upstream/mercurial-mirror Files · tests/test-hgweb-non-interactive.t

sslutil: print a warning when using TLS 1.0 on legacy Python...

sslutil: print a warning when using TLS 1.0 on legacy Python Mercurial now requires TLS 1.1+ when TLS 1.1+ is supported by the client. Since we made the decision to require TLS 1.1+ when running with modern Python versions, it makes sense to do something for legacy Python versions that only support TLS 1.0. Feature parity would be to prevent TLS 1.0 connections out of the box and require a config option to enable them. However, this is extremely user hostile since Mercurial wouldn't talk to https:// by default in these installations! I can easily see how someone would do something foolish like use "--insecure" instead - and that would be worse than allowing TLS 1.0! This patch takes the compromise position of printing a warning when performing TLS 1.0 connections when running on old Python versions. While this warning is no more annoying than the CA certificate / fingerprint warnings in Mercurial 3.8, we provide a config option to disable the warning because to many people upgrading Python to make the warning go away is not an available recourse (unlike pinning fingerprints is for the CA warning). The warning appears as optional output in a lot of tests.

timeless - - Load All Authors

File last commit:

r28861:86db5cb5 default


                r29561:1a782fab

default

Download file

             test-hgweb-non-interactive.t
        
                    92 lines
            
             | 2.5 KiB
            
                | text/troff
            
             |
                Tads3Lexer
            
             / tests / test-hgweb-non-interactive.t
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      Tests if hgweb can run without touching sys.stdin, as is required

      by the WSGI standard and strictly implemented by mod_wsgi.

        $ hg init repo

        $ cd repo

        $ echo foo > bar

        $ hg add bar

        $ hg commit -m "test"

        $ cat > request.py <<EOF

        > from __future__ import absolute_import

        > import os

        > import sys

        > from mercurial import (

        >     dispatch,

        >     hg,

        >     ui as uimod,

        >     util,

        > )

        > ui = uimod.ui

        > from mercurial.hgweb.hgweb_mod import (

        >     hgweb,

        > )

        > stringio = util.stringio

        > 

        > class FileLike(object):

        >     def __init__(self, real):

        >         self.real = real

        >     def fileno(self):

        >         print >> sys.__stdout__, 'FILENO'

        >         return self.real.fileno()

        >     def read(self):

        >         print >> sys.__stdout__, 'READ'

        >         return self.real.read()

        >     def readline(self):

        >         print >> sys.__stdout__, 'READLINE'

        >         return self.real.readline()

        > 

        > sys.stdin = FileLike(sys.stdin)

        > errors = stringio()

        > input = stringio()

        > output = stringio()

        > 

        > def startrsp(status, headers):

        >     print '---- STATUS'

        >     print status

        >     print '---- HEADERS'

        >     print [i for i in headers if i[0] != 'ETag']

        >     print '---- DATA'

        >     return output.write

        > 

        > env = {

        >     'wsgi.version': (1, 0),

        >     'wsgi.url_scheme': 'http',

        >     'wsgi.errors': errors,

        >     'wsgi.input': input,

        >     'wsgi.multithread': False,

        >     'wsgi.multiprocess': False,

        >     'wsgi.run_once': False,

        >     'REQUEST_METHOD': 'GET',

        >     'SCRIPT_NAME': '',

        >     'PATH_INFO': '',

        >     'QUERY_STRING': '',

        >     'SERVER_NAME': '127.0.0.1',

        >     'SERVER_PORT': os.environ['HGPORT'],

        >     'SERVER_PROTOCOL': 'HTTP/1.0'

        > }

        > 

        > i = hgweb('.')

        > for c in i(env, startrsp):

        >     pass

        > print '---- ERRORS'

        > print errors.getvalue()

        > print '---- OS.ENVIRON wsgi variables'

        > print sorted([x for x in os.environ if x.startswith('wsgi')])

        > print '---- request.ENVIRON wsgi variables'

        > with i._obtainrepo() as repo:

        >     print sorted([x for x in repo.ui.environ if x.startswith('wsgi')])

        > EOF

        $ python request.py

        ---- STATUS

        200 Script output follows

        ---- HEADERS

        [('Content-Type', 'text/html; charset=ascii')]

        ---- DATA

        ---- ERRORS

        ---- OS.ENVIRON wsgi variables

        []

        ---- request.ENVIRON wsgi variables

        ['wsgi.errors', 'wsgi.input', 'wsgi.multiprocess', 'wsgi.multithread', 'wsgi.run_once', 'wsgi.url_scheme', 'wsgi.version']

        $ cd ..

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				Tests if hgweb can run without touching sys.stdin, as is required
				by the WSGI standard and strictly implemented by mod_wsgi.

				$ hg init repo
				$ cd repo
				$ echo foo > bar
				$ hg add bar
				$ hg commit -m "test"
				$ cat > request.py <<EOF
				> from __future__ import absolute_import
				> import os
				> import sys
				> from mercurial import (
				> dispatch,
				> hg,
				> ui as uimod,
				> util,
				> )
				> ui = uimod.ui
				> from mercurial.hgweb.hgweb_mod import (
				> hgweb,
				> )
				> stringio = util.stringio
				>
				> class FileLike(object):
				> def __init__(self, real):
				> self.real = real
				> def fileno(self):
				> print >> sys.__stdout__, 'FILENO'
				> return self.real.fileno()
				> def read(self):
				> print >> sys.__stdout__, 'READ'
				> return self.real.read()
				> def readline(self):
				> print >> sys.__stdout__, 'READLINE'
				> return self.real.readline()
				>
				> sys.stdin = FileLike(sys.stdin)
				> errors = stringio()
				> input = stringio()
				> output = stringio()
				>
				> def startrsp(status, headers):
				> print '---- STATUS'
				> print status
				> print '---- HEADERS'
				> print [i for i in headers if i[0] != 'ETag']
				> print '---- DATA'
				> return output.write
				>
				> env = {
				> 'wsgi.version': (1, 0),
				> 'wsgi.url_scheme': 'http',
				> 'wsgi.errors': errors,
				> 'wsgi.input': input,
				> 'wsgi.multithread': False,
				> 'wsgi.multiprocess': False,
				> 'wsgi.run_once': False,
				> 'REQUEST_METHOD': 'GET',
				> 'SCRIPT_NAME': '',
				> 'PATH_INFO': '',
				> 'QUERY_STRING': '',
				> 'SERVER_NAME': '127.0.0.1',
				> 'SERVER_PORT': os.environ['HGPORT'],
				> 'SERVER_PROTOCOL': 'HTTP/1.0'
				> }
				>
				> i = hgweb('.')
				> for c in i(env, startrsp):
				> pass
				> print '---- ERRORS'
				> print errors.getvalue()
				> print '---- OS.ENVIRON wsgi variables'
				> print sorted([x for x in os.environ if x.startswith('wsgi')])
				> print '---- request.ENVIRON wsgi variables'
				> with i._obtainrepo() as repo:
				> print sorted([x for x in repo.ui.environ if x.startswith('wsgi')])
				> EOF
				$ python request.py
				---- STATUS
				200 Script output follows
				---- HEADERS
				[('Content-Type', 'text/html; charset=ascii')]
				---- DATA
				---- ERRORS

				---- OS.ENVIRON wsgi variables
				[]
				---- request.ENVIRON wsgi variables
				['wsgi.errors', 'wsgi.input', 'wsgi.multiprocess', 'wsgi.multithread', 'wsgi.run_once', 'wsgi.url_scheme', 'wsgi.version']

				$ cd ..