changeset 29448:afbe1fe4c44e

tests: test case where default ca certs not available I'm not a fan of TLS tests not testing both branches of a possible configuration. While we have test coverage of the inability to validate a cert later in this file, I insist that we add this branch so our testing of security code is extra comprehensive.
author Gregory Szorc <gregory.szorc@gmail.com>
date Wed, 29 Jun 2016 19:49:39 -0700
parents 13edc11eb7b7
children 5b71a8d7f7ff
files tests/test-https.t
diffstat 1 files changed, 5 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/tests/test-https.t	Wed Jun 29 19:38:24 2016 -0700
+++ b/tests/test-https.t	Wed Jun 29 19:49:39 2016 -0700
@@ -51,6 +51,11 @@
   $ hg clone https://localhost:$HGPORT/ copy-pull
   abort: error: *certificate verify failed* (glob)
   [255]
+#else
+  $ hg clone https://localhost:$HGPORT/ copy-pull
+  abort: localhost certificate error: no certificate received
+  (set hostsecurity.localhost:certfingerprints=sha256:62:09:97:2f:97:60:e3:65:8f:12:5d:78:9e:35:a1:36:7a:65:4b:0e:9f:ac:db:c3:bc:6e:b6:a3:c0:16:e0:30 config setting or use --insecure to connect insecurely)
+  [255]
 #endif
 
 Specifying a per-host certificate file that doesn't exist will abort