##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

sslutil: print a warning when using TLS 1.0 on legacy Python...
sslutil: print a warning when using TLS 1.0 on legacy Python Mercurial now requires TLS 1.1+ when TLS 1.1+ is supported by the client. Since we made the decision to require TLS 1.1+ when running with modern Python versions, it makes sense to do something for legacy Python versions that only support TLS 1.0. Feature parity would be to prevent TLS 1.0 connections out of the box and require a config option to enable them. However, this is extremely user hostile since Mercurial wouldn't talk to https:// by default in these installations! I can easily see how someone would do something foolish like use "--insecure" instead - and that would be worse than allowing TLS 1.0! This patch takes the compromise position of printing a warning when performing TLS 1.0 connections when running on old Python versions. While this warning is no more annoying than the CA certificate / fingerprint warnings in Mercurial 3.8, we provide a config option to disable the warning because to many people upgrading Python to make the warning go away is not an available recourse (unlike pinning fingerprints is for the CA warning). The warning appears as optional output in a lot of tests.
Sean Farley - - Load All Authors

File last commit:

r29090:7b52cb38 stable
r29561:1a782fab default
Show More
hg-ssh.8.txt
71 lines | 1.8 KiB | text/plain | TextLexer
/ mercurial / help / hg-ssh.8.txt
History | Annotation | Raw |Copy content |Copy permalink
========
hg-ssh
========
----------------------------------------
restricted ssh login shell for Mercurial
----------------------------------------
:Author: Thomas Arendsen Hein <thomas@intevation.de>
:Organization: Mercurial
:Manual section: 8
:Manual group: Mercurial Manual
.. contents::
:backlinks: top
:class: htmlonly
:depth: 1
Synopsis
""""""""
**hg-ssh** repositories...
Description
"""""""""""
**hg-ssh** is a wrapper for ssh access to a limited set of mercurial repos.
To be used in ~/.ssh/authorized_keys with the "command" option, see sshd(8):
command="hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4" ssh-dss ...
(probably together with these other useful options:
no-port-forwarding,no-X11-forwarding,no-agent-forwarding)
This allows pull/push over ssh from/to the repositories given as arguments.
If all your repositories are subdirectories of a common directory, you can
allow shorter paths with:
command="cd path/to/my/repositories && hg-ssh repo1 subdir/repo2"
You can use pattern matching of your normal shell, e.g.:
command="cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}"
You can also add a --read-only flag to allow read-only access to a key, e.g.:
command="hg-ssh --read-only repos/\*"
Bugs
""""
Probably lots, please post them to the mailing list (see Resources_
below) when you find them.
See Also
""""""""
|hg(1)|_
Author
""""""
Written by Matt Mackall <mpm@selenic.com>
Resources
"""""""""
Main Web Site: https://mercurial-scm.org/
Source code repository: http://selenic.com/hg
Mailing list: http://selenic.com/mailman/listinfo/mercurial
Copying
"""""""
Copyright (C) 2005-2016 Matt Mackall.
Free use of this software is granted under the terms of the GNU General
Public License version 2 or any later version.
.. include:: common.txt