Mercurial > hg

view tests/test-url.py @ 13287:d0e0d3d43e14 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
subrepo: compare svn subrepo state to last committed revision A subversion project revisions are a subset of the repository revisions, you can ask subversion to update a working directory from one revision to another without changing anything. Unfortunately, Mercurial will think the subrepository has changed and will commit it again. To avoid useless commits, we compare the subrepository state to its actual "parent" revision. To ensure ascending compatibility with existing subrepositories which might reference fake revisions, we also keep comparing with the subrepo working directory revision. NOTE: not sure if this should go in stable or not.
author Patrick Mezard <pmezard@gmail.com>
date Sat, 22 Jan 2011 16:15:40 +0100
parents 75d0c38a0bca
children 4e8f2310f310
line wrap: on
line source

import sys

def check(a, b):
    if a != b:
        print (a, b)

def cert(cn):
    return dict(subject=((('commonName', cn),),))

from mercurial.url import _verifycert

# Test non-wildcard certificates
check(_verifycert(cert('example.com'), 'example.com'),
      None)
check(_verifycert(cert('example.com'), 'www.example.com'),
      'certificate is for example.com')
check(_verifycert(cert('www.example.com'), 'example.com'),
      'certificate is for www.example.com')

# Test wildcard certificates
check(_verifycert(cert('*.example.com'), 'www.example.com'),
      None)
check(_verifycert(cert('*.example.com'), 'example.com'),
      'certificate is for *.example.com')
check(_verifycert(cert('*.example.com'), 'w.w.example.com'),
      'certificate is for *.example.com')

# Test subjectAltName
san_cert = {'subject': ((('commonName', 'example.com'),),),
            'subjectAltName': (('DNS', '*.example.net'),
                               ('DNS', 'example.net'))}
check(_verifycert(san_cert, 'example.net'),
      None)
check(_verifycert(san_cert, 'foo.example.net'),
      None)
# subject is only checked when subjectAltName is empty
check(_verifycert(san_cert, 'example.com'),
      'certificate is for *.example.net, example.net')

# Avoid some pitfalls
check(_verifycert(cert('*.foo'), 'foo'),
      'certificate is for *.foo')
check(_verifycert(cert('*o'), 'foo'),
      'certificate is for *o')

check(_verifycert({'subject': ()},
                  'example.com'),
      'no commonName or subjectAltName found in certificate')
check(_verifycert(None, 'example.com'),
      'no certificate received')

# Unicode (IDN) certname isn't supported
check(_verifycert(cert(u'\u4f8b.jp'), 'example.jp'),
      'IDN in certificate not supported')