Mercurial Mercurial > hg / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/sslutil.py
changeset 29293 1b3a0b0c414f
parent 29292 bc5f55493397
child 29334 ecc9b788fd69
equal deleted inserted replaced
29292:bc5f55493397 29293:1b3a0b0c414f 
   375     }
 
   375     }
 
   376 
   376 
   377     def fmtfingerprint(s):
 
   377     def fmtfingerprint(s):
 
   378         return ':'.join([s[x:x + 2] for x in range(0, len(s), 2)])
 
   378         return ':'.join([s[x:x + 2] for x in range(0, len(s), 2)])
 
   379 
   379 
   380     legacyfingerprint = fmtfingerprint(peerfingerprints['sha1'])
 
       
   381     nicefingerprint = 'sha256:%s' % fmtfingerprint(peerfingerprints['sha256'])
 
   380     nicefingerprint = 'sha256:%s' % fmtfingerprint(peerfingerprints['sha256'])
 
   382 
       
   383     if settings['legacyfingerprint']:
 
       
   384         section = 'hostfingerprint'
 
       
   385     else:
 
       
   386         section = 'hostsecurity'
 
       
   387 
   381 
   388     if settings['certfingerprints']:
 
   382     if settings['certfingerprints']:
 
   389         for hash, fingerprint in settings['certfingerprints']:
 
   383         for hash, fingerprint in settings['certfingerprints']:
 
   390             if peerfingerprints[hash].lower() == fingerprint:
 
   384             if peerfingerprints[hash].lower() == fingerprint:
 
   391                 ui.debug('%s certificate matched fingerprint %s:%s\n' %
 
   385                 ui.debug('%s certificate matched fingerprint %s:%s\n' %
 
   392                          (host, hash, fmtfingerprint(fingerprint)))
 
   386                          (host, hash, fmtfingerprint(fingerprint)))
 
   393                 return
 
   387                 return
 
   394 
   388 
       
   389         # Pinned fingerprint didn't match. This is a fatal error.
 
       
   390         if settings['legacyfingerprint']:
 
       
   391             section = 'hostfingerprint'
 
       
   392             nice = fmtfingerprint(peerfingerprints['sha1'])
 
       
   393         else:
 
       
   394             section = 'hostsecurity'
 
       
   395             nice = '%s:%s' % (hash, fmtfingerprint(peerfingerprints[hash]))
 
   395         raise error.Abort(_('certificate for %s has unexpected '
 
   396         raise error.Abort(_('certificate for %s has unexpected '
 
   396                             'fingerprint %s') % (host, legacyfingerprint),
 
   397                             'fingerprint %s') % (host, nice),
 
   397                           hint=_('check %s configuration') % section)
 
   398                           hint=_('check %s configuration') % section)
 
   398 
   399 
   399     if not sock._hgstate['caloaded']:
 
   400     if not sock._hgstate['caloaded']:
 
   400         ui.warn(_('warning: certificate for %s not verified '
 
   401         ui.warn(_('warning: certificate for %s not verified '
 
   401                   '(set hostsecurity.%s:certfingerprints=%s or web.cacerts '
 
   402                   '(set hostsecurity.%s:certfingerprints=%s or web.cacerts '
Mercurial