Mon, 01 Jun 2020 15:22:31 +0200 |
Manuel Jacob |
sslutil: fix comment to use inclusive or instead of exclusive or
|
Mon, 01 Jun 2020 14:34:22 +0200 |
Manuel Jacob |
sslutil: propagate return value ssl.PROTOCOL_SSLv23 from protocolsettings()
|
Mon, 01 Jun 2020 14:20:13 +0200 |
Manuel Jacob |
sslutil: stop storing protocol and options for SSLContext in settings dict
|
Mon, 01 Jun 2020 14:07:06 +0200 |
Manuel Jacob |
sslutil: rename 'minimumprotocolui' -> 'minimumprotocol'
|
Mon, 01 Jun 2020 03:51:54 +0200 |
Manuel Jacob |
sslutil: properly detect which TLS versions are supported by the ssl module
|
Sun, 31 May 2020 22:31:49 +0200 |
Manuel Jacob |
sslutil: remove dead code (that failed if only TLS 1.0 is available)
|
Sun, 31 May 2020 22:15:35 +0200 |
Manuel Jacob |
sslutil: remove dead code (that downgraded default minimum TLS version)
|
Fri, 29 May 2020 22:47:58 +0200 |
Manuel Jacob |
sslutil: remove comment referring to unsupported legacy stacks
|
Sun, 31 May 2020 12:07:17 +0200 |
Manuel Jacob |
sslutil: check for OpenSSL without TLS 1.0 support in one case
|
Sun, 31 May 2020 11:10:21 +0200 |
Manuel Jacob |
sslutil: don't set minimum TLS version to 1.0 if 1.2 but not 1.1 is available
|
Sun, 31 May 2020 11:41:03 +0200 |
Manuel Jacob |
sslutil: add FIXME about supportedprotocols possibly containing too many items
|
Sun, 31 May 2020 10:47:38 +0200 |
Manuel Jacob |
sslutil: fix names of variables containing minimum protocol strings
|
Sun, 31 May 2020 09:55:45 +0200 |
Manuel Jacob |
sslutil: stop returning argument as third return value of protocolsettings()
|
Sat, 30 May 2020 03:23:58 +0200 |
Manuel Jacob |
sslutil: eliminate `_canloaddefaultcerts` by constant-folding code using it
|
Fri, 29 May 2020 21:30:04 +0200 |
Manuel Jacob |
sslutil: eliminate `modernssl` by constant-folding code using it
|
Fri, 29 May 2020 22:31:26 +0200 |
Manuel Jacob |
sslutil: remove comments referring to removed SSLContext emulation class
|
Fri, 29 May 2020 21:18:22 +0200 |
Manuel Jacob |
sslutil: remove code checking for presence of ssl.SSLContext
|
Sat, 30 May 2020 03:46:59 +0200 |
Manuel Jacob |
sslutil: set `_canloaddefaultcerts` to `True` if `ssl.SSLContext` is present
|
Mon, 13 Jan 2020 17:16:54 -0500 |
Augie Fackler |
sslutil: migrate to hashutil.sha1 instead of hashlib.sha1
|
Thu, 14 Nov 2019 11:52:22 -0800 |
Martin von Zweigbergk |
procutil: move mainfrozen() to new resourceutil.py
|
Fri, 08 Nov 2019 11:19:20 -0800 |
Augie Fackler |
cleanup: remove pointless r-prefixes on single-quoted strings
|
Tue, 08 Oct 2019 15:06:18 -0700 |
Martin von Zweigbergk |
cleanup: join string literals that are already on one line
|
Sun, 06 Oct 2019 16:55:18 -0400 |
Gregory Szorc |
py3: manually import getattr where it is needed
|
Sun, 06 Oct 2019 10:51:16 -0400 |
Augie Fackler |
cleanup: mark some ui.(status|note|warn|write) calls as not needing i18n
|
Sun, 06 Oct 2019 09:48:39 -0400 |
Augie Fackler |
formatting: byteify all mercurial/ and hgext/ string literals
|
Sun, 06 Oct 2019 09:45:02 -0400 |
Augie Fackler |
formatting: blacken the codebase
|
Sat, 04 May 2019 23:31:42 -0400 |
Augie Fackler |
sslutil: add support for SSLKEYLOGFILE to wrapsocket
|
Wed, 08 May 2019 16:09:50 -0400 |
Augie Fackler |
sslutil: fsencode path returned by certifi (issue6132)
