Mercurial > hg
comparison mercurial/url.py @ 13328:a939f08fae9c stable
url: add --insecure option to bypass verification of ssl certificates
If --insecure specified, it behaves in the same way as no web.cacerts
configured.
Also shows hint for --insecure option when _verifycert() failed. But currently
the hint isn't displayed on SSLError, because it needs a certain level of
changes.
| author | Yuya Nishihara <yuya@tcha.org> |
|---|---|
| date | Sat, 29 Jan 2011 23:23:24 +0900 |
| parents | 8dc488dfcdb4 |
| children | 4e92ad05fe18 |
comparison
equal
deleted
inserted
replaced
| 13322:c19b9282d3a7 | 13328:a939f08fae9c |
|---|---|
| 539 self.sock = _ssl_wrap_socket(sock, self.key_file, | 539 self.sock = _ssl_wrap_socket(sock, self.key_file, |
| 540 self.cert_file, cert_reqs=CERT_REQUIRED, | 540 self.cert_file, cert_reqs=CERT_REQUIRED, |
| 541 ca_certs=cacerts) | 541 ca_certs=cacerts) |
| 542 msg = _verifycert(self.sock.getpeercert(), self.host) | 542 msg = _verifycert(self.sock.getpeercert(), self.host) |
| 543 if msg: | 543 if msg: |
| 544 raise util.Abort(_('%s certificate error: %s') % | 544 raise util.Abort(_('%s certificate error: %s ' |
| 545 (self.host, msg)) | 545 '(use --insecure to connect ' |
| 546 'insecurely)') % (self.host, msg)) | |
| 546 self.ui.debug('%s certificate successfully verified\n' % | 547 self.ui.debug('%s certificate successfully verified\n' % |
| 547 self.host) | 548 self.host) |
| 548 else: | 549 else: |
| 549 httplib.HTTPSConnection.connect(self) | 550 httplib.HTTPSConnection.connect(self) |
| 550 if hasattr(self.sock, 'getpeercert'): | 551 if hasattr(self.sock, 'getpeercert'): |