Mercurial Mercurial > mercurial / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests/test-https.t
changeset 29577 9654ef41f7cc
parent 29561 1a782fabf80d
child 29601 6cff2ac0ccb9 
--- a/tests/test-https.t	Sun Jul 17 10:50:51 2016 -0700
+++ b/tests/test-https.t	Sun Jul 17 10:59:32 2016 -0700
@@ -326,6 +326,48 @@
   > --config hostsecurity.disabletls10warning=true
   5fed3813f7f5
 
+#if no-sslcontext no-py27+
+Setting ciphers doesn't work in Python 2.6
+  $ P="$CERTSDIR" hg --config hostsecurity.ciphers=HIGH -R copy-pull id https://localhost:$HGPORT/
+  warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info
+  abort: setting ciphers in [hostsecurity] is not supported by this version of Python
+  (remove the config option or run Mercurial with a modern Python version (preferred))
+  [255]
+#endif
+
+Setting ciphers works in Python 2.7+ but the error message is different on
+legacy ssl. We test legacy once and do more feature checking on modern
+configs.
+
+#if py27+ no-sslcontext
+  $ P="$CERTSDIR" hg --config hostsecurity.ciphers=invalid -R copy-pull id https://localhost:$HGPORT/
+  warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info
+  abort: *No cipher can be selected. (glob)
+  [255]
+
+  $ P="$CERTSDIR" hg --config hostsecurity.ciphers=HIGH -R copy-pull id https://localhost:$HGPORT/
+  warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info
+  5fed3813f7f5
+#endif
+
+#if sslcontext
+Setting ciphers to an invalid value aborts
+  $ P="$CERTSDIR" hg --config hostsecurity.ciphers=invalid -R copy-pull id https://localhost:$HGPORT/
+  abort: could not set ciphers: No cipher can be selected.
+  (change cipher string (invalid) in config)
+  [255]
+
+  $ P="$CERTSDIR" hg --config hostsecurity.localhost:ciphers=invalid -R copy-pull id https://localhost:$HGPORT/
+  abort: could not set ciphers: No cipher can be selected.
+  (change cipher string (invalid) in config)
+  [255]
+
+Changing the cipher string works
+
+  $ P="$CERTSDIR" hg --config hostsecurity.ciphers=HIGH -R copy-pull id https://localhost:$HGPORT/
+  5fed3813f7f5
+#endif
+
 Fingerprints
 
 - works without cacerts (hostkeyfingerprints)
mercurial