Mercurial > hg-stable
view tests/test-check-module-imports.t @ 29258:6315c1e14f75
sslutil: introduce a function for determining host-specific settings
This patch marks the beginning of a series that introduces a new,
more configurable, per-host security settings mechanism. Currently,
we have global settings (like web.cacerts and the --insecure argument).
We also have per-host settings via [hostfingerprints].
Global security settings are good for defaults, but they don't
provide the amount of control often wanted. For example, an
organization may want to require a particular CA is used for a
particular hostname.
[hostfingerprints] is nice. But it currently assumes SHA-1.
Furthermore, there is no obvious place to put additional per-host
settings.
Subsequent patches will be introducing new mechanisms for defining
security settings, some on a per-host basis. This commits starts
the transition to that world by introducing the _hostsettings
function. It takes a ui and hostname and returns a dict of security
settings. Currently, it limits itself to returning host fingerprint
info.
We foreshadow the future support of non-SHA1 hashing algorithms
for verifying the host fingerprint by making the "certfingerprints"
key a list of tuples instead of a list of hashes.
We add this dict to the hgstate property on the socket and use it
during socket validation for checking fingerprints. There should be
no change in behavior.
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Sat, 28 May 2016 11:12:02 -0700 |
parents | 393aef802535 |
children | 814076f4ace3 |
line wrap: on
line source
#require test-repo $ . "$TESTDIR/helpers-testrepo.sh" $ import_checker="$TESTDIR"/../contrib/import-checker.py Run the doctests from the import checker, and make sure it's working correctly. $ TERM=dumb $ export TERM $ python -m doctest $import_checker Run additional tests for the import checker $ mkdir testpackage $ touch testpackage/__init__.py $ cat > testpackage/multiple.py << EOF > from __future__ import absolute_import > import os, sys > EOF $ cat > testpackage/unsorted.py << EOF > from __future__ import absolute_import > import sys > import os > EOF $ cat > testpackage/stdafterlocal.py << EOF > from __future__ import absolute_import > from . import unsorted > import os > EOF $ cat > testpackage/requirerelative.py << EOF > from __future__ import absolute_import > import testpackage.unsorted > EOF $ cat > testpackage/importalias.py << EOF > from __future__ import absolute_import > import ui > EOF $ cat > testpackage/relativestdlib.py << EOF > from __future__ import absolute_import > from .. import os > EOF $ cat > testpackage/symbolimport.py << EOF > from __future__ import absolute_import > from .unsorted import foo > EOF $ cat > testpackage/latesymbolimport.py << EOF > from __future__ import absolute_import > from . import unsorted > from mercurial.node import hex > EOF $ cat > testpackage/multiplegroups.py << EOF > from __future__ import absolute_import > from . import unsorted > from . import more > EOF $ mkdir testpackage/subpackage $ cat > testpackage/subpackage/levelpriority.py << EOF > from __future__ import absolute_import > from . import foo > from .. import parent > EOF $ touch testpackage/subpackage/foo.py $ cat > testpackage/subpackage/__init__.py << EOF > from __future__ import absolute_import > from . import levelpriority # should not cause cycle > EOF $ cat > testpackage/subpackage/localimport.py << EOF > from __future__ import absolute_import > from . import foo > def bar(): > # should not cause "higher-level import should come first" > from .. import unsorted > # but other errors should be detected > from .. import more > import testpackage.subpackage.levelpriority > EOF $ cat > testpackage/importmodulefromsub.py << EOF > from __future__ import absolute_import > from .subpackage import foo # not a "direct symbol import" > EOF $ cat > testpackage/importsymbolfromsub.py << EOF > from __future__ import absolute_import > from .subpackage import foo, nonmodule > EOF $ cat > testpackage/sortedentries.py << EOF > from __future__ import absolute_import > from . import ( > foo, > bar, > ) > EOF $ cat > testpackage/importfromalias.py << EOF > from __future__ import absolute_import > from . import ui > EOF $ cat > testpackage/importfromrelative.py << EOF > from __future__ import absolute_import > from testpackage.unsorted import foo > EOF $ mkdir testpackage2 $ touch testpackage2/__init__.py $ cat > testpackage2/latesymbolimport.py << EOF > from __future__ import absolute_import > from testpackage import unsorted > from mercurial.node import hex > EOF $ python "$import_checker" testpackage*/*.py testpackage/subpackage/*.py testpackage/importalias.py:2: ui module must be "as" aliased to uimod testpackage/importfromalias.py:2: ui from testpackage must be "as" aliased to uimod testpackage/importfromrelative.py:2: import should be relative: testpackage.unsorted testpackage/importfromrelative.py:2: direct symbol import foo from testpackage.unsorted testpackage/importsymbolfromsub.py:2: direct symbol import nonmodule from testpackage.subpackage testpackage/latesymbolimport.py:3: symbol import follows non-symbol import: mercurial.node testpackage/multiple.py:2: multiple imported names: os, sys testpackage/multiplegroups.py:3: multiple "from . import" statements testpackage/relativestdlib.py:2: relative import of stdlib module testpackage/requirerelative.py:2: import should be relative: testpackage.unsorted testpackage/sortedentries.py:2: imports from testpackage not lexically sorted: bar < foo testpackage/stdafterlocal.py:3: stdlib import "os" follows local import: testpackage testpackage/subpackage/levelpriority.py:3: higher-level import should come first: testpackage testpackage/subpackage/localimport.py:7: multiple "from .. import" statements testpackage/subpackage/localimport.py:8: import should be relative: testpackage.subpackage.levelpriority testpackage/symbolimport.py:2: direct symbol import foo from testpackage.unsorted testpackage/unsorted.py:3: imports not lexically sorted: os < sys testpackage2/latesymbolimport.py:3: symbol import follows non-symbol import: mercurial.node [1] $ cd "$TESTDIR"/.. There are a handful of cases here that require renaming a module so it doesn't overlap with a stdlib module name. There are also some cycles here that we should still endeavor to fix, and some cycles will be hidden by deduplication algorithm in the cycle detector, so fixing these may expose other cycles. Known-bad files are excluded by -X as some of them would produce unstable outputs, which should be fixed later. $ hg locate 'set:**.py or grep(r"^#!.*?python")' \ > 'tests/**.t' \ > -X contrib/debugshell.py \ > -X contrib/win32/hgwebdir_wsgi.py \ > -X doc/gendoc.py \ > -X doc/hgmanpage.py \ > -X i18n/posplit \ > -X tests/test-hgweb-auth.py \ > -X tests/hypothesishelpers.py \ > -X tests/test-ctxmanager.py \ > -X tests/test-lock.py \ > -X tests/test-verify-repo-operations.py \ > -X tests/test-hook.t \ > -X tests/test-import.t \ > -X tests/test-check-module-imports.t \ > -X tests/test-commit-interactive.t \ > -X tests/test-contrib-check-code.t \ > -X tests/test-extension.t \ > -X tests/test-hghave.t \ > -X tests/test-hgweb-no-path-info.t \ > -X tests/test-hgweb-no-request-uri.t \ > -X tests/test-hgweb-non-interactive.t \ > | sed 's-\\-/-g' | python "$import_checker" - Import cycle: hgext.largefiles.basestore -> hgext.largefiles.localstore -> hgext.largefiles.basestore [1]