smtp: verify the certificate of the SMTP server for STARTTLS/SMTPS
Before this patch, the certificate of the SMTP server for STARTTLS or
SMTPS isn't verified.
This may cause man-in-the-middle security problem (stealing
authentication information), even though SMTP channel itself is
encrypted by SSL.
When "[smtp] tls" is configured as "smtps" or "starttls", this patch:
- uses classes introduced by preceding patches instead of "SMTP" or
"SMTP_SSL" of smtplib, and
- verifies the certificate of the SMTP server, if "[smtp]
verifycert" is configured as other than False
"[smtp] verifycert" can be configured in 3 levels:
- "strict":
This verifies peer certificate, and aborts if:
- peer certification is not valid, or
- no configuration in "[hostfingerprints]" and "[web] cacerts"
This is default value of "[smtp] verifycert" for security.
- "loose":
This verifies peer certificate, and aborts if peer certification is
not valid.
This just shows warning message ("certificate not verified"), if
there is no configuration in "[hostfingerprints]" and "[web]
cacerts".
This is as same as verification for HTTPS connection.
- False(no verification):
Peer certificate is not verified.
This is as same as the behavior before this patch series.
"hg email --insecure" uses "loose" level, and ignores "[web] cacerts"
as same as push/pull/etc... with --insecure.
Ignoring "[web] cacerts" configuration for "hg email --insecure" is
already done in "dispatch._dispatch()" by looking "insecure" up in the
table of command options.
$ . "$TESTDIR/histedit-helpers.sh"
Enable obsolete
$ cat > ${TESTTMP}/obs.py << EOF
> import mercurial.obsolete
> mercurial.obsolete._enabled = True
> EOF
$ cat >> $HGRCPATH << EOF
> [ui]
> logtemplate= {rev}:{node|short} {desc|firstline}
> [phases]
> publish=False
> [extensions]'
> histedit=
> rebase=
>
> obs=${TESTTMP}/obs.py
> EOF
$ hg init base
$ cd base
$ for x in a b c d e f ; do
> echo $x > $x
> hg add $x
> hg ci -m $x
> done
$ hg log --graph
@ 5:652413bf663e f
|
o 4:e860deea161a e
|
o 3:055a42cdd887 d
|
o 2:177f92b77385 c
|
o 1:d2ae7f538514 b
|
o 0:cb9a9f314b8b a
$ HGEDITOR=cat hg histedit 1
pick d2ae7f538514 1 b
pick 177f92b77385 2 c
pick 055a42cdd887 3 d
pick e860deea161a 4 e
pick 652413bf663e 5 f
# Edit history between d2ae7f538514 and 652413bf663e
#
# Commands:
# p, pick = use commit
# e, edit = use commit, but stop for amending
# f, fold = use commit, but fold into previous commit (combines N and N-1)
# d, drop = remove commit from history
# m, mess = edit message without changing commit content
#
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ cat > commands.txt <<EOF
> pick 177f92b77385 2 c
> drop d2ae7f538514 1 b
> pick 055a42cdd887 3 d
> fold e860deea161a 4 e
> pick 652413bf663e 5 f
> EOF
$ hg histedit 1 --commands commands.txt --verbose | grep histedit
saved backup bundle to $TESTTMP/base/.hg/strip-backup/96e494a2d553-backup.hg (glob)
$ hg log --graph --hidden
@ 8:cacdfd884a93 f
|
o 7:59d9f330561f d
|
o 6:b346ab9a313d c
|
| x 5:652413bf663e f
| |
| x 4:e860deea161a e
| |
| x 3:055a42cdd887 d
| |
| x 2:177f92b77385 c
| |
| x 1:d2ae7f538514 b
|/
o 0:cb9a9f314b8b a
$ hg debugobsolete
d2ae7f538514cd87c17547b0de4cea71fe1af9fb 0 {'date': '* *', 'user': 'test'} (glob)
177f92b773850b59254aa5e923436f921b55483b b346ab9a313db8537ecf96fca3ca3ca984ef3bd7 0 {'date': '* *', 'user': 'test'} (glob)
055a42cdd88768532f9cf79daa407fc8d138de9b 59d9f330561fd6c88b1a6b32f0e45034d88db784 0 {'date': '* *', 'user': 'test'} (glob)
e860deea161a2f77de56603b340ebbb4536308ae 59d9f330561fd6c88b1a6b32f0e45034d88db784 0 {'date': '* *', 'user': 'test'} (glob)
652413bf663ef2a641cab26574e46d5f5a64a55a cacdfd884a9321ec4e1de275ef3949fa953a1f83 0 {'date': '* *', 'user': 'test'} (glob)
Ensure hidden revision does not prevent histedit
-------------------------------------------------
create an hidden revision
$ cat > commands.txt <<EOF
> pick b346ab9a313d 6 c
> drop 59d9f330561f 7 d
> pick cacdfd884a93 8 f
> EOF
$ hg histedit 6 --commands commands.txt
0 files updated, 0 files merged, 3 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg log --graph
@ 9:c13eb81022ca f
|
o 6:b346ab9a313d c
|
o 0:cb9a9f314b8b a
check hidden revision are ignored (6 have hidden children 7 and 8)
$ cat > commands.txt <<EOF
> pick b346ab9a313d 6 c
> pick c13eb81022ca 8 f
> EOF
$ hg histedit 6 --commands commands.txt
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
Test that rewriting leaving instability behind is allowed
---------------------------------------------------------------------
$ hg up '.^'
0 files updated, 0 files merged, 1 files removed, 0 files unresolved
$ hg log -r 'children(.)'
9:c13eb81022ca f (no-eol)
$ cat > commands.txt <<EOF
> edit b346ab9a313d 6 c
> EOF
$ hg histedit -r '.' --commands commands.txt
0 files updated, 0 files merged, 1 files removed, 0 files unresolved
adding c
abort: Make changes as needed, you may commit or record as needed now.
When you are finished, run hg histedit --continue to resume.
[255]
$ echo c >> c
$ hg histedit --continue
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg log -r 'unstable()'
9:c13eb81022ca f (no-eol)
stabilise
$ hg rebase -r 'unstable()' -d .
Test dropping of changeset on the top of the stack
-------------------------------------------------------
Nothing is rewritten below, the working directory parent must be change for the
dropped changeset to be hidden.
$ cd ..
$ hg clone base droplast
updating to branch default
3 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ cd droplast
$ cat > commands.txt <<EOF
> pick 40db8afa467b 10 c
> drop b449568bf7fc 11 f
> EOF
$ hg histedit -r '40db8afa467b' --commands commands.txt
0 files updated, 0 files merged, 1 files removed, 0 files unresolved
$ hg log -G
@ 10:40db8afa467b c
|
o 0:cb9a9f314b8b a
With rewritten ancestors
$ echo e > e
$ hg add e
$ hg commit -m g
$ echo f > f
$ hg add f
$ hg commit -m h
$ cat > commands.txt <<EOF
> pick 47a8561c0449 12 g
> pick 40db8afa467b 10 c
> drop 1b3b05f35ff0 13 h
> EOF
$ hg histedit -r '40db8afa467b' --commands commands.txt
0 files updated, 0 files merged, 3 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg log -G
@ 15:ee6544123ab8 c
|
o 14:269e713e9eae g
|
o 0:cb9a9f314b8b a
$ cd ../base
Test phases support
===========================================
Check that histedit respect immutability
-------------------------------------------
$ cat >> $HGRCPATH << EOF
> [ui]
> logtemplate= {rev}:{node|short} ({phase}) {desc|firstline}\n
> EOF
$ hg ph -pv '.^'
phase changed for 2 changesets
$ hg log -G
@ 11:b449568bf7fc (draft) f
|
o 10:40db8afa467b (public) c
|
o 0:cb9a9f314b8b (public) a
$ hg histedit -r '.~2'
abort: cannot edit immutable changeset: cb9a9f314b8b
[255]
Prepare further testing
-------------------------------------------
$ for x in g h i j k ; do
> echo $x > $x
> hg add $x
> hg ci -m $x
> done
$ hg phase --force --secret .~2
$ hg log -G
@ 16:ee118ab9fa44 (secret) k
|
o 15:3a6c53ee7f3d (secret) j
|
o 14:b605fb7503f2 (secret) i
|
o 13:7395e1ff83bd (draft) h
|
o 12:6b70183d2492 (draft) g
|
o 11:b449568bf7fc (draft) f
|
o 10:40db8afa467b (public) c
|
o 0:cb9a9f314b8b (public) a
$ cd ..
simple phase conservation
-------------------------------------------
Resulting changeset should conserve the phase of the original one whatever the
phases.new-commit option is.
New-commit as draft (default)
$ cp -r base simple-draft
$ cd simple-draft
$ cat > commands.txt <<EOF
> edit b449568bf7fc 11 f
> pick 6b70183d2492 12 g
> pick 7395e1ff83bd 13 h
> pick b605fb7503f2 14 i
> pick 3a6c53ee7f3d 15 j
> pick ee118ab9fa44 16 k
> EOF
$ hg histedit -r 'b449568bf7fc' --commands commands.txt
0 files updated, 0 files merged, 6 files removed, 0 files unresolved
adding f
abort: Make changes as needed, you may commit or record as needed now.