stable
|
Sat, 26 Jan 2019 14:00:42 -0800 |
Gregory Szorc |
sslutil: ensure serverhostname is bytes when formatting
|
Sat, 26 Jan 2019 13:58:58 -0800 |
Gregory Szorc |
sslutil: use raw strings for exception reason compare
|
Tue, 26 Jun 2018 10:36:23 -0400 |
Augie Fackler |
cleanup: migrate from re.escape to stringutil.reescape
|
Fri, 27 Apr 2018 00:05:46 -0400 |
Augie Fackler |
sslutil: fix some edge cases in Python 3 support
|
Sat, 14 Apr 2018 02:03:02 +0530 |
Pulkit Goyal |
py3: add b'' prefixes to make values bytes
|
Sat, 24 Mar 2018 15:10:51 +0900 |
Yuya Nishihara |
procutil: bulk-replace function calls to point to new module
|
Thu, 22 Mar 2018 21:56:20 +0900 |
Yuya Nishihara |
stringutil: bulk-replace call sites to point to new module
|
Sun, 04 Mar 2018 21:16:36 -0500 |
Augie Fackler |
sslutil: some more forcebytes() on some exception messages
|
Sun, 04 Mar 2018 21:15:37 -0500 |
Augie Fackler |
sslutil: sslcontext needs the cipher name as a sysstr
|
Sun, 04 Mar 2018 18:03:55 -0500 |
Augie Fackler |
sslutil: lots of unicode/bytes cleanup
|
Fri, 29 Dec 2017 05:25:27 +0530 |
Pulkit Goyal |
py3: use node.hex(h.digest()) instead of h.hexdigest()
|
Sun, 10 Dec 2017 04:48:59 +0530 |
Pulkit Goyal |
py3: handle keyword arguments correctly in sslutil.py
|
Sat, 14 Oct 2017 00:29:31 +0200 |
Boris Feld |
configitems: register the 'hostsecurity.*:fingerprints' config
|
Thu, 12 Oct 2017 00:20:41 +0200 |
Boris Feld |
configitems: register the 'hostfingerprints' section
|
Thu, 12 Oct 2017 23:34:34 -0700 |
Jun Wu |
codemod: use pycompat.isdarwin
|
Thu, 12 Oct 2017 23:30:46 -0700 |
Jun Wu |
codemod: use pycompat.iswindows
|
Wed, 12 Jul 2017 18:37:13 -0400 |
Matt Harbison |
sslutil: inform the user about how to fix an incomplete certificate chain
|
Mon, 10 Jul 2017 21:09:46 -0700 |
Gregory Szorc |
sslutil: check for missing certificate and key files (issue5598)
|
Fri, 10 Feb 2017 16:56:29 -0800 |
Martin von Zweigbergk |
cleanup: use set literals
|
Wed, 10 May 2017 23:49:37 -0700 |
Gregory Szorc |
sslutil: tweak the legacy [hostfingerprints] warning message
|
Wed, 10 May 2017 23:32:00 -0700 |
Gregory Szorc |
sslutil: remove conditional cipher code needed for Python 2.6
|
Mon, 08 May 2017 09:30:26 -0700 |
Gregory Szorc |
sslutil: reference fingerprints config option properly (issue5559)
stable
|
Wed, 29 Mar 2017 09:54:34 -0400 |
Matt Harbison |
sslutil: clarify internal documentation
|
Thu, 09 Mar 2017 20:33:29 -0800 |
Gregory Szorc |
sslutil: issue warning when [hostfingerprint] is used
|
Mon, 20 Feb 2017 18:40:42 +0530 |
Pulkit Goyal |
py3: use pycompat.fsencode() to convert __file__ to bytes
|
Tue, 20 Dec 2016 00:20:07 +0530 |
Pulkit Goyal |
py3: replace sys.executable with pycompat.sysexecutable
|
Mon, 19 Dec 2016 02:15:24 +0530 |
Pulkit Goyal |
py3: replace sys.platform with pycompat.sysplatform (part 1 of 2)
|
Mon, 19 Dec 2016 00:16:52 +0530 |
Pulkit Goyal |
py3: replace os.name with pycompat.osname (part 1 of 2)
|
Mon, 17 Oct 2016 23:16:55 +0200 |
Mads Kiilerich |
spelling: fixes of non-dictionary words
|
Wed, 19 Oct 2016 18:06:14 +0200 |
Gábor Stefanik |
sslutil: guard against broken certifi installations (issue5406)
stable
|
Tue, 13 Sep 2016 17:46:29 +0200 |
Pierre-Yves David |
ssl: handle a difference in SSLError with pypy (issue5348)
