##// END OF EJS Templates
sslutil: inform the user about how to fix an incomplete certificate chain...
sslutil: inform the user about how to fix an incomplete certificate chain This is a Windows only thing. Unfortunately, the socket is closed at this point (so the certificate is unavailable to check the chain). That means it's printed out when verification fails as a guess, on the assumption that 1) most of the time verification won't fail, and 2) sites using expired or certs that are too new will be rare. Maybe this is an argument for adding more functionality to debugssl, to test for problems and print certificate info. Or maybe it's an argument for bundling certificates with the Windows builds. That idea was set aside when the enhanced SSL code went in last summer, and it looks like there were issues with using certifi on Windows anyway[1]. This was tested by deleting the certificate out of certmgr.msc > "Third-Party Root Certification Authorities" > "Certificates", seeing `hg pull` fail (with the new message), trying this command, and then successfully performing the pull command. [1] https://www.mercurial-scm.org/pipermail/mercurial-devel/2016-October/089573.html

File last commit:

r31007:bfdb0741 default
r33494:30f2715b default
Show More
dummyssh
26 lines | 590 B | text/plain | TextLexer
#!/usr/bin/env python
from __future__ import absolute_import
import os
import sys
os.chdir(os.getenv('TESTTMP'))
if sys.argv[1] != "user@dummy":
sys.exit(-1)
os.environ["SSH_CLIENT"] = "%s 1 2" % os.environ.get('LOCALIP', '127.0.0.1')
log = open("dummylog", "ab")
log.write("Got arguments")
for i, arg in enumerate(sys.argv[1:]):
log.write(" %d:%s" % (i + 1, arg))
log.write("\n")
log.close()
hgcmd = sys.argv[2]
if os.name == 'nt':
# hack to make simple unix single quote quoting work on windows
hgcmd = hgcmd.replace("'", '"')
r = os.system(hgcmd)
sys.exit(bool(r))