Mercurial > hg
annotate tests/test-patchbomb-tls.t @ 49939:0a58aaa2009c
makefile: add `cargo clippy` to tests if cargo is available
This linter mostly makes our code more idiomatic, less surprising, has good
suggestions and catches bugs. It's widely used in the Rust community and now
part of the default toolchain when using `rustup`.
author | Raphaël Gomès <rgomes@octobus.net> |
---|---|
date | Tue, 10 Jan 2023 11:39:53 +0100 |
parents | 8f50dc096cf4 |
children | 5644f6286618 |
rev | line source |
---|---|
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
1 #require serve ssl |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
2 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
3 Set up SMTP server: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
4 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
5 $ CERTSDIR="$TESTDIR/sslcerts" |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
6 $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
7 |
39707
5abc47d4ca6b
tests: quote PYTHON usage
Matt Harbison <matt_harbison@yahoo.com>
parents:
33494
diff
changeset
|
8 $ "$PYTHON" "$TESTDIR/dummysmtpd.py" -p $HGPORT --pid-file a.pid -d \ |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
9 > --tls smtps --certificate `pwd`/server.pem |
31769
594dd384803c
test-serve: make the 'listening at *' lines optional
Matt Harbison <matt_harbison@yahoo.com>
parents:
31489
diff
changeset
|
10 listening at localhost:$HGPORT (?) |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
11 $ cat a.pid >> $DAEMON_PIDS |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
12 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
13 Set up repository: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
14 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
15 $ hg init t |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
16 $ cd t |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
17 $ cat <<EOF >> .hg/hgrc |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
18 > [extensions] |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
19 > patchbomb = |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
20 > [email] |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
21 > method = smtp |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
22 > [smtp] |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
23 > host = localhost |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
24 > port = $HGPORT |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
25 > tls = smtps |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
26 > EOF |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
27 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
28 $ echo a > a |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
29 $ hg commit -Ama -d '1 0' |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
30 adding a |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
31 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
32 Utility functions: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
33 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
34 $ DISABLECACERTS= |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
35 $ try () { |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
36 > hg email $DISABLECACERTS -f quux -t foo -c bar -r tip "$@" |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
37 > } |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
38 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
39 Our test cert is not signed by a trusted CA. It should fail to verify if |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
40 we are able to load CA certs: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
41 |
44881
89f83e47e9c9
tests: remove "sslcontext" check
Manuel Jacob <me@manueljacob.de>
parents:
44879
diff
changeset
|
42 #if no-defaultcacertsloaded |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
43 $ try |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
44 this patch series consists of 1 patches. |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
45 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
46 |
29449
5b71a8d7f7ff
sslutil: emit warning when no CA certificates loaded
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29411
diff
changeset
|
47 (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error) |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
48 (?i)abort: .*?certificate.verify.failed.* (re) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
49 [255] |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
50 #endif |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
51 |
29481
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
52 #if defaultcacertsloaded |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
53 $ try |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
54 this patch series consists of 1 patches. |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
55 |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
56 |
33494
30f2715be123
sslutil: inform the user about how to fix an incomplete certificate chain
Matt Harbison <matt_harbison@yahoo.com>
parents:
32940
diff
changeset
|
57 (the full certificate chain may not be available locally; see "hg help debugssl") (windows !) |
29481
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
58 (?i)abort: .*?certificate.verify.failed.* (re) |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
59 [255] |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
60 |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
61 #endif |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
62 |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
63 $ DISABLECACERTS="--config devel.disableloaddefaultcerts=true" |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
64 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
65 Without certificates: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
66 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
67 $ try --debug |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
68 this patch series consists of 1 patches. |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
69 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
70 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
71 (using smtps) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
72 sending mail: smtp host localhost, port * (glob) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
73 (verifying remote certificate) |
29411
e1778b9c8d53
sslutil: abort when unable to verify peer connection (BC)
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29333
diff
changeset
|
74 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect |
29526
9d02bed8477b
tests: regenerate x509 test certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29500
diff
changeset
|
75 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server) |
45915
8f50dc096cf4
errors: introduce SecurityError and use it in a few places
Martin von Zweigbergk <martinvonz@google.com>
parents:
44895
diff
changeset
|
76 [150] |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
77 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
78 With global certificates: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
79 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
80 $ try --debug --config web.cacerts="$CERTSDIR/pub.pem" |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
81 this patch series consists of 1 patches. |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
82 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
83 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
84 (using smtps) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
85 sending mail: smtp host localhost, port * (glob) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
86 (verifying remote certificate) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
87 sending [PATCH] a ... |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
88 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
89 With invalid certificates: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
90 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
91 $ try --config web.cacerts="$CERTSDIR/pub-other.pem" |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
92 this patch series consists of 1 patches. |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
93 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
94 |
33494
30f2715be123
sslutil: inform the user about how to fix an incomplete certificate chain
Matt Harbison <matt_harbison@yahoo.com>
parents:
32940
diff
changeset
|
95 (the full certificate chain may not be available locally; see "hg help debugssl") (windows !) |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
96 (?i)abort: .*?certificate.verify.failed.* (re) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
97 [255] |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
98 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
99 $ cd .. |