Mercurial: tests/test-patchbomb-tls.t annotate

annotate tests/test-patchbomb-tls.t @ 44881:89f83e47e9c9

tests: remove "sslcontext" check Now that we require the presence of ssl.SSLContext in setup.py, the check would always return `True`.

author	Manuel Jacob <me@manueljacob.de>
date	Sat, 30 May 2020 05:27:53 +0200
parents	ab5348bbc55e
children	1409da2148c8

rev	line source
29333 cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	1 #require serve ssl
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	2
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	3 Set up SMTP server:
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	4
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	5 $ CERTSDIR="$TESTDIR/sslcerts"
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	6 $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	7
39707 5abc47d4ca6b tests: quote PYTHON usage Matt Harbison <matt_harbison@yahoo.com> parents: 33494 diff changeset	8 $ "$PYTHON" "$TESTDIR/dummysmtpd.py" -p $HGPORT --pid-file a.pid -d \
29333 cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	9 > --tls smtps --certificate `pwd`/server.pem
31769 594dd384803c test-serve: make the 'listening at ' lines optional Matt Harbison <matt_harbison@yahoo.com>* parents: 31489 diff changeset	10 listening at localhost:$HGPORT (?)
29333 cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	11 $ cat a.pid >> $DAEMON_PIDS
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	12
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	13 Set up repository:
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	14
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	15 $ hg init t
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	16 $ cd t
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	17 $ cat <<EOF >> .hg/hgrc
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	18 > [extensions]
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	19 > patchbomb =
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	20 > [email]
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	21 > method = smtp
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	22 > [smtp]
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	23 > host = localhost
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	24 > port = $HGPORT
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	25 > tls = smtps
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	26 > EOF
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	27
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	28 $ echo a > a
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	29 $ hg commit -Ama -d '1 0'
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	30 adding a
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	31
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	32 Utility functions:
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	33
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	34 $ DISABLECACERTS=
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	35 $ try () {
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	36 > hg email $DISABLECACERTS -f quux -t foo -c bar -r tip "$@"
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	37 > }
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	38
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	39 Our test cert is not signed by a trusted CA. It should fail to verify if
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	40 we are able to load CA certs:
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	41
44881 89f83e47e9c9 tests: remove "sslcontext" check Manuel Jacob <me@manueljacob.de> parents: 44879 diff changeset	42 #if no-defaultcacertsloaded
29333 cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	43 $ try
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	44 this patch series consists of 1 patches.
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	45
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	46
29449 5b71a8d7f7ff sslutil: emit warning when no CA certificates loaded Gregory Szorc <gregory.szorc@gmail.com> parents: 29411 diff changeset	47 (an attempt was made to load CA certificates but none were loaded; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error)
29333 cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	48 (?i)abort: .?certificate.verify.failed. (re)
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	49 [255]
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	50 #endif
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	51
29481 5caa415aa48b tests: better testing of loaded certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29449 diff changeset	52 #if defaultcacertsloaded
5caa415aa48b tests: better testing of loaded certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29449 diff changeset	53 $ try
5caa415aa48b tests: better testing of loaded certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29449 diff changeset	54 this patch series consists of 1 patches.
5caa415aa48b tests: better testing of loaded certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29449 diff changeset	55
5caa415aa48b tests: better testing of loaded certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29449 diff changeset	56
29601 6cff2ac0ccb9 sslutil: more robustly detect protocol support Gregory Szorc <gregory.szorc@gmail.com> parents: 29561 diff changeset	57 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
29500 4b16a5bd9948 sslutil: try to find CA certficates in well-known locations Gregory Szorc <gregory.szorc@gmail.com> parents: 29499 diff changeset	58 (using CA certificates from *; if you see this message, your Mercurial install is not properly configured; see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this message) (glob) (?)
33494 30f2715be123 sslutil: inform the user about how to fix an incomplete certificate chain Matt Harbison <matt_harbison@yahoo.com> parents: 32940 diff changeset	59 (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
29481 5caa415aa48b tests: better testing of loaded certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29449 diff changeset	60 (?i)abort: .?certificate.verify.failed. (re)
5caa415aa48b tests: better testing of loaded certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29449 diff changeset	61 [255]
5caa415aa48b tests: better testing of loaded certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29449 diff changeset	62
5caa415aa48b tests: better testing of loaded certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29449 diff changeset	63 #endif
5caa415aa48b tests: better testing of loaded certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29449 diff changeset	64
29333 cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	65 $ DISABLECACERTS="--config devel.disableloaddefaultcerts=true"
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	66
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	67 Without certificates:
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	68
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	69 $ try --debug
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	70 this patch series consists of 1 patches.
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	71
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	72
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	73 (using smtps)
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	74 sending mail: smtp host localhost, port * (glob)
29561 1a782fabf80d sslutil: print a warning when using TLS 1.0 on legacy Python Gregory Szorc <gregory.szorc@gmail.com> parents: 29526 diff changeset	75 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
29333 cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	76 (verifying remote certificate)
29411 e1778b9c8d53 sslutil: abort when unable to verify peer connection (BC) Gregory Szorc <gregory.szorc@gmail.com> parents: 29333 diff changeset	77 abort: unable to verify security of localhost (no loaded CA certificates); refusing to connect
29526 9d02bed8477b tests: regenerate x509 test certificates Gregory Szorc <gregory.szorc@gmail.com> parents: 29500 diff changeset	78 (see https://mercurial-scm.org/wiki/SecureConnections for how to configure Mercurial to avoid this error or set hostsecurity.localhost:fingerprints=sha256:20:de:b3:ad:b4:cd:a5:42:f0:74:41:1c:a2:70:1e:da:6e:c0:5c:16:9e:e7:22:0f:f1:b7:e5:6e:e4:92:af:7e to trust this server)
29411 e1778b9c8d53 sslutil: abort when unable to verify peer connection (BC) Gregory Szorc <gregory.szorc@gmail.com> parents: 29333 diff changeset	79 [255]
29333 cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	80
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	81 With global certificates:
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	82
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	83 $ try --debug --config web.cacerts="$CERTSDIR/pub.pem"
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	84 this patch series consists of 1 patches.
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	85
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	86
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	87 (using smtps)
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	88 sending mail: smtp host localhost, port * (glob)
29561 1a782fabf80d sslutil: print a warning when using TLS 1.0 on legacy Python Gregory Szorc <gregory.szorc@gmail.com> parents: 29526 diff changeset	89 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
29333 cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	90 (verifying remote certificate)
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	91 sending [PATCH] a ...
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	92
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	93 With invalid certificates:
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	94
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	95 $ try --config web.cacerts="$CERTSDIR/pub-other.pem"
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	96 this patch series consists of 1 patches.
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	97
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	98
29561 1a782fabf80d sslutil: print a warning when using TLS 1.0 on legacy Python Gregory Szorc <gregory.szorc@gmail.com> parents: 29526 diff changeset	99 warning: connecting to localhost using legacy security technology (TLS 1.0); see https://mercurial-scm.org/wiki/SecureConnections for more info (?)
33494 30f2715be123 sslutil: inform the user about how to fix an incomplete certificate chain Matt Harbison <matt_harbison@yahoo.com> parents: 32940 diff changeset	100 (the full certificate chain may not be available locally; see "hg help debugssl") (windows !)
29333 cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	101 (?i)abort: .?certificate.verify.failed. (re)
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	102 [255]
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	103
cdef60d9f442 tests: add basic tests for SMTP over SSL Yuya Nishihara <yuya@tcha.org> parents: diff changeset	104 $ cd ..

Mercurial > hg

annotate tests/test-patchbomb-tls.t @ 44881:89f83e47e9c9