annotate tests/test-patchbomb-tls.t @ 49939:0a58aaa2009c

makefile: add `cargo clippy` to tests if cargo is available This linter mostly makes our code more idiomatic, less surprising, has good suggestions and catches bugs. It's widely used in the Rust community and now part of the default toolchain when using `rustup`.
author Raphaël Gomès <rgomes@octobus.net>
date Tue, 10 Jan 2023 11:39:53 +0100
parents 8f50dc096cf4
children 5644f6286618
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
29333
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
1 #require serve ssl
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
2
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
3 Set up SMTP server:
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
4
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
5 $ CERTSDIR="$TESTDIR/sslcerts"
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
6 $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
7
39707
5abc47d4ca6b tests: quote PYTHON usage
Matt Harbison <matt_harbison@yahoo.com>
parents: 33494
diff changeset
8 $ "$PYTHON" "$TESTDIR/dummysmtpd.py" -p $HGPORT --pid-file a.pid -d \
29333
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
9 > --tls smtps --certificate `pwd`/server.pem
31769
594dd384803c test-serve: make the 'listening at *' lines optional
Matt Harbison <matt_harbison@yahoo.com>
parents: 31489
diff changeset
10 listening at localhost:$HGPORT (?)
29333
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
11 $ cat a.pid >> $DAEMON_PIDS
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
12
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
13 Set up repository:
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
14
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
15 $ hg init t
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
16 $ cd t
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
17 $ cat <<EOF >> .hg/hgrc
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
18 > [extensions]
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
19 > patchbomb =
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
20 > [email]
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
21 > method = smtp
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
22 > [smtp]
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
23 > host = localhost
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
24 > port = $HGPORT
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
25 > tls = smtps
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
26 > EOF
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
27
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
28 $ echo a > a
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
29 $ hg commit -Ama -d '1 0'
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
30 adding a
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
31
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
32 Utility functions:
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
33
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
34 $ DISABLECACERTS=
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
35 $ try () {
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
36 > hg email $DISABLECACERTS -f quux -t foo -c bar -r tip "$@"
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
37 > }
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
38
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
39 Our test cert is not signed by a trusted CA. It should fail to verify if
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
40 we are able to load CA certs:
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
41
44881
89f83e47e9c9 tests: remove "sslcontext" check
Manuel Jacob <me@manueljacob.de>
parents: 44879
diff changeset
42 #if no-defaultcacertsloaded
29333
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
43 $ try
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
44 this patch series consists of 1 patches.
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
45
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
46
29449
5b71a8d7f7ff sslutil: emit warning when no CA certificates loaded
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29411
diff changeset
47 (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
29333
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
48 (?i)abort: .*?certificate.verify.failed.* (re)
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
49 [255]
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
50 #endif
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
51
29481
5caa415aa48b tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29449
diff changeset
52 #if defaultcacertsloaded
5caa415aa48b tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29449
diff changeset
53 $ try
5caa415aa48b tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29449
diff changeset
54 this patch series consists of 1 patches.
5caa415aa48b tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29449
diff changeset
55
5caa415aa48b tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29449
diff changeset
56
33494
30f2715be123 sslutil: inform the user about how to fix an incomplete certificate chain
Matt Harbison <matt_harbison@yahoo.com>
parents: 32940
diff changeset
57 (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
29481
5caa415aa48b tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29449
diff changeset
58 (?i)abort: .*?certificate.verify.failed.* (re)
5caa415aa48b tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29449
diff changeset
59 [255]
5caa415aa48b tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29449
diff changeset
60
5caa415aa48b tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29449
diff changeset
61 #endif
5caa415aa48b tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29449
diff changeset
62
29333
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
63 $ DISABLECACERTS="--config devel.disableloaddefaultcerts=true"
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
64
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
65 Without certificates:
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
66
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
67 $ try --debug
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
68 this patch series consists of 1 patches.
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
69
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
70
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
71 (using smtps)
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
72 sending mail: smtp host localhost, port * (glob)
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
73 (verifying remote certificate)
29411
e1778b9c8d53 sslutil: abort when unable to verify peer connection (BC)
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29333
diff changeset
74 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
29526
9d02bed8477b tests: regenerate x509 test certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents: 29500
diff changeset
75 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
45915
8f50dc096cf4 errors: introduce SecurityError and use it in a few places
Martin von Zweigbergk <martinvonz@google.com>
parents: 44895
diff changeset
76 [150]
29333
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
77
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
78 With global certificates:
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
79
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
80 $ try --debug --config web.cacerts="$CERTSDIR/pub.pem"
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
81 this patch series consists of 1 patches.
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
82
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
83
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
84 (using smtps)
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
85 sending mail: smtp host localhost, port * (glob)
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
86 (verifying remote certificate)
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
87 sending [PATCH] a ...
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
88
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
89 With invalid certificates:
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
90
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
91 $ try --config web.cacerts="$CERTSDIR/pub-other.pem"
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
92 this patch series consists of 1 patches.
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
93
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
94
33494
30f2715be123 sslutil: inform the user about how to fix an incomplete certificate chain
Matt Harbison <matt_harbison@yahoo.com>
parents: 32940
diff changeset
95 (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
29333
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
96 (?i)abort: .*?certificate.verify.failed.* (re)
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
97 [255]
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
98
cdef60d9f442 tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff changeset
99 $ cd ..