Mercurial > hg-stable
view tests/test-cache-abuse.t @ 29258:6315c1e14f75
sslutil: introduce a function for determining host-specific settings
This patch marks the beginning of a series that introduces a new,
more configurable, per-host security settings mechanism. Currently,
we have global settings (like web.cacerts and the --insecure argument).
We also have per-host settings via [hostfingerprints].
Global security settings are good for defaults, but they don't
provide the amount of control often wanted. For example, an
organization may want to require a particular CA is used for a
particular hostname.
[hostfingerprints] is nice. But it currently assumes SHA-1.
Furthermore, there is no obvious place to put additional per-host
settings.
Subsequent patches will be introducing new mechanisms for defining
security settings, some on a per-host basis. This commits starts
the transition to that world by introducing the _hostsettings
function. It takes a ui and hostname and returns a dict of security
settings. Currently, it limits itself to returning host fingerprint
info.
We foreshadow the future support of non-SHA1 hashing algorithms
for verifying the host fingerprint by making the "certfingerprints"
key a list of tuples instead of a list of hashes.
We add this dict to the hgstate property on the socket and use it
during socket validation for checking fingerprints. There should be
no change in behavior.
| author | Gregory Szorc <gregory.szorc@gmail.com> |
|---|---|
| date | Sat, 28 May 2016 11:12:02 -0700 |
| parents | b962ae0a0a05 |
| children | b0b85d8695cb |
line wrap: on
line source
Enable obsolete markers $ cat >> $HGRCPATH << EOF > [experimental] > evolution=createmarkers > [phases] > publish=False > EOF Build a repo with some cacheable bits: $ hg init a $ cd a $ echo a > a $ hg ci -qAm0 $ hg tag t1 $ hg book -i bk1 $ hg branch -q b2 $ hg ci -Am1 $ hg tag t2 $ echo dumb > dumb $ hg ci -qAmdumb $ hg debugobsolete b1174d11b69e63cb0c5726621a43c859f0858d7f $ hg phase -pr t1 $ hg phase -fsr t2 Make a helper function to check cache damage invariants: - command output shouldn't change - cache should be present after first use - corruption/repair should be silent (no exceptions or warnings) - cache should survive deletion, overwrite, and append - unreadable / unwriteable caches should be ignored - cache should be rebuilt after corruption $ damage() { > CMD=$1 > CACHE=.hg/cache/$2 > CLEAN=$3 > hg $CMD > before > test -f $CACHE || echo "not present" > echo bad > $CACHE > test -z "$CLEAN" || $CLEAN > hg $CMD > after > diff -u before after || echo "*** overwrite corruption" > echo corruption >> $CACHE > test -z "$CLEAN" || $CLEAN > hg $CMD > after > diff -u before after || echo "*** append corruption" > rm $CACHE > mkdir $CACHE > test -z "$CLEAN" || $CLEAN > hg $CMD > after > diff -u before after || echo "*** read-only corruption" > test -d $CACHE || echo "*** directory clobbered" > rmdir $CACHE > test -z "$CLEAN" || $CLEAN > hg $CMD > after > diff -u before after || echo "*** missing corruption" > test -f $CACHE || echo "not rebuilt" > } Beat up tags caches: $ damage "tags --hidden" tags2 $ damage tags tags2-visible $ damage "tag -f t3" hgtagsfnodes1 Beat up hidden cache: $ damage log hidden Beat up branch caches: $ damage branches branch2-base "rm .hg/cache/branch2-[vs]*" $ damage branches branch2-served "rm .hg/cache/branch2-[bv]*" $ damage branches branch2-visible $ damage "log -r branch(.)" rbc-names-v1 $ damage "log -r branch(default)" rbc-names-v1 $ damage "log -r branch(b2)" rbc-revs-v1 We currently can't detect an rbc cache with unknown names: $ damage "log -qr branch(b2)" rbc-names-v1 --- before * (glob) +++ after * (glob) @@ -1,8 +0,0 @@ -2:5fb7d38b9dc4 -3:60b597ffdafa -4:b1174d11b69e -5:6354685872c0 -6:5ebc725f1bef -7:7b76eec2f273 -8:ef3428d9d644 -9:ba7a936bc03c *** append corruption