sslutil: introduce a function for determining host-specific settings
This patch marks the beginning of a series that introduces a new,
more configurable, per-host security settings mechanism. Currently,
we have global settings (like web.cacerts and the --insecure argument).
We also have per-host settings via [hostfingerprints].
Global security settings are good for defaults, but they don't
provide the amount of control often wanted. For example, an
organization may want to require a particular CA is used for a
particular hostname.
[hostfingerprints] is nice. But it currently assumes SHA-1.
Furthermore, there is no obvious place to put additional per-host
settings.
Subsequent patches will be introducing new mechanisms for defining
security settings, some on a per-host basis. This commits starts
the transition to that world by introducing the _hostsettings
function. It takes a ui and hostname and returns a dict of security
settings. Currently, it limits itself to returning host fingerprint
info.
We foreshadow the future support of non-SHA1 hashing algorithms
for verifying the host fingerprint by making the "certfingerprints"
key a list of tuples instead of a list of hashes.
We add this dict to the hgstate property on the socket and use it
during socket validation for checking fingerprints. There should be
no change in behavior.
$ cat <<EOF >> $HGRCPATH
> [extensions]
> purge =
> EOF
$ hg init test
$ cd test
$ echo a > changed
$ echo a > removed
$ echo a > source
$ hg ci -Am addfiles
adding changed
adding removed
adding source
$ echo a >> changed
$ echo a > added
$ hg add added
$ hg rm removed
$ hg cp source copied
$ hg diff --git > ../unknown.diff
Test adding on top of an unknown file
$ hg up -qC 0
$ hg purge
$ echo a > added
$ hg import --no-commit ../unknown.diff
applying ../unknown.diff
file added already exists
1 out of 1 hunks FAILED -- saving rejects to file added.rej
abort: patch failed to apply
[255]
Test modifying an unknown file
$ hg revert -aq
$ hg purge
$ hg rm changed
$ hg ci -m removechanged
$ echo a > changed
$ hg import --no-commit ../unknown.diff
applying ../unknown.diff
abort: cannot patch changed: file is not tracked
[255]
Test removing an unknown file
$ hg up -qC 0
$ hg purge
$ hg rm removed
$ hg ci -m removeremoved
created new head
$ echo a > removed
$ hg import --no-commit ../unknown.diff
applying ../unknown.diff
abort: cannot patch removed: file is not tracked
[255]
Test copying onto an unknown file
$ hg up -qC 0
$ hg purge
$ echo a > copied
$ hg import --no-commit ../unknown.diff
applying ../unknown.diff
abort: cannot create copied: destination already exists
[255]
$ cd ..