--- a/i18n/pt_BR.po Fri Jul 01 13:54:35 2016 +0800
+++ b/i18n/pt_BR.po Fri Jul 01 16:02:56 2016 -0500
@@ -22714,12 +22714,16 @@
msgid ""
"Relative subrepository paths are first made absolute, and the\n"
-"rewrite rules are then applied on the full (absolute) path. The rules\n"
-"are applied in definition order."
+"rewrite rules are then applied on the full (absolute) path. If ``pattern``\n"
+"doesn't match the full path, an attempt is made to apply it on the\n"
+"relative path alone. The rules are applied in definition order."
msgstr ""
"Caminhos relativos para sub-repositórios são primeiramente tornados\n"
"absolutos, e em seguida as regras de reescrita são aplicadas no\n"
-"caminho absoluto completo. As regras são aplicadas na ordem de definição."
+"caminho absoluto completo.\n"
+"Se ``pattern`` não coincidir com o caminho completo, é feita uma\n"
+"tentativa para aplicá-lo no caminho relativo sozinho.\n"
+"As regras são aplicadas na ordem de definição."
msgid ""
"``templatealias``\n"
@@ -25625,6 +25629,163 @@
" Veja 'Parent, working directory'.\n"
msgid ""
+"========\n"
+" hg-ssh\n"
+"========"
+msgstr ""
+"========\n"
+" hg-ssh\n"
+"========"
+
+msgid ""
+"----------------------------------------\n"
+"restricted ssh login shell for Mercurial\n"
+"----------------------------------------"
+msgstr ""
+"--------------------------------------------\n"
+"shell de login ssh restrito para o Mercurial--------------------------------------------"
+
+msgid ""
+":Author: Thomas Arendsen Hein <thomas@intevation.de>\n"
+":Organization: Mercurial\n"
+":Manual section: 8\n"
+":Manual group: Mercurial Manual"
+msgstr ""
+":Author: Thomas Arendsen Hein <thomas@intevation.de>\n"
+":Organization: Mercurial\n"
+":Manual section: 8\n"
+":Manual group: Mercurial Manual"
+
+#. do not translate: .. contents::
+msgid ""
+".. contents::\n"
+" :backlinks: top\n"
+" :class: htmlonly\n"
+" :depth: 1"
+msgstr ""
+".. contents::\n"
+" :backlinks: top\n"
+" :class: htmlonly\n"
+" :depth: 1"
+
+msgid ""
+"Synopsis\n"
+"\"\"\"\"\"\"\"\"\n"
+"**hg-ssh** repositories..."
+msgstr ""
+"Sinopse\n"
+"\"\"\"\"\"\"\"\n"
+"**hg-ssh** repositórios..."
+
+msgid ""
+"Description\n"
+"\"\"\"\"\"\"\"\"\"\"\"\n"
+"**hg-ssh** is a wrapper for ssh access to a limited set of mercurial repos."
+msgstr ""
+"Descrição\n"
+"\"\"\"\"\"\"\"\"\"\n"
+"**hg-ssh** é um wrapper para acesso ssh a um conjunto limitado de\n"
+"repositórios do Mercurial."
+
+msgid ""
+"To be used in ~/.ssh/authorized_keys with the \"command\" option, see sshd(8):\n"
+"command=\"hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4\" ssh-dss ...\n"
+"(probably together with these other useful options:\n"
+"no-port-forwarding,no-X11-forwarding,no-agent-forwarding)"
+msgstr ""
+"Para ser usado em ~/.ssh/authorized_keys com a opção \"command\", veja sshd(8):\n"
+"command=\"hg-ssh path/to/repo1 /path/to/repo2 ~/repo3 ~user/repo4\" ssh-dss ...\n"
+"(provavelmente incluindo estas outras opções úteis:\n"
+"no-port-forwarding,no-X11-forwarding,no-agent-forwarding)"
+
+msgid ""
+"This allows pull/push over ssh from/to the repositories given as arguments."
+msgstr ""
+"Isto possibilita pull/push através de ssh de/para repositórios passados como\n"
+"argumentos."
+
+msgid ""
+"If all your repositories are subdirectories of a common directory, you can\n"
+"allow shorter paths with:\n"
+"command=\"cd path/to/my/repositories && hg-ssh repo1 subdir/repo2\""
+msgstr ""
+"Se os repositórios forem sub-diretórios de um diretírio comum, você pode\n"
+"permitir caminhos mais curtos com:\n"
+"command=\"cd caminho/para/repositórios && hg-ssh repo1 subdir/repo2\""
+
+msgid ""
+"You can use pattern matching of your normal shell, e.g.:\n"
+"command=\"cd repos && hg-ssh user/thomas/* projects/{mercurial,foo}\""
+msgstr ""
+"Você pode usar a correspondência de padrões de seu shell, por exemplo:\n"
+"command=\"cd repos && hg-ssh user/thomas/* projetos/{mercurial,foo}\""
+
+msgid ""
+"You can also add a --read-only flag to allow read-only access to a key, e.g.:\n"
+"command=\"hg-ssh --read-only repos/\\*\""
+msgstr ""
+"Você também pode adicionar a opção --read-only para permitir acesso somente\n"
+"leitura a uma chave, por exemplo:\n"
+"command=\"hg-ssh --read-only repos/\\*\""
+
+msgid ""
+"Bugs\n"
+"\"\"\"\"\n"
+"Probably lots, please post them to the mailing list (see Resources_\n"
+"below) when you find them."
+msgstr ""
+"Bugs\n"
+"\"\"\"\"\n"
+"Provavelmente vários, por favor informe-os na lista de discussão\n"
+"(veja a seção Recursos_ abaixo)."
+
+msgid ""
+"See Also\n"
+"\"\"\"\"\"\"\"\"\n"
+"|hg(1)|_"
+msgstr ""
+"Veja Também\n"
+"\"\"\"\"\"\"\"\"\"\"\"\n"
+"|hg(1)|_"
+
+msgid ""
+"Author\n"
+"\"\"\"\"\"\"\n"
+"Written by Matt Mackall <mpm@selenic.com>"
+msgstr ""
+"Autor\n"
+"\"\"\"\"\"\n"
+"Escrito por Matt Mackall <mpm@selenic.com>"
+
+msgid ""
+"Resources\n"
+"\"\"\"\"\"\"\"\"\"\n"
+"Main Web Site: https://mercurial-scm.org/"
+msgstr ""
+"Recursos\n"
+"\"\"\"\"\"\"\"\"\n"
+"Página Principal: https://mercurial-scm.org/"
+
+msgid "Source code repository: http://selenic.com/hg"
+msgstr "Repositório de código fonte: http://selenic.com/hg"
+
+msgid "Mailing list: http://selenic.com/mailman/listinfo/mercurial"
+msgstr "Lista de discussão: http://selenic.com/mailman/listinfo/mercurial"
+
+msgid ""
+"Copying\n"
+"\"\"\"\"\"\"\"\n"
+"Copyright (C) 2005-2016 Matt Mackall.\n"
+"Free use of this software is granted under the terms of the GNU General\n"
+"Public License version 2 or any later version."
+msgstr ""
+"Cópia\n"
+"\"\"\"\"\"\n"
+"Copyright (C) 2005-2016 Matt Mackall.\n"
+"Garante-se livre uso deste software nos termos da licença\n"
+"GNU General Public License, versão 2 ou qualquer versão posterior."
+
+msgid ""
"====\n"
" hg\n"
"===="
@@ -25653,18 +25814,6 @@
":Manual section: 1\n"
":Manual group: Mercurial Manual"
-#. do not translate: .. contents::
-msgid ""
-".. contents::\n"
-" :backlinks: top\n"
-" :class: htmlonly\n"
-" :depth: 1"
-msgstr ""
-".. contents::\n"
-" :backlinks: top\n"
-" :class: htmlonly\n"
-" :depth: 1"
-
msgid ""
"\n"
"Synopsis\n"
@@ -25829,17 +25978,6 @@
"rastreado pelo Mercurial, ele será sobrescrito."
msgid ""
-"Bugs\n"
-"\"\"\"\"\n"
-"Probably lots, please post them to the mailing list (see Resources_\n"
-"below) when you find them."
-msgstr ""
-"Bugs\n"
-"\"\"\"\"\n"
-"Provavelmente vários, por favor informe-os na lista de discussão\n"
-"(veja a seção Recursos_ abaixo)."
-
-msgid ""
"See Also\n"
"\"\"\"\"\"\"\"\"\n"
"|hgignore(5)|_, |hgrc(5)|_"
@@ -25849,43 +25987,6 @@
"|hgignore(5)|_, |hgrc(5)|_"
msgid ""
-"Author\n"
-"\"\"\"\"\"\"\n"
-"Written by Matt Mackall <mpm@selenic.com>"
-msgstr ""
-"Autor\n"
-"\"\"\"\"\"\n"
-"Escrito por Matt Mackall <mpm@selenic.com>"
-
-msgid ""
-"Resources\n"
-"\"\"\"\"\"\"\"\"\"\n"
-"Main Web Site: https://mercurial-scm.org/"
-msgstr ""
-"Recursos\n"
-"\"\"\"\"\"\"\"\"\n"
-"Página Principal: https://mercurial-scm.org/"
-
-msgid "Source code repository: http://selenic.com/hg"
-msgstr "Repositório de código fonte: http://selenic.com/hg"
-
-msgid "Mailing list: http://selenic.com/mailman/listinfo/mercurial"
-msgstr "Lista de discussão: http://selenic.com/mailman/listinfo/mercurial"
-
-msgid ""
-"Copying\n"
-"\"\"\"\"\"\"\"\n"
-"Copyright (C) 2005-2016 Matt Mackall.\n"
-"Free use of this software is granted under the terms of the GNU General\n"
-"Public License version 2 or any later version."
-msgstr ""
-"Cópia\n"
-"\"\"\"\"\"\n"
-"Copyright (C) 2005-2016 Matt Mackall.\n"
-"Garante-se livre uso deste software nos termos da licença\n"
-"GNU General Public License, versão 2 ou qualquer versão posterior."
-
-msgid ""
"==========\n"
" hgignore\n"
"=========="
@@ -31696,17 +31797,6 @@
msgid ".hgtags merged successfully\n"
msgstr ".hgtags mesclado com successo\n"
-#, python-format
-msgid "%s, line %s: %s\n"
-msgstr "%s, linha %s: %s\n"
-
-msgid "cannot parse entry"
-msgstr "não é possível decodificar entrada"
-
-#, python-format
-msgid "node '%s' is not well formed"
-msgstr "nó '%s' não é bem formado"
-
msgid ""
":addbreaks: Any text. Add an XHTML \"<br />\" tag before the end of\n"
" every line except the last."
@@ -33004,6 +33094,15 @@
msgid "number of cpus must be an integer"
msgstr "o número de cpus deve ser um inteiro"
+#~ msgid "%s, line %s: %s\n"
+#~ msgstr "%s, linha %s: %s\n"
+
+#~ msgid "cannot parse entry"
+#~ msgstr "não é possível decodificar entrada"
+
+#~ msgid "node '%s' is not well formed"
+#~ msgstr "nó '%s' não é bem formado"
+
#~ msgid ""
#~ " [blackbox]\n"
#~ " track = *"
--- a/tests/test-url.py Fri Jul 01 13:54:35 2016 +0800
+++ b/tests/test-url.py Fri Jul 01 16:02:56 2016 -0500
@@ -1,3 +1,4 @@
+# coding=utf-8
from __future__ import absolute_import, print_function
import doctest
@@ -50,8 +51,7 @@
# Avoid some pitfalls
check(_verifycert(cert('*.foo'), 'foo'),
'certificate is for *.foo')
-check(_verifycert(cert('*o'), 'foo'),
- 'certificate is for *o')
+check(_verifycert(cert('*o'), 'foo'), None)
check(_verifycert({'subject': ()},
'example.com'),
@@ -63,6 +63,177 @@
check(_verifycert(cert(u'\u4f8b.jp'), 'example.jp'),
'IDN in certificate not supported')
+# The following tests are from CPython's test_ssl.py.
+check(_verifycert(cert('example.com'), 'example.com'), None)
+check(_verifycert(cert('example.com'), 'ExAmple.cOm'), None)
+check(_verifycert(cert('example.com'), 'www.example.com'),
+ 'certificate is for example.com')
+check(_verifycert(cert('example.com'), '.example.com'),
+ 'certificate is for example.com')
+check(_verifycert(cert('example.com'), 'example.org'),
+ 'certificate is for example.com')
+check(_verifycert(cert('example.com'), 'exampleXcom'),
+ 'certificate is for example.com')
+check(_verifycert(cert('*.a.com'), 'foo.a.com'), None)
+check(_verifycert(cert('*.a.com'), 'bar.foo.a.com'),
+ 'certificate is for *.a.com')
+check(_verifycert(cert('*.a.com'), 'a.com'),
+ 'certificate is for *.a.com')
+check(_verifycert(cert('*.a.com'), 'Xa.com'),
+ 'certificate is for *.a.com')
+check(_verifycert(cert('*.a.com'), '.a.com'),
+ 'certificate is for *.a.com')
+
+# only match one left-most wildcard
+check(_verifycert(cert('f*.com'), 'foo.com'), None)
+check(_verifycert(cert('f*.com'), 'f.com'), None)
+check(_verifycert(cert('f*.com'), 'bar.com'),
+ 'certificate is for f*.com')
+check(_verifycert(cert('f*.com'), 'foo.a.com'),
+ 'certificate is for f*.com')
+check(_verifycert(cert('f*.com'), 'bar.foo.com'),
+ 'certificate is for f*.com')
+
+# NULL bytes are bad, CVE-2013-4073
+check(_verifycert(cert('null.python.org\x00example.org'),
+ 'null.python.org\x00example.org'), None)
+check(_verifycert(cert('null.python.org\x00example.org'),
+ 'example.org'),
+ 'certificate is for null.python.org\x00example.org')
+check(_verifycert(cert('null.python.org\x00example.org'),
+ 'null.python.org'),
+ 'certificate is for null.python.org\x00example.org')
+
+# error cases with wildcards
+check(_verifycert(cert('*.*.a.com'), 'bar.foo.a.com'),
+ 'certificate is for *.*.a.com')
+check(_verifycert(cert('*.*.a.com'), 'a.com'),
+ 'certificate is for *.*.a.com')
+check(_verifycert(cert('*.*.a.com'), 'Xa.com'),
+ 'certificate is for *.*.a.com')
+check(_verifycert(cert('*.*.a.com'), '.a.com'),
+ 'certificate is for *.*.a.com')
+
+check(_verifycert(cert('a.*.com'), 'a.foo.com'),
+ 'certificate is for a.*.com')
+check(_verifycert(cert('a.*.com'), 'a..com'),
+ 'certificate is for a.*.com')
+check(_verifycert(cert('a.*.com'), 'a.com'),
+ 'certificate is for a.*.com')
+
+# wildcard doesn't match IDNA prefix 'xn--'
+idna = u'püthon.python.org'.encode('idna').decode('ascii')
+check(_verifycert(cert(idna), idna), None)
+check(_verifycert(cert('x*.python.org'), idna),
+ 'certificate is for x*.python.org')
+check(_verifycert(cert('xn--p*.python.org'), idna),
+ 'certificate is for xn--p*.python.org')
+
+# wildcard in first fragment and IDNA A-labels in sequent fragments
+# are supported.
