##// END OF EJS Templates
sslutil: synchronize hostname matching logic with CPython...
sslutil: synchronize hostname matching logic with CPython sslutil contains its own hostname matching logic. CPython has code for the same intent. However, it is only available to Python 2.7.9+ (or distributions that have backported 2.7.9's ssl module improvements). This patch effectively imports CPython's hostname matching code from its ssl.py into sslutil.py. The hostname matching code itself is pretty similar. However, the DNS name matching code is much more robust and spec conformant. As the test changes show, this changes some behavior around wildcard handling and IDNA matching. The new behavior allows wildcards in the middle of words (e.g. 'f*.com' matches 'foo.com') This is spec compliant according to RFC 6125 Section 6.5.3 item 3. There is one test where the matcher is more strict. Before, '*.a.com' matched '.a.com'. Now it doesn't match. Strictly speaking this is a security vulnerability.

File last commit:

r25474:8c14f87b default
r29452:26a5d605 3.8.4 stable
Show More
test-known.t
39 lines | 1.3 KiB | text/troff | Tads3Lexer
Matt Mackall
tests: replace exit 80 with #require
r22046 #require killdaemons
Peter Arrenbrecht
wireproto: add known([id]) function...
r13723
= Test the known() protocol function =
Create a test repository:
$ hg init repo
$ cd repo
$ touch a ; hg add a ; hg ci -ma
$ touch b ; hg add b ; hg ci -mb
$ touch c ; hg add c ; hg ci -mc
$ hg log --template '{node}\n'
991a3460af53952d10ec8a295d3d2cc2e5fa9690
0e067c57feba1a5694ca4844f05588bb1bf82342
3903775176ed42b1458a6281db4a0ccf4d9f287a
$ cd ..
Test locally:
$ hg debugknown repo 991a3460af53952d10ec8a295d3d2cc2e5fa9690 0e067c57feba1a5694ca4844f05588bb1bf82342 3903775176ed42b1458a6281db4a0ccf4d9f287a
111
$ hg debugknown repo 000a3460af53952d10ec8a295d3d2cc2e5fa9690 0e067c57feba1a5694ca4844f05588bb1bf82342 0003775176ed42b1458a6281db4a0ccf4d9f287a
010
$ hg debugknown repo
Test via HTTP:
$ hg serve -R repo -p $HGPORT -d --pid-file=hg.pid -E error.log -A access.log
$ cat hg.pid >> $DAEMON_PIDS
$ hg debugknown http://localhost:$HGPORT/ 991a3460af53952d10ec8a295d3d2cc2e5fa9690 0e067c57feba1a5694ca4844f05588bb1bf82342 3903775176ed42b1458a6281db4a0ccf4d9f287a
111
$ hg debugknown http://localhost:$HGPORT/ 000a3460af53952d10ec8a295d3d2cc2e5fa9690 0e067c57feba1a5694ca4844f05588bb1bf82342 0003775176ed42b1458a6281db4a0ccf4d9f287a
010
$ hg debugknown http://localhost:$HGPORT/
$ cat error.log
Matt Mackall
tests: drop DAEMON_PIDS from killdaemons calls
r25474 $ killdaemons.py
Peter Arrenbrecht
wireproto: add known([id]) function...
r13723