sslutil: require TLS 1.1+ when supported Currently, Mercurial will use TLS 1.0 or newer when connecting to remote servers, selecting the highest TLS version supported by both peers. On older Pythons, only TLS 1.0 is available. On newer Pythons, TLS 1.1 and 1.2 should be available. Security professionals recommend avoiding TLS 1.0 if possible. PCI DSS 3.1 "strongly encourages" the use of TLS 1.2. Known attacks like BEAST and POODLE exist against TLS 1.0 (although mitigations are available and properly configured servers aren't vulnerable). I asked Eric Rescorla - Mozilla's resident crypto expert - whether Mercurial should drop support for TLS 1.0. His response was "if you can get away with it." Essentially, a number of servers on the Internet don't support TLS 1.1+. This is why web browsers continue to support TLS 1.0 despite desires from security experts. This patch changes Mercurial's default behavior on modern Python versions to require TLS 1.1+, thus avoiding known security issues with TLS 1.0 and making Mercurial more secure by default. Rather than drop TLS 1.0 support wholesale, we still allow TLS 1.0 to be used if configured. This is a compromise solution - ideally we'd disallow TLS 1.0. However, since we're not sure how many Mercurial servers don't support TLS 1.1+ and we're not sure how much user inconvenience this change will bring, I think it is prudent to ship an escape hatch that still allows usage of TLS 1.0. In the default case our users get better security. In the worst case, they are no worse off than before this patch. This patch has no effect when running on Python versions that don't support TLS 1.1+. As the added test shows, connecting to a server that doesn't support TLS 1.1+ will display a warning message with a link to our wiki, where we can guide people to configure their client to allow less secure connections.

DOCUMENT_ROOT="/var/www/hg"; export DOCUMENT_ROOT
GATEWAY_INTERFACE="CGI/1.1"; export GATEWAY_INTERFACE
HTTP_ACCEPT="text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5"; export HTTP_ACCEPT
HTTP_ACCEPT_CHARSET="ISO-8859-1,utf-8;q=0.7,*;q=0.7"; export HTTP_ACCEPT_CHARSET
HTTP_ACCEPT_ENCODING="gzip,deflate"; export HTTP_ACCEPT_ENCODING
HTTP_ACCEPT_LANGUAGE="en-us,en;q=0.5"; export HTTP_ACCEPT_LANGUAGE
HTTP_CACHE_CONTROL="max-age=0"; export HTTP_CACHE_CONTROL
HTTP_CONNECTION="keep-alive"; export HTTP_CONNECTION
HTTP_HOST="hg.omnifarious.org"; export HTTP_HOST
HTTP_KEEP_ALIVE="300"; export HTTP_KEEP_ALIVE
HTTP_USER_AGENT="Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.0.4) Gecko/20060608 Ubuntu/dapper-security Firefox/1.5.0.4"; export HTTP_USER_AGENT
PATH_INFO="/"; export PATH_INFO
PATH_TRANSLATED="/var/www/hg/index.html"; export PATH_TRANSLATED
QUERY_STRING=""; export QUERY_STRING
REMOTE_ADDR="127.0.0.2"; export REMOTE_ADDR
REMOTE_PORT="44703"; export REMOTE_PORT
REQUEST_METHOD="GET"; export REQUEST_METHOD
REQUEST_URI="/test/"; export REQUEST_URI
SCRIPT_FILENAME="/home/hopper/hg_public/test.cgi"; export SCRIPT_FILENAME
SCRIPT_NAME="/test"; export SCRIPT_NAME
SCRIPT_URI="http://hg.omnifarious.org/test/"; export SCRIPT_URI
SCRIPT_URL="/test/"; export SCRIPT_URL
SERVER_ADDR="127.0.0.1"; export SERVER_ADDR
SERVER_ADMIN="eric@localhost"; export SERVER_ADMIN
SERVER_NAME="hg.omnifarious.org"; export SERVER_NAME
SERVER_PORT="80"; export SERVER_PORT
SERVER_PROTOCOL="HTTP/1.1"; export SERVER_PROTOCOL
SERVER_SIGNATURE="<address>Apache/2.0.53 (Fedora) Server at hg.omnifarious.org Port 80</address>"; export SERVER_SIGNATURE
SERVER_SOFTWARE="Apache/2.0.53 (Fedora)"; export SERVER_SOFTWARE