--- a/mercurial/sslutil.py Thu Mar 09 19:59:52 2017 -0800
+++ b/mercurial/sslutil.py Thu Mar 09 20:33:29 2017 -0800
@@ -815,6 +815,16 @@
if peerfingerprints[hash].lower() == fingerprint:
ui.debug('%s certificate matched fingerprint %s:%s\n' %
(host, hash, fmtfingerprint(fingerprint)))
+ if settings['legacyfingerprint']:
+ ui.warn(_('(SHA-1 fingerprint for %s found in legacy '
+ '[hostfingerprints] section; '
+ 'if you trust this fingerprint, set the '
+ 'following config value in [hostsecurity] and '
+ 'remove the old one from [hostfingerprints] '
+ 'to upgrade to a more secure SHA-256 '
+ 'fingerprint: '
+ '%s.fingerprints=%s)\n') % (
+ host, host, nicefingerprint))
return
# Pinned fingerprint didn't match. This is a fatal error.