Show More
| @@ -7,7 +7,9 b'' | |||||
| 7 | == Backwards Compatibility Changes == |
|
7 | == Backwards Compatibility Changes == | |
| 8 |
|
8 | |||
| 9 | * Mercurial now requires at least Python 2.7.9 or a Python version that |
|
9 | * Mercurial now requires at least Python 2.7.9 or a Python version that | |
| 10 |
backported modern SSL/TLS features (as defined in PEP 466) |
|
10 | backported modern SSL/TLS features (as defined in PEP 466), and that Python | |
|
|
11 | was compiled against a OpenSSL version supporting TLS 1.1 or TLS 1.2 | |||
|
|
12 | (likely this requires the OpenSSL version to be at least 1.0.1). | |||
| 11 |
|
13 | |||
| 12 |
|
14 | |||
| 13 | == Internal API Changes == |
|
15 | == Internal API Changes == | |
| @@ -98,6 +98,28 b' features.' | |||||
| 98 | printf(error, file=sys.stderr) |
|
98 | printf(error, file=sys.stderr) | |
| 99 | sys.exit(1) |
|
99 | sys.exit(1) | |
| 100 |
|
100 | |||
|
|
101 | # ssl.HAS_TLSv1* are preferred to check support but they were added in Python | |||
|
|
102 | # 3.7. Prior to CPython commit 6e8cda91d92da72800d891b2fc2073ecbc134d98 | |||
|
|
103 | # (backported to the 3.7 branch), ssl.PROTOCOL_TLSv1_1 / ssl.PROTOCOL_TLSv1_2 | |||
|
|
104 | # were defined only if compiled against a OpenSSL version with TLS 1.1 / 1.2 | |||
|
|
105 | # support. At the mentioned commit, they were unconditionally defined. | |||
|
|
106 | _notset = object() | |||
|
|
107 | has_tlsv1_1 = getattr(ssl, 'HAS_TLSv1_1', _notset) | |||
|
|
108 | if has_tlsv1_1 is _notset: | |||
|
|
109 | has_tlsv1_1 = getattr(ssl, 'PROTOCOL_TLSv1_1', _notset) is not _notset | |||
|
|
110 | has_tlsv1_2 = getattr(ssl, 'HAS_TLSv1_2', _notset) | |||
|
|
111 | if has_tlsv1_2 is _notset: | |||
|
|
112 | has_tlsv1_2 = getattr(ssl, 'PROTOCOL_TLSv1_2', _notset) is not _notset | |||
|
|
113 | if not (has_tlsv1_1 or has_tlsv1_2): | |||
|
|
114 | error = """ | |||
|
|
115 | The `ssl` module does not advertise support for TLS 1.1 or TLS 1.2. | |||
|
|
116 | Please make sure that your Python installation was compiled against an OpenSSL | |||
|
|
117 | version enabling these features (likely this requires the OpenSSL version to | |||
|
|
118 | be at least 1.0.1). | |||
|
|
119 | """ | |||
|
|
120 | printf(error, file=sys.stderr) | |||
|
|
121 | sys.exit(1) | |||
|
|
122 | ||||
| 101 | if sys.version_info[0] >= 3: |
|
123 | if sys.version_info[0] >= 3: | |
| 102 | DYLIB_SUFFIX = sysconfig.get_config_vars()['EXT_SUFFIX'] |
|
124 | DYLIB_SUFFIX = sysconfig.get_config_vars()['EXT_SUFFIX'] | |
| 103 | else: |
|
125 | else: | |
General Comments 0
You need to be logged in to leave comments.
Login now