When you are finished, run hg histedit --continue to resume.
[255]
$ echo f >> f
$ hg histedit --continue
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg log -G
@ 22:12e89af74238 (secret) k
|
o 21:636a8687b22e (secret) j
|
o 20:ccaf0a38653f (secret) i
|
o 19:11a89d1c2613 (draft) h
|
o 18:c1dec7ca82ea (draft) g
|
o 17:087281e68428 (draft) f
|
o 10:40db8afa467b (public) c
|
o 0:cb9a9f314b8b (public) a
$ cd ..
New-commit as draft (default)
$ cp -r base simple-secret
$ cd simple-secret
$ cat >> .hg/hgrc << EOF
> [phases]
> new-commit=secret
> EOF
$ cat > commands.txt <<EOF
> edit b449568bf7fc 11 f
> pick 6b70183d2492 12 g
> pick 7395e1ff83bd 13 h
> pick b605fb7503f2 14 i
> pick 3a6c53ee7f3d 15 j
> pick ee118ab9fa44 16 k
> EOF
$ hg histedit -r 'b449568bf7fc' --commands commands.txt
0 files updated, 0 files merged, 6 files removed, 0 files unresolved
adding f
abort: Make changes as needed, you may commit or record as needed now.
When you are finished, run hg histedit --continue to resume.
[255]
$ echo f >> f
$ hg histedit --continue
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg log -G
@ 22:12e89af74238 (secret) k
|
o 21:636a8687b22e (secret) j
|
o 20:ccaf0a38653f (secret) i
|
o 19:11a89d1c2613 (draft) h
|
o 18:c1dec7ca82ea (draft) g
|
o 17:087281e68428 (draft) f
|
o 10:40db8afa467b (public) c
|
o 0:cb9a9f314b8b (public) a
$ cd ..
Changeset reordering
-------------------------------------------
If a secret changeset is put before a draft one, all descendant should be secret.
It seems more important to present the secret phase.
$ cp -r base reorder
$ cd reorder
$ cat > commands.txt <<EOF
> pick b449568bf7fc 11 f
> pick 3a6c53ee7f3d 15 j
> pick 6b70183d2492 12 g
> pick b605fb7503f2 14 i
> pick 7395e1ff83bd 13 h
> pick ee118ab9fa44 16 k
> EOF
$ hg histedit -r 'b449568bf7fc' --commands commands.txt
0 files updated, 0 files merged, 5 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
$ hg log -G
@ 21:558246857888 (secret) k
|
o 20:28bd44768535 (secret) h
|
o 19:d5395202aeb9 (secret) i
|
o 18:21edda8e341b (secret) g
|
o 17:5ab64f3a4832 (secret) j
|
o 11:b449568bf7fc (draft) f
|
o 10:40db8afa467b (public) c
|
o 0:cb9a9f314b8b (public) a
$ cd ..
Changeset folding
-------------------------------------------
Folding a secret changeset with a draft one turn the result secret (again,
better safe than sorry). Folding between same phase changeset still works
Note that there is a few reordering in this series for more extensive test
$ cp -r base folding
$ cd folding
$ cat >> .hg/hgrc << EOF
> [phases]
> new-commit=secret
> EOF
$ cat > commands.txt <<EOF
> pick 7395e1ff83bd 13 h
> fold b449568bf7fc 11 f
> pick 6b70183d2492 12 g
> fold 3a6c53ee7f3d 15 j
> pick b605fb7503f2 14 i
> fold ee118ab9fa44 16 k
> EOF
$ hg histedit -r 'b449568bf7fc' --commands commands.txt
0 files updated, 0 files merged, 6 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 2 files removed, 0 files unresolved
2 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 2 files removed, 0 files unresolved
2 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 2 files removed, 0 files unresolved
2 files updated, 0 files merged, 0 files removed, 0 files unresolved
0 files updated, 0 files merged, 0 files removed, 0 files unresolved
saved backup bundle to $TESTTMP/folding/.hg/strip-backup/58019c66f35f-backup.hg (glob)
saved backup bundle to $TESTTMP/folding/.hg/strip-backup/83d1858e070b-backup.hg (glob)
saved backup bundle to $TESTTMP/folding/.hg/strip-backup/859969f5ed7e-backup.hg (glob)
$ hg log -G
@ 19:f9daec13fb98 (secret) i
|
o 18:49807617f46a (secret) g
|
o 17:050280826e04 (draft) h
|
o 10:40db8afa467b (public) c
|
o 0:cb9a9f314b8b (public) a
$ cd ..