|
Mon, 25 Jul 2016 12:00:55 -0700 |
Gregory Szorc |
sslutil: work around SSLContext.get_ca_certs bug on Windows (issue5313)
stable
|
Tue, 19 Jul 2016 21:09:58 -0700 |
Gregory Szorc |
sslutil: improve messaging around unsupported protocols (issue5303)
stable
|
Tue, 19 Jul 2016 20:30:29 -0700 |
Gregory Szorc |
sslutil: capture string string representation of protocol
stable
|
Tue, 19 Jul 2016 20:16:51 -0700 |
Gregory Szorc |
sslutil: allow TLS 1.0 when --insecure is used
stable
|
Mon, 18 Jul 2016 11:27:27 -0700 |
Gregory Szorc |
sslutil: more robustly detect protocol support
|
Sun, 17 Jul 2016 11:03:08 -0700 |
Gregory Szorc |
sslutil: move comment about protocol constants
|
Sun, 17 Jul 2016 10:59:32 -0700 |
Gregory Szorc |
sslutil: support defining cipher list
|
Wed, 13 Jul 2016 21:49:17 -0700 |
Gregory Szorc |
sslutil: print a warning when using TLS 1.0 on legacy Python
|
Wed, 13 Jul 2016 21:35:54 -0700 |
Gregory Szorc |
sslutil: require TLS 1.1+ when supported
|
Thu, 14 Jul 2016 20:47:22 -0700 |
Gregory Szorc |
sslutil: config option to specify TLS protocol version
|
Thu, 14 Jul 2016 20:07:10 -0700 |
Gregory Szorc |
sslutil: prevent CRIME
|
Thu, 14 Jul 2016 19:56:39 -0700 |
Gregory Szorc |
sslutil: update comment about create_default_context()
|
Thu, 14 Jul 2016 20:14:19 -0700 |
Gregory Szorc |
sslutil: implement wrapserversocket()
|
Wed, 13 Jul 2016 19:33:52 -0700 |
Gregory Szorc |
sslutil: add assertion to prevent accidental CA usage on Windows
|
Wed, 06 Jul 2016 22:53:22 -0700 |
Gregory Szorc |
sslutil: move context options flags to _hostsettings
|
Wed, 06 Jul 2016 22:47:24 -0700 |
Gregory Szorc |
sslutil: move protocol determination to _hostsettings
|
Mon, 11 Jul 2016 08:54:13 -0500 |
Matt Mackall |
merge with stable
|
Wed, 06 Jul 2016 21:16:00 -0700 |
Gregory Szorc |
sslutil: try to find CA certficates in well-known locations
|
Wed, 06 Jul 2016 20:46:05 -0700 |
Gregory Szorc |
sslutil: issue warning when unable to load certificates on OS X
|
Mon, 04 Jul 2016 10:04:11 -0700 |
Gregory Szorc |
sslutil: handle default CA certificate loading on Windows
|
Thu, 30 Jun 2016 19:54:12 -0700 |
Gregory Szorc |
sslutil: expand _defaultcacerts docstring to note calling assumptions
|
Mon, 04 Jul 2016 10:00:56 -0700 |
Gregory Szorc |
sslutil: document the Apple OpenSSL cert trick
|
Mon, 04 Jul 2016 09:58:45 -0700 |
Gregory Szorc |
sslutil: use certificates provided by certifi if available
|
Fri, 01 Jul 2016 19:17:45 -0700 |
Gregory Szorc |
sslutil: don't attempt to find default CA certs file when told not to
|
Fri, 01 Jul 2016 19:04:39 -0700 |
Gregory Szorc |
sslutil: pass ui to _defaultcacerts
|
Fri, 01 Jul 2016 18:03:51 -0700 |
Gregory Szorc |
sslutil: change comment and logged message for found ca cert file
|
Sat, 02 Jul 2016 09:41:40 -0700 |
Gregory Szorc |
sslutil: don't access message attribute in exception (issue5285)
stable
|
Fri, 01 Jul 2016 16:02:56 -0500 |
Matt Mackall |
merge with stable
|
Sun, 26 Jun 2016 19:34:48 -0700 |
Gregory Szorc |
sslutil: synchronize hostname matching logic with CPython
stable 3.8.4
|
Wed, 29 Jun 2016 19:43:27 -0700 |
Gregory Szorc |
sslutil: emit warning when no CA certificates loaded
|
Wed, 29 Jun 2016 19:38:24 -0700 |
Gregory Szorc |
