Mercurial Mercurial > hg / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests/test-https.t
changeset 14193 c4de16642861
parent 13654 a1dae38acbc6
child 15446 c5c9ca3719f9
equal deleted inserted replaced
14192:38e387a64f58 14193:c4de16642861 
     6  printf '.\n.\n.\n.\n.\nlocalhost\nhg@localhost\n' | \
 
     6  printf '.\n.\n.\n.\n.\nlocalhost\nhg@localhost\n' | \
 
     7  openssl req -newkey rsa:512 -keyout priv.pem -nodes -x509 -days 9000 -out pub.pem
 
     7  openssl req -newkey rsa:512 -keyout priv.pem -nodes -x509 -days 9000 -out pub.pem
 
     8 Can be dumped with:
 
     8 Can be dumped with:
 
     9  openssl x509 -in pub.pem -text
 
     9  openssl x509 -in pub.pem -text
 
    10 
    10 
    11   $ cat << EOT > priv.pem 
    11   $ cat << EOT > priv.pem
 
    12   > -----BEGIN PRIVATE KEY-----
 
    12   > -----BEGIN PRIVATE KEY-----
 
    13   > MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEApjCWeYGrIa/Vo7LH
 
    13   > MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEApjCWeYGrIa/Vo7LH
 
    14   > aRF8ou0tbgHKE33Use/whCnKEUm34rDaXQd4lxxX6aDWg06n9tiVStAKTgQAHJY8
 
    14   > aRF8ou0tbgHKE33Use/whCnKEUm34rDaXQd4lxxX6aDWg06n9tiVStAKTgQAHJY8
 
    15   > j/xgSwIDAQABAkBxHC6+Qlf0VJXGlb6NL16yEVVTQxqDS6hA9zqu6TZjrr0YMfzc
 
    15   > j/xgSwIDAQABAkBxHC6+Qlf0VJXGlb6NL16yEVVTQxqDS6hA9zqu6TZjrr0YMfzc
 
    16   > EGNIiZGt7HCBL0zO+cPDg/LeCZc6HQhf0KrhAiEAzlJq4hWWzvguWFIJWSoBeBUG
 
    16   > EGNIiZGt7HCBL0zO+cPDg/LeCZc6HQhf0KrhAiEAzlJq4hWWzvguWFIJWSoBeBUG
 
    19   > aMTellaq0bpNMHFDziqH9RsqAHhjAiEAgYGxfzkftt5IUUn/iFK89aaIpyrpuaAh
 
    19   > aMTellaq0bpNMHFDziqH9RsqAHhjAiEAgYGxfzkftt5IUUn/iFK89aaIpyrpuaAh
 
    20   > HY8gUVkVRVs=
 
    20   > HY8gUVkVRVs=
 
    21   > -----END PRIVATE KEY-----
 
    21   > -----END PRIVATE KEY-----
 
    22   > EOT
 
    22   > EOT
 
    23 
    23 
    24   $ cat << EOT > pub.pem 
    24   $ cat << EOT > pub.pem
 
    25   > -----BEGIN CERTIFICATE-----
 
    25   > -----BEGIN CERTIFICATE-----
 
    26   > MIIBqzCCAVWgAwIBAgIJANAXFFyWjGnRMA0GCSqGSIb3DQEBBQUAMDExEjAQBgNV
 
    26   > MIIBqzCCAVWgAwIBAgIJANAXFFyWjGnRMA0GCSqGSIb3DQEBBQUAMDExEjAQBgNV
 
    27   > BAMMCWxvY2FsaG9zdDEbMBkGCSqGSIb3DQEJARYMaGdAbG9jYWxob3N0MB4XDTEw
 
    27   > BAMMCWxvY2FsaG9zdDEbMBkGCSqGSIb3DQEJARYMaGdAbG9jYWxob3N0MB4XDTEw
 
    28   > MTAxNDIwMzAxNFoXDTM1MDYwNTIwMzAxNFowMTESMBAGA1UEAwwJbG9jYWxob3N0
 
