Mercurial > hg

view tests/test-websub.t @ 29555:121d11814c62

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hgweb: use sslutil.wrapserversocket() This patch transitions the built-in HTTPS server to use sslutil for creating the server socket. As part of this transition, we implement developer-only config options to control CA loading and whether to require client certificates. This eliminates the need for the custom extension in test-https.t to define these. There is a slight change in behavior with regards to protocol selection. Before, we would always use the TLS 1.0 constant to define the protocol version. This would *only* use TLS 1.0. sslutil defaults to TLS 1.0+. So this patch improves the security of `hg serve` out of the box by allowing it to use TLS 1.1 and 1.2 (if available).
author Gregory Szorc <gregory.szorc@gmail.com>
date Tue, 12 Jul 2016 23:12:03 -0700
parents 4d2b9b304ad0
children 6ccf539aec71
line wrap: on
line source

#require serve

  $ hg init test
  $ cd test

  $ cat > .hg/hgrc <<EOF
  > [extensions]
  > # this is only necessary to check that the mapping from
  > # interhg to websub works
  > interhg =
  > 
  > [websub]
  > issues = s|Issue(\d+)|<a href="http://bts.example.org/issue\1">Issue\1</a>|
  > 
  > [interhg]
  > # check that we maintain some interhg backwards compatibility...
  > # yes, 'x' is a weird delimiter...
  > markbugs = sxbugx<i class="\x">bug</i>x
  > EOF

  $ touch foo
  $ hg add foo
  $ hg commit -d '1 0' -m 'Issue123: fixed the bug!'

  $ hg serve -n test -p $HGPORT -d --pid-file=hg.pid -A access.log -E errors.log
  $ cat hg.pid >> $DAEMON_PIDS

log

  $ get-with-headers.py localhost:$HGPORT "rev/tip" | grep bts
  <div class="description"><a href="http://bts.example.org/issue123">Issue123</a>: fixed the <i class="x">bug</i>!</div>
errors

  $ cat errors.log

  $ cd ..