Mercurial > hg
comparison mercurial/sslutil.py @ 29287:fbccb334efe7
sslutil: store flag for whether cert verification is disabled
This patch effectively moves the ui.insecureconnections check to
_hostsettings(). After this patch, validatesocket() no longer uses the
ui instance for anything except writing messages.
This patch also enables us to introduce a per-host config option
for disabling certificate verification.
| author | Gregory Szorc <gregory.szorc@gmail.com> |
|---|---|
| date | Mon, 30 May 2016 11:20:31 -0700 |
| parents | a05a91a3f120 |
| children | 7dee15dee53c |
comparison
equal
deleted
inserted
replaced
| 29286:a05a91a3f120 | 29287:fbccb334efe7 |
|---|---|
| 115 # List of 2-tuple of (hash algorithm, hash). | 115 # List of 2-tuple of (hash algorithm, hash). |
| 116 'certfingerprints': [], | 116 'certfingerprints': [], |
| 117 # Path to file containing concatenated CA certs. Used by | 117 # Path to file containing concatenated CA certs. Used by |
| 118 # SSLContext.load_verify_locations(). | 118 # SSLContext.load_verify_locations(). |
| 119 'cafile': None, | 119 'cafile': None, |
| 120 # Whether certificate verification should be disabled. | |
| 121 'disablecertverification': False, | |
| 120 # Whether the legacy [hostfingerprints] section has data for this host. | 122 # Whether the legacy [hostfingerprints] section has data for this host. |
| 121 'legacyfingerprint': False, | 123 'legacyfingerprint': False, |
| 122 # ssl.CERT_* constant used by SSLContext.verify_mode. | 124 # ssl.CERT_* constant used by SSLContext.verify_mode. |
| 123 'verifymode': None, | 125 'verifymode': None, |
| 124 } | 126 } |
| 149 if s['certfingerprints']: | 151 if s['certfingerprints']: |
| 150 s['verifymode'] = ssl.CERT_NONE | 152 s['verifymode'] = ssl.CERT_NONE |
| 151 | 153 |
| 152 # If --insecure is used, don't take CAs into consideration. | 154 # If --insecure is used, don't take CAs into consideration. |
| 153 elif ui.insecureconnections: | 155 elif ui.insecureconnections: |
| 156 s['disablecertverification'] = True | |
| 154 s['verifymode'] = ssl.CERT_NONE | 157 s['verifymode'] = ssl.CERT_NONE |
| 155 | 158 |
| 156 # Try to hook up CA certificate validation unless something above | 159 # Try to hook up CA certificate validation unless something above |
| 157 # makes it not necessary. | 160 # makes it not necessary. |
| 158 if s['verifymode'] is None: | 161 if s['verifymode'] is None: |
| 370 hint=_('check %s configuration') % section) | 373 hint=_('check %s configuration') % section) |
| 371 ui.debug('%s certificate matched fingerprint %s\n' % | 374 ui.debug('%s certificate matched fingerprint %s\n' % |
| 372 (host, nicefingerprint)) | 375 (host, nicefingerprint)) |
| 373 return | 376 return |
| 374 | 377 |
| 375 # If insecure connections were explicitly requested via --insecure, | 378 # If insecure connections were explicitly requested, print a warning |
| 376 # print a warning and do no verification. | 379 # and do no verification. |
| 377 # | 380 # |
| 378 # It may seem odd that this is checked *after* host fingerprint pinning. | 381 # It may seem odd that this is checked *after* host fingerprint pinning. |
| 379 # This is for backwards compatibility (for now). The message is also | 382 # This is for backwards compatibility (for now). The message is also |
| 380 # the same as below for BC. | 383 # the same as below for BC. |
| 381 if ui.insecureconnections: | 384 if settings['disablecertverification']: |
| 382 ui.warn(_('warning: %s certificate with fingerprint %s not ' | 385 ui.warn(_('warning: %s certificate with fingerprint %s not ' |
| 383 'verified (check %s or web.cacerts ' | 386 'verified (check %s or web.cacerts ' |
| 384 'config setting)\n') % | 387 'config setting)\n') % |
| 385 (host, nicefingerprint, section)) | 388 (host, nicefingerprint, section)) |
| 386 return | 389 return |