mercurial/sslutil.py
branchstable
changeset 29631 387bdd53c77e
parent 29619 53e80179bd6a
child 29927 799e36749f1a
equal deleted inserted replaced
29630:67b180c0e263 29631:387bdd53c77e
   407         # If we're doing certificate verification and no CA certs are loaded,
   407         # If we're doing certificate verification and no CA certs are loaded,
   408         # that is almost certainly the reason why verification failed. Provide
   408         # that is almost certainly the reason why verification failed. Provide
   409         # a hint to the user.
   409         # a hint to the user.
   410         # Only modern ssl module exposes SSLContext.get_ca_certs() so we can
   410         # Only modern ssl module exposes SSLContext.get_ca_certs() so we can
   411         # only show this warning if modern ssl is available.
   411         # only show this warning if modern ssl is available.
   412         if (caloaded and settings['verifymode'] == ssl.CERT_REQUIRED and
   412         # The exception handler is here because of
   413             modernssl and not sslcontext.get_ca_certs()):
   413         # https://bugs.python.org/issue20916.
   414             ui.warn(_('(an attempt was made to load CA certificates but none '
   414         try:
   415                       'were loaded; see '
   415             if (caloaded and settings['verifymode'] == ssl.CERT_REQUIRED and
   416                       'https://mercurial-scm.org/wiki/SecureConnections for '
   416                 modernssl and not sslcontext.get_ca_certs()):
   417                       'how to configure Mercurial to avoid this error)\n'))
   417                 ui.warn(_('(an attempt was made to load CA certificates but '
       
   418                           'none were loaded; see '
       
   419                           'https://mercurial-scm.org/wiki/SecureConnections '
       
   420                           'for how to configure Mercurial to avoid this '
       
   421                           'error)\n'))
       
   422         except ssl.SSLError:
       
   423             pass
   418         # Try to print more helpful error messages for known failures.
   424         # Try to print more helpful error messages for known failures.
   419         if util.safehasattr(e, 'reason'):
   425         if util.safehasattr(e, 'reason'):
   420             # This error occurs when the client and server don't share a
   426             # This error occurs when the client and server don't share a
   421             # common/supported SSL/TLS protocol. We've disabled SSLv2 and SSLv3
   427             # common/supported SSL/TLS protocol. We've disabled SSLv2 and SSLv3
   422             # outright. Hopefully the reason for this error is that we require
   428             # outright. Hopefully the reason for this error is that we require