##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

sslutil: print a warning when using TLS 1.0 on legacy Python...
Gregory Szorc -
r29561:1a782fab default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -161,6 +161,16 b' def _hostsettings(ui, hostname):'
161 161 if modernssl:
162 162 defaultprotocol = 'tls1.1'
163 163 else:
164 # Let people on legacy Python versions know they are borderline
165 # secure.
166 # We don't document this config option because we want people to see
167 # the bold warnings on the web site.
168 # internal config: hostsecurity.disabletls10warning
169 if not ui.configbool('hostsecurity', 'disabletls10warning'):
170 ui.warn(_('warning: connecting to %s using legacy security '
171 'technology (TLS 1.0); see '
172 'https://mercurial-scm.org/wiki/SecureConnections for '
173 'more info\n') % hostname)
164 174 defaultprotocol = 'tls1.0'
165 175
166 176 key = 'minimumprotocol'
Show file before | Show file after | Hide comments
@@ -28,6 +28,7 b' Make server certificates:'
28 28 cacert not found
29 29
30 30 $ hg in --config web.cacerts=no-such.pem https://localhost:$HGPORT/
31 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
31 32 abort: could not find web.cacerts: no-such.pem
32 33 [255]
33 34
@@ -56,6 +57,7 b' we are able to load CA certs.'
56 57
57 58 #if no-sslcontext defaultcacerts
58 59 $ hg clone https://localhost:$HGPORT/ copy-pull
60 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
59 61 (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
60 62 abort: error: *certificate verify failed* (glob)
61 63 [255]
@@ -63,6 +65,7 b' we are able to load CA certs.'
63 65
64 66 #if no-sslcontext windows
65 67 $ hg clone https://localhost:$HGPORT/ copy-pull
68 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info
66 69 (unable to load Windows CA certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message)
67 70 abort: error: *certificate verify failed* (glob)
68 71 [255]
@@ -70,6 +73,7 b' we are able to load CA certs.'
70 73
71 74 #if no-sslcontext osx
72 75 $ hg clone https://localhost:$HGPORT/ copy-pull
76 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info
73 77 (unable to load CA certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message)
74 78 abort: localhost certificate error: no certificate received
75 79 (set hostsecurity.localhost:certfingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e config setting or use --insecure to connect insecurely)
@@ -85,6 +89,7 b' we are able to load CA certs.'
85 89
86 90 #if no-defaultcacerts
87 91 $ hg clone https://localhost:$HGPORT/ copy-pull
92 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
88 93 (unable to load * certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
89 94 abort: localhost certificate error: no certificate received
90 95 (set hostsecurity.localhost:certfingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e config setting or use --insecure to connect insecurely)
@@ -94,6 +99,7 b' we are able to load CA certs.'
94 99 Specifying a per-host certificate file that doesn't exist will abort
95 100
96 101 $ hg --config hostsecurity.localhost:verifycertsfile=/does/not/exist clone https://localhost:$HGPORT/
102 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
97 103 abort: path specified by hostsecurity.localhost:verifycertsfile does not exist: /does/not/exist
98 104 [255]
99 105
@@ -107,6 +113,7 b' A malformed per-host certificate file wi'
107 113 [255]
108 114 #else
109 115 $ hg --config hostsecurity.localhost:verifycertsfile=badca.pem clone https://localhost:$HGPORT/
116 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
110 117 abort: error: * (glob)
111 118 [255]
112 119 #endif
@@ -121,6 +128,7 b' A per-host certificate mismatching the s'
121 128 [255]
122 129 #else
123 130 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/client-cert.pem" clone https://localhost:$HGPORT/
131 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
124 132 abort: error: *certificate verify failed* (glob)
125 133 [255]
126 134 #endif
@@ -128,6 +136,7 b' A per-host certificate mismatching the s'
128 136 A per-host certificate matching the server's cert will be accepted
129 137
130 138 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/pub.pem" clone -U https://localhost:$HGPORT/ perhostgood1
139 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
131 140 requesting all changes
132 141 adding changesets
133 142 adding manifests
@@ -138,6 +147,7 b' A per-host certificate with multiple cer'
138 147
139 148 $ cat "$CERTSDIR/client-cert.pem" "$CERTSDIR/pub.pem" > perhost.pem
140 149 $ hg --config hostsecurity.localhost:verifycertsfile=perhost.pem clone -U https://localhost:$HGPORT/ perhostgood2
150 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
141 151 requesting all changes
142 152 adding changesets
143 153 adding manifests
@@ -147,6 +157,7 b' A per-host certificate with multiple cer'
147 157 Defining both per-host certificate and a fingerprint will print a warning
148 158
149 159 $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/pub.pem" --config hostsecurity.localhost:fingerprints=sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03 clone -U https://localhost:$HGPORT/ caandfingerwarning
160 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
150 161 (hostsecurity.localhost:verifycertsfile ignored when host fingerprints defined; using host fingerprints for verification)
151 162 requesting all changes
152 163 adding changesets
@@ -159,11 +170,13 b' Defining both per-host certificate and a'
159 170 Inability to verify peer certificate will result in abort
160 171
161 172 $ hg clone https://localhost:$HGPORT/ copy-pull $DISABLECACERTS
173 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
162 174 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
163 175 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
164 176 [255]
165 177
166 178 $ hg clone --insecure https://localhost:$HGPORT/ copy-pull
179 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
167 180 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
168 181 requesting all changes
169 182 adding changesets
@@ -191,12 +204,14 b' pull without cacert'
191 204 $ echo "changegroup = printenv.py changegroup" >> .hg/hgrc
192 205 $ hg pull $DISABLECACERTS
193 206 pulling from https://localhost:$HGPORT/
207 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
194 208 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
195 209 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
196 210 [255]
197 211
198 212 $ hg pull --insecure
199 213 pulling from https://localhost:$HGPORT/
214 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
200 215 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
201 216 searching for changes
202 217 adding changesets
@@ -214,6 +229,7 b' cacert configured in local repo'
214 229 $ echo "cacerts=$CERTSDIR/pub.pem" >> copy-pull/.hg/hgrc
215 230 $ hg -R copy-pull pull --traceback
216 231 pulling from https://localhost:$HGPORT/
232 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
217 233 searching for changes
218 234 no changes found
219 235 $ mv copy-pull/.hg/hgrc.bu copy-pull/.hg/hgrc
@@ -225,10 +241,12 b' variables in the filename'
225 241 $ echo 'cacerts=$P/pub.pem' >> $HGRCPATH
226 242 $ P="$CERTSDIR" hg -R copy-pull pull
227 243 pulling from https://localhost:$HGPORT/
244 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
228 245 searching for changes
229 246 no changes found
230 247 $ P="$CERTSDIR" hg -R copy-pull pull --insecure
231 248 pulling from https://localhost:$HGPORT/
249 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
232 250 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
233 251 searching for changes
234 252 no changes found
@@ -246,6 +264,7 b' empty cacert file'
246 264 #else
247 265 $ hg --config web.cacerts=emptycafile -R copy-pull pull
248 266 pulling from https://localhost:$HGPORT/
267 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
249 268 abort: error: * (glob)
250 269 [255]
251 270 #endif
@@ -255,22 +274,26 b' cacert mismatch'
255 274 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub.pem" \
256 275 > https://127.0.0.1:$HGPORT/
257 276 pulling from https://127.0.0.1:$HGPORT/ (glob)
277 warning: connecting to 127.0.0.1 using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
258 278 abort: 127.0.0.1 certificate error: certificate is for localhost (glob)
259 279 (set hostsecurity.127.0.0.1:certfingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e config setting or use --insecure to connect insecurely) (glob)
260 280 [255]
261 281 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub.pem" \
262 282 > https://127.0.0.1:$HGPORT/ --insecure
263 283 pulling from https://127.0.0.1:$HGPORT/ (glob)
284 warning: connecting to 127.0.0.1 using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
264 285 warning: connection security to 127.0.0.1 is disabled per current settings; communication is susceptible to eavesdropping and tampering (glob)
265 286 searching for changes
266 287 no changes found
267 288 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-other.pem"
268 289 pulling from https://localhost:$HGPORT/
290 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
269 291 abort: error: *certificate verify failed* (glob)
270 292 [255]
271 293 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-other.pem" \
272 294 > --insecure
273 295 pulling from https://localhost:$HGPORT/
296 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
274 297 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
275 298 searching for changes
276 299 no changes found
@@ -282,6 +305,7 b" Test server cert which isn't valid yet"
282 305 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-not-yet.pem" \
283 306 > https://localhost:$HGPORT1/
284 307 pulling from https://localhost:$HGPORT1/
308 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
285 309 abort: error: *certificate verify failed* (glob)
286 310 [255]
287 311
@@ -292,50 +316,67 b' Test server cert which no longer is vali'
292 316 $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-expired.pem" \
293 317 > https://localhost:$HGPORT2/
294 318 pulling from https://localhost:$HGPORT2/
319 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
295 320 abort: error: *certificate verify failed* (glob)
296 321 [255]
297 322
323 Disabling the TLS 1.0 warning works
324 $ hg -R copy-pull id https://localhost:$HGPORT/ \
325 > --config hostsecurity.localhost:fingerprints=sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03 \
326 > --config hostsecurity.disabletls10warning=true
327 5fed3813f7f5
328
298 329 Fingerprints
299 330
300 331 - works without cacerts (hostkeyfingerprints)
301 332 $ hg -R copy-pull id https://localhost:$HGPORT/ --insecure --config hostfingerprints.localhost=ec:d8:7c:d6:b3:86:d0:4f:c1:b8:b4:1c:9d:8f:5e:16:8e:ef:1c:03
333 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
302 334 5fed3813f7f5
303 335
304 336 - works without cacerts (hostsecurity)
305 337 $ hg -R copy-pull id https://localhost:$HGPORT/ --config hostsecurity.localhost:fingerprints=sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
338 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
306 339 5fed3813f7f5
307 340
308 341 $ hg -R copy-pull id https://localhost:$HGPORT/ --config hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e
342 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
309 343 5fed3813f7f5
310 344
311 345 - multiple fingerprints specified and first matches
312 346 $ hg --config 'hostfingerprints.localhost=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03, deadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/ --insecure
347 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
313 348 5fed3813f7f5
314 349
315 350 $ hg --config 'hostsecurity.localhost:fingerprints=sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03, sha1:deadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/
351 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
316 352 5fed3813f7f5
317 353
318 354 - multiple fingerprints specified and last matches
319 355 $ hg --config 'hostfingerprints.localhost=deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03' -R copy-pull id https://localhost:$HGPORT/ --insecure
356 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
320 357 5fed3813f7f5
321 358
322 359 $ hg --config 'hostsecurity.localhost:fingerprints=sha1:deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, sha1:ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03' -R copy-pull id https://localhost:$HGPORT/
360 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
323 361 5fed3813f7f5
324 362
325 363 - multiple fingerprints specified and none match
