Sat, 16 Apr 2016 16:01:24 -0700 style: remove namespace class
Pierre-Yves David <pierre-yves.david@ens-lyon.org> [Sat, 16 Apr 2016 16:01:24 -0700] rev 29297
style: remove namespace class For better or worse, our coding do not use use class for pure namespacing. We remove the class introduced in a5009789960c.
Sat, 16 Apr 2016 15:59:30 -0700 style: don't use capital letter for constant
Pierre-Yves David <pierre-yves.david@ens-lyon.org> [Sat, 16 Apr 2016 15:59:30 -0700] rev 29296
style: don't use capital letter for constant For better or worse, our coding do not use all caps for constants. We rename constant name introduced in a5009789960c.
Thu, 02 Jun 2016 16:18:44 -0700 tests-subrepo-git: use "f" to dump pwned.txt, for portability stable
Danek Duvall <danek.duvall@oracle.com> [Thu, 02 Jun 2016 16:18:44 -0700] rev 29295
tests-subrepo-git: use "f" to dump pwned.txt, for portability Rather than sometimes using a complicated shell construct to dump pwned.txt (if it wasn't expected to exist, but might, if something were broken) or just cat (if it was expected to exist), just use the "f" utility, which will be consistent in its behavior across different platforms. Also make sure that *something* gets put into pwned.txt, even if we ended up typoing the message variable.
Wed, 01 Jun 2016 21:40:52 +0200 bundle2: don't assume ordering of heads checked after push stable
Mads Kiilerich <madski@unity3d.com> [Wed, 01 Jun 2016 21:40:52 +0200] rev 29294
bundle2: don't assume ordering of heads checked after push Usually, the heads will have the same ordering in handlecheckheads. Insisting on the same ordering is however an unnecessary constraint that in some custom cases can cause pushes to fail even though the actual heads didn't change. This caused production issues for us in combination with the current version of https://bitbucket.org/Unity-Technologies/hgwebcachingproxy/ .
Sat, 04 Jun 2016 11:16:08 -0700 sslutil: print the fingerprint from the last hash used
Gregory Szorc <gregory.szorc@gmail.com> [Sat, 04 Jun 2016 11:16:08 -0700] rev 29293
sslutil: print the fingerprint from the last hash used Before, we would always print the unprefixed SHA-1 fingerprint when fingerprint comparison failed. Now, we print the fingerprint of the last hash used, including the prefix if necessary. This helps ensure that the printed hash type matches what is in the user configuration. There are still some cases where this can print a mismatched hash type. e.g. if there are both SHA-1 and SHA-256 fingerprints in the config, we could print a SHA-1 hash if it comes after the SHA-256 hash. But I'm inclined to ignore this edge case. While I was here, the "section" variable assignment has been moved to just above where it is used because it is now only needed for this error message and it makes the code easier to read.
Tue, 31 May 2016 19:21:08 -0700 sslutil: make cert fingerprints messages more actionable
Gregory Szorc <gregory.szorc@gmail.com> [Tue, 31 May 2016 19:21:08 -0700] rev 29292
sslutil: make cert fingerprints messages more actionable The previous warning and abort messages were difficult to understand. This patch makes them slightly better. I think there is still room to tweak the messaging. And as we adopt new security defaults, these messages will certainly change again. But at least this takes us a step in the right direction. References to "section" have been removed because if no fingerprint is defined, "section" can never be "hostfingerprints." So just print "hostsecurity" every time.
Mon, 30 May 2016 15:43:03 -0700 sslutil: refactor code for fingerprint matching
Gregory Szorc <gregory.szorc@gmail.com> [Mon, 30 May 2016 15:43:03 -0700] rev 29291
sslutil: refactor code for fingerprint matching We didn't need to use a temporary variable to indicate success because we just return anyway. This refactor makes the code simpler. While we're here, we also call into formatfingerprint() to ensure the fingerprint from the proper hashing algorithm is logged.
(0) -10000 -3000 -1000 -300 -100 -30 -10 -7 +7 +10 +30 +100 +300 +1000 +3000 +10000 tip