Mercurial > hg
comparison mercurial/sslutil.py @ 37084:f0b6fbea00cf
stringutil: bulk-replace call sites to point to new module
This might conflict with other patches floating around, sorry.
author | Yuya Nishihara <yuya@tcha.org> |
---|---|
date | Thu, 22 Mar 2018 21:56:20 +0900 |
parents | 4c71a26a4009 |
children | a8a902d7176e |
comparison
equal
deleted
inserted
replaced
37083:f99d64e8a4e4 | 37084:f0b6fbea00cf |
---|---|
18 from . import ( | 18 from . import ( |
19 error, | 19 error, |
20 node, | 20 node, |
21 pycompat, | 21 pycompat, |
22 util, | 22 util, |
23 ) | |
24 from .utils import ( | |
25 stringutil, | |
23 ) | 26 ) |
24 | 27 |
25 # Python 2.7.9+ overhauled the built-in SSL/TLS features of Python. It added | 28 # Python 2.7.9+ overhauled the built-in SSL/TLS features of Python. It added |
26 # support for TLS 1.1, TLS 1.2, SNI, system CA stores, etc. These features are | 29 # support for TLS 1.1, TLS 1.2, SNI, system CA stores, etc. These features are |
27 # all exposed via the "ssl" module. | 30 # all exposed via the "ssl" module. |
372 if settings['ciphers']: | 375 if settings['ciphers']: |
373 try: | 376 try: |
374 sslcontext.set_ciphers(pycompat.sysstr(settings['ciphers'])) | 377 sslcontext.set_ciphers(pycompat.sysstr(settings['ciphers'])) |
375 except ssl.SSLError as e: | 378 except ssl.SSLError as e: |
376 raise error.Abort( | 379 raise error.Abort( |
377 _('could not set ciphers: %s') % util.forcebytestr(e.args[0]), | 380 _('could not set ciphers: %s') |
381 % stringutil.forcebytestr(e.args[0]), | |
378 hint=_('change cipher string (%s) in config') % | 382 hint=_('change cipher string (%s) in config') % |
379 settings['ciphers']) | 383 settings['ciphers']) |
380 | 384 |
381 if certfile is not None: | 385 if certfile is not None: |
382 def password(): | 386 def password(): |
391 if len(e.args) == 1: # pypy has different SSLError args | 395 if len(e.args) == 1: # pypy has different SSLError args |
392 msg = e.args[0] | 396 msg = e.args[0] |
393 else: | 397 else: |
394 msg = e.args[1] | 398 msg = e.args[1] |
395 raise error.Abort(_('error loading CA file %s: %s') % ( | 399 raise error.Abort(_('error loading CA file %s: %s') % ( |
396 settings['cafile'], util.forcebytestr(msg)), | 400 settings['cafile'], stringutil.forcebytestr(msg)), |
397 hint=_('file is empty or malformed?')) | 401 hint=_('file is empty or malformed?')) |
398 caloaded = True | 402 caloaded = True |
399 elif settings['allowloaddefaultcerts']: | 403 elif settings['allowloaddefaultcerts']: |
400 # This is a no-op on old Python. | 404 # This is a no-op on old Python. |
401 sslcontext.load_default_certs() | 405 sslcontext.load_default_certs() |
640 if key == 'DNS': | 644 if key == 'DNS': |
641 try: | 645 try: |
642 if _dnsnamematch(value, hostname): | 646 if _dnsnamematch(value, hostname): |
643 return | 647 return |
644 except wildcarderror as e: | 648 except wildcarderror as e: |
645 return util.forcebytestr(e.args[0]) | 649 return stringutil.forcebytestr(e.args[0]) |
646 | 650 |
647 dnsnames.append(value) | 651 dnsnames.append(value) |
648 | 652 |
649 if not dnsnames: | 653 if not dnsnames: |
650 # The subject is only checked when there is no DNS in subjectAltName. | 654 # The subject is only checked when there is no DNS in subjectAltName. |
661 | 665 |
662 try: | 666 try: |
663 if _dnsnamematch(value, hostname): | 667 if _dnsnamematch(value, hostname): |
664 return | 668 return |
665 except wildcarderror as e: | 669 except wildcarderror as e: |
666 return util.forcebytestr(e.args[0]) | 670 return stringutil.forcebytestr(e.args[0]) |
667 | 671 |
668 dnsnames.append(value) | 672 dnsnames.append(value) |
669 | 673 |
670 if len(dnsnames) > 1: | 674 if len(dnsnames) > 1: |
671 return _('certificate is for %s') % ', '.join(dnsnames) | 675 return _('certificate is for %s') % ', '.join(dnsnames) |