# HG changeset patch # User Gregory Szorc # Date 2019-01-26 22:00:42 # Node ID f07aff7e8b5a2bc91c67c8db6742823bd24aa1b5 # Parent 0d226b2139df82f135827524fb288436ee49a890 sslutil: ensure serverhostname is bytes when formatting It will likely be a str on Python 3. Differential Revision: https://phab.mercurial-scm.org/D5722 diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py --- a/mercurial/sslutil.py +++ b/mercurial/sslutil.py @@ -454,7 +454,7 @@ def wrapsocket(sock, keyfile, certfile, 'server; see ' 'https://mercurial-scm.org/wiki/SecureConnections ' 'for more info)\n') % ( - serverhostname, + pycompat.bytesurl(serverhostname), ', '.join(sorted(supportedprotocols)))) else: ui.warn(_( @@ -463,7 +463,8 @@ def wrapsocket(sock, keyfile, certfile, 'supports TLS 1.0 because it has known security ' 'vulnerabilities; see ' 'https://mercurial-scm.org/wiki/SecureConnections ' - 'for more info)\n') % serverhostname) + 'for more info)\n') % + pycompat.bytesurl(serverhostname)) else: # We attempted TLS 1.1+. We can only get here if the client # supports the configured protocol. So the likely reason is @@ -473,14 +474,15 @@ def wrapsocket(sock, keyfile, certfile, '(could not negotiate a common security protocol (%s+) ' 'with %s; the likely cause is Mercurial is configured ' 'to be more secure than the server can support)\n') % ( - settings['protocolui'], serverhostname)) + settings['protocolui'], + pycompat.bytesurl(serverhostname))) ui.warn(_('(consider contacting the operator of this ' 'server and ask them to support modern TLS ' 'protocol versions; or, set ' 'hostsecurity.%s:minimumprotocol=tls1.0 to allow ' 'use of legacy, less secure protocols when ' 'communicating with this server)\n') % - serverhostname) + pycompat.bytesurl(serverhostname)) ui.warn(_( '(see https://mercurial-scm.org/wiki/SecureConnections ' 'for more info)\n'))