Mercurial Mercurial > public > mercurial-scm > hg / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/sslutil.py
changeset 18879 93b03a222c3e
parent 16391 9cf7c9d529d0
child 18887 2d7fac049d3a
equal deleted inserted replaced
18876:f63035b9b38a 18879:93b03a222c3e 
   109                                    "verified (Python too old)") % host)
 
   109                                    "verified (Python too old)") % host)
 
   110             if self.ui.configbool('ui', 'reportoldssl', True):
 
   110             if self.ui.configbool('ui', 'reportoldssl', True):
 
   111                 self.ui.warn(_("warning: certificate for %s can't be verified "
 
   111                 self.ui.warn(_("warning: certificate for %s can't be verified "
 
   112                                "(Python too old)\n") % host)
 
   112                                "(Python too old)\n") % host)
 
   113             return
 
   113             return
 
       
   114 
   114         if not sock.cipher(): # work around http://bugs.python.org/issue13721
 
   115         if not sock.cipher(): # work around http://bugs.python.org/issue13721
 
   115             raise util.Abort(_('%s ssl connection error') % host)
 
   116             raise util.Abort(_('%s ssl connection error') % host)
 
   116         peercert = sock.getpeercert(True)
 
   117         try:
 
       
   118             peercert = sock.getpeercert(True)
 
       
   119             peercert2 = sock.getpeercert()
 
       
   120         except AttributeError:
 
       
   121             raise util.Abort(_('%s ssl connection error') % host)
 
       
   122 
   117         if not peercert:
 
   123         if not peercert:
 
   118             raise util.Abort(_('%s certificate error: '
 
   124             raise util.Abort(_('%s certificate error: '
 
   119                                'no certificate received') % host)
 
   125                                'no certificate received') % host)
 
   120         peerfingerprint = util.sha1(peercert).hexdigest()
 
   126         peerfingerprint = util.sha1(peercert).hexdigest()
 
   121         nicefingerprint = ":".join([peerfingerprint[x:x + 2]
 
   127         nicefingerprint = ":".join([peerfingerprint[x:x + 2]
 
   127                                    'fingerprint %s') % (host, nicefingerprint),
 
   133                                    'fingerprint %s') % (host, nicefingerprint),
 
   128                                  hint=_('check hostfingerprint configuration'))
 
   134                                  hint=_('check hostfingerprint configuration'))
 
   129             self.ui.debug('%s certificate matched fingerprint %s\n' %
 
   135             self.ui.debug('%s certificate matched fingerprint %s\n' %
 
   130                           (host, nicefingerprint))
 
   136                           (host, nicefingerprint))
 
   131         elif cacerts:
 
   137         elif cacerts:
 
   132             msg = _verifycert(sock.getpeercert(), host)
 
   138             msg = _verifycert(peercert2, host)
 
   133             if msg:
 
   139             if msg:
 
   134                 raise util.Abort(_('%s certificate error: %s') % (host, msg),
 
   140                 raise util.Abort(_('%s certificate error: %s') % (host, msg),
 
   135                                  hint=_('configure hostfingerprint %s or use '
 
   141                                  hint=_('configure hostfingerprint %s or use '
 
   136                                         '--insecure to connect insecurely') %
 
   142                                         '--insecure to connect insecurely') %
 
   137                                       nicefingerprint)
 
   143                                       nicefingerprint)
mercurial-scm/hg