[PATCH 2 of 2] cacert: improve error report when web.cacert file does not exist

timeless timeless at gmail.com
Sun Mar 6 06:00:41 CST 2011


# HG changeset patch
# User timeless <timeless at gmail.com>
# Date 1299412739 21600
# Node ID 6a05e04f7d914b7a6ad5184576a7a3e2e9bb47cd
# Parent  a2b1ee41dc4ef99c2297d7aab241b7141d1259c3
cacert: improve error report when web.cacert file does not exist

diff --git a/mercurial/url.py b/mercurial/url.py
--- a/mercurial/url.py
+++ b/mercurial/url.py
@@ -557,6 +557,11 @@ if has_https:
                 host = self.realhostport.rsplit(':', 1)[0]
 
             cacerts = self.ui.config('web', 'cacerts')
+            if cacerts and not os.path.exists(cacerts):
+                self.ui.warn(_('warning: could not find '
+                               'web.cacerts: %s\n') % cacerts)
+                cacerts = None
+
             hostfingerprint = self.ui.config('hostfingerprints', host)
 
             if cacerts and not hostfingerprint:
diff --git a/tests/test-https.t b/tests/test-https.t
--- a/tests/test-https.t
+++ b/tests/test-https.t
@@ -96,6 +96,16 @@ pub.pem patched with other notBefore / n
   $ hg serve -p $HGPORT -d --pid-file=../hg0.pid --certificate=$PRIV
   $ cat ../hg0.pid >> $DAEMON_PIDS
 
+cacert not found
+
+  $ hg in --config web.cacerts=no-such.pem https://localhost:$HGPORT/
+  warning: could not find web.cacerts: no-such.pem
+  warning: localhost certificate with fingerprint 91:4f:1a:ff:87:24:9c:09:b6:85:9b:88:b1:90:6d:30:75:64:91:ca not verified (check hostfingerprints or web.cacerts config setting)
+  comparing with https://localhost:$HGPORT/
+  searching for changes
+  no changes found
+  [1]
+
 Test server address cannot be reused
 
   $ hg serve -p $HGPORT --certificate=$PRIV 2>&1


More information about the Mercurial-devel mailing list