cacert: improve error report when web.cacert file does not exist

2025-01-06 04:43:19 +03:00 · 2011-03-06 10:27:07 -06:00 · 2011-03-06 10:27:07 -06:00 · 49d2d3233b
commit 49d2d3233b
parent 4901987354
2 changed files with 11 additions and 1 deletions
--- a/mercurial/url.py
+++ b/mercurial/url.py
@ -560,9 +560,13 @@ if has_https:
            hostfingerprint = self.ui.config('hostfingerprints', host)

            if cacerts and not hostfingerprint:
+                cacerts = util.expandpath(cacerts)
+                if not os.path.exists(cacerts):
+                    raise util.Abort(_('could not find '
+                                       'web.cacerts: %s') % cacerts)
                self.sock = _ssl_wrap_socket(self.sock, self.key_file,
                    self.cert_file, cert_reqs=CERT_REQUIRED,
-                    ca_certs=util.expandpath(cacerts))
+                    ca_certs=cacerts)
                msg = _verifycert(self.sock.getpeercert(), host)
                if msg:
                    raise util.Abort(_('%s certificate error: %s '
--- a/tests/test-https.t
+++ b/tests/test-https.t
@ -96,6 +96,12 @@ pub.pem patched with other notBefore / notAfter:
  $ hg serve -p $HGPORT -d --pid-file=../hg0.pid --certificate=$PRIV
  $ cat ../hg0.pid >> $DAEMON_PIDS

+cacert not found
+
+  $ hg in --config web.cacerts=no-such.pem https://localhost:$HGPORT/
+  abort: could not find web.cacerts: no-such.pem
+  [255]
+
 Test server address cannot be reused

  $ hg serve -p $HGPORT --certificate=$PRIV 2>&1