changes back to scm-manager. \n\
+                                     This option should only be used, if SCM-Manager uses a self signed certificate.',
 
   initComponent: function(){
 
@@ -104,6 +109,12 @@ Sonia.hg.ConfigPanel = Ext.extend(Sonia.config.ConfigForm, {
         fieldLabel: this.showRevisionInIdText,
         inputValue: 'true',
         helpText: this.showRevisionInIdHelpText
+      },{
+        xtype: 'checkbox',
+        name: 'disableHookSSLValidation',
+        fieldLabel: this.disableHookSSLValidationText,
+        inputValue: 'true',
+        helpText: this.disableHookSSLValidationHelpText
       },{
         xtype: 'checkbox',
         name: 'disabled',
@@ -284,4 +295,4 @@ Ext.override(Sonia.repository.ChangesetViewerGrid, {
     return parents;
   }
   
-});
\ No newline at end of file
+});

From d8889298135e6f78b99204a89e585da63ea4fb48 Mon Sep 17 00:00:00 2001
From: Sebastian Sdorra <sebastian.sdorra@cloudogu.com>
Date: Fri, 9 Mar 2018 08:34:24 +0100
Subject: [PATCH 2/2] close branch issue-959