Mercurial > public > mercurial-scm > hg
comparison mercurial/sslutil.py @ 44892:dd7c4a208a4e
sslutil: check for OpenSSL without TLS 1.0 support in one case
It can only happen if supportedprotocols gets fixed to contain only correct
items (see the FIXME above in the file).
| author | Manuel Jacob <me@manueljacob.de> |
|---|---|
| date | Sun, 31 May 2020 12:07:17 +0200 |
| parents | abcd6db1f2cc |
| children | 39c598f1c774 |
comparison
equal
deleted
inserted
replaced
| 44891:abcd6db1f2cc | 44892:dd7c4a208a4e |
|---|---|
| 551 | 551 |
| 552 # This config option is intended for use in tests only. It is a giant | 552 # This config option is intended for use in tests only. It is a giant |
| 553 # footgun to kill security. Don't define it. | 553 # footgun to kill security. Don't define it. |
| 554 exactprotocol = ui.config(b'devel', b'serverexactprotocol') | 554 exactprotocol = ui.config(b'devel', b'serverexactprotocol') |
| 555 if exactprotocol == b'tls1.0': | 555 if exactprotocol == b'tls1.0': |
| 556 if b'tls1.0' not in supportedprotocols: | |
| 557 raise error.Abort(_(b'TLS 1.0 not supported by this Python')) | |
| 556 protocol = ssl.PROTOCOL_TLSv1 | 558 protocol = ssl.PROTOCOL_TLSv1 |
| 557 elif exactprotocol == b'tls1.1': | 559 elif exactprotocol == b'tls1.1': |
| 558 if b'tls1.1' not in supportedprotocols: | 560 if b'tls1.1' not in supportedprotocols: |
| 559 raise error.Abort(_(b'TLS 1.1 not supported by this Python')) | 561 raise error.Abort(_(b'TLS 1.1 not supported by this Python')) |
| 560 protocol = ssl.PROTOCOL_TLSv1_1 | 562 protocol = ssl.PROTOCOL_TLSv1_1 |