Show More
@@ -560,9 +560,13 b' if has_https:' | |||||
560 | hostfingerprint = self.ui.config('hostfingerprints', host) |
|
560 | hostfingerprint = self.ui.config('hostfingerprints', host) | |
561 |
|
561 | |||
562 | if cacerts and not hostfingerprint: |
|
562 | if cacerts and not hostfingerprint: | |
|
563 | cacerts = util.expandpath(cacerts) | |||
|
564 | if not os.path.exists(cacerts): | |||
|
565 | raise util.Abort(_('could not find ' | |||
|
566 | 'web.cacerts: %s') % cacerts) | |||
563 | self.sock = _ssl_wrap_socket(self.sock, self.key_file, |
|
567 | self.sock = _ssl_wrap_socket(self.sock, self.key_file, | |
564 | self.cert_file, cert_reqs=CERT_REQUIRED, |
|
568 | self.cert_file, cert_reqs=CERT_REQUIRED, | |
565 |
ca_certs= |
|
569 | ca_certs=cacerts) | |
566 | msg = _verifycert(self.sock.getpeercert(), host) |
|
570 | msg = _verifycert(self.sock.getpeercert(), host) | |
567 | if msg: |
|
571 | if msg: | |
568 | raise util.Abort(_('%s certificate error: %s ' |
|
572 | raise util.Abort(_('%s certificate error: %s ' |
@@ -96,6 +96,12 b' pub.pem patched with other notBefore / n' | |||||
96 | $ hg serve -p $HGPORT -d --pid-file=../hg0.pid --certificate=$PRIV |
|
96 | $ hg serve -p $HGPORT -d --pid-file=../hg0.pid --certificate=$PRIV | |
97 | $ cat ../hg0.pid >> $DAEMON_PIDS |
|
97 | $ cat ../hg0.pid >> $DAEMON_PIDS | |
98 |
|
98 | |||
|
99 | cacert not found | |||
|
100 | ||||
|
101 | $ hg in --config web.cacerts=no-such.pem https://localhost:$HGPORT/ | |||
|
102 | abort: could not find web.cacerts: no-such.pem | |||
|
103 | [255] | |||
|
104 | ||||
99 | Test server address cannot be reused |
|
105 | Test server address cannot be reused | |
100 |
|
106 | |||
101 | $ hg serve -p $HGPORT --certificate=$PRIV 2>&1 |
|
107 | $ hg serve -p $HGPORT --certificate=$PRIV 2>&1 |
General Comments 0
You need to be logged in to leave comments.
Login now