Mercurial > hg

view tests/test-hgweb-bundle.t @ 29555:121d11814c62

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hgweb: use sslutil.wrapserversocket() This patch transitions the built-in HTTPS server to use sslutil for creating the server socket. As part of this transition, we implement developer-only config options to control CA loading and whether to require client certificates. This eliminates the need for the custom extension in test-https.t to define these. There is a slight change in behavior with regards to protocol selection. Before, we would always use the TLS 1.0 constant to define the protocol version. This would *only* use TLS 1.0. sslutil defaults to TLS 1.0+. So this patch improves the security of `hg serve` out of the box by allowing it to use TLS 1.1 and 1.2 (if available).
author Gregory Szorc <gregory.szorc@gmail.com>
date Tue, 12 Jul 2016 23:12:03 -0700
parents 4d2b9b304ad0
children 4441705b7111
line wrap: on
line source

#require serve

  $ hg init server
  $ cd server
  $ cat >> .hg/hgrc << EOF
  > [extensions]
  > strip=
  > EOF

  $ echo 1 > foo
  $ hg commit -A -m 'first'
  adding foo
  $ echo 2 > bar
  $ hg commit -A -m 'second'
  adding bar

Produce a bundle to use

  $ hg strip -r 1
  0 files updated, 0 files merged, 1 files removed, 0 files unresolved
  saved backup bundle to $TESTTMP/server/.hg/strip-backup/ed602e697e0f-cc9fff6a-backup.hg (glob)

Serve from a bundle file

  $ hg serve -R .hg/strip-backup/ed602e697e0f-cc9fff6a-backup.hg -d -p $HGPORT --pid-file=hg.pid
  $ cat hg.pid >> $DAEMON_PIDS

Ensure we're serving from the bundle

  $ (get-with-headers.py localhost:$HGPORT 'file/tip/?style=raw')
  200 Script output follows
  
  
  -rw-r--r-- 2 bar
  -rw-r--r-- 2 foo