# HG changeset patch
# User Gregory Szorc <gregory.szorc@gmail.com>
# Date 1459112932 25200
# Node ID 737863b01d9fb05e5c5f2b07acc32357a553b453
# Parent  7acab42ef184a64a59820fd20d6c31089fa49522
sslutil: move _canloaddefaultcerts logic

We now have a newer block accessing SSLContext. Let's move this
code to make subsequent refactorings of the former block easier.

diff -r 7acab42ef184 -r 737863b01d9f mercurial/sslutil.py
--- a/mercurial/sslutil.py	Sun Mar 27 13:50:34 2016 -0700
+++ b/mercurial/sslutil.py	Sun Mar 27 14:08:52 2016 -0700
@@ -41,8 +41,10 @@
     # SSL/TLS features are available.
     SSLContext = ssl.SSLContext
     modernssl = True
+    _canloaddefaultcerts = util.safehasattr(SSLContext, 'load_default_certs')
 except AttributeError:
     modernssl = False
+    _canloaddefaultcerts = False
 
     # We implement SSLContext using the interface from the standard library.
     class SSLContext(object):
@@ -104,12 +106,10 @@
 
             return ssl.wrap_socket(socket, **args)
 
-_canloaddefaultcerts = False
 try:
     # ssl.SSLContext was added in 2.7.9 and presence indicates modern
     # SSL/TLS features are available.
     ssl_context = ssl.SSLContext
-    _canloaddefaultcerts = util.safehasattr(ssl_context, 'load_default_certs')
 
     def wrapsocket(sock, keyfile, certfile, ui, cert_reqs=ssl.CERT_NONE,
                    ca_certs=None, serverhostname=None):