context: add a match builder method
This is groundwork for matching against filesets in contexts
sslutil: make messages for Python without certificate handling more helpful
We now explain why there is no certificate to verify and do not give hints
about cacerts when they can't be used anyway.
sslutil: fall back to commonName when no dNSName in subjectAltName (
issue2798)
Any entries in subjectAltName would prevent fallback to using commonName, but
RFC 2818 says:
If a subjectAltName extension of type dNSName is present, that MUST
be used as the identity. Otherwise, the (most specific) Common Name
field in the Subject field of the certificate MUST be used.
We now only consider dNSNames in subjectAltName.
(dNSName is known as 'DNS' in OpenSSL/Python.)
svn subrepos: work around checkout obstructions (
issue2752)
We do this by ensuring the working copy is clean and then blowing away
the working copy and replacing it with one from the desired path. We
could probably use 'svn switch' to do this more efficiently, but
there's some subtle logic required to get that right and this is
more likely to work reliably.
update: check wc.dirty() before setting overwrite=True
merge.update() was missing a few dirtiness checks from workingcontext,
including subrepo cleanliness checks. Using wc.dirty() instead of
one-off checks for various forms of dirtiness will be significantly
safer.
tags: don't allow environment errors to be raised from _writetagscache
See https://bitbucket.org/tortoisehg/thg/issue/719
test-i18n, i18n-pt_BR: update test message
This changes both a test and a translation, so I'm sending
a patch; please let me know if I should push this directly
to i18n instead.