Show More
@@ -10,12 +10,16 b' import os, sys' | |||||
10 |
|
10 | |||
11 | from mercurial import util |
|
11 | from mercurial import util | |
12 | from mercurial.i18n import _ |
|
12 | from mercurial.i18n import _ | |
|
13 | ||||
|
14 | _canloaddefaultcerts = False | |||
13 | try: |
|
15 | try: | |
14 | # avoid using deprecated/broken FakeSocket in python 2.6 |
|
16 | # avoid using deprecated/broken FakeSocket in python 2.6 | |
15 | import ssl |
|
17 | import ssl | |
16 | CERT_REQUIRED = ssl.CERT_REQUIRED |
|
18 | CERT_REQUIRED = ssl.CERT_REQUIRED | |
17 | try: |
|
19 | try: | |
18 | ssl_context = ssl.SSLContext |
|
20 | ssl_context = ssl.SSLContext | |
|
21 | _canloaddefaultcerts = util.safehasattr(ssl_context, | |||
|
22 | 'load_default_certs') | |||
19 |
|
23 | |||
20 | def ssl_wrap_socket(sock, keyfile, certfile, cert_reqs=ssl.CERT_NONE, |
|
24 | def ssl_wrap_socket(sock, keyfile, certfile, cert_reqs=ssl.CERT_NONE, | |
21 | ca_certs=None, serverhostname=None): |
|
25 | ca_certs=None, serverhostname=None): | |
@@ -35,6 +39,8 b' try:' | |||||
35 | sslcontext.verify_mode = cert_reqs |
|
39 | sslcontext.verify_mode = cert_reqs | |
36 | if ca_certs is not None: |
|
40 | if ca_certs is not None: | |
37 | sslcontext.load_verify_locations(cafile=ca_certs) |
|
41 | sslcontext.load_verify_locations(cafile=ca_certs) | |
|
42 | elif _canloaddefaultcerts: | |||
|
43 | sslcontext.load_default_certs() | |||
38 |
|
44 | |||
39 | sslsocket = sslcontext.wrap_socket(sock, |
|
45 | sslsocket = sslcontext.wrap_socket(sock, | |
40 | server_hostname=serverhostname) |
|
46 | server_hostname=serverhostname) | |
@@ -130,10 +136,13 b' def _plainapplepython():' | |||||
130 | exe.startswith('/system/library/frameworks/python.framework/')) |
|
136 | exe.startswith('/system/library/frameworks/python.framework/')) | |
131 |
|
137 | |||
132 | def _defaultcacerts(): |
|
138 | def _defaultcacerts(): | |
|
139 | """return path to CA certificates; None for system's store; ! to disable""" | |||
133 | if _plainapplepython(): |
|
140 | if _plainapplepython(): | |
134 | dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem') |
|
141 | dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem') | |
135 | if os.path.exists(dummycert): |
|
142 | if os.path.exists(dummycert): | |
136 | return dummycert |
|
143 | return dummycert | |
|
144 | if _canloaddefaultcerts: | |||
|
145 | return None | |||
137 | return '!' |
|
146 | return '!' | |
138 |
|
147 | |||
139 | def sslkwargs(ui, host): |
|
148 | def sslkwargs(ui, host): |
General Comments 0
You need to be logged in to leave comments.
Login now