sslutil: make cert fingerprints messages more actionable
The previous warning and abort messages were difficult to understand.
This patch makes them slightly better.
I think there is still room to tweak the messaging. And as we adopt
new security defaults, these messages will certainly change again.
But at least this takes us a step in the right direction.
References to "section" have been removed because if no fingerprint
is defined, "section" can never be "hostfingerprints." So just print
"hostsecurity" every time.
#require test-repo slow docker
$ . "$TESTDIR/helpers-testrepo.sh"
Ensure debuild doesn't run the testsuite, as that could get silly.
$ DEB_BUILD_OPTIONS=nocheck
$ export DEB_BUILD_OPTIONS
$ OUTPUTDIR=`pwd`
$ export OUTPUTDIR
$ cd "$TESTDIR"/..
$ make docker-debian-jessie > $OUTPUTDIR/build.log 2>&1
$ cd $OUTPUTDIR
$ ls *.deb
mercurial-common_*.deb (glob)
mercurial_*.deb (glob)
We check debian package contents with portable tools so that when
we're on non-debian machines we can still test the packages that are
built using docker.
main deb should have .so but no .py
$ ar x mercurial_*.deb
$ tar tf data.tar* | egrep '(localrepo|parsers)'
./usr/lib/python2.7/dist-packages/mercurial/parsers*.so (glob)
mercurial-common should have .py but no .so or .pyc
$ ar x mercurial-common_*.deb
$ tar tf data.tar* | egrep '(localrepo|parsers)'
./usr/lib/python2.7/dist-packages/mercurial/pure/parsers.py
./usr/lib/python2.7/dist-packages/mercurial/localrepo.py