Mercurial Mercurial > hg / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mercurial/sslutil.py
changeset 28648 7fc787e5d8ec
parent 28647 834d1c4ba749
child 28649 7acab42ef184
equal deleted inserted replaced
28647:834d1c4ba749 28648:7fc787e5d8ec 
    26 # Depending on the version of Python being used, SSL/TLS support is either
 
    26 # Depending on the version of Python being used, SSL/TLS support is either
 
    27 # modern/secure or legacy/insecure. Many operations in this module have
 
    27 # modern/secure or legacy/insecure. Many operations in this module have
 
    28 # separate code paths depending on support in Python.
 
    28 # separate code paths depending on support in Python.
 
    29 
    29 
    30 hassni = getattr(ssl, 'HAS_SNI', False)
 
    30 hassni = getattr(ssl, 'HAS_SNI', False)
 
       
    31 
       
    32 try:
 
       
    33     OP_NO_SSLv2 = ssl.OP_NO_SSLv2
 
       
    34     OP_NO_SSLv3 = ssl.OP_NO_SSLv3
 
       
    35 except AttributeError:
 
       
    36     OP_NO_SSLv2 = 0x1000000
 
       
    37     OP_NO_SSLv3 = 0x2000000
 
    31 
    38 
    32 _canloaddefaultcerts = False
 
    39 _canloaddefaultcerts = False
 
    33 try:
 
    40 try:
 
    34     # ssl.SSLContext was added in 2.7.9 and presence indicates modern
 
    41     # ssl.SSLContext was added in 2.7.9 and presence indicates modern
 
    35     # SSL/TLS features are available.
 
    42     # SSL/TLS features are available.
 
    46         # up a bunch of things in smart ways (strong ciphers,
 
    53         # up a bunch of things in smart ways (strong ciphers,
 
    47         # protocol versions, etc) and is upgraded by Python
 
    54         # protocol versions, etc) and is upgraded by Python
 
    48         # maintainers for us, but that breaks too many things to
 
    55         # maintainers for us, but that breaks too many things to
 
    49         # do it in a hurry.
 
    56         # do it in a hurry.
 
    50         sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
 
    57         sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
 
    51         sslcontext.options |= ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3
 
    58         sslcontext.options |= OP_NO_SSLv2 | OP_NO_SSLv3
 
    52         if certfile is not None:
 
    59         if certfile is not None:
 
    53             def password():
 
    60             def password():
 
    54                 f = keyfile or certfile
 
    61                 f = keyfile or certfile
 
    55                 return ui.getpass(_('passphrase for %s: ') % f, '')
 
    62                 return ui.getpass(_('passphrase for %s: ') % f, '')
 
    56             sslcontext.load_cert_chain(certfile, keyfile, password)
 
    63             sslcontext.load_cert_chain(certfile, keyfile, password)
Mercurial