Mercurial Mercurial > public > mercurial-scm > hg / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/sslutil.py
changeset 29112 5edc5acecc83
parent 29111 843df550b465
child 29113 5b9577edf745 
--- a/mercurial/sslutil.py	Thu May 05 00:35:45 2016 -0700
+++ b/mercurial/sslutil.py	Thu May 05 00:37:28 2016 -0700
@@ -329,6 +329,19 @@
                           (host, nicefingerprint))
             return
 
+        # If insecure connections were explicitly requested via --insecure,
+        # print a warning and do no verification.
+        #
+        # It may seem odd that this is checked *after* host fingerprint pinning.
+        # This is for backwards compatibility (for now). The message is also
+        # the same as below for BC.
+        if self.ui.insecureconnections:
+            self.ui.warn(_('warning: %s certificate with fingerprint %s not '
+                           'verified (check hostfingerprints or web.cacerts '
+                           'config setting)\n') %
+                         (host, nicefingerprint))
+            return
+
         # No pinned fingerprint. Establish trust by looking at the CAs.
         cacerts = self.ui.config('web', 'cacerts')
         if cacerts != '!':
mercurial-scm/hg