Mercurial > hg

diff mercurial/url.py @ 13163:2fa2e6444645 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
https: warn when server certificate isn't verified Mercurial will verify HTTPS server certificates if web.cacerts is configured, but it will by default silently not verify any certificates. We now warn the user that when the certificate isn't verified she won't get the security she might expect from https: warning: localhost certificate not verified (check web.cacerts config setting) Self-signed certificates can be accepted silently by configuring web.cacerts to point to a suitable certificate file.
author Mads Kiilerich <mads@kiilerich.com>
date Sat, 18 Dec 2010 21:58:52 +0100
parents ae163a0a3cd0
children b75fc70f0a9f f9d29777b4eb
line wrap: on
line diff
--- a/mercurial/url.py	Mon Dec 06 22:04:10 2010 -0600
+++ b/mercurial/url.py	Sat Dec 18 21:58:52 2010 +0100
@@ -527,6 +527,9 @@
                 self.ui.debug('%s certificate successfully verified\n' %
                               self.host)
             else:
+                self.ui.warn(_("warning: %s certificate not verified "
+                               "(check web.cacerts config setting)\n") % 
+                             self.host)
                 httplib.HTTPSConnection.connect(self)
 
     class httpsconnection(BetterHTTPS):