Mercurial > hg
view mercurial/dummycert.pem @ 49275:c6a3243567b6
chg: replace mercurial.util.recvfds() by simpler pure Python implementation
On Python 3, we have socket.socket.recvmsg(). This makes it possible to receive
FDs in pure Python code. The new code behaves like the previous
implementations, except that it’s more strict about the format of the ancillary
data. This works because we know in which format the FDs are passed.
Because the code is (and always has been) specific to chg (payload is 1 byte,
number of passed FDs is limited) and we now have only one implementation and
the code is very short, I decided to stop exposing a function in
mercurial.util.
Note on terminology: The SCM_RIGHTS mechanism is used to share open file
descriptions to another process over a socket. The sending side passes an array
of file descriptors and the receiving side receives an array of file
descriptors. The file descriptors are different in general on both sides but
refer to the same open file descriptions. The two terms are often conflated,
even in the official documentation. That’s why I used “FD” above, which could
mean both “file descriptor” and “file description”.
author | Manuel Jacob <me@manueljacob.de> |
---|---|
date | Thu, 02 Jun 2022 23:57:56 +0200 |
parents | d7f7f1860f00 |
children |
line wrap: on
line source
A dummy certificate that will make OS X 10.6+ Python use the system CA certificate store: -----BEGIN CERTIFICATE----- MIIBIzCBzgIJANjmj39sb3FmMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNVBAMTDmhn LmV4YW1wbGUuY29tMB4XDTE0MDgzMDA4NDU1OVoXDTE0MDgyOTA4NDU1OVowGTEX MBUGA1UEAxMOaGcuZXhhbXBsZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEA mh/ZySGlcq0ALNLmA1gZqt61HruywPrRk6WyrLJRgt+X7OP9FFlEfl2tzHfzqvmK CtSQoPINWOdAJMekBYFgKQIDAQABMA0GCSqGSIb3DQEBBQUAA0EAF9h49LkSqJ6a IlpogZuUHtihXeKZBsiktVIDlDccYsNy0RSh9XxUfhk+XMLw8jBlYvcltSXdJ7We aKdQRekuMQ== -----END CERTIFICATE----- This certificate was generated to be syntactically valid but never be usable; it expired before it became valid. Created as: $ cat > cn.conf << EOT > [req] > distinguished_name = req_distinguished_name > [req_distinguished_name] > commonName = Common Name > commonName_default = no.example.com > EOT $ openssl req -nodes -new -x509 -keyout /dev/null \ > -out dummycert.pem -days -1 -config cn.conf -subj '/CN=hg.example.com' To verify the content of this certificate: $ openssl x509 -in dummycert.pem -noout -text Certificate: Data: Version: 1 (0x0) Serial Number: 15629337334278746470 (0xd8e68f7f6c6f7166) Signature Algorithm: sha1WithRSAEncryption Issuer: CN=hg.example.com Validity Not Before: Aug 30 08:45:59 2014 GMT Not After : Aug 29 08:45:59 2014 GMT Subject: CN=hg.example.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (512 bit) Modulus: 00:9a:1f:d9:c9:21:a5:72:ad:00:2c:d2:e6:03:58: 19:aa:de:b5:1e:bb:b2:c0:fa:d1:93:a5:b2:ac:b2: 51:82:df:97:ec:e3:fd:14:59:44:7e:5d:ad:cc:77: f3:aa:f9:8a:0a:d4:90:a0:f2:0d:58:e7:40:24:c7: a4:05:81:60:29 Exponent: 65537 (0x10001) Signature Algorithm: sha1WithRSAEncryption 17:d8:78:f4:b9:12:a8:9e:9a:22:5a:68:81:9b:94:1e:d8:a1: 5d:e2:99:06:c8:a4:b5:52:03:94:37:1c:62:c3:72:d1:14:a1: f5:7c:54:7e:19:3e:5c:c2:f0:f2:30:65:62:f7:25:b5:25:dd: 27:b5:9e:68:a7:50:45:e9:2e:31