Mercurial > hg
comparison mercurial/url.py @ 25415:21b536f01eda
ssl: prompt passphrase of client key file via ui.getpass() (issue4648)
This is necessary to communicate with third-party tools through command-server
channel. This requires SSLContext backported to Python 2.7.9+.
It doesn't look nice to pass ui by sslkwargs, but I think it is the only way
to do without touching various client codes including httpclient (aka http2).
ui is mandatory if certfile is specified, so it has no default value.
BTW, test-check-commit-hg.t complains that ssl_wrap_socket() has foo_bar
naming. Should I bulk-replace it to sslwrapsocket() ?
| author | Yuya Nishihara <yuya@tcha.org> |
|---|---|
| date | Thu, 07 May 2015 17:15:24 +0900 |
| parents | f7ccbc2776b7 |
| children | 9d1c61715939 |
comparison
equal
deleted
inserted
replaced
| 25414:f7ccbc2776b7 | 25415:21b536f01eda |
|---|---|
| 173 if has_https and self.realhostport: # use CONNECT proxy | 173 if has_https and self.realhostport: # use CONNECT proxy |
| 174 self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) | 174 self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
| 175 self.sock.connect((self.host, self.port)) | 175 self.sock.connect((self.host, self.port)) |
| 176 if _generic_proxytunnel(self): | 176 if _generic_proxytunnel(self): |
| 177 # we do not support client X.509 certificates | 177 # we do not support client X.509 certificates |
| 178 self.sock = sslutil.ssl_wrap_socket(self.sock, None, None, | 178 self.sock = sslutil.ssl_wrap_socket(self.sock, None, None, None, |
| 179 serverhostname=self.host) | 179 serverhostname=self.host) |
| 180 else: | 180 else: |
| 181 keepalive.HTTPConnection.connect(self) | 181 keepalive.HTTPConnection.connect(self) |
| 182 | 182 |
| 183 def getresponse(self): | 183 def getresponse(self): |