Mercurial > hg
annotate tests/test-patchbomb-tls.t @ 49419:2edb41ed6c49
contrib: add support for rhel9
author | Mathias De Mare <mathias.de_mare@nokia.com> |
---|---|
date | Mon, 08 Aug 2022 17:27:49 +0200 |
parents | 8f50dc096cf4 |
children | 5644f6286618 |
rev | line source |
---|---|
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
1 #require serve ssl |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
2 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
3 Set up SMTP server: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
4 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
5 $ CERTSDIR="$TESTDIR/sslcerts" |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
6 $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
7 |
39707
5abc47d4ca6b
tests: quote PYTHON usage
Matt Harbison <matt_harbison@yahoo.com>
parents:
33494
diff
changeset
|
8 $ "$PYTHON" "$TESTDIR/dummysmtpd.py" -p $HGPORT --pid-file a.pid -d \ |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
9 > --tls smtps --certificate `pwd`/server.pem |
31769
594dd384803c
test-serve: make the 'listening at *' lines optional
Matt Harbison <matt_harbison@yahoo.com>
parents:
31489
diff
changeset
|
10 listening at localhost:$HGPORT (?) |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
11 $ cat a.pid >> $DAEMON_PIDS |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
12 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
13 Set up repository: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
14 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
15 $ hg init t |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
16 $ cd t |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
17 $ cat <<EOF >> .hg/hgrc |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
18 > [extensions] |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
19 > patchbomb = |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
20 > [email] |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
21 > method = smtp |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
22 > [smtp] |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
23 > host = localhost |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
24 > port = $HGPORT |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
25 > tls = smtps |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
26 > EOF |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
27 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
28 $ echo a > a |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
29 $ hg commit -Ama -d '1 0' |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
30 adding a |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
31 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
32 Utility functions: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
33 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
34 $ DISABLECACERTS= |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
35 $ try () { |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
36 > hg email $DISABLECACERTS -f quux -t foo -c bar -r tip "$@" |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
37 > } |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
38 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
39 Our test cert is not signed by a trusted CA. It should fail to verify if |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
40 we are able to load CA certs: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
41 |
44881
89f83e47e9c9
tests: remove "sslcontext" check
Manuel Jacob <me@manueljacob.de>
parents:
44879
diff
changeset
|
42 #if no-defaultcacertsloaded |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
43 $ try |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
44 this patch series consists of 1 patches. |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
45 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
46 |
29449
5b71a8d7f7ff
sslutil: emit warning when no CA certificates loaded
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29411
diff
changeset
|
47 (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error) |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
48 (?i)abort: .*?certificate.verify.failed.* (re) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
49 [255] |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
50 #endif |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
51 |
29481
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
52 #if defaultcacertsloaded |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
53 $ try |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
54 this patch series consists of 1 patches. |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
55 |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
56 |
33494
30f2715be123
sslutil: inform the user about how to fix an incomplete certificate chain
Matt Harbison <matt_harbison@yahoo.com>
parents:
32940
diff
changeset
|
57 (the full certificate chain may not be available locally; see "hg help debugssl") (windows !) |
29481
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
58 (?i)abort: .*?certificate.verify.failed.* (re) |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
59 [255] |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
60 |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
61 #endif |
5caa415aa48b
tests: better testing of loaded certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29449
diff
changeset
|
62 |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
63 $ DISABLECACERTS="--config devel.disableloaddefaultcerts=true" |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
64 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
65 Without certificates: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
66 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
67 $ try --debug |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
68 this patch series consists of 1 patches. |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
69 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
70 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
71 (using smtps) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
72 sending mail: smtp host localhost, port * (glob) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
73 (verifying remote certificate) |
29411
e1778b9c8d53
sslutil: abort when unable to verify peer connection (BC)
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29333
diff
changeset
|
74 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect |
29526
9d02bed8477b
tests: regenerate x509 test certificates
Gregory Szorc <gregory.szorc@gmail.com>
parents:
29500
diff
changeset
|
75 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server) |
45915
8f50dc096cf4
errors: introduce SecurityError and use it in a few places
Martin von Zweigbergk <martinvonz@google.com>
parents:
44895
diff
changeset
|
76 [150] |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
77 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
78 With global certificates: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
79 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
80 $ try --debug --config web.cacerts="$CERTSDIR/pub.pem" |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
81 this patch series consists of 1 patches. |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
82 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
83 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
84 (using smtps) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
85 sending mail: smtp host localhost, port * (glob) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
86 (verifying remote certificate) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
87 sending [PATCH] a ... |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
88 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
89 With invalid certificates: |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
90 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
91 $ try --config web.cacerts="$CERTSDIR/pub-other.pem" |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
92 this patch series consists of 1 patches. |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
93 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
94 |
33494
30f2715be123
sslutil: inform the user about how to fix an incomplete certificate chain
Matt Harbison <matt_harbison@yahoo.com>
parents:
32940
diff
changeset
|
95 (the full certificate chain may not be available locally; see "hg help debugssl") (windows !) |
29333
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
96 (?i)abort: .*?certificate.verify.failed.* (re) |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
97 [255] |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
98 |
cdef60d9f442
tests: add basic tests for SMTP over SSL
Yuya Nishihara <yuya@tcha.org>
parents:
diff
changeset
|
99 $ cd .. |