Mercurial Mercurial > public > mercurial-scm > hg / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/sslutil.py
branchstable
changeset 23069 22db405536be
parent 23042 2cd3fa4412dc
child 23834 bf07c19b4c82
equal deleted inserted replaced
23068:fb3e63c603e8 23069:22db405536be 
    12 from mercurial.i18n import _
 
    12 from mercurial.i18n import _
 
    13 try:
 
    13 try:
 
    14     # avoid using deprecated/broken FakeSocket in python 2.6
 
    14     # avoid using deprecated/broken FakeSocket in python 2.6
 
    15     import ssl
 
    15     import ssl
 
    16     CERT_REQUIRED = ssl.CERT_REQUIRED
 
    16     CERT_REQUIRED = ssl.CERT_REQUIRED
 
    17     PROTOCOL_SSLv23 = ssl.PROTOCOL_SSLv23
 
       
    18     PROTOCOL_TLSv1 = ssl.PROTOCOL_TLSv1
 
    17     PROTOCOL_TLSv1 = ssl.PROTOCOL_TLSv1
 
    19     def ssl_wrap_socket(sock, keyfile, certfile, ssl_version=PROTOCOL_TLSv1,
 
    18     def ssl_wrap_socket(sock, keyfile, certfile, ssl_version=PROTOCOL_TLSv1,
 
    20                 cert_reqs=ssl.CERT_NONE, ca_certs=None):
 
    19                 cert_reqs=ssl.CERT_NONE, ca_certs=None):
 
    21         sslsocket = ssl.wrap_socket(sock, keyfile, certfile,
 
    20         sslsocket = ssl.wrap_socket(sock, keyfile, certfile,
 
    22                                     cert_reqs=cert_reqs, ca_certs=ca_certs,
 
    21                                     cert_reqs=cert_reqs, ca_certs=ca_certs,
 
    27             raise util.Abort(_('ssl connection failed'))
 
    26             raise util.Abort(_('ssl connection failed'))
 
    28         return sslsocket
 
    27         return sslsocket
 
    29 except ImportError:
 
    28 except ImportError:
 
    30     CERT_REQUIRED = 2
 
    29     CERT_REQUIRED = 2
 
    31 
    30 
    32     PROTOCOL_SSLv23 = 2
 
       
    33     PROTOCOL_TLSv1 = 3
 
    31     PROTOCOL_TLSv1 = 3
 
    34 
    32 
    35     import socket, httplib
 
    33     import socket, httplib
 
    36 
    34 
    37     def ssl_wrap_socket(sock, keyfile, certfile, ssl_version=PROTOCOL_TLSv1,
 
    35     def ssl_wrap_socket(sock, keyfile, certfile, ssl_version=PROTOCOL_TLSv1,
 
   101     exe = (sys.executable or '').lower()
 
    99     exe = (sys.executable or '').lower()
 
   102     return (exe.startswith('/usr/bin/python') or
 
   100     return (exe.startswith('/usr/bin/python') or
 
   103             exe.startswith('/system/library/frameworks/python.framework/'))
 
   101             exe.startswith('/system/library/frameworks/python.framework/'))
 
   104 
   102 
   105 def sslkwargs(ui, host):
 
   103 def sslkwargs(ui, host):
 
   106     forcetls = ui.configbool('ui', 'tls', default=True)
 
   104     kws = {'ssl_version': PROTOCOL_TLSv1,
 
   107     if forcetls:
 
       
   108         ssl_version = PROTOCOL_TLSv1
 
       
   109     else:
 
       
   110         ssl_version = PROTOCOL_SSLv23
 
       
   111     kws = {'ssl_version': ssl_version,
 
       
   112            }
 
   105            }
 
   113     hostfingerprint = ui.config('hostfingerprints', host)
 
   106     hostfingerprint = ui.config('hostfingerprints', host)
 
   114     if hostfingerprint:
 
   107     if hostfingerprint:
 
   115         return kws
 
   108         return kws
 
   116     cacerts = ui.config('web', 'cacerts')
 
   109     cacerts = ui.config('web', 'cacerts')
mercurial-scm/hg