[PATCH 4 of 4] tests: add basic tests for SMTP over SSL

Yuya Nishihara yuya at tcha.org
Wed Jun 8 10:23:02 EDT 2016 

# HG changeset patch
# User Yuya Nishihara <yuya at tcha.org>
# Date 1464358718 -32400
#      Fri May 27 23:18:38 2016 +0900
# Node ID 597e8dac9badd05a66333fbbee66a584f17d0c3e
# Parent  85f6121625534279562bee84a97886c54af5a7d5
tests: add basic tests for SMTP over SSL

SSL handling in mail.py wasn't covered by our test suite, therefore it was
sometimes broken. This patch introduces pretty minimal tests that only cover
the default path. We can extend it later.

Tested with python 2.6.9 and 2.7.11 on Debian sid.

diff --git a/tests/test-patchbomb-tls.t b/tests/test-patchbomb-tls.t
new file mode 100644
--- /dev/null
+++ b/tests/test-patchbomb-tls.t
@@ -0,0 +1,89 @@
+#require serve ssl
+
+Set up SMTP server:
+
+  $ CERTSDIR="$TESTDIR/sslcerts"
+  $ cat "$CERTSDIR/priv.pem" "$CERTSDIR/pub.pem" >> server.pem
+
+  $ python "$TESTDIR/dummysmtpd.py" -p $HGPORT --pid-file a.pid -d \
+  > --tls smtps --certificate `pwd`/server.pem
+  listening at localhost:$HGPORT
+  $ cat a.pid >> $DAEMON_PIDS
+
+Ensure hg email output is sent to stdout:
+
+  $ unset PAGER
+
+Set up repository:
+
+  $ hg init t
+  $ cd t
+  $ cat <<EOF >> .hg/hgrc
+  > [extensions]
+  > patchbomb =
+  > [email]
+  > method = smtp
+  > [smtp]
+  > host = localhost
+  > port = $HGPORT
+  > tls = smtps
+  > EOF
+
+  $ echo a > a
+  $ hg commit -Ama -d '1 0'
+  adding a
+
+Utility functions:
+
+  $ DISABLECACERTS=
+  $ try () {
+  >   hg email $DISABLECACERTS -f quux -t foo -c bar -r tip "$@"
+  > }
+
+Our test cert is not signed by a trusted CA. It should fail to verify if
+we are able to load CA certs:
+
+#if defaultcacerts
+  $ try
+  this patch series consists of 1 patches.
+  
+  
+  (?i)abort: .*?certificate.verify.failed.* (re)
+  [255]
+#endif
+
+  $ DISABLECACERTS="--config devel.disableloaddefaultcerts=true"
+
+Without certificates:
+
+  $ try --debug
+  this patch series consists of 1 patches.
+  
+  
+  (using smtps)
+  sending mail: smtp host localhost, port * (glob)
+  (verifying remote certificate)
+  warning: certificate for localhost not verified (set hostsecurity.localhost:certfingerprints=sha256:62:09:97:2f:97:60:e3:65:8f:12:5d:78:9e:35:a1:36:7a:65:4b:0e:9f:ac:db:c3:bc:6e:b6:a3:c0:16:e0:30 or web.cacerts config settings)
+  sending [PATCH] a ...
+
+With global certificates:
+
+  $ try --debug --config web.cacerts="$CERTSDIR/pub.pem"
+  this patch series consists of 1 patches.
+  
+  
+  (using smtps)
+  sending mail: smtp host localhost, port * (glob)
+  (verifying remote certificate)
+  sending [PATCH] a ...
+
+With invalid certificates:
+
+  $ try --config web.cacerts="$CERTSDIR/pub-other.pem"
+  this patch series consists of 1 patches.
+  
+  
+  (?i)abort: .*?certificate.verify.failed.* (re)
+  [255]
+
+  $ cd ..

More information about the Mercurial-devel mailing list