test: override default cipher selection when connecting to TLS 1.0/1.1 servers
The default set of ciphers on python 3.10 is incompatible with old TLS
versions.
Differential Revision: https://phab.mercurial-scm.org/D12490
--- a/tests/test-https.t Sat Apr 09 14:23:52 2022 +0200
+++ b/tests/test-https.t Sat Apr 09 14:28:17 2022 +0200
@@ -361,9 +361,9 @@
Clients talking same TLS versions work
- $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.0 id https://localhost:$HGPORT/
+ $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.0 --config hostsecurity.ciphers=DEFAULT id https://localhost:$HGPORT/
5fed3813f7f5
- $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 id https://localhost:$HGPORT1/
+ $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 --config hostsecurity.ciphers=DEFAULT id https://localhost:$HGPORT1/
5fed3813f7f5
$ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id https://localhost:$HGPORT2/
5fed3813f7f5
@@ -405,6 +405,7 @@
The per-host config option overrides the default
$ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
+ > --config hostsecurity.ciphers=DEFAULT \
> --config hostsecurity.minimumprotocol=tls1.2 \
> --config hostsecurity.localhost:minimumprotocol=tls1.0
5fed3813f7f5