Mercurial > hg-stable

changeset 18887:2d7fac049d3a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslutil: abort if peer certificate is not verified for secure use Before this patch, "sslutil.validator" may returns successfully, even if peer certificate is not verified because there is no information in "[hostfingerprints]" and "[web] cacerts". To prevent from sending authentication credential to untrustable SMTP server, validation should be aborted if peer certificate is not verified. This patch introduces "strict" optional argument, and "sslutil.validator" will abort if it is True and peer certificate is not verified.
author FUJIWARA Katsunori <foozy@lares.dti.ne.jp>
date Tue, 26 Mar 2013 02:28:10 +0900
parents 14a60a0f7122
children 19d489404d79
files mercurial/sslutil.py
diffstat 1 files changed, 9 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/mercurial/sslutil.py	Tue Mar 26 02:27:43 2013 +0900
+++ b/mercurial/sslutil.py	Tue Mar 26 02:28:10 2013 +0900
@@ -99,7 +99,7 @@
         self.ui = ui
         self.host = host
 
-    def __call__(self, sock):
+    def __call__(self, sock, strict=False):
         host = self.host
         cacerts = self.ui.config('web', 'cacerts')
         hostfingerprint = self.ui.config('hostfingerprints', host)
@@ -107,6 +107,9 @@
             if hostfingerprint:
                 raise util.Abort(_("host fingerprint for %s can't be "
                                    "verified (Python too old)") % host)
+            if strict:
+                raise util.Abort(_("certificate for %s can't be verified "
+                                   "(Python too old)") % host)
             if self.ui.configbool('ui', 'reportoldssl', True):
                 self.ui.warn(_("warning: certificate for %s can't be verified "
                                "(Python too old)\n") % host)
@@ -142,6 +145,11 @@
                                         '--insecure to connect insecurely') %
                                       nicefingerprint)
             self.ui.debug('%s certificate successfully verified\n' % host)
+        elif strict:
+            raise util.Abort(_('%s certificate with fingerprint %s not '
+                               'verified') % (host, nicefingerprint),
+                             hint=_('check hostfingerprints or web.cacerts '
+                                     'config setting'))
         else:
             self.ui.warn(_('warning: %s certificate with fingerprint %s not '
                            'verified (check hostfingerprints or web.cacerts '