upstream/mercurial-mirror Commit - r30228:b9f7b0c1

sslutil: guard against broken certifi installations (issue5406)...

Gábor Stefanik -

r30228:b9f7b0c1 stable

parent child

mercurial/sslutil.py

0 +6 -5

                 We don't print a message when the Python is able to load default
                 CA certs because this scenario is detected at socket connect time.
                 """
-                # The "certifi" Python package provides certificates. If it is installed,
+                # The "certifi" Python package provides certificates. If it is installed
-                # assume the user intends it to be used and use it.
+                # and usable, assume the user intends it to be used and use it.
                 try:
                     import certifi
                     certs = certifi.where()
-                    ui.debug('using ca certificates from certifi\n')
+                    if os.path.exists(certs):
-                    return certs
+                        ui.debug('using ca certificates from certifi\n')
-                except ImportError:
+                        return certs
+                except (ImportError, AttributeError):
                     pass
                 # On Windows, only the modern ssl module is capable of loading the system

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages