Mercurial > hg
view tests/test-gpg.t @ 29447:13edc11eb7b7
sslutil: don't load default certificates when they aren't relevant
Before, we would call SSLContext.load_default_certs() when
certificate verification wasn't being used. Since
SSLContext.verify_mode == ssl.CERT_NONE, this would ideally
no-op. However, there is a slim chance the loading of system
certs could cause a failure. Furthermore, this behavior
interfered with a future patch that aims to provide a more
helpful error message when we're unable to load CAs.
The lack of test fallout is hopefully a sign that our
security code and tests are in a relatively good state.
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Wed, 29 Jun 2016 19:38:24 -0700 |
parents | 4d2b9b304ad0 |
children | 66e038fb3c0d |
line wrap: on
line source
#require gpg Test the GPG extension $ cat <<EOF >> $HGRCPATH > [extensions] > gpg= > > [gpg] > cmd=gpg --no-permission-warning --no-secmem-warning --no-auto-check-trustdb --homedir "$TESTDIR/gpg" > EOF $ hg init r $ cd r $ echo foo > foo $ hg ci -Amfoo adding foo $ hg sigs $ HGEDITOR=cat hg sign -e 0 signing 0:e63c23eaa88a Added signature for changeset e63c23eaa88a HG: Enter commit message. Lines beginning with 'HG:' are removed. HG: Leave message empty to abort commit. HG: -- HG: user: test HG: branch 'default' HG: added .hgsigs $ hg sigs hgtest 0:e63c23eaa88ae77967edcf4ea194d31167c478b0 $ hg sigcheck 0 e63c23eaa88a is signed by: hgtest verify that this test has not modified the trustdb.gpg file back in the main hg working dir $ md5sum.py "$TESTDIR/gpg/trustdb.gpg" f6b9c78c65fa9536e7512bb2ceb338ae */gpg/trustdb.gpg (glob) don't leak any state to next test run $ rm -f "$TESTDIR/gpg/random_seed" $ cd ..