log mercurial/sslutil.py @ 29126:7dd5d19c9773

age author description
Thu, 05 May 2016 00:46:31 -0700 Gregory Szorc sslutil: stop checking for web.cacerts=! (BC)
Thu, 05 May 2016 00:38:18 -0700 Gregory Szorc sslutil: use CA loaded state to drive validation logic
Thu, 05 May 2016 00:37:28 -0700 Gregory Szorc sslutil: handle ui.insecureconnections in validator
Thu, 05 May 2016 00:35:45 -0700 Gregory Szorc sslutil: check for ui.insecureconnections in sslkwargs
Thu, 05 May 2016 00:32:43 -0700 Gregory Szorc sslutil: make sslkwargs code even more explicit
Wed, 04 May 2016 23:38:34 -0700 Gregory Szorc sslutil: move code examining _canloaddefaultcerts out of _defaultcacerts
Wed, 04 May 2016 23:01:49 -0700 Gregory Szorc sslutil: further refactor sslkwargs
Thu, 05 May 2016 00:31:11 -0700 Gregory Szorc sslutil: document and slightly refactor sslkwargs
Sat, 30 Apr 2016 09:26:47 -0700 Gregory Szorc sslutil: restore old behavior not requiring a hostname argument (issue5210) stable
Sun, 10 Apr 2016 11:02:58 -0700 Gregory Szorc sslutil: document and slightly refactor validation logic
Sun, 10 Apr 2016 11:00:41 -0700 Gregory Szorc sslutil: require a server hostname when wrapping sockets (API)
Sun, 10 Apr 2016 10:59:45 -0700 Gregory Szorc sslutil: move and document verify_mode assignment
Sun, 27 Mar 2016 13:13:19 -0700 Gregory Szorc sslutil: add docstring to wrapsocket()
Sun, 27 Mar 2016 11:39:39 -0700 Gregory Szorc sslutil: remove indentation in wrapsocket declaration
Sun, 27 Mar 2016 14:18:32 -0700 Gregory Szorc sslutil: always use SSLContext
Sun, 27 Mar 2016 14:08:52 -0700 Gregory Szorc sslutil: move _canloaddefaultcerts logic
Sun, 27 Mar 2016 13:50:34 -0700 Gregory Szorc sslutil: implement SSLContext class
Sun, 27 Mar 2016 10:47:24 -0700 Gregory Szorc sslutil: store OP_NO_SSL* constants in module scope
Sun, 27 Mar 2016 14:07:06 -0700 Gregory Szorc sslutil: better document state of security/ssl module
Sat, 19 Mar 2016 10:10:09 -0700 Gregory Szorc sslutil: use preferred formatting for import syntax
Sun, 13 Mar 2016 14:03:58 -0700 Gregory Szorc sslutil: allow multiple fingerprints per host
Fri, 08 Jan 2016 16:27:25 +0100 Gábor Stefanik sslutil: fix reversed logic (issue5034) stable
Tue, 29 Sep 2015 16:17:32 -0700 Gregory Szorc sslutil: expose attribute indicating whether SNI is supported
Thu, 08 Oct 2015 12:55:45 -0700 Pierre-Yves David error: get Abort from 'error' instead of 'util'
Sat, 08 Aug 2015 19:56:22 -0700 Gregory Szorc sslutil: use absolute_import
Fri, 05 Jun 2015 21:45:44 +0900 Yuya Nishihara ssl: remove CERT_REQUIRED constant that was necessary for compatibility
Fri, 05 Jun 2015 21:40:59 +0900 Yuya Nishihara ssl: drop try-except clause that was necessary for ancient Python
Fri, 05 Jun 2015 21:37:46 +0900 Yuya Nishihara ssl: drop support for Python < 2.6, require ssl module
Fri, 05 Jun 2015 21:25:28 +0900 Yuya Nishihara ssl: rename ssl_wrap_socket() to conform to our naming convention
Thu, 07 May 2015 17:15:24 +0900 Yuya Nishihara ssl: prompt passphrase of client key file via ui.getpass() (issue4648)
Sat, 04 Apr 2015 14:56:18 +0900 Yuya Nishihara ssl: resolve symlink before checking for Apple python executable (issue4588)
Thu, 26 Feb 2015 22:54:13 +0900 Yuya Nishihara ssl: load CA certificates from system's store by default on Python 2.7.9
Wed, 04 Mar 2015 23:27:04 +0900 Yuya Nishihara ssl: set explicit symbol "!" to web.cacerts to disable SSL verification (BC)
Wed, 04 Mar 2015 22:27:01 +0900 Yuya Nishihara ssl: extract function that returns dummycert path on Apple python
Wed, 14 Jan 2015 15:46:21 -0500 Augie Fackler sslutil: drop defunct ssl version constants
Wed, 14 Jan 2015 15:46:00 -0500 Augie Fackler sslutil: use saner TLS settings on Python 2.7.9
Wed, 14 Jan 2015 15:31:16 -0500 Augie Fackler sslutil: drop support for clients of sslutil specifying a TLS version
Mon, 12 Jan 2015 18:01:20 -0700 Alex Orange https: support tls sni (server name indication) for https urls (issue3090)
Tue, 21 Oct 2014 17:01:23 -0400 Augie Fackler sslutil: only support TLS (BC) stable
Fri, 17 Oct 2014 18:56:12 +0200 Mads Kiilerich ssl: only use the dummy cert hack if using an Apple Python (issue4410)
Fri, 26 Sep 2014 02:19:48 +0200 Mads Kiilerich ssl: on OS X, use a dummy cert to trick Python/OpenSSL to use system CA certs
Fri, 26 Sep 2014 02:19:47 +0200 Mads Kiilerich ssl: refactor sslkwargs - move things around a bit, preparing for next change
Fri, 20 Sep 2013 09:15:43 -0400 Augie Fackler sslutil: make keyfile and certfile arguments consistent between 2.6+ and 2.5-
Thu, 19 Sep 2013 16:29:00 -0400 Augie Fackler sslutil: add a config knob to support TLS (default) or SSLv23 (bc) (issue4038)
Wed, 18 Sep 2013 14:40:17 -0400 Augie Fackler sslutil: backed out changeset 074bd02352c0 (issue4038) stable
Wed, 24 Jul 2013 14:51:13 -0400 Augie Fackler sslutil: force SSLv3 on Python 2.6 and later (issue3905) stable
Tue, 26 Mar 2013 02:28:10 +0900 FUJIWARA Katsunori sslutil: abort if peer certificate is not verified for secure use
Fri, 05 Apr 2013 12:20:14 -0500 Matt Mackall sslutil: try harder to avoid getpeercert problems
Mon, 09 Apr 2012 14:36:16 -0700 Steven Stallion ui: optionally quiesce ssl verification warnings on python 2.5
Thu, 26 Jan 2012 11:23:15 -0600 Matt Mackall sslutil: more helpful fingerprint mismatch message stable
Mon, 09 Jan 2012 14:56:05 +0100 Mads Kiilerich sslutil: abort properly if no certificate received for https connection
Mon, 09 Jan 2012 14:43:25 +0100 Mads Kiilerich sslutil: work around validator crash getting certificate on failed sockets
Mon, 09 Jan 2012 14:43:24 +0100 Mads Kiilerich sslutil: reorder validator code to make it more readable
Mon, 09 Jan 2012 14:43:24 +0100 Mads Kiilerich sslutil: show fingerprint when cacerts validation fails
Mon, 09 Jan 2012 14:43:23 +0100 Mads Kiilerich sslutil: handle setups without .getpeercert() early in the validator
Mon, 09 Jan 2012 14:43:15 +0100 Mads Kiilerich sslutil: verify that wrap_socket really wrapped the socket
Tue, 27 Sep 2011 18:51:10 +0200 Mads Kiilerich sslutil: abort when ssl module is needed but not found
Sat, 18 Jun 2011 01:08:54 +0200 Mads Kiilerich sslutil: make messages for Python without certificate handling more helpful
Sat, 18 Jun 2011 01:03:03 +0200 Nicolas Bareil sslutil: fall back to commonName when no dNSName in subjectAltName (issue2798)
Tue, 14 Jun 2011 13:31:32 +1000 Stephen Thorne sslutil: Restore missing imports of socket and httplib to sslutil