##// END OF EJS Templates
sslutil: more robustly detect protocol support...
sslutil: more robustly detect protocol support The Python ssl module conditionally sets the TLS 1.1 and TLS 1.2 constants depending on whether HAVE_TLSv1_2 is defined. Yes, these are both tied to the same constant (I would think there would be separate constants for each version). Perhaps support for TLS 1.1 and 1.2 were added at the same time and the assumption is that OpenSSL either has neither or both. I don't know. As part of developing this patch, it was discovered that Apple's /usr/bin/python2.7 does not support TLS 1.1 and 1.2 (only TLS 1.0)! On OS X 10.11, Apple Python has the modern ssl module including SSLContext, but it doesn't appear to negotiate TLS 1.1+ nor does it expose the constants related to TLS 1.1+. Since this code is doing more robust feature detection (and not assuming modern ssl implies TLS 1.1+ support), we now get TLS 1.0 warnings when running on Apple Python. Hence the test changes. I'm not super thrilled about shipping a Mercurial that always whines about TLS 1.0 on OS X. We may want a follow-up patch to suppress this warning.

File last commit:

r29550:1c22400d default
r29601:6cff2ac0 default
Show More
check-py3-compat.py
96 lines | 3.2 KiB | text/x-python | PythonLexer
#!/usr/bin/env python
#
# check-py3-compat - check Python 3 compatibility of Mercurial files
#
# Copyright 2015 Gregory Szorc <gregory.szorc@gmail.com>
#
# This software may be used and distributed according to the terms of the
# GNU General Public License version 2 or any later version.
from __future__ import absolute_import, print_function
import ast
import imp
import os
import sys
import traceback
def check_compat_py2(f):
"""Check Python 3 compatibility for a file with Python 2"""
with open(f, 'rb') as fh:
content = fh.read()
root = ast.parse(content)
# Ignore empty files.
if not root.body:
return
futures = set()
haveprint = False
for node in ast.walk(root):
if isinstance(node, ast.ImportFrom):
if node.module == '__future__':
futures |= set(n.name for n in node.names)
elif isinstance(node, ast.Print):
haveprint = True
if 'absolute_import' not in futures:
print('%s not using absolute_import' % f)
if haveprint and 'print_function' not in futures:
print('%s requires print_function' % f)
def check_compat_py3(f):
"""Check Python 3 compatibility of a file with Python 3."""
with open(f, 'rb') as fh:
content = fh.read()
try:
ast.parse(content)
except SyntaxError as e:
print('%s: invalid syntax: %s' % (f, e))
return
# Try to import the module.
# For now we only support mercurial.* and hgext.* modules because figuring
# out module paths for things not in a package can be confusing.
if f.startswith(('hgext/', 'mercurial/')) and not f.endswith('__init__.py'):
assert f.endswith('.py')
name = f.replace('/', '.')[:-3]
with open(f, 'r') as fh:
try:
imp.load_module(name, fh, '', ('py', 'r', imp.PY_SOURCE))
except Exception as e:
exc_type, exc_value, tb = sys.exc_info()
# We walk the stack and ignore frames from our custom importer,
# import mechanisms, and stdlib modules. This kinda/sorta
# emulates CPython behavior in import.c while also attempting
# to pin blame on a Mercurial file.
for frame in reversed(traceback.extract_tb(tb)):
if frame.name == '_call_with_frames_removed':
continue
if 'importlib' in frame.filename:
continue
if 'mercurial/__init__.py' in frame.filename:
continue
if frame.filename.startswith(sys.prefix):
continue
break
if frame.filename:
filename = os.path.basename(frame.filename)
print('%s: error importing: <%s> %s (error at %s:%d)' % (
f, type(e).__name__, e, filename, frame.lineno))
else:
print('%s: error importing module: <%s> %s (line %d)' % (
f, type(e).__name__, e, frame.lineno))
if __name__ == '__main__':
if sys.version_info[0] == 2:
fn = check_compat_py2
else:
fn = check_compat_py3
for f in sys.argv[1:]:
fn(f)
sys.exit(0)