Mercurial > hg
comparison mercurial/sslutil.py @ 15816:4bb59919c905
sslutil: work around validator crash getting certificate on failed sockets
The previous workaround for correct handling of wrapping of failing connections
might be enough to prevent this from happening, but the check here makes this
function more robust.
| author | Mads Kiilerich <mads@kiilerich.com> |
|---|---|
| date | Mon, 09 Jan 2012 14:43:25 +0100 |
| parents | edc3a901a63d |
| children | 8f377751b510 |
comparison
equal
deleted
inserted
replaced
| 15815:edc3a901a63d | 15816:4bb59919c905 |
|---|---|
| 108 raise util.Abort(_("host fingerprint for %s can't be " | 108 raise util.Abort(_("host fingerprint for %s can't be " |
| 109 "verified (Python too old)") % host) | 109 "verified (Python too old)") % host) |
| 110 self.ui.warn(_("warning: certificate for %s can't be verified " | 110 self.ui.warn(_("warning: certificate for %s can't be verified " |
| 111 "(Python too old)\n") % host) | 111 "(Python too old)\n") % host) |
| 112 return | 112 return |
| 113 if not sock.cipher(): # work around http://bugs.python.org/issue13721 | |
| 114 raise util.Abort(_('%s ssl connection error') % host) | |
| 113 peercert = sock.getpeercert(True) | 115 peercert = sock.getpeercert(True) |
| 114 peerfingerprint = util.sha1(peercert).hexdigest() | 116 peerfingerprint = util.sha1(peercert).hexdigest() |
| 115 nicefingerprint = ":".join([peerfingerprint[x:x + 2] | 117 nicefingerprint = ":".join([peerfingerprint[x:x + 2] |
| 116 for x in xrange(0, len(peerfingerprint), 2)]) | 118 for x in xrange(0, len(peerfingerprint), 2)]) |
| 117 if hostfingerprint: | 119 if hostfingerprint: |