facebook/sapling
1
1
Fork 0
mirror of https://github.com/facebook/sapling.git synced 2024-10-09 08:18:15 +03:00
Code Issues Projects Releases Wiki Activity
c679adb7d0
sapling/tests/test-patchbomb-tls.t
Jun Wu 4a7b28d08b serve: assign hg serve ports dynamically in tests 
Summary:
Previously `hg server` uses `HGPORT` that might be in use. This patch uses
`-p 0 --port-file ...` so `hg server` always gets assigned a free port.

The change was first made by the following Ruby script:

```
re = /^  \$ hg serve(.*) -p \$(HGPORT[12]?) (.*[^\\])$\n  \$/
Dir['*.t'].each do |path|
  old = File.read(path)
  new = old.lines.map do |l|
    next l if l[/\(glob\)/] or not l['$HGPORT'] or l[/^  [$>]/]
    "#{l.chomp} (glob)\n"
  end.join.gsub re, <<-'EOS'.chomp
  $ hg serve\1 -p 0 --port-file $TESTTMP/.port \3
  $ \2=`cat $TESTTMP/.port`
  $
  EOS
  File.write(path, new) if old != new
end
```

Then there are some manual changes:

run-tests.py: It now treats `$HGPORT` in output as glob pattern `*`, since
it does not know the assigned value in tests.

test-bookmarks-pushpull.t, test-https.t: Some `hg pull`s were changed to use
explicit paths instead of relying on `.hgrc` since the test restarts the
server and `.hg/hgrc` having an outdated URL.

test-schemes.t: The test writes `$HGPORT` to `.hgrc` before assigning it.
Changed the order so the correct `$HGPORT` is written.

test-patchbomb-tls.t: Changed `(?) (glob)` to `(glob) (?)`.

Reviewed By: DurhamG

Differential Revision: D6925398

fbshipit-source-id: d5c10476f43ce23f9e99618807580cf8ba92595c
2018-04-13 21:51:07 -07:00

127 lines
4.4 KiB
Perl
Raw Blame History

#require serve ssl
Set up SMTP server:
$ CERTSDIR="$TESTDIR/sslcerts"
$ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem
$ $PYTHON "$TESTDIR/dummysmtpd.py" -p $HGPORT --pid-file a.pid -d \
> --tls smtps --certificate `pwd`/server.pem
listening at localhost:$HGPORT (glob) (?)
$ cat a.pid >> $DAEMON_PIDS
Set up repository:
$ hg init t
$ cd t
$ cat <<EOF >> .hg/hgrc
> [extensions]
> patchbomb =
> [email]
> method = smtp
> [smtp]
> host = localhost
> port = $HGPORT
> tls = smtps
> EOF
$ echo a > a
$ hg commit -Ama -d '1 0'
adding a
Utility functions:
$ DISABLECACERTS=
$ try () {
> hg email $DISABLECACERTS -f quux -t foo -c bar -r tip "$@"
> }
Our test cert is not signed by a trusted CA. It should fail to verify if
we are able to load CA certs:
#if sslcontext defaultcacerts no-defaultcacertsloaded
$ try
this patch series consists of 1 patches.
(an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
(?i)abort: .*?certificate.verify.failed.* (re)
[255]
#endif
#if no-sslcontext defaultcacerts
$ try
this patch series consists of 1 patches.
warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info
(using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
(?i)abort: .*?certificate.verify.failed.* (re)
[255]
#endif
#if defaultcacertsloaded
$ try
this patch series consists of 1 patches.
warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
(using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
(the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
(?i)abort: .*?certificate.verify.failed.* (re)
[255]
#endif
#if no-defaultcacerts
$ try
this patch series consists of 1 patches.
(unable to load * certificates; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
abort: localhost certificate error: no certificate received
(set hostsecurity.localhost:certfingerprints=sha256:62:09:97:2f:97:60:e3:65:8f:12:5d:78:9e:35:a1:36:7a:65:4b:0e:9f:ac:db:c3:bc:6e:b6:a3:c0:16:e0:30 config setting or use --insecure to connect insecurely)
[255]
#endif
$ DISABLECACERTS="--config devel.disableloaddefaultcerts=true"
Without certificates:
$ try --debug
this patch series consists of 1 patches.
(using smtps)
sending mail: smtp host localhost, port * (glob)
warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
(verifying remote certificate)
abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
(see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
[255]
With global certificates:
$ try --debug --config web.cacerts="$CERTSDIR/pub.pem"
this patch series consists of 1 patches.
(using smtps)
sending mail: smtp host localhost, port * (glob)
warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
(verifying remote certificate)
sending [PATCH] a ...
With invalid certificates:
$ try --config web.cacerts="$CERTSDIR/pub-other.pem"
this patch series consists of 1 patches.
warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
(the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
(?i)abort: .*?certificate.verify.failed.* (re)
[255]
$ cd ..
Reference in New Issue View Git Blame Copy Permalink