    28   > MTAxNDIwMzAxNFoXDTM1MDYwNTIwMzAxNFowMTESMBAGA1UEAwwJbG9jYWxob3N0
 
    29   > MRswGQYJKoZIhvcNAQkBFgxoZ0Bsb2NhbGhvc3QwXDANBgkqhkiG9w0BAQEFAANL
 
    29   > MRswGQYJKoZIhvcNAQkBFgxoZ0Bsb2NhbGhvc3QwXDANBgkqhkiG9w0BAQEFAANL
 
    35   > -----END CERTIFICATE-----
 
    35   > -----END CERTIFICATE-----
 
    36   > EOT
 
    36   > EOT
 
    37   $ cat priv.pem pub.pem >> server.pem
 
    37   $ cat priv.pem pub.pem >> server.pem
 
    38   $ PRIV=`pwd`/server.pem
 
    38   $ PRIV=`pwd`/server.pem
 
    39 
    39 
    40   $ cat << EOT > pub-other.pem 
    40   $ cat << EOT > pub-other.pem
 
    41   > -----BEGIN CERTIFICATE-----
 
    41   > -----BEGIN CERTIFICATE-----
 
    42   > MIIBqzCCAVWgAwIBAgIJALwZS731c/ORMA0GCSqGSIb3DQEBBQUAMDExEjAQBgNV
 
    42   > MIIBqzCCAVWgAwIBAgIJALwZS731c/ORMA0GCSqGSIb3DQEBBQUAMDExEjAQBgNV
 
    43   > BAMMCWxvY2FsaG9zdDEbMBkGCSqGSIb3DQEJARYMaGdAbG9jYWxob3N0MB4XDTEw
 
    43   > BAMMCWxvY2FsaG9zdDEbMBkGCSqGSIb3DQEJARYMaGdAbG9jYWxob3N0MB4XDTEw
 
    44   > MTAxNDIwNDUxNloXDTM1MDYwNTIwNDUxNlowMTESMBAGA1UEAwwJbG9jYWxob3N0
 
    44   > MTAxNDIwNDUxNloXDTM1MDYwNTIwNDUxNlowMTESMBAGA1UEAwwJbG9jYWxob3N0
 
    45   > MRswGQYJKoZIhvcNAQkBFgxoZ0Bsb2NhbGhvc3QwXDANBgkqhkiG9w0BAQEFAANL
 
    45   > MRswGQYJKoZIhvcNAQkBFgxoZ0Bsb2NhbGhvc3QwXDANBgkqhkiG9w0BAQEFAANL
 
    51   > -----END CERTIFICATE-----
 
    51   > -----END CERTIFICATE-----
 
    52   > EOT
 
    52   > EOT
 
    53 
    53 
    54 pub.pem patched with other notBefore / notAfter:
 
    54 pub.pem patched with other notBefore / notAfter:
 
    55 
    55 
    56   $ cat << EOT > pub-not-yet.pem 
    56   $ cat << EOT > pub-not-yet.pem
 
    57   > -----BEGIN CERTIFICATE-----
 
    57   > -----BEGIN CERTIFICATE-----
 
    58   > MIIBqzCCAVWgAwIBAgIJANAXFFyWjGnRMA0GCSqGSIb3DQEBBQUAMDExEjAQBgNVBAMMCWxvY2Fs
 
    58   > MIIBqzCCAVWgAwIBAgIJANAXFFyWjGnRMA0GCSqGSIb3DQEBBQUAMDExEjAQBgNVBAMMCWxvY2Fs
 
    59   > aG9zdDEbMBkGCSqGSIb3DQEJARYMaGdAbG9jYWxob3N0MB4XDTM1MDYwNTIwMzAxNFoXDTM1MDYw
 
    59   > aG9zdDEbMBkGCSqGSIb3DQEJARYMaGdAbG9jYWxob3N0MB4XDTM1MDYwNTIwMzAxNFoXDTM1MDYw
 
    60   > NTIwMzAxNFowMTESMBAGA1UEAwwJbG9jYWxob3N0MRswGQYJKoZIhvcNAQkBFgxoZ0Bsb2NhbGhv
 
    60   > NTIwMzAxNFowMTESMBAGA1UEAwwJbG9jYWxob3N0MRswGQYJKoZIhvcNAQkBFgxoZ0Bsb2NhbGhv
 
    61   > c3QwXDANBgkqhkiG9w0BAQEFAANLADBIAkEApjCWeYGrIa/Vo7LHaRF8ou0tbgHKE33Use/whCnK
 
    61   > c3QwXDANBgkqhkiG9w0BAQEFAANLADBIAkEApjCWeYGrIa/Vo7LHaRF8ou0tbgHKE33Use/whCnK
 
    65   > /12E0vR2DuZitgzUYtBaofM81aTtc0a2/YsrmqePGm0=
 
    65   > /12E0vR2DuZitgzUYtBaofM81aTtc0a2/YsrmqePGm0=
 
    66   > -----END CERTIFICATE-----
 
    66   > -----END CERTIFICATE-----
 
    67   > EOT
 
    67   > EOT
 
    68   $ cat priv.pem pub-not-yet.pem > server-not-yet.pem
 
    68   $ cat priv.pem pub-not-yet.pem > server-not-yet.pem
 
    69 
    69 
    70   $ cat << EOT > pub-expired.pem 
    70   $ cat << EOT > pub-expired.pem
 
    71   > -----BEGIN CERTIFICATE-----
 
    71   > -----BEGIN CERTIFICATE-----
 
    72   > MIIBqzCCAVWgAwIBAgIJANAXFFyWjGnRMA0GCSqGSIb3DQEBBQUAMDExEjAQBgNVBAMMCWxvY2Fs
 
    72   > MIIBqzCCAVWgAwIBAgIJANAXFFyWjGnRMA0GCSqGSIb3DQEBBQUAMDExEjAQBgNVBAMMCWxvY2Fs
 
    73   > aG9zdDEbMBkGCSqGSIb3DQEJARYMaGdAbG9jYWxob3N0MB4XDTEwMTAxNDIwMzAxNFoXDTEwMTAx
 
    73   > aG9zdDEbMBkGCSqGSIb3DQEJARYMaGdAbG9jYWxob3N0MB4XDTEwMTAxNDIwMzAxNFoXDTEwMTAx
 
    74   > NDIwMzAxNFowMTESMBAGA1UEAwwJbG9jYWxob3N0MRswGQYJKoZIhvcNAQkBFgxoZ0Bsb2NhbGhv
 
    74   > NDIwMzAxNFowMTESMBAGA1UEAwwJbG9jYWxob3N0MRswGQYJKoZIhvcNAQkBFgxoZ0Bsb2NhbGhv
 
    75   > c3QwXDANBgkqhkiG9w0BAQEFAANLADBIAkEApjCWeYGrIa/Vo7LHaRF8ou0tbgHKE33Use/whCnK
 
    75   > c3QwXDANBgkqhkiG9w0BAQEFAANLADBIAkEApjCWeYGrIa/Vo7LHaRF8ou0tbgHKE33Use/whCnK
 
   196   searching for changes
 
   196   searching for changes
 
   197   no changes found
 
   197   no changes found
 
   198 
   198 
   199 Test server cert which isn't valid yet
 
   199 Test server cert which isn't valid yet
 
   200 
   200 
   201   $ hg -R test serve -p $HGPORT1 -d --pid-file=hg1.pid --certificate=server-not-yet.pem  
   201   $ hg -R test serve -p $HGPORT1 -d --pid-file=hg1.pid --certificate=server-not-yet.pem
 
   202   $ cat hg1.pid >> $DAEMON_PIDS
 
   202   $ cat hg1.pid >> $DAEMON_PIDS
 
   203   $ hg -R copy-pull pull --config web.cacerts=pub-not-yet.pem https://localhost:$HGPORT1/
 
   203   $ hg -R copy-pull pull --config web.cacerts=pub-not-yet.pem https://localhost:$HGPORT1/
 
   204   abort: error: *:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (glob)
 
   204   abort: error: *:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (glob)
 
   205   [255]
 
   205   [255]
 
   206 
   206 
   207 Test server cert which no longer is valid
 
   207 Test server cert which no longer is valid
 
   208 
   208 
   209   $ hg -R test serve -p $HGPORT2 -d --pid-file=hg2.pid --certificate=server-expired.pem  
   209   $ hg -R test serve -p $HGPORT2 -d --pid-file=hg2.pid --certificate=server-expired.pem
 
   210   $ cat hg2.pid >> $DAEMON_PIDS
 
   210   $ cat hg2.pid >> $DAEMON_PIDS
 
   211   $ hg -R copy-pull pull --config web.cacerts=pub-expired.pem https://localhost:$HGPORT2/
 
   211   $ hg -R copy-pull pull --config web.cacerts=pub-expired.pem https://localhost:$HGPORT2/
 
   212   abort: error: *:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (glob)
 
   212   abort: error: *:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (glob)
 
   213   [255]
 
   213   [255]
 
   214 
   214
Mercurial