##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

url: merge BetterHTTPS with httpsconnection to get some proxy https validation
Mads Kiilerich -
r13424:08f9c587 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -542,13 +542,20 b' def _verifycert(cert, hostname):'
542 return _('no commonName or subjectAltName found in certificate')
542 return _('no commonName or subjectAltName found in certificate')
543
543
544 if has_https:
544 if has_https:
545 class BetterHTTPS(httplib.HTTPSConnection):
545 class httpsconnection(httplib.HTTPSConnection):
546 send = keepalive.safesend
546 response_class = keepalive.HTTPResponse
547 # must be able to send big bundle as stream.
548 send = _gen_sendfile(keepalive.safesend)
549 getresponse = keepalive.wrapgetresponse(httplib.HTTPSConnection)
547
550
548 def connect(self):
551 def connect(self):
549 self.sock = _create_connection((self.host, self.port))
552 self.sock = _create_connection((self.host, self.port))
550
553
551 host = self.host
554 host = self.host
555 if self.realhostport: # use CONNECT proxy
556 something = _generic_proxytunnel(self)
557 host = self.realhostport.rsplit(':', 1)[0]
558
552 cacerts = self.ui.config('web', 'cacerts')
559 cacerts = self.ui.config('web', 'cacerts')
553 hostfingerprint = self.ui.config('hostfingerprints', host)
560 hostfingerprint = self.ui.config('hostfingerprints', host)
554
561
@@ -592,22 +599,6 b' if has_https:'
592 '(check web.cacerts config setting)\n') %
599 '(check web.cacerts config setting)\n') %
593 host)
600 host)
594
601
595 class httpsconnection(BetterHTTPS):
596 response_class = keepalive.HTTPResponse
597 # must be able to send big bundle as stream.
598 send = _gen_sendfile(BetterHTTPS.send)
599 getresponse = keepalive.wrapgetresponse(httplib.HTTPSConnection)
600
601 def connect(self):
602 if self.realhostport: # use CONNECT proxy
603 self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
604 self.sock.connect((self.host, self.port))
605 if _generic_proxytunnel(self):
606 self.sock = _ssl_wrap_socket(self.sock, self.key_file,
607 self.cert_file)
608 else:
609 BetterHTTPS.connect(self)
610
611 class httpshandler(keepalive.KeepAliveHandler, urllib2.HTTPSHandler):
602 class httpshandler(keepalive.KeepAliveHandler, urllib2.HTTPSHandler):
612 def __init__(self, ui):
603 def __init__(self, ui):
613 keepalive.KeepAliveHandler.__init__(self)
604 keepalive.KeepAliveHandler.__init__(self)
Show file before | Show file after | Hide comments
@@ -261,10 +261,8 b' Test https with cacert and fingerprint t'
261 Test https with cert problems through proxy
261 Test https with cert problems through proxy
262
262
263 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull --config web.cacerts=pub-other.pem
263 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull --config web.cacerts=pub-other.pem
264 pulling from https://localhost:$HGPORT/
264 abort: error: _ssl.c:499: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
265 searching for changes
265 [255]
266 no changes found
267 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull --config web.cacerts=pub-expired.pem https://localhost:$HGPORT2/
266 $ http_proxy=http://localhost:$HGPORT1/ hg -R copy-pull pull --config web.cacerts=pub-expired.pem https://localhost:$HGPORT2/
268 pulling from https://localhost:$HGPORT2/
267 abort: error: _ssl.c:499: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
269 searching for changes
268 [255]
270 no changes found
General Comments 0
You need to be logged in to leave comments. Login now