Mercurial Mercurial > mercurial / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests/test-https.t
changeset 33494 30f2715be123
parent 33422 ba971f555cb0
child 33575 5b286cfe4fb0
equal deleted inserted replaced
33493:9a9f95214f46 33494:30f2715be123 
    82 
    82 
    83 #if defaultcacertsloaded
 
    83 #if defaultcacertsloaded
 
    84   $ hg clone https://localhost:$HGPORT/ copy-pull
 
    84   $ hg clone https://localhost:$HGPORT/ copy-pull
 
    85   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
    85   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
    86   (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
 
    86   (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
 
       
    87   (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
 
    87   abort: error: *certificate verify failed* (glob)
 
    88   abort: error: *certificate verify failed* (glob)
 
    88   [255]
 
    89   [255]
 
    89 #endif
 
    90 #endif
 
    90 
    91 
    91 #if no-defaultcacerts
 
    92 #if no-defaultcacerts
 
   126 (modern ssl is able to discern whether the loaded cert is a CA cert)
 
   127 (modern ssl is able to discern whether the loaded cert is a CA cert)
 
   127 #if sslcontext
 
   128 #if sslcontext
 
   128   $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/client-cert.pem" clone https://localhost:$HGPORT/
 
   129   $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/client-cert.pem" clone https://localhost:$HGPORT/
 
   129   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
   130   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
   130   (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
 
   131   (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
 
       
   132   (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
 
   131   abort: error: *certificate verify failed* (glob)
 
   133   abort: error: *certificate verify failed* (glob)
 
   132   [255]
 
   134   [255]
 
   133 #else
 
   135 #else
 
   134   $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/client-cert.pem" clone https://localhost:$HGPORT/
 
   136   $ hg --config hostsecurity.localhost:verifycertsfile="$CERTSDIR/client-cert.pem" clone https://localhost:$HGPORT/
 
   135   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
   137   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
   293   searching for changes
 
   295   searching for changes
 
   294   no changes found
 
   296   no changes found
 
   295   $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-other.pem"
 
   297   $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-other.pem"
 
   296   pulling from https://localhost:$HGPORT/
 
   298   pulling from https://localhost:$HGPORT/
 
   297   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
   299   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
       
   300   (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
 
   298   abort: error: *certificate verify failed* (glob)
 
   301   abort: error: *certificate verify failed* (glob)
 
   299   [255]
 
   302   [255]
 
   300   $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-other.pem" \
 
   303   $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-other.pem" \
 
   301   > --insecure
 
   304   > --insecure
 
   302   pulling from https://localhost:$HGPORT/
 
   305   pulling from https://localhost:$HGPORT/
 
   311   $ cat hg1.pid >> $DAEMON_PIDS
 
   314   $ cat hg1.pid >> $DAEMON_PIDS
 
   312   $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-not-yet.pem" \
 
   315   $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-not-yet.pem" \
 
   313   > https://localhost:$HGPORT1/
 
   316   > https://localhost:$HGPORT1/
 
   314   pulling from https://localhost:$HGPORT1/
 
   317   pulling from https://localhost:$HGPORT1/
 
   315   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
   318   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
       
   319   (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
 
   316   abort: error: *certificate verify failed* (glob)
 
   320   abort: error: *certificate verify failed* (glob)
 
   317   [255]
 
   321   [255]
 
   318 
   322 
   319 Test server cert which no longer is valid
 
   323 Test server cert which no longer is valid
 
   320 
   324 
   322   $ cat hg2.pid >> $DAEMON_PIDS
 
   326   $ cat hg2.pid >> $DAEMON_PIDS
 
   323   $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-expired.pem" \
 
   327   $ hg -R copy-pull pull --config web.cacerts="$CERTSDIR/pub-expired.pem" \
 
   324   > https://localhost:$HGPORT2/
 
   328   > https://localhost:$HGPORT2/
 
   325   pulling from https://localhost:$HGPORT2/
 
   329   pulling from https://localhost:$HGPORT2/
 
   326   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
   330   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
       
   331   (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
 
   327   abort: error: *certificate verify failed* (glob)
 
   332   abort: error: *certificate verify failed* (glob)
 
   328   [255]
 
   333   [255]
 
   329 
   334 
   330 Disabling the TLS 1.0 warning works
 
   335 Disabling the TLS 1.0 warning works
 
   331   $ hg -R copy-pull id https://localhost:$HGPORT/ \
 
   336   $ hg -R copy-pull id https://localhost:$HGPORT/ \
 
   576 
   581 
   577   $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
 
   582   $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
 
   578   > --config web.cacerts="$CERTSDIR/pub-other.pem"
 
   583   > --config web.cacerts="$CERTSDIR/pub-other.pem"
 
   579   pulling from https://localhost:$HGPORT/
 
   584   pulling from https://localhost:$HGPORT/
 
   580   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
   585   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
       
   586   (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
 
   581   abort: error: *certificate verify failed* (glob)
 
   587   abort: error: *certificate verify failed* (glob)
 
   582   [255]
 
   588   [255]
 
   583   $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
 
   589   $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull \
 
   584   > --config web.cacerts="$CERTSDIR/pub-expired.pem" https://localhost:$HGPORT2/
 
   590   > --config web.cacerts="$CERTSDIR/pub-expired.pem" https://localhost:$HGPORT2/
 
   585   pulling from https://localhost:$HGPORT2/
 
   591   pulling from https://localhost:$HGPORT2/
 
   586   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
   592   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
       
   593   (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
 
   587   abort: error: *certificate verify failed* (glob)
 
   594   abort: error: *certificate verify failed* (glob)
 
   588   [255]
 
   595   [255]
 
   589 
   596 
   590 
   597 
   591   $ killdaemons.py hg0.pid
 
   598   $ killdaemons.py hg0.pid
 
   617 
   624 
   618 without client certificate:
 
   625 without client certificate:
 
   619 
   626 
   620   $ P="$CERTSDIR" hg id https://localhost:$HGPORT/
 
   627   $ P="$CERTSDIR" hg id https://localhost:$HGPORT/
 
   621   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
   628   warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
 
       
   629   (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
 
   622   abort: error: *handshake failure* (glob)
 
   630   abort: error: *handshake failure* (glob)
 
   623   [255]
 
   631   [255]
 
   624 
   632 
   625 with client certificate:
 
   633 with client certificate:
 
   626 
   634
mercurial