##// END OF EJS Templates
extensions: register functions always at loading extension (issue5601)...
extensions: register functions always at loading extension (issue5601) Before this patch, functions defined in extensions are registered via extra loaders only in _dispatch(). Therefore, loading extensions in other code paths like below omits registration of functions. - WSGI service - operation across repositories (e.g. subrepo) - test-duplicateoptions.py, using extensions.loadall() directly To register functions always at loading new extension, this patch moves implementation for extra loading from dispatch._dispatch() to extensions.loadall(). AFAIK, only commands module causes cyclic dependency between extensions module, but this patch imports all related modules just before extra loading in loadall(), in order to centralize them. This patch makes extensions.py depend on many other modules, even though extensions.py itself doesn't. It should be avoided if possible, but I don't have any better idea. Some other places like below aren't reasonable for extra loading, IMHO. - specific function in newly added module: existing callers of extensions.loadall() should invoke it, too - hg.repository() or so: no-repo commands aren't covered by this. BTW, this patch removes _loaded.add(name) on relocation, because dispatch._loaded is used only for extraloaders (for similar reason, "exts" variable is removed, too).

File last commit:

r32940:75be1499 default
r33052:45b0e9d0 default
Show More
test-patchbomb-tls.t
124 lines | 4.2 KiB | text/troff | Tads3Lexer
/ tests / test-patchbomb-tls.t
Yuya Nishihara
tests: add basic tests for SMTP over SSL...
r29333 #require serve ssl
Set up SMTP server:
$ CERTSDIR="$TESTDIR/sslcerts"
$ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem
Augie Fackler
cleanup: use $PYTHON to run python in many more tests...
r32940 $ $PYTHON "$TESTDIR/dummysmtpd.py" -p $HGPORT --pid-file a.pid -d \
Yuya Nishihara
tests: add basic tests for SMTP over SSL...
r29333 > --tls smtps --certificate `pwd`/server.pem
Matt Harbison
test-serve: make the 'listening at *' lines optional...
r31769 listening at localhost:$HGPORT (?)
Yuya Nishihara
tests: add basic tests for SMTP over SSL...
r29333 $ cat a.pid >> $DAEMON_PIDS
Set up repository:
$ hg init t
$ cd t
$ cat <<EOF >> .hg/hgrc
> [extensions]
> patchbomb =
> [email]
> method = smtp
> [smtp]
> host = localhost
> port = $HGPORT
> tls = smtps
> EOF
$ echo a > a
$ hg commit -Ama -d '1 0'
adding a
Utility functions:
$ DISABLECACERTS=
$ try () {
> hg email $DISABLECACERTS -f quux -t foo -c bar -r tip "$@"
> }
Our test cert is not signed by a trusted CA. It should fail to verify if
we are able to load CA certs:
Gregory Szorc
tests: better testing of loaded certificates...
r29481 #if sslcontext defaultcacerts no-defaultcacertsloaded
Yuya Nishihara
tests: add basic tests for SMTP over SSL...
r29333 $ try
this patch series consists of 1 patches.
Gregory Szorc
sslutil: emit warning when no CA certificates loaded...
r29449 (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
Yuya Nishihara
tests: add basic tests for SMTP over SSL...
r29333 (?i)abort: .*?certificate.verify.failed.* (re)
[255]
#endif
Gregory Szorc
tests: better testing of loaded certificates...
r29481 #if no-sslcontext defaultcacerts
$ try
this patch series consists of 1 patches.
Gregory Szorc
sslutil: print a warning when using TLS 1.0 on legacy Python...
r29561 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info
Gregory Szorc
sslutil: try to find CA certficates in well-known locations...
r29500 (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
Gregory Szorc
tests: better testing of loaded certificates...
r29481 (?i)abort: .*?certificate.verify.failed.* (re)
[255]
#endif
#if defaultcacertsloaded
$ try
this patch series consists of 1 patches.
Gregory Szorc
sslutil: more robustly detect protocol support...
r29601 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
Gregory Szorc
sslutil: try to find CA certficates in well-known locations...
r29500 (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
Gregory Szorc
tests: better testing of loaded certificates...
r29481 (?i)abort: .*?certificate.verify.failed.* (re)
[255]
#endif
#if no-defaultcacerts
$ try
this patch series consists of 1 patches.
Gregory Szorc
sslutil: issue warning when unable to load certificates on OS X...
r29499 (unable to load * certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
Gregory Szorc
tests: better testing of loaded certificates...
r29481 abort: localhost certificate error: no certificate received
(set hostsecurity.localhost:certfingerprints=sha256:62:09:97:2f:97:60:e3:65:8f:12:5d:78:9e:35:a1:36:7a:65:4b:0e:9f:ac:db:c3:bc:6e:b6:a3:c0:16:e0:30 config setting or use --insecure to connect insecurely)
[255]
#endif
Yuya Nishihara
tests: add basic tests for SMTP over SSL...
r29333 $ DISABLECACERTS="--config devel.disableloaddefaultcerts=true"
Without certificates:
$ try --debug
this patch series consists of 1 patches.
(using smtps)
sending mail: smtp host localhost, port * (glob)
Gregory Szorc
sslutil: print a warning when using TLS 1.0 on legacy Python...
r29561 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
Yuya Nishihara
tests: add basic tests for SMTP over SSL...
r29333 (verifying remote certificate)
Gregory Szorc
sslutil: abort when unable to verify peer connection (BC)...
r29411 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
Gregory Szorc
tests: regenerate x509 test certificates...
r29526 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
Gregory Szorc
sslutil: abort when unable to verify peer connection (BC)...
r29411 [255]
Yuya Nishihara
tests: add basic tests for SMTP over SSL...
r29333
With global certificates:
$ try --debug --config web.cacerts="$CERTSDIR/pub.pem"
this patch series consists of 1 patches.
(using smtps)
sending mail: smtp host localhost, port * (glob)
Gregory Szorc
sslutil: print a warning when using TLS 1.0 on legacy Python...
r29561 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
Yuya Nishihara
tests: add basic tests for SMTP over SSL...
r29333 (verifying remote certificate)
sending [PATCH] a ...
With invalid certificates:
$ try --config web.cacerts="$CERTSDIR/pub-other.pem"
this patch series consists of 1 patches.
Gregory Szorc
sslutil: print a warning when using TLS 1.0 on legacy Python...
r29561 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
Yuya Nishihara
tests: add basic tests for SMTP over SSL...
r29333 (?i)abort: .*?certificate.verify.failed.* (re)
[255]
$ cd ..