Mercurial > public > mercurial-scm > hg-stable
comparison mercurial/sslutil.py @ 41433:f07aff7e8b5a
sslutil: ensure serverhostname is bytes when formatting
It will likely be a str on Python 3.
Differential Revision: https://phab.mercurial-scm.org/D5722
| author | Gregory Szorc <gregory.szorc@gmail.com> |
|---|---|
| date | Sat, 26 Jan 2019 14:00:42 -0800 |
| parents | 0d226b2139df |
| children | ce5f1232631f |
comparison
equal
deleted
inserted
replaced
| 41432:0d226b2139df | 41433:f07aff7e8b5a |
|---|---|
| 452 'protocols %s; if you are using a modern Mercurial ' | 452 'protocols %s; if you are using a modern Mercurial ' |
| 453 'version, consider contacting the operator of this ' | 453 'version, consider contacting the operator of this ' |
| 454 'server; see ' | 454 'server; see ' |
| 455 'https://mercurial-scm.org/wiki/SecureConnections ' | 455 'https://mercurial-scm.org/wiki/SecureConnections ' |
| 456 'for more info)\n') % ( | 456 'for more info)\n') % ( |
| 457 serverhostname, | 457 pycompat.bytesurl(serverhostname), |
| 458 ', '.join(sorted(supportedprotocols)))) | 458 ', '.join(sorted(supportedprotocols)))) |
| 459 else: | 459 else: |
| 460 ui.warn(_( | 460 ui.warn(_( |
| 461 '(could not communicate with %s using TLS 1.0; the ' | 461 '(could not communicate with %s using TLS 1.0; the ' |
| 462 'likely cause of this is the server no longer ' | 462 'likely cause of this is the server no longer ' |
| 463 'supports TLS 1.0 because it has known security ' | 463 'supports TLS 1.0 because it has known security ' |
| 464 'vulnerabilities; see ' | 464 'vulnerabilities; see ' |
| 465 'https://mercurial-scm.org/wiki/SecureConnections ' | 465 'https://mercurial-scm.org/wiki/SecureConnections ' |
| 466 'for more info)\n') % serverhostname) | 466 'for more info)\n') % |
| 467 pycompat.bytesurl(serverhostname)) | |
| 467 else: | 468 else: |
| 468 # We attempted TLS 1.1+. We can only get here if the client | 469 # We attempted TLS 1.1+. We can only get here if the client |
| 469 # supports the configured protocol. So the likely reason is | 470 # supports the configured protocol. So the likely reason is |
| 470 # the client wants better security than the server can | 471 # the client wants better security than the server can |
| 471 # offer. | 472 # offer. |
| 472 ui.warn(_( | 473 ui.warn(_( |
| 473 '(could not negotiate a common security protocol (%s+) ' | 474 '(could not negotiate a common security protocol (%s+) ' |
| 474 'with %s; the likely cause is Mercurial is configured ' | 475 'with %s; the likely cause is Mercurial is configured ' |
| 475 'to be more secure than the server can support)\n') % ( | 476 'to be more secure than the server can support)\n') % ( |
| 476 settings['protocolui'], serverhostname)) | 477 settings['protocolui'], |
| 478 pycompat.bytesurl(serverhostname))) | |
| 477 ui.warn(_('(consider contacting the operator of this ' | 479 ui.warn(_('(consider contacting the operator of this ' |
| 478 'server and ask them to support modern TLS ' | 480 'server and ask them to support modern TLS ' |
| 479 'protocol versions; or, set ' | 481 'protocol versions; or, set ' |
| 480 'hostsecurity.%s:minimumprotocol=tls1.0 to allow ' | 482 'hostsecurity.%s:minimumprotocol=tls1.0 to allow ' |
| 481 'use of legacy, less secure protocols when ' | 483 'use of legacy, less secure protocols when ' |
| 482 'communicating with this server)\n') % | 484 'communicating with this server)\n') % |
| 483 serverhostname) | 485 pycompat.bytesurl(serverhostname)) |
| 484 ui.warn(_( | 486 ui.warn(_( |
| 485 '(see https://mercurial-scm.org/wiki/SecureConnections ' | 487 '(see https://mercurial-scm.org/wiki/SecureConnections ' |
| 486 'for more info)\n')) | 488 'for more info)\n')) |
| 487 | 489 |
| 488 elif (e.reason == r'CERTIFICATE_VERIFY_FAILED' and | 490 elif (e.reason == r'CERTIFICATE_VERIFY_FAILED' and |