Mercurial > hg

diff mercurial/sslutil.py @ 29291:15e533b7909c
sslutil: refactor code for fingerprint matching We didn't need to use a temporary variable to indicate success because we just return anyway. This refactor makes the code simpler. While we're here, we also call into formatfingerprint() to ensure the fingerprint from the proper hashing algorithm is logged.
author: Gregory Szorc <gregory.szorc@gmail.com>
date: Mon, 30 May 2016 15:43:03 -0700
parents: 01248c37a68e
children: bc5f55493397
--- a/mercurial/sslutil.py	Mon May 30 15:42:39 2016 -0700
+++ b/mercurial/sslutil.py	Mon May 30 15:43:03 2016 -0700
@@ -386,18 +386,15 @@
         section = 'hostsecurity'
 
     if settings['certfingerprints']:
-        fingerprintmatch = False
         for hash, fingerprint in settings['certfingerprints']:
             if peerfingerprints[hash].lower() == fingerprint:
-                fingerprintmatch = True
-                break
-        if not fingerprintmatch:
-            raise error.Abort(_('certificate for %s has unexpected '
-                               'fingerprint %s') % (host, legacyfingerprint),
-                              hint=_('check %s configuration') % section)
-        ui.debug('%s certificate matched fingerprint %s\n' %
-                 (host, legacyfingerprint))
-        return
+                ui.debug('%s certificate matched fingerprint %s:%s\n' %
+                         (host, hash, fmtfingerprint(fingerprint)))
+                return
+
+        raise error.Abort(_('certificate for %s has unexpected '
+                            'fingerprint %s') % (host, legacyfingerprint),
+                          hint=_('check %s configuration') % section)
 
     if not sock._hgstate['caloaded']:
         ui.warn(_('warning: %s certificate with fingerprint %s '
author	Gregory Szorc <gregory.szorc@gmail.com>
date	Mon, 30 May 2016 15:43:03 -0700
parents	01248c37a68e
children	bc5f55493397