326 364
327 365 $ hg --config 'hostfingerprints.localhost=deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, aeadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/ --insecure
366 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
328 367 abort: certificate for localhost has unexpected fingerprint ec:d8:7c:d6:b3:86:d0:4f:c1:b8:b4:1c:9d:8f:5e:16:8e:ef:1c:03
329 368 (check hostfingerprint configuration)
330 369 [255]
331 370
332 371 $ hg --config 'hostsecurity.localhost:fingerprints=sha1:deadbeefdeadbeefdeadbeefdeadbeefdeadbeef, sha1:aeadbeefdeadbeefdeadbeefdeadbeefdeadbeef' -R copy-pull id https://localhost:$HGPORT/
372 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
333 373 abort: certificate for localhost has unexpected fingerprint sha1:ec:d8:7c:d6:b3:86:d0:4f:c1:b8:b4:1c:9d:8f:5e:16:8e:ef:1c:03
334 374 (check hostsecurity configuration)
335 375 [255]
336 376
337 377 - fails when cert doesn't match hostname (port is ignored)
338 378 $ hg -R copy-pull id https://localhost:$HGPORT1/ --config hostfingerprints.localhost=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
379 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
339 380 abort: certificate for localhost has unexpected fingerprint f4:2f:5a:0c:3e:52:5b:db:e7:24:a8:32:1d:18:97:6d:69:b5:87:84
340 381 (check hostfingerprint configuration)
341 382 [255]
@@ -343,6 +384,7 b' Fingerprints'
343 384
344 385 - ignores that certificate doesn't match hostname
345 386 $ hg -R copy-pull id https://127.0.0.1:$HGPORT/ --config hostfingerprints.127.0.0.1=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
387 warning: connecting to 127.0.0.1 using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
346 388 5fed3813f7f5
347 389
348 390 Ports used by next test. Kill servers.
@@ -436,6 +478,7 b' Test unvalidated https through proxy'
436 478
437 479 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull --insecure --traceback
438 480 pulling from https://localhost:$HGPORT/
481 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
439 482 warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
440 483 searching for changes
441 484 no changes found
@@ -445,10 +488,12 b' Test https with cacert and fingerprint t'
445 488 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
446 489 > --config web.cacerts="$CERTSDIR/pub.pem"
447 490 pulling from https://localhost:$HGPORT/
491 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
448 492 searching for changes
449 493 no changes found
450 494 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull https://127.0.0.1:$HGPORT/ --config hostfingerprints.127.0.0.1=ecd87cd6b386d04fc1b8b41c9d8f5e168eef1c03
451 495 pulling from https://127.0.0.1:$HGPORT/ (glob)
496 warning: connecting to 127.0.0.1 using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
452 497 searching for changes
453 498 no changes found
454 499
@@ -457,11 +502,13 b' Test https with cert problems through pr'
457 502 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
458 503 > --config web.cacerts="$CERTSDIR/pub-other.pem"
459 504 pulling from https://localhost:$HGPORT/
505 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
460 506 abort: error: *certificate verify failed* (glob)
461 507 [255]
462 508 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
463 509 > --config web.cacerts="$CERTSDIR/pub-expired.pem" https://localhost:$HGPORT2/
464 510 pulling from https://localhost:$HGPORT2/
511 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
465 512 abort: error: *certificate verify failed* (glob)
466 513 [255]
467 514
Show file before | Show file after | Hide comments
@@ -58,6 +58,7 b' we are able to load CA certs:'
58 58 this patch series consists of 1 patches.
59 59
60 60
61 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info
61 62 (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
62 63 (?i)abort: .*?certificate.verify.failed.* (re)
63 64 [255]
@@ -95,6 +96,7 b' Without certificates:'
95 96
96 97 (using smtps)
97 98 sending mail: smtp host localhost, port * (glob)
99 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
98 100 (verifying remote certificate)
99 101 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
100 102 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
@@ -108,6 +110,7 b' With global certificates:'
108 110
109 111 (using smtps)
110 112 sending mail: smtp host localhost, port * (glob)
113 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
111 114 (verifying remote certificate)
112 115 sending [PATCH] a ...
113 116
@@ -117,6 +120,7 b' With invalid certificates:'
117 120 this patch series consists of 1 patches.
118 121
119 122
123 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
120 124 (?i)abort: .*?certificate.verify.failed.* (re)
121 125 [255]
122 126
General Comments 0
You need to be logged in to leave comments. Login now