equal
deleted
inserted
replaced
159 # We allow users to downgrade to TLS 1.0+ via config options in case a |
159 # We allow users to downgrade to TLS 1.0+ via config options in case a |
160 # legacy server is encountered. |
160 # legacy server is encountered. |
161 if modernssl: |
161 if modernssl: |
162 defaultprotocol = 'tls1.1' |
162 defaultprotocol = 'tls1.1' |
163 else: |
163 else: |
|
164 # Let people on legacy Python versions know they are borderline |
|
165 # secure. |
|
166 # We don't document this config option because we want people to see |
|
167 # the bold warnings on the web site. |
|
168 # internal config: hostsecurity.disabletls10warning |
|
169 if not ui.configbool('hostsecurity', 'disabletls10warning'): |
|
170 ui.warn(_('warning: connecting to %s using legacy security ' |
|
171 'technology (TLS 1.0); see ' |
|
172 'https://mercurial-scm.org/wiki/SecureConnections for ' |
|
173 'more info\n') % hostname) |
164 defaultprotocol = 'tls1.0' |
174 defaultprotocol = 'tls1.0' |
165 |
175 |
166 key = 'minimumprotocol' |
176 key = 'minimumprotocol' |
167 protocol = ui.config('hostsecurity', key, defaultprotocol) |
177 protocol = ui.config('hostsecurity', key, defaultprotocol) |
168 validateprotocol(protocol, key) |
178 validateprotocol(protocol, key) |