upstream/mercurial-mirror Commit - r23849:58080815

sslutil: drop support for clients of sslutil specifying a TLS version...

Augie Fackler -

r23849:58080815 default

parent child

mercurial/sslutil.py

0 +9 -13

                 try:
                     ssl_context = ssl.SSLContext
-                    def ssl_wrap_socket(sock, keyfile, certfile, ssl_version=PROTOCOL_TLSv1,
+                    def ssl_wrap_socket(sock, keyfile, certfile, cert_reqs=ssl.CERT_NONE,
-                                        cert_reqs=ssl.CERT_NONE, ca_certs=None,
+                                        ca_certs=None, serverhostname=None):
-                                        serverhostname=None):
+                        sslcontext = ssl.SSLContext(PROTOCOL_TLSv1)
-                        sslcontext = ssl.SSLContext(ssl_version)
                         if certfile is not None:
                             sslcontext.load_cert_chain(certfile, keyfile)
                         sslcontext.verify_mode = cert_reqs
                             raise util.Abort(_('ssl connection failed'))
                         return sslsocket
                 except AttributeError:
-                    def ssl_wrap_socket(sock, keyfile, certfile, ssl_version=PROTOCOL_TLSv1,
+                    def ssl_wrap_socket(sock, keyfile, certfile, cert_reqs=ssl.CERT_NONE,
-                                        cert_reqs=ssl.CERT_NONE, ca_certs=None,
+                                        ca_certs=None, serverhostname=None):
-                                        serverhostname=None):
                         sslsocket = ssl.wrap_socket(sock, keyfile, certfile,
                                                     cert_reqs=cert_reqs, ca_certs=ca_certs,
-                                                    ssl_version=ssl_version)
+                                                    ssl_version=PROTOCOL_TLSv1)
                         # check if wrap_socket failed silently because socket had been
                         # closed
                         # - see http://bugs.python.org/issue13721
                 import socket, httplib
-                def ssl_wrap_socket(sock, keyfile, certfile, ssl_version=PROTOCOL_TLSv1,
+                def ssl_wrap_socket(sock, keyfile, certfile, cert_reqs=CERT_REQUIRED,
-                                    cert_reqs=CERT_REQUIRED, ca_certs=None,
+                                    ca_certs=None, serverhostname=None):
-                                    serverhostname=None):
                     if not util.safehasattr(socket, 'ssl'):
                         raise util.Abort(_('Python SSL support not found'))
                     if ca_certs:
                         exe.startswith('/system/library/frameworks/python.framework/'))
             def sslkwargs(ui, host):
-                kws = {'ssl_version': PROTOCOL_TLSv1,
+                kws = {}
                 hostfingerprint = ui.config('hostfingerprints', host)
                 if hostfingerprint:
                     return kws

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages