upstream/mercurial-mirror Commit - r13421:bd8bfa85

url: refactor BetterHTTPS.connect

Mads Kiilerich -

r13421:bd8bfa85 default

parent child

mercurial/url.py

0 +13 -15

                      send = keepalive.safesend
                      def connect(self):
+                         host = self.host
                          cacerts = self.ui.config('web', 'cacerts')
-                         if cacerts:
-                             cacerts = util.expandpath(cacerts)
+                         hostfingerprint = self.ui.config('hostfingerprints', host)
-                         hostfingerprint = self.ui.config('hostfingerprints', self.host)
                          if cacerts and not hostfingerprint:
                              sock = _create_connection((self.host, self.port))
-                             self.sock = _ssl_wrap_socket(sock, self.key_file,
+                             self.sock = _ssl_wrap_socket(self.sock, self.key_file,
-                                     self.cert_file, cert_reqs=CERT_REQUIRED,
-                                     ca_certs=cacerts)
-                             msg = _verifycert(self.sock.getpeercert(), self.host)
+                                 ca_certs=util.expandpath(cacerts))
+                             msg = _verifycert(self.sock.getpeercert(), host)
                              if msg:
                                  raise util.Abort(_('%s certificate error: %s '
                                                     '(use --insecure to connect '
-                                                    'insecurely)') % (self.host, msg))
-                             self.ui.debug('%s certificate successfully verified\n' %
-                                           self.host)
+                                                    'insecurely)') % (host, msg))
+                             self.ui.debug('%s certificate successfully verified\n' % host)
                          else:
                              httplib.HTTPSConnection.connect(self)
                              if hasattr(self.sock, 'getpeercert'):
                                              hostfingerprint.replace(':', '').lower():
                                          raise util.Abort(_('invalid certificate for %s '
                                                             'with fingerprint %s') %
-                                                          (self.host, nicefingerprint))
+                                                          (host, nicefingerprint))
                                      self.ui.debug('%s certificate matched fingerprint %s\n' %
-                                                   (self.host, nicefingerprint))
+                                                   (host, nicefingerprint))
                                  else:
                                      self.ui.warn(_('warning: %s certificate '
                                                     'with fingerprint %s not verified '
                                                     '(check hostfingerprints or web.cacerts '
                                                     'config setting)\n') %
-                                                  (self.host, nicefingerprint))
+                                                  (host, nicefingerprint))
                              else: # python 2.5 ?
                                  if hostfingerprint:
-                                     raise util.Abort(_('no certificate for %s '
-                                                        'with fingerprint') % self.host)
+                                     raise util.Abort(_('no certificate for %s with '
+                                                        'configured hostfingerprint') % host)
                                  self.ui.warn(_('warning: %s certificate not verified '
                                                 '(check web.cacerts config setting)\n') %
-                                              self.host)
+                                              host)
                  class httpsconnection(BetterHTTPS):
                      response_class = keepalive.HTTPResponse

General Comments 0

Write
Preview

You need to be logged in to leave comments. Login now

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages