Mercurial Mercurial > public > mercurial-scm > hg / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/sslutil.py
changeset 29557 53de8255ec4e
parent 29554 4a7b0c696fbc
child 29558 a935cd7d51a6
equal deleted inserted replaced
29556:1b8b6adb2365 29557:53de8255ec4e 
   262     if not serverhostname:
 
   262     if not serverhostname:
 
   263         raise error.Abort(_('serverhostname argument is required'))
 
   263         raise error.Abort(_('serverhostname argument is required'))
 
   264 
   264 
   265     settings = _hostsettings(ui, serverhostname)
 
   265     settings = _hostsettings(ui, serverhostname)
 
   266 
   266 
   267     # TODO use ssl.create_default_context() on modernssl.
 
   267     # We can't use ssl.create_default_context() because it calls
 
       
   268     # load_default_certs() unless CA arguments are passed to it. We want to
 
       
   269     # have explicit control over CA loading because implicitly loading
 
       
   270     # CAs may undermine the user's intent. For example, a user may define a CA
 
       
   271     # bundle with a specific CA cert removed. If the system/default CA bundle
 
       
   272     # is loaded and contains that removed CA, you've just undone the user's
 
       
   273     # choice.
 
   268     sslcontext = SSLContext(settings['protocol'])
 
   274     sslcontext = SSLContext(settings['protocol'])
 
   269 
   275 
   270     # This is a no-op unless using modern ssl.
 
   276     # This is a no-op unless using modern ssl.
 
   271     sslcontext.options |= settings['ctxoptions']
 
   277     sslcontext.options |= settings['ctxoptions']
 
   272 
   278
mercurial-scm/hg