# HG changeset patch
# User Gregory Szorc <gregory.szorc@gmail.com>
# Date 2016-05-26 02:43:22
# Node ID e6de6ef3e426eb60d791d49602392a80f36f6146
# Parent  3e438497edcab16bf3048e26136a40204b50fc06

sslutil: remove ui from sslkwargs (API)

Arguments to sslutil.wrapsocket() are partially determined by
calling sslutil.sslkwargs(). This function receives a ui and
a hostname and determines what settings, if any, need to be
applied when the socket is wrapped.

Both the ui and hostname are passed into wrapsocket(). The
other arguments to wrapsocket() provided by sslkwargs() (ca_certs
and cert_reqs) are not looked at or modified anywhere outside
of sslutil.py. So, sslkwargs() doesn't need to exist as a
separate public API called before wrapsocket().

This commit starts the process of removing external consumers of
sslkwargs() by removing the "ui" key/argument from its return.
All callers now pass the ui argument explicitly.

diff --git a/mercurial/httpconnection.py b/mercurial/httpconnection.py
--- a/mercurial/httpconnection.py
+++ b/mercurial/httpconnection.py
@@ -285,5 +285,6 @@ class http2handler(urlreq.httphandler, u
         con = HTTPConnection(host, port, use_ssl=True,
                              ssl_wrap_socket=sslutil.wrapsocket,
                              ssl_validator=sslutil.validatesocket,
+                             ui=self.ui,
                              **kwargs)
         return con
diff --git a/mercurial/mail.py b/mercurial/mail.py
--- a/mercurial/mail.py
+++ b/mercurial/mail.py
@@ -48,8 +48,9 @@ class STARTTLS(smtplib.SMTP):
 
     This class allows to pass any keyword arguments to SSL socket creation.
     '''
-    def __init__(self, sslkwargs, host=None, **kwargs):
+    def __init__(self, ui, sslkwargs, host=None, **kwargs):
         smtplib.SMTP.__init__(self, **kwargs)
+        self._ui = ui
         self._sslkwargs = sslkwargs
         self._host = host
 
@@ -60,6 +61,7 @@ class STARTTLS(smtplib.SMTP):
         (resp, reply) = self.docmd("STARTTLS")
         if resp == 220:
             self.sock = sslutil.wrapsocket(self.sock, keyfile, certfile,
+                                           ui=self._ui,
                                            serverhostname=self._host,
                                            **self._sslkwargs)
             self.file = smtplib.SSLFakeFile(self.sock)
@@ -74,13 +76,14 @@ class SMTPS(smtplib.SMTP):
 
     This class allows to pass any keyword arguments to SSL socket creation.
     '''
-    def __init__(self, sslkwargs, keyfile=None, certfile=None, host=None,
+    def __init__(self, ui, sslkwargs, keyfile=None, certfile=None, host=None,
                  **kwargs):
         self.keyfile = keyfile
         self.certfile = certfile
         smtplib.SMTP.__init__(self, **kwargs)
         self._host = host
         self.default_port = smtplib.SMTP_SSL_PORT
+        self._ui = ui
         self._sslkwargs = sslkwargs
 
     def _get_socket(self, host, port, timeout):
@@ -89,6 +92,7 @@ class SMTPS(smtplib.SMTP):
         new_socket = socket.create_connection((host, port), timeout)
         new_socket = sslutil.wrapsocket(new_socket,
                                         self.keyfile, self.certfile,
+                                        ui=self._ui,
                                         serverhostname=self._host,
                                         **self._sslkwargs)
         self.file = smtplib.SSLFakeFile(new_socket)
@@ -115,13 +119,14 @@ def _smtp(ui):
     if (starttls or smtps) and verifycert:
         sslkwargs = sslutil.sslkwargs(ui, mailhost)
     else:
-        # 'ui' is required by sslutil.wrapsocket() and set by sslkwargs()
-        sslkwargs = {'ui': ui}
+        sslkwargs = {}
+
     if smtps:
         ui.note(_('(using smtps)\n'))
-        s = SMTPS(sslkwargs, local_hostname=local_hostname, host=mailhost)
+        s = SMTPS(ui, sslkwargs, local_hostname=local_hostname, host=mailhost)
     elif starttls:
-        s = STARTTLS(sslkwargs, local_hostname=local_hostname, host=mailhost)
+        s = STARTTLS(ui, sslkwargs, local_hostname=local_hostname,
+                     host=mailhost)
     else:
         s = smtplib.SMTP(local_hostname=local_hostname)
     if smtps:
diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -247,7 +247,7 @@ def sslkwargs(ui, host):
 
     ``host`` is the hostname being connected to.
     """
-    kws = {'ui': ui}
+    kws = {}
 
     # If a host key fingerprint is on file, it is the only thing that matters
     # and CA certs don't come into play.
diff --git a/mercurial/url.py b/mercurial/url.py
--- a/mercurial/url.py
+++ b/mercurial/url.py
@@ -354,8 +354,8 @@ if has_https:
                 _generic_proxytunnel(self)
                 host = self.realhostport.rsplit(':', 1)[0]
             self.sock = sslutil.wrapsocket(
-                self.sock, self.key_file, self.cert_file, serverhostname=host,
-                **sslutil.sslkwargs(self.ui, host))
+                self.sock, self.key_file, self.cert_file, ui=self.ui,
+                serverhostname=host, **sslutil.sslkwargs(self.ui, host))
             sslutil.validatesocket(self.sock)
 
     class httpshandler(keepalive.KeepAliveHandler, urlreq.httpshandler):