upstream/mercurial-mirror Commit - r23069:22db4055

sslutil: only support TLS (BC)...

Augie Fackler -

r23069:22db4055 stable

parent child

mercurial/sslutil.py

0 +1 -8

                 # avoid using deprecated/broken FakeSocket in python 2.6
                 import ssl
                 CERT_REQUIRED = ssl.CERT_REQUIRED
-                PROTOCOL_SSLv23 = ssl.PROTOCOL_SSLv23
                 PROTOCOL_TLSv1 = ssl.PROTOCOL_TLSv1
                 def ssl_wrap_socket(sock, keyfile, certfile, ssl_version=PROTOCOL_TLSv1,
                             cert_reqs=ssl.CERT_NONE, ca_certs=None):
             except ImportError:
                 CERT_REQUIRED = 2
-                PROTOCOL_SSLv23 = 2
                 PROTOCOL_TLSv1 = 3
                 import socket, httplib
                         exe.startswith('/system/library/frameworks/python.framework/'))
             def sslkwargs(ui, host):
-                forcetls = ui.configbool('ui', 'tls', default=True)
+                kws = {'ssl_version': PROTOCOL_TLSv1,
-                if forcetls:
-                    ssl_version = PROTOCOL_TLSv1
-                else:
-                    ssl_version = PROTOCOL_SSLv23
-                kws = {'ssl_version': ssl_version,
                        }
                 hostfingerprint = ui.config('hostfingerprints', host)
                 if hostfingerprint:

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages