Mercurial > hg-stable
changeset 29291:15e533b7909c
sslutil: refactor code for fingerprint matching
We didn't need to use a temporary variable to indicate success because
we just return anyway.
This refactor makes the code simpler. While we're here, we also call
into formatfingerprint() to ensure the fingerprint from the proper
hashing algorithm is logged.
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Mon, 30 May 2016 15:43:03 -0700 |
parents | 01248c37a68e |
children | bc5f55493397 |
files | mercurial/sslutil.py |
diffstat | 1 files changed, 7 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/mercurial/sslutil.py Mon May 30 15:42:39 2016 -0700 +++ b/mercurial/sslutil.py Mon May 30 15:43:03 2016 -0700 @@ -386,18 +386,15 @@ section = 'hostsecurity' if settings['certfingerprints']: - fingerprintmatch = False for hash, fingerprint in settings['certfingerprints']: if peerfingerprints[hash].lower() == fingerprint: - fingerprintmatch = True - break - if not fingerprintmatch: - raise error.Abort(_('certificate for %s has unexpected ' - 'fingerprint %s') % (host, legacyfingerprint), - hint=_('check %s configuration') % section) - ui.debug('%s certificate matched fingerprint %s\n' % - (host, legacyfingerprint)) - return + ui.debug('%s certificate matched fingerprint %s:%s\n' % + (host, hash, fmtfingerprint(fingerprint))) + return + + raise error.Abort(_('certificate for %s has unexpected ' + 'fingerprint %s') % (host, legacyfingerprint), + hint=_('check %s configuration') % section) if not sock._hgstate['caloaded']: ui.warn(_('warning: %s certificate with fingerprint %s '