Mercurial > hg
changeset 12797:076bbbf0ba86 stable
hgweb: let HTTPS serve use more compatible and less secure encryption
PROTOCOL_SSLv3 on the server side doesn't work everywhere. Sometimes the client
reports "