sslutil: abort if peer certificate is not verified for secure use
Before this patch, "sslutil.validator" may returns successfully, even
if peer certificate is not verified because there is no information in
"[hostfingerprints]" and "[web] cacerts".
To prevent from sending authentication credential to untrustable SMTP
server, validation should be aborted if peer certificate is not
verified.
This patch introduces "strict" optional argument, and
"sslutil.validator" will abort if it is True and peer certificate is
not verified.
$ "$TESTDIR/hghave" inotify || exit 80
$ hg init
$ touch a
$ mkdir dir
$ touch dir/b
$ touch dir/c
$ echo "[extensions]" >> $HGRCPATH
$ echo "inotify=" >> $HGRCPATH
$ hg add dir/c
inserve
$ hg inserve -d --pid-file=hg.pid 2>&1
$ cat hg.pid >> "$DAEMON_PIDS"
$ hg st
A dir/c
? a
? dir/b
? hg.pid
moving dir out
$ mv dir ../tmp-test-inotify-issue1542
status
$ hg st
! dir/c
? a
? hg.pid
$ sleep 1
Are we able to kill the service? if not, the service died on some error
$ "$TESTDIR/killdaemons.py" hg.pid