Mercurial: tests/test-status-inprocess.py@26a5d605b868

author	Gregory Szorc <gregory.szorc@gmail.com>
	Sun, 26 Jun 2016 19:34:48 -0700
branch	stable
changeset 29452	26a5d605b868
parent 28843	2c7e6f363138
child 30559	d83ca854fa21
permissions	-rwxr-xr-x

sslutil: synchronize hostname matching logic with CPython sslutil contains its own hostname matching logic. CPython has code for the same intent. However, it is only available to Python 2.7.9+ (or distributions that have backported 2.7.9's ssl module improvements). This patch effectively imports CPython's hostname matching code from its ssl.py into sslutil.py. The hostname matching code itself is pretty similar. However, the DNS name matching code is much more robust and spec conformant. As the test changes show, this changes some behavior around wildcard handling and IDNA matching. The new behavior allows wildcards in the middle of words (e.g. 'f*.com' matches 'foo.com') This is spec compliant according to RFC 6125 Section 6.5.3 item 3. There is one test where the matcher is more strict. Before, '*.a.com' matched '.a.com'. Now it doesn't match. Strictly speaking this is a security vulnerability.


#!/usr/bin/env python
from __future__ import absolute_import, print_function

from mercurial import (
    commands,
    localrepo,
    ui as uimod,
)

u = uimod.ui()

print('% creating repo')
repo = localrepo.localrepository(u, '.', create=True)

f = open('test.py', 'w')
try:
    f.write('foo\n')
finally:
    f.close

print('% add and commit')
commands.add(u, repo, 'test.py')
commands.commit(u, repo, message='*')
commands.status(u, repo, clean=True)


print('% change')
f = open('test.py', 'w')
try:
    f.write('bar\n')
finally:
    f.close()

# this would return clean instead of changed before the fix
commands.status(u, repo, clean=True, modified=True)