Show More
| @@ -10,12 +10,16 b' import os, sys' | |||||
| 10 |
|
10 | |||
| 11 | from mercurial import util |
|
11 | from mercurial import util | |
| 12 | from mercurial.i18n import _ |
|
12 | from mercurial.i18n import _ | |
|
|
13 | ||||
|
|
14 | _canloaddefaultcerts = False | |||
| 13 | try: |
|
15 | try: | |
| 14 | # avoid using deprecated/broken FakeSocket in python 2.6 |
|
16 | # avoid using deprecated/broken FakeSocket in python 2.6 | |
| 15 | import ssl |
|
17 | import ssl | |
| 16 | CERT_REQUIRED = ssl.CERT_REQUIRED |
|
18 | CERT_REQUIRED = ssl.CERT_REQUIRED | |
| 17 | try: |
|
19 | try: | |
| 18 | ssl_context = ssl.SSLContext |
|
20 | ssl_context = ssl.SSLContext | |
|
|
21 | _canloaddefaultcerts = util.safehasattr(ssl_context, | |||
|
|
22 | 'load_default_certs') | |||
| 19 |
|
23 | |||
| 20 | def ssl_wrap_socket(sock, keyfile, certfile, cert_reqs=ssl.CERT_NONE, |
|
24 | def ssl_wrap_socket(sock, keyfile, certfile, cert_reqs=ssl.CERT_NONE, | |
| 21 | ca_certs=None, serverhostname=None): |
|
25 | ca_certs=None, serverhostname=None): | |
| @@ -35,6 +39,8 b' try:' | |||||
| 35 | sslcontext.verify_mode = cert_reqs |
|
39 | sslcontext.verify_mode = cert_reqs | |
| 36 | if ca_certs is not None: |
|
40 | if ca_certs is not None: | |
| 37 | sslcontext.load_verify_locations(cafile=ca_certs) |
|
41 | sslcontext.load_verify_locations(cafile=ca_certs) | |
|
|
42 | elif _canloaddefaultcerts: | |||
|
|
43 | sslcontext.load_default_certs() | |||
| 38 |
|
44 | |||
| 39 | sslsocket = sslcontext.wrap_socket(sock, |
|
45 | sslsocket = sslcontext.wrap_socket(sock, | |
| 40 | server_hostname=serverhostname) |
|
46 | server_hostname=serverhostname) | |
| @@ -130,10 +136,13 b' def _plainapplepython():' | |||||
| 130 | exe.startswith('/system/library/frameworks/python.framework/')) |
|
136 | exe.startswith('/system/library/frameworks/python.framework/')) | |
| 131 |
|
137 | |||
| 132 | def _defaultcacerts(): |
|
138 | def _defaultcacerts(): | |
|
|
139 | """return path to CA certificates; None for system's store; ! to disable""" | |||
| 133 | if _plainapplepython(): |
|
140 | if _plainapplepython(): | |
| 134 | dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem') |
|
141 | dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem') | |
| 135 | if os.path.exists(dummycert): |
|
142 | if os.path.exists(dummycert): | |
| 136 | return dummycert |
|
143 | return dummycert | |
|
|
144 | if _canloaddefaultcerts: | |||
|
|
145 | return None | |||
| 137 | return '!' |
|
146 | return '!' | |
| 138 |
|
147 | |||
| 139 | def sslkwargs(ui, host): |
|
148 | def sslkwargs(ui, host): | |
General Comments 0
You need to be logged in to leave comments.
Login now