Mercurial > hg

comparison tests/hghave.py @ 29481:5caa415aa48b

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests: better testing of loaded certificates Tests were failing on systems like RHEL 7 where loading the system certificates results in CA certs being reported to Python. We add a feature that detects when we're able to load *and detect* the loading of system certificates. We update the tests to cover the 3 scenarios: 1) system CAs are loadable and detected 2) system CAs are loadable but not detected 3) system CAs aren't loadable
author Gregory Szorc <gregory.szorc@gmail.com>
date Fri, 01 Jul 2016 19:27:34 -0700
parents 47eab0cb72e3
children 918dce4b8c26
comparison
equal deleted inserted replaced
29480:1e4512eac59e 29481:5caa415aa48b
415 415
416 @check("defaultcacerts", "can verify SSL certs by system's CA certs store") 416 @check("defaultcacerts", "can verify SSL certs by system's CA certs store")
417 def has_defaultcacerts(): 417 def has_defaultcacerts():
418 from mercurial import sslutil 418 from mercurial import sslutil
419 return sslutil._defaultcacerts() or sslutil._canloaddefaultcerts 419 return sslutil._defaultcacerts() or sslutil._canloaddefaultcerts
420
421 @check("defaultcacertsloaded", "detected presence of loaded system CA certs")
422 def has_defaultcacertsloaded():
423 import ssl
424 from mercurial import sslutil
425
426 if not has_defaultcacerts():
427 return False
428 if not has_sslcontext():
429 return False
430
431 cafile = sslutil._defaultcacerts()
432 ctx = ssl.create_default_context()
433 if cafile:
434 ctx.load_verify_locations(cafile=cafile)
435 else:
436 ctx.load_default_certs()
437
438 return len(ctx.get_ca_certs()) > 0
420 439
421 @check("windows", "Windows") 440 @check("windows", "Windows")
422 def has_windows(): 441 def has_windows():
423 return os.name == 'nt' 442 return os.name == 'nt'
424 443