Comments
Patch
@@ -137,7 +137,7 @@ i18n/hg.pot: $(PYFILES) $(DOCFILES) i18n
osx:
@which -s bdist_mpkg || \
(echo "Missing bdist_mpkg (easy_install bdist_mpkg)"; false)
- bdist_mpkg setup.py
+ HGSETUPINSTALLHGRC=1 bdist_mpkg setup.py
mkdir -p packages/osx
rm -rf dist/mercurial-*.mpkg
mv dist/mercurial*macosx*.zip packages/osx
new file mode 100644
@@ -0,0 +1,50 @@
+-----BEGIN CERTIFICATE-----
+MIIBIzCBzgIJANjmj39sb3FmMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNVBAMTDmhn
+LmV4YW1wbGUuY29tMB4XDTE0MDgzMDA4NDU1OVoXDTE0MDgyOTA4NDU1OVowGTEX
+MBUGA1UEAxMOaGcuZXhhbXBsZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
+mh/ZySGlcq0ALNLmA1gZqt61HruywPrRk6WyrLJRgt+X7OP9FFlEfl2tzHfzqvmK
+CtSQoPINWOdAJMekBYFgKQIDAQABMA0GCSqGSIb3DQEBBQUAA0EAF9h49LkSqJ6a
+IlpogZuUHtihXeKZBsiktVIDlDccYsNy0RSh9XxUfhk+XMLw8jBlYvcltSXdJ7We
+aKdQRekuMQ==
+-----END CERTIFICATE-----
+
+This certificate was generated to be valid but obviously unusable:
+
+cat > cn.conf << EOT
+[req]
+distinguished_name = req_distinguished_name
+[req_distinguished_name]
+commonName = Common Name
+commonName_default = no.example.com
+EOT
+openssl req -nodes -new -x509 -keyout /dev/null -out dummycert.pem -days -1 -config cn.conf -subj '/CN=hg.example.com'
+
+To verify the content of this certificate:
+
+openssl x509 -in dummycert.pem -noout -text
+
+Certificate:
+ Data:
+ Version: 1 (0x0)
+ Serial Number: 15629337334278746470 (0xd8e68f7f6c6f7166)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: CN=hg.example.com
+ Validity
+ Not Before: Aug 30 08:45:59 2014 GMT
+ Not After : Aug 29 08:45:59 2014 GMT
+ Subject: CN=hg.example.com
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Public-Key: (512 bit)
+ Modulus:
+ 00:9a:1f:d9:c9:21:a5:72:ad:00:2c:d2:e6:03:58:
+ 19:aa:de:b5:1e:bb:b2:c0:fa:d1:93:a5:b2:ac:b2:
+ 51:82:df:97:ec:e3:fd:14:59:44:7e:5d:ad:cc:77:
+ f3:aa:f9:8a:0a:d4:90:a0:f2:0d:58:e7:40:24:c7:
+ a4:05:81:60:29
+ Exponent: 65537 (0x10001)
+ Signature Algorithm: sha1WithRSAEncryption
+ 17:d8:78:f4:b9:12:a8:9e:9a:22:5a:68:81:9b:94:1e:d8:a1:
+ 5d:e2:99:06:c8:a4:b5:52:03:94:37:1c:62:c3:72:d1:14:a1:
+ f5:7c:54:7e:19:3e:5c:c2:f0:f2:30:65:62:f7:25:b5:25:dd:
+ 27:b5:9e:68:a7:50:45:e9:2e:31
new file mode 100644
@@ -0,0 +1,10 @@
+# On Mac OS X 10.6 and higher, OpenSSL (which is what Python and therefore
+# Mercurial use to implement their SSL support) will look in the system
+# keychain. Unfortunately, the SSL code in the Python core doesn't allow for
+# this situation - it always expects you to specify a certificate bundle, and
+# if one is specified if must contain at least one certificate. This pem
+# contains a dummy certificate that makes the system Python use the system
+# keychain.
+
+[web]
+cacerts = /etc/mercurial/hgrc.d/dummycert.pem
@@ -495,6 +495,11 @@ for root in ('templates',):
packagedata['mercurial'].append(f)
datafiles = []
+if os.getenv('HGSETUPINSTALLHGRC') and sys.platform == 'darwin':
+ datafiles.append(
+ ('/etc/mercurial/hgrc.d', ['contrib/macosx/dummycert.rc',
+ 'contrib/macosx/dummycert.pem']))
+
setupversion = version
extra = {}