# HG changeset patch # User Mads Kiilerich # Date 1293468598 -3600 # Node ID 4d03707916d33773cd1abb9d2f50a0b1564d90c1 # Parent 6c9345f9edca6d7ea4b368b1845f5f6896b9d529 https: use web.cacerts configuration from local repo to validate remote repo diff -r 6c9345f9edca -r 4d03707916d3 mercurial/hg.py --- a/mercurial/hg.py Wed Dec 22 13:25:00 2010 -0600 +++ b/mercurial/hg.py Mon Dec 27 17:49:58 2010 +0100 @@ -545,9 +545,12 @@ if r: dst.setconfig('bundle', 'mainreporoot', r) - # copy auth and http_proxy section settings + # copy selected local settings to the remote ui for sect in ('auth', 'http_proxy'): for key, val in src.configitems(sect): dst.setconfig(sect, key, val) + v = src.config('web', 'cacerts') + if v: + dst.setconfig('web', 'cacerts', v) return dst diff -r 6c9345f9edca -r 4d03707916d3 tests/test-https.t --- a/tests/test-https.t Wed Dec 22 13:25:00 2010 -0600 +++ b/tests/test-https.t Mon Dec 27 17:49:58 2010 +0100 @@ -126,7 +126,7 @@ adding bar $ cd .. -pull +pull without cacert $ cd copy-pull $ echo '[hooks]' >> .hg/hgrc @@ -143,12 +143,28 @@ (run 'hg update' to get a working copy) $ cd .. -cacert +cacert configured in local repo - $ hg -R copy-pull pull --config web.cacerts=pub.pem + $ cp copy-pull/.hg/hgrc copy-pull/.hg/hgrc.bu + $ echo "[web]" >> copy-pull/.hg/hgrc + $ echo "cacerts=`pwd`/pub.pem" >> copy-pull/.hg/hgrc + $ hg -R copy-pull pull --traceback pulling from https://localhost:$HGPORT/ searching for changes no changes found + $ mv copy-pull/.hg/hgrc.bu copy-pull/.hg/hgrc + +cacert configured globally + + $ echo "[web]" >> $HGRCPATH + $ echo "cacerts=`pwd`/pub.pem" >> $HGRCPATH + $ hg -R copy-pull pull + pulling from https://localhost:$HGPORT/ + searching for changes + no changes found + +cacert mismatch + $ hg -R copy-pull pull --config web.cacerts=pub.pem https://127.0.0.1:$HGPORT/ abort: 127.0.0.1 certificate error: certificate is for localhost [255]