Mercurial > hg-stable
view tests/test-journal.t @ 29560:303e9300772a
sslutil: require TLS 1.1+ when supported
Currently, Mercurial will use TLS 1.0 or newer when connecting to
remote servers, selecting the highest TLS version supported by both
peers. On older Pythons, only TLS 1.0 is available. On newer Pythons,
TLS 1.1 and 1.2 should be available.
Security professionals recommend avoiding TLS 1.0 if possible.
PCI DSS 3.1 "strongly encourages" the use of TLS 1.2.
Known attacks like BEAST and POODLE exist against TLS 1.0 (although
mitigations are available and properly configured servers aren't
vulnerable).
I asked Eric Rescorla - Mozilla's resident crypto expert - whether
Mercurial should drop support for TLS 1.0. His response was
"if you can get away with it." Essentially, a number of servers on
the Internet don't support TLS 1.1+. This is why web browsers
continue to support TLS 1.0 despite desires from security experts.
This patch changes Mercurial's default behavior on modern Python
versions to require TLS 1.1+, thus avoiding known security issues
with TLS 1.0 and making Mercurial more secure by default. Rather
than drop TLS 1.0 support wholesale, we still allow TLS 1.0 to be
used if configured. This is a compromise solution - ideally we'd
disallow TLS 1.0. However, since we're not sure how many Mercurial
servers don't support TLS 1.1+ and we're not sure how much user
inconvenience this change will bring, I think it is prudent to ship
an escape hatch that still allows usage of TLS 1.0. In the default
case our users get better security. In the worst case, they are no
worse off than before this patch.
This patch has no effect when running on Python versions that don't
support TLS 1.1+.
As the added test shows, connecting to a server that doesn't
support TLS 1.1+ will display a warning message with a link to
our wiki, where we can guide people to configure their client to
allow less secure connections.
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Wed, 13 Jul 2016 21:35:54 -0700 |
parents | 7503d8874617 |
children | 12f04946053c |
line wrap: on
line source
Tests for the journal extension; records bookmark locations. $ cat >> testmocks.py << EOF > # mock out util.getuser() and util.makedate() to supply testable values > import os > from mercurial import util > def mockgetuser(): > return 'foobar' > > def mockmakedate(): > filename = os.path.join(os.environ['TESTTMP'], 'testtime') > try: > with open(filename, 'rb') as timef: > time = float(timef.read()) + 1 > except IOError: > time = 0.0 > with open(filename, 'wb') as timef: > timef.write(str(time)) > return (time, 0) > > util.getuser = mockgetuser > util.makedate = mockmakedate > EOF $ cat >> $HGRCPATH << EOF > [extensions] > journal= > testmocks=`pwd`/testmocks.py > EOF Setup repo $ hg init repo $ cd repo Test empty journal $ hg journal previous locations of '.': no recorded locations $ hg journal foo previous locations of 'foo': no recorded locations Test that working copy changes are tracked $ echo a > a $ hg commit -Aqm a $ hg journal previous locations of '.': cb9a9f314b8b commit -Aqm a $ echo b > a $ hg commit -Aqm b $ hg journal previous locations of '.': 1e6c11564562 commit -Aqm b cb9a9f314b8b commit -Aqm a $ hg up 0 1 files updated, 0 files merged, 0 files removed, 0 files unresolved $ hg journal previous locations of '.': cb9a9f314b8b up 0 1e6c11564562 commit -Aqm b cb9a9f314b8b commit -Aqm a Test that bookmarks are tracked $ hg book -r tip bar $ hg journal bar previous locations of 'bar': 1e6c11564562 book -r tip bar $ hg book -f bar $ hg journal bar previous locations of 'bar': cb9a9f314b8b book -f bar 1e6c11564562 book -r tip bar $ hg up 1 files updated, 0 files merged, 0 files removed, 0 files unresolved updating bookmark bar $ hg journal bar previous locations of 'bar': 1e6c11564562 up cb9a9f314b8b book -f bar 1e6c11564562 book -r tip bar Test that bookmarks and working copy tracking is not mixed $ hg journal previous locations of '.': 1e6c11564562 up cb9a9f314b8b up 0 1e6c11564562 commit -Aqm b cb9a9f314b8b commit -Aqm a Test that you can list all entries as well as limit the list or filter on them $ hg book -r tip baz $ hg journal --all previous locations of the working copy and bookmarks: 1e6c11564562 baz book -r tip baz 1e6c11564562 bar up 1e6c11564562 . up cb9a9f314b8b bar book -f bar 1e6c11564562 bar book -r tip bar cb9a9f314b8b . up 0 1e6c11564562 . commit -Aqm b cb9a9f314b8b . commit -Aqm a $ hg journal --limit 2 previous locations of '.': 1e6c11564562 up cb9a9f314b8b up 0 $ hg journal bar previous locations of 'bar': 1e6c11564562 up cb9a9f314b8b book -f bar 1e6c11564562 book -r tip bar $ hg journal foo previous locations of 'foo': no recorded locations $ hg journal . previous locations of '.': 1e6c11564562 up cb9a9f314b8b up 0 1e6c11564562 commit -Aqm b cb9a9f314b8b commit -Aqm a $ hg journal "re:ba." previous locations of 're:ba.': 1e6c11564562 baz book -r tip baz 1e6c11564562 bar up cb9a9f314b8b bar book -f bar 1e6c11564562 bar book -r tip bar Test that verbose, JSON and commit output work $ hg journal --verbose --all previous locations of the working copy and bookmarks: 000000000000 -> 1e6c11564562 foobar baz 1970-01-01 00:00 +0000 book -r tip baz cb9a9f314b8b -> 1e6c11564562 foobar bar 1970-01-01 00:00 +0000 up cb9a9f314b8b -> 1e6c11564562 foobar . 1970-01-01 00:00 +0000 up 1e6c11564562 -> cb9a9f314b8b foobar bar 1970-01-01 00:00 +0000 book -f bar 000000000000 -> 1e6c11564562 foobar bar 1970-01-01 00:00 +0000 book -r tip bar 1e6c11564562 -> cb9a9f314b8b foobar . 1970-01-01 00:00 +0000 up 0 cb9a9f314b8b -> 1e6c11564562 foobar . 1970-01-01 00:00 +0000 commit -Aqm b 000000000000 -> cb9a9f314b8b foobar . 1970-01-01 00:00 +0000 commit -Aqm a $ hg journal --verbose -Tjson [ { "command": "up", "date": "1970-01-01 00:00 +0000", "name": ".", "newhashes": "1e6c11564562", "oldhashes": "cb9a9f314b8b", "user": "foobar" }, { "command": "up 0", "date": "1970-01-01 00:00 +0000", "name": ".", "newhashes": "cb9a9f314b8b", "oldhashes": "1e6c11564562", "user": "foobar" }, { "command": "commit -Aqm b", "date": "1970-01-01 00:00 +0000", "name": ".", "newhashes": "1e6c11564562", "oldhashes": "cb9a9f314b8b", "user": "foobar" }, { "command": "commit -Aqm a", "date": "1970-01-01 00:00 +0000", "name": ".", "newhashes": "cb9a9f314b8b", "oldhashes": "000000000000", "user": "foobar" } ] $ hg journal --commit previous locations of '.': 1e6c11564562 up changeset: 1:1e6c11564562 bookmark: bar bookmark: baz tag: tip user: test date: Thu Jan 01 00:00:00 1970 +0000 summary: b cb9a9f314b8b up 0 changeset: 0:cb9a9f314b8b user: test date: Thu Jan 01 00:00:00 1970 +0000 summary: a 1e6c11564562 commit -Aqm b changeset: 1:1e6c11564562 bookmark: bar bookmark: baz tag: tip user: test date: Thu Jan 01 00:00:00 1970 +0000 summary: b cb9a9f314b8b commit -Aqm a changeset: 0:cb9a9f314b8b user: test date: Thu Jan 01 00:00:00 1970 +0000 summary: a Test for behaviour on unexpected storage version information $ printf '42\0' > .hg/journal $ hg journal previous locations of '.': abort: unknown journal file version '42' [255] $ hg book -r tip doomed unsupported journal file version '42'