Mercurial > public > mercurial-scm > hg
comparison mercurial/sslutil.py @ 22574:a00a7951b20c
ssl: refactor sslkwargs - move things around a bit, preparing for next change
| author | Mads Kiilerich <madski@unity3d.com> |
|---|---|
| date | Fri, 26 Sep 2014 02:19:47 +0200 |
| parents | 3b82d412e9e8 |
| children | d7f7f1860f00 |
comparison
equal
deleted
inserted
replaced
| 22573:f528bfb25b45 | 22574:a00a7951b20c |
|---|---|
| 87 # | 87 # |
| 88 # We COMPLETELY ignore CERT_REQUIRED on Python <= 2.5, as it's totally | 88 # We COMPLETELY ignore CERT_REQUIRED on Python <= 2.5, as it's totally |
| 89 # busted on those versions. | 89 # busted on those versions. |
| 90 | 90 |
| 91 def sslkwargs(ui, host): | 91 def sslkwargs(ui, host): |
| 92 cacerts = ui.config('web', 'cacerts') | |
| 93 forcetls = ui.configbool('ui', 'tls', default=True) | 92 forcetls = ui.configbool('ui', 'tls', default=True) |
| 94 if forcetls: | 93 if forcetls: |
| 95 ssl_version = PROTOCOL_TLSv1 | 94 ssl_version = PROTOCOL_TLSv1 |
| 96 else: | 95 else: |
| 97 ssl_version = PROTOCOL_SSLv23 | 96 ssl_version = PROTOCOL_SSLv23 |
| 98 hostfingerprint = ui.config('hostfingerprints', host) | |
| 99 kws = {'ssl_version': ssl_version, | 97 kws = {'ssl_version': ssl_version, |
| 100 } | 98 } |
| 101 if cacerts and not hostfingerprint: | 99 hostfingerprint = ui.config('hostfingerprints', host) |
| 100 if hostfingerprint: | |
| 101 return kws | |
| 102 cacerts = ui.config('web', 'cacerts') | |
| 103 if cacerts: | |
| 102 cacerts = util.expandpath(cacerts) | 104 cacerts = util.expandpath(cacerts) |
| 103 if not os.path.exists(cacerts): | 105 if not os.path.exists(cacerts): |
| 104 raise util.Abort(_('could not find web.cacerts: %s') % cacerts) | 106 raise util.Abort(_('could not find web.cacerts: %s') % cacerts) |
| 105 kws.update({'ca_certs': cacerts, | 107 kws.update({'ca_certs': cacerts, |
| 106 'cert_reqs': CERT_REQUIRED, | 108 'cert_reqs': CERT_REQUIRED, |