Mercurial > public > mercurial-scm > hg
comparison mercurial/sslutil.py @ 29447:13edc11eb7b7
sslutil: don't load default certificates when they aren't relevant
Before, we would call SSLContext.load_default_certs() when
certificate verification wasn't being used. Since
SSLContext.verify_mode == ssl.CERT_NONE, this would ideally
no-op. However, there is a slim chance the loading of system
certs could cause a failure. Furthermore, this behavior
interfered with a future patch that aims to provide a more
helpful error message when we're unable to load CAs.
The lack of test fallout is hopefully a sign that our
security code and tests are in a relatively good state.
| author | Gregory Szorc <gregory.szorc@gmail.com> |
|---|---|
| date | Wed, 29 Jun 2016 19:38:24 -0700 |
| parents | 2f7f1e10f840 |
| children | 5b71a8d7f7ff |
comparison
equal
deleted
inserted
replaced
| 29446:2f7f1e10f840 | 29447:13edc11eb7b7 |
|---|---|
| 152 | 152 |
| 153 # If a host cert fingerprint is defined, it is the only thing that | 153 # If a host cert fingerprint is defined, it is the only thing that |
| 154 # matters. No need to validate CA certs. | 154 # matters. No need to validate CA certs. |
| 155 if s['certfingerprints']: | 155 if s['certfingerprints']: |
| 156 s['verifymode'] = ssl.CERT_NONE | 156 s['verifymode'] = ssl.CERT_NONE |
| 157 s['allowloaddefaultcerts'] = False | |
| 157 | 158 |
| 158 # If --insecure is used, don't take CAs into consideration. | 159 # If --insecure is used, don't take CAs into consideration. |
| 159 elif ui.insecureconnections: | 160 elif ui.insecureconnections: |
| 160 s['disablecertverification'] = True | 161 s['disablecertverification'] = True |
| 161 s['verifymode'] = ssl.CERT_NONE | 162 s['verifymode'] = ssl.CERT_NONE |
| 163 s['allowloaddefaultcerts'] = False | |
| 162 | 164 |
| 163 if ui.configbool('devel', 'disableloaddefaultcerts'): | 165 if ui.configbool('devel', 'disableloaddefaultcerts'): |
| 164 s['allowloaddefaultcerts'] = False | 166 s['allowloaddefaultcerts'] = False |
| 165 | 167 |
| 166 # If both fingerprints and a per-host ca file are specified, issue a warning | 168 # If both fingerprints and a per-host ca file are specified, issue a warning |