Show More
| @@ -0,0 +1,89 b'' | |||||
|
|
1 | #require serve ssl | |||
|
|
2 | ||||
|
|
3 | Set up SMTP server: | |||
|
|
4 | ||||
|
|
5 | $ CERTSDIR="$TESTDIR/sslcerts" | |||
|
|
6 | $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem | |||
|
|
7 | ||||
|
|
8 | $ python "$TESTDIR/dummysmtpd.py" -p $HGPORT --pid-file a.pid -d \ | |||
|
|
9 | > --tls smtps --certificate `pwd`/server.pem | |||
|
|
10 | listening at localhost:$HGPORT | |||
|
|
11 | $ cat a.pid >> $DAEMON_PIDS | |||
|
|
12 | ||||
|
|
13 | Ensure hg email output is sent to stdout: | |||
|
|
14 | ||||
|
|
15 | $ unset PAGER | |||
|
|
16 | ||||
|
|
17 | Set up repository: | |||
|
|
18 | ||||
|
|
19 | $ hg init t | |||
|
|
20 | $ cd t | |||
|
|
21 | $ cat <<EOF >> .hg/hgrc | |||
|
|
22 | > [extensions] | |||
|
|
23 | > patchbomb = | |||
|
|
24 | > [email] | |||
|
|
25 | > method = smtp | |||
|
|
26 | > [smtp] | |||
|
|
27 | > host = localhost | |||
|
|
28 | > port = $HGPORT | |||
|
|
29 | > tls = smtps | |||
|
|
30 | > EOF | |||
|
|
31 | ||||
|
|
32 | $ echo a > a | |||
|
|
33 | $ hg commit -Ama -d '1 0' | |||
|
|
34 | adding a | |||
|
|
35 | ||||
|
|
36 | Utility functions: | |||
|
|
37 | ||||
|
|
38 | $ DISABLECACERTS= | |||
|
|
39 | $ try () { | |||
|
|
40 | > hg email $DISABLECACERTS -f quux -t foo -c bar -r tip "$@" | |||
|
|
41 | > } | |||
|
|
42 | ||||
|
|
43 | Our test cert is not signed by a trusted CA. It should fail to verify if | |||
|
|
44 | we are able to load CA certs: | |||
|
|
45 | ||||
|
|
46 | #if defaultcacerts | |||
|
|
47 | $ try | |||
|
|
48 | this patch series consists of 1 patches. | |||
|
|
49 | ||||
|
|
50 | ||||
|
|
51 | (?i)abort: .*?certificate.verify.failed.* (re) | |||
|
|
52 | [255] | |||
|
|
53 | #endif | |||
|
|
54 | ||||
|
|
55 | $ DISABLECACERTS="--config devel.disableloaddefaultcerts=true" | |||
|
|
56 | ||||
|
|
57 | Without certificates: | |||
|
|
58 | ||||
|
|
59 | $ try --debug | |||
|
|
60 | this patch series consists of 1 patches. | |||
|
|
61 | ||||
|
|
62 | ||||
|
|
63 | (using smtps) | |||
|
|
64 | sending mail: smtp host localhost, port * (glob) | |||
|
|
65 | (verifying remote certificate) | |||
|
|
66 | warning: certificate for localhost not verified (set hostsecurity.localhost:certfingerprints=sha256:62:09:97:2f:97:60:e3:65:8f:12:5d:78:9e:35:a1:36:7a:65:4b:0e:9f:ac:db:c3:bc:6e:b6:a3:c0:16:e0:30 or web.cacerts config settings) | |||
|
|
67 | sending [PATCH] a ... | |||
|
|
68 | ||||
|
|
69 | With global certificates: | |||
|
|
70 | ||||
|
|
71 | $ try --debug --config web.cacerts="$CERTSDIR/pub.pem" | |||
|
|
72 | this patch series consists of 1 patches. | |||
|
|
73 | ||||
|
|
74 | ||||
|
|
75 | (using smtps) | |||
|
|
76 | sending mail: smtp host localhost, port * (glob) | |||
|
|
77 | (verifying remote certificate) | |||
|
|
78 | sending [PATCH] a ... | |||
|
|
79 | ||||
|
|
80 | With invalid certificates: | |||
|
|
81 | ||||
|
|
82 | $ try --config web.cacerts="$CERTSDIR/pub-other.pem" | |||
|
|
83 | this patch series consists of 1 patches. | |||
|
|
84 | ||||
|
|
85 | ||||
|
|
86 | (?i)abort: .*?certificate.verify.failed.* (re) | |||
|
|
87 | [255] | |||
|
|
88 | ||||
|
|
89 | $ cd .. | |||
General Comments 0
You need to be logged in to leave comments.
Login now