+idna = u'www*.pythön.org'.encode('idna').decode('ascii')
+check(_verifycert(cert(idna),
+ u'www.pythön.org'.encode('idna').decode('ascii')),
+ None)
+check(_verifycert(cert(idna),
+ u'www1.pythön.org'.encode('idna').decode('ascii')),
+ None)
+check(_verifycert(cert(idna),
+ u'ftp.pythön.org'.encode('idna').decode('ascii')),
+ 'certificate is for www*.xn--pythn-mua.org')
+check(_verifycert(cert(idna),
+ u'pythön.org'.encode('idna').decode('ascii')),
+ 'certificate is for www*.xn--pythn-mua.org')
+
+c = {
+ 'notAfter': 'Jun 26 21:41:46 2011 GMT',
+ 'subject': (((u'commonName', u'linuxfrz.org'),),),
+ 'subjectAltName': (
+ ('DNS', 'linuxfr.org'),
+ ('DNS', 'linuxfr.com'),
+ ('othername', '<unsupported>'),
+ )
+}
+check(_verifycert(c, 'linuxfr.org'), None)
+check(_verifycert(c, 'linuxfr.com'), None)
+# Not a "DNS" entry
+check(_verifycert(c, '<unsupported>'),
+ 'certificate is for linuxfr.org, linuxfr.com')
+# When there is a subjectAltName, commonName isn't used
+check(_verifycert(c, 'linuxfrz.org'),
+ 'certificate is for linuxfr.org, linuxfr.com')
+
+# A pristine real-world example
+c = {
+ 'notAfter': 'Dec 18 23:59:59 2011 GMT',
+ 'subject': (
+ ((u'countryName', u'US'),),
+ ((u'stateOrProvinceName', u'California'),),
+ ((u'localityName', u'Mountain View'),),
+ ((u'organizationName', u'Google Inc'),),
+ ((u'commonName', u'mail.google.com'),),
+ ),
+}
+check(_verifycert(c, 'mail.google.com'), None)
+check(_verifycert(c, 'gmail.com'), 'certificate is for mail.google.com')
+
+# Only commonName is considered
+check(_verifycert(c, 'California'), 'certificate is for mail.google.com')
+
+# Neither commonName nor subjectAltName
+c = {
+ 'notAfter': 'Dec 18 23:59:59 2011 GMT',
+ 'subject': (
+ ((u'countryName', u'US'),),
+ ((u'stateOrProvinceName', u'California'),),
+ ((u'localityName', u'Mountain View'),),
+ ((u'organizationName', u'Google Inc'),),
+ ),
+}
+check(_verifycert(c, 'mail.google.com'),
+ 'no commonName or subjectAltName found in certificate')
+
+# No DNS entry in subjectAltName but a commonName
+c = {
+ 'notAfter': 'Dec 18 23:59:59 2099 GMT',
+ 'subject': (
+ ((u'countryName', u'US'),),
+ ((u'stateOrProvinceName', u'California'),),
+ ((u'localityName', u'Mountain View'),),
+ ((u'commonName', u'mail.google.com'),),
+ ),
+ 'subjectAltName': (('othername', 'blabla'),),
+}
+check(_verifycert(c, 'mail.google.com'), None)
+
+# No DNS entry subjectAltName and no commonName
+c = {
+ 'notAfter': 'Dec 18 23:59:59 2099 GMT',
+ 'subject': (
+ ((u'countryName', u'US'),),
+ ((u'stateOrProvinceName', u'California'),),
+ ((u'localityName', u'Mountain View'),),
+ ((u'organizationName', u'Google Inc'),),
+ ),
+ 'subjectAltName': (('othername', 'blabla'),),
+}
+check(_verifycert(c, 'google.com'),
+ 'no commonName or subjectAltName found in certificate')
+
+# Empty cert / no cert
+check(_verifycert(None, 'example.com'), 'no certificate received')
+check(_verifycert({}, 'example.com'), 'no certificate received')
+
+# avoid denials of service by refusing more than one
+# wildcard per fragment.
+check(_verifycert({'subject': (((u'commonName', u'a*b.com'),),)},
+ 'axxb.com'), None)
+check(_verifycert({'subject': (((u'commonName', u'a*b.co*'),),)},
+ 'axxb.com'), 'certificate is for a*b.co*')
+check(_verifycert({'subject': (((u'commonName', u'a*b*.com'),),)},
+ 'axxbxxc.com'),
+ 'too many wildcards in certificate DNS name: a*b*.com')
+
def test_url():
"""
>>> from mercurial.util import url