Mercurial Mercurial > public > mercurial-scm > hg / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/sslutil.py
changeset 43117 8ff1ecfadcd1
parent 43089 c59eb1560c44
child 43506 9f70512ae2cf
equal deleted inserted replaced
43116:defabf63e969 43117:8ff1ecfadcd1 
   208     )
 
   208     )
 
   209     for fingerprint in fingerprints:
 
   209     for fingerprint in fingerprints:
 
   210         if not (fingerprint.startswith((b'sha1:', b'sha256:', b'sha512:'))):
 
   210         if not (fingerprint.startswith((b'sha1:', b'sha256:', b'sha512:'))):
 
   211             raise error.Abort(
 
   211             raise error.Abort(
 
   212                 _(b'invalid fingerprint for %s: %s') % (bhostname, fingerprint),
 
   212                 _(b'invalid fingerprint for %s: %s') % (bhostname, fingerprint),
 
   213                 hint=_(b'must begin with "sha1:", "sha256:", ' b'or "sha512:"'),
 
   213                 hint=_(b'must begin with "sha1:", "sha256:", or "sha512:"'),
 
   214             )
 
   214             )
 
   215 
   215 
   216         alg, fingerprint = fingerprint.split(b':', 1)
 
   216         alg, fingerprint = fingerprint.split(b':', 1)
 
   217         fingerprint = fingerprint.replace(b':', b'').lower()
 
   217         fingerprint = fingerprint.replace(b':', b'').lower()
 
   218         s[b'certfingerprints'].append((alg, fingerprint))
 
   218         s[b'certfingerprints'].append((alg, fingerprint))
 
   326     # However, SSLContext.options doesn't work unless we have the
 
   326     # However, SSLContext.options doesn't work unless we have the
 
   327     # full/real SSLContext available to us.
 
   327     # full/real SSLContext available to us.
 
   328     if supportedprotocols == {b'tls1.0'}:
 
   328     if supportedprotocols == {b'tls1.0'}:
 
   329         if protocol != b'tls1.0':
 
   329         if protocol != b'tls1.0':
 
   330             raise error.Abort(
 
   330             raise error.Abort(
 
   331                 _(b'current Python does not support protocol ' b'setting %s')
 
   331                 _(b'current Python does not support protocol setting %s')
 
   332                 % protocol,
 
   332                 % protocol,
 
   333                 hint=_(
 
   333                 hint=_(
 
   334                     b'upgrade Python or disable setting since '
 
   334                     b'upgrade Python or disable setting since '
 
   335                     b'only TLS 1.0 is supported'
 
   335                     b'only TLS 1.0 is supported'
 
   336                 ),
 
   336                 ),
 
   614     # This function is not used much by core Mercurial, so the error messaging
 
   614     # This function is not used much by core Mercurial, so the error messaging
 
   615     # doesn't have to be as detailed as for wrapsocket().
 
   615     # doesn't have to be as detailed as for wrapsocket().
 
   616     for f in (certfile, keyfile, cafile):
 
   616     for f in (certfile, keyfile, cafile):
 
   617         if f and not os.path.exists(f):
 
   617         if f and not os.path.exists(f):
 
   618             raise error.Abort(
 
   618             raise error.Abort(
 
   619                 _(b'referenced certificate file (%s) does not ' b'exist') % f
 
   619                 _(b'referenced certificate file (%s) does not exist') % f
 
   620             )
 
   620             )
 
   621 
   621 
   622     protocol, options, _protocolui = protocolsettings(b'tls1.0')
 
   622     protocol, options, _protocolui = protocolsettings(b'tls1.0')
 
   623 
   623 
   624     # This config option is intended for use in tests only. It is a giant
 
   624     # This config option is intended for use in tests only. It is a giant
 
   926     except AttributeError:
 
   926     except AttributeError:
 
   927         raise error.Abort(_(b'%s ssl connection error') % host)
 
   927         raise error.Abort(_(b'%s ssl connection error') % host)
 
   928 
   928 
   929     if not peercert:
 
   929     if not peercert:
 
   930         raise error.Abort(
 
   930         raise error.Abort(
 
   931             _(b'%s certificate error: ' b'no certificate received') % host
 
   931             _(b'%s certificate error: no certificate received') % host
 
   932         )
 
   932         )
 
   933 
   933 
   934     if settings[b'disablecertverification']:
 
   934     if settings[b'disablecertverification']:
 
   935         # We don't print the certificate fingerprint because it shouldn't
 
   935         # We don't print the certificate fingerprint because it shouldn't
 
   936         # be necessary: if the user requested certificate verification be
 
   936         # be necessary: if the user requested certificate verification be
 
   988             nice = fmtfingerprint(peerfingerprints[b'sha1'])
 
   988             nice = fmtfingerprint(peerfingerprints[b'sha1'])
 
   989         else:
 
   989         else:
 
   990             section = b'hostsecurity'
 
   990             section = b'hostsecurity'
 
   991             nice = b'%s:%s' % (hash, fmtfingerprint(peerfingerprints[hash]))
 
   991             nice = b'%s:%s' % (hash, fmtfingerprint(peerfingerprints[hash]))
 
   992         raise error.Abort(
 
   992         raise error.Abort(
 
   993             _(b'certificate for %s has unexpected ' b'fingerprint %s')
 
   993             _(b'certificate for %s has unexpected fingerprint %s')
 
   994             % (host, nice),
 
   994             % (host, nice),
 
   995             hint=_(b'check %s configuration') % section,
 
   995             hint=_(b'check %s configuration') % section,
 
   996         )
 
   996         )
 
   997 
   997 
   998     # Security is enabled but no CAs are loaded. We can't establish trust
 
   998     # Security is enabled but no CAs are loaded. We can't establish trust
mercurial-scm/hg