Mercurial > hg

diff tests/test-https.t @ 13328:a939f08fae9c stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
url: add --insecure option to bypass verification of ssl certificates If --insecure specified, it behaves in the same way as no web.cacerts configured. Also shows hint for --insecure option when _verifycert() failed. But currently the hint isn't displayed on SSLError, because it needs a certain level of changes.
author Yuya Nishihara <yuya@tcha.org>
date Sat, 29 Jan 2011 23:23:24 +0900
parents 8dc488dfcdb4
children 12773f1b7728
line wrap: on
line diff
--- a/tests/test-https.t	Mon Jan 31 13:33:41 2011 +0100
+++ b/tests/test-https.t	Sat Jan 29 23:23:24 2011 +0900
@@ -163,15 +163,30 @@
   pulling from https://localhost:$HGPORT/
   searching for changes
   no changes found
+  $ P=`pwd` hg -R copy-pull pull --insecure
+  warning: localhost certificate with fingerprint 91:4f:1a:ff:87:24:9c:09:b6:85:9b:88:b1:90:6d:30:75:64:91:ca not verified (check hostfingerprints or web.cacerts config setting)
+  pulling from https://localhost:$HGPORT/
+  searching for changes
+  no changes found
 
 cacert mismatch
 
   $ hg -R copy-pull pull --config web.cacerts=pub.pem https://127.0.0.1:$HGPORT/
-  abort: 127.0.0.1 certificate error: certificate is for localhost
+  abort: 127.0.0.1 certificate error: certificate is for localhost (use --insecure to connect insecurely)
   [255]
+  $ hg -R copy-pull pull --config web.cacerts=pub.pem https://127.0.0.1:$HGPORT/ --insecure
+  warning: 127.0.0.1 certificate with fingerprint 91:4f:1a:ff:87:24:9c:09:b6:85:9b:88:b1:90:6d:30:75:64:91:ca not verified (check hostfingerprints or web.cacerts config setting)
+  pulling from https://127.0.0.1:$HGPORT/
+  searching for changes
+  no changes found
   $ hg -R copy-pull pull --config web.cacerts=pub-other.pem
   abort: error: *:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (glob)
   [255]
+  $ hg -R copy-pull pull --config web.cacerts=pub-other.pem --insecure
+  warning: localhost certificate with fingerprint 91:4f:1a:ff:87:24:9c:09:b6:85:9b:88:b1:90:6d:30:75:64:91:ca not verified (check hostfingerprints or web.cacerts config setting)
+  pulling from https://localhost:$HGPORT/
+  searching for changes
+  no changes found
 
 Test server cert which isn't valid yet