sslutil: don't load default certificates when they aren't relevant
|
Wed, 29 Jun 2016 19:37:38 -0700 |
Gregory Szorc |
sslutil: display a better error message when CA file loading fails
|
Sat, 25 Jun 2016 07:26:43 -0700 |
Gregory Szorc |
sslutil: abort when unable to verify peer connection (BC)
|
Sat, 25 Jun 2016 07:32:02 -0700 |
Gregory Szorc |
sslutil: remove out of place comment
|
Tue, 14 Jun 2016 11:53:55 +0200 |
liscju |
i18n: translate abort messages
|
Fri, 10 Jun 2016 00:12:33 -0400 |
Augie Fackler |
cleanup: replace uses of util.(md5|sha1|sha256|sha512) with hashlib.\1
|
Tue, 07 Jun 2016 20:29:54 -0700 |
Gregory Szorc |
sslutil: per-host config option to define certificates
|
Sat, 04 Jun 2016 11:16:08 -0700 |
Gregory Szorc |
sslutil: print the fingerprint from the last hash used
|
Tue, 31 May 2016 19:21:08 -0700 |
Gregory Szorc |
sslutil: make cert fingerprints messages more actionable
|
Mon, 30 May 2016 15:43:03 -0700 |
Gregory Szorc |
sslutil: refactor code for fingerprint matching
|
Mon, 30 May 2016 15:42:39 -0700 |
Gregory Szorc |
sslutil: print SHA-256 fingerprint by default
|
Mon, 30 May 2016 13:15:53 -0700 |
Gregory Szorc |
sslutil: move and change warning when cert verification is disabled
|
Wed, 01 Jun 2016 19:57:20 -0700 |
Gregory Szorc |
sslutil: add devel.disableloaddefaultcerts to disable CA loading
|
Mon, 30 May 2016 11:20:31 -0700 |
Gregory Szorc |
sslutil: store flag for whether cert verification is disabled
|
Mon, 30 May 2016 11:19:43 -0700 |
Gregory Szorc |
sslutil: remove "strict" argument from validatesocket()
|
Sat, 28 May 2016 12:58:46 -0700 |
Gregory Szorc |
sslutil: reference appropriate config section in messaging
|
Sat, 28 May 2016 12:37:36 -0700 |
Gregory Szorc |
sslutil: allow fingerprints to be specified in [hostsecurity]
|
Sat, 28 May 2016 11:58:28 -0700 |
Gregory Szorc |
sslutil: calculate host fingerprints from additional algorithms
|
Sat, 28 May 2016 12:53:33 -0700 |
Gregory Szorc |
sslutil: move CA file processing into _hostsettings()
|
Sat, 28 May 2016 11:41:21 -0700 |
Gregory Szorc |
sslutil: move SSLContext.verify_mode value into _hostsettings
|
Sat, 28 May 2016 11:12:02 -0700 |
Gregory Szorc |
sslutil: introduce a function for determining host-specific settings
|
Wed, 25 May 2016 19:57:31 -0700 |
Gregory Szorc |
sslutil: remove sslkwargs() (API)
|
Wed, 25 May 2016 19:52:02 -0700 |
Gregory Szorc |
sslutil: move sslkwargs logic into internal function (API)
|
Wed, 25 May 2016 19:43:22 -0700 |
Gregory Szorc |
sslutil: remove ui from sslkwargs (API)
|
Sun, 15 May 2016 11:50:49 -0700 |
Gregory Szorc |
sslutil: remove redundant check of sslsocket.cipher()
|
Sun, 15 May 2016 11:38:38 -0700 |
Gregory Szorc |
sslutil: convert socket validation from a class to a function (API)
|
Sun, 15 May 2016 11:32:11 -0700 |
Gregory Szorc |
sslutil: store and use hostname and ui in socket instance
|
Sun, 15 May 2016 11:25:07 -0700 |
Gregory Szorc |
sslutil: use a dict for hanging hg state off the wrapped socket
|
Thu, 05 May 2016 19:10:18 -0700 |
Gregory Szorc |
sslutil: require serverhostname argument (API)
|
Thu, 05 May 2016 00:46:31 -0700 |
Gregory Szorc |
sslutil: stop checking for web.cacerts=! (BC)
|
Thu, 05 May 2016 00:38:18 -0700 |
Gregory Szorc |
sslutil: use CA loaded state to drive validation logic
|