hook: report untrusted hooks as failure (
issue5110) (BC)
Before this patch, there was no way for a repository owner to ensure that
validation hooks would be run by people with write access. If someone had write
access but did not trust the user owning the repository, the config and its hook
would simply be ignored.
After this patch, hooks from untrusted configs are taken into account but never
actually run. Instead they are reported as failures right away. This will ensure
validation performed by a hook is not ignored.
As a side effect writer can be forced to trust a repository hgrc by adding a
'pretxnopen.trust=true' hook to the file.
This was discussed during the 3.8 sprint with Matt Mackall, Augie Fackler and
Kevin Bullock.
hook: split config reading further
We want an easy way to fetch the hook config with and without honoring
"trusted" so that we can compare the values. So we extract the part
retrieving raw hook data from the config to be able to call it twice
in the next patch.
hook: small refactor to store hooks as dict instead of list
We are about to take untrusted hooks into account (to report them as failures)
so we need to rearrange the code a bit to allow config overwriting each other
in a later patch.
mail: retain hostname for sslutil.wrapsocket (
issue5203)
SMTPS + STARTTLS need to provide serverhostname,
and we can't store it in sslkwargs because that breaks
something involving the https protocol.