comparison mercurial/exchange.py @ 29447:13edc11eb7b7

sslutil: don't load default certificates when they aren't relevant Before, we would call SSLContext.load_default_certs() when certificate verification wasn't being used. Since SSLContext.verify_mode == ssl.CERT_NONE, this would ideally no-op. However, there is a slim chance the loading of system certs could cause a failure. Furthermore, this behavior interfered with a future patch that aims to provide a more helpful error message when we're unable to load CAs. The lack of test fallout is hopefully a sign that our security code and tests are in a relatively good state.
author Gregory Szorc <gregory.szorc@gmail.com>
date Wed, 29 Jun 2016 19:38:24 -0700
parents 98e8313dcd9e
children 2db085d5f5a2 b8f9cdca8807
comparison
equal deleted inserted replaced
29446:2f7f1e10f840 29447:13edc11eb7b7