Mercurial Mercurial > hg-stable / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests/test-abort-checkin.t
author Gregory Szorc <gregory.szorc@gmail.com>
Sat, 28 May 2016 11:12:02 -0700
changeset 29258 6315c1e14f75
parent 26587 56b2bcea2529
child 36406 f798709eb4b9
permissions -rw-r--r--
sslutil: introduce a function for determining host-specific settings This patch marks the beginning of a series that introduces a new, more configurable, per-host security settings mechanism. Currently, we have global settings (like web.cacerts and the --insecure argument). We also have per-host settings via [hostfingerprints]. Global security settings are good for defaults, but they don't provide the amount of control often wanted. For example, an organization may want to require a particular CA is used for a particular hostname. [hostfingerprints] is nice. But it currently assumes SHA-1. Furthermore, there is no obvious place to put additional per-host settings. Subsequent patches will be introducing new mechanisms for defining security settings, some on a per-host basis. This commits starts the transition to that world by introducing the _hostsettings function. It takes a ui and hostname and returns a dict of security settings. Currently, it limits itself to returning host fingerprint info. We foreshadow the future support of non-SHA1 hashing algorithms for verifying the host fingerprint by making the "certfingerprints" key a list of tuples instead of a list of hashes. We add this dict to the hgstate property on the socket and use it during socket validation for checking fingerprints. There should be no change in behavior.

  $ cat > abortcommit.py <<EOF
  > from mercurial import error
  > def hook(**args):
  >     raise error.Abort("no commits allowed")
  > def reposetup(ui, repo):
  >     repo.ui.setconfig("hooks", "pretxncommit.nocommits", hook)
  > EOF
  $ abspath=`pwd`/abortcommit.py

  $ cat <<EOF >> $HGRCPATH
  > [extensions]
  > mq =
  > abortcommit = $abspath
  > EOF

  $ hg init foo
  $ cd foo
  $ echo foo > foo
  $ hg add foo

mq may keep a reference to the repository so __del__ will not be
called and .hg/journal.dirstate will not be deleted:

  $ hg ci -m foo
  error: pretxncommit.nocommits hook failed: no commits allowed
  transaction abort!
  rollback completed
  abort: no commits allowed
  [255]
  $ hg ci -m foo
  error: pretxncommit.nocommits hook failed: no commits allowed
  transaction abort!
  rollback completed
  abort: no commits allowed
  [255]

  $ cd ..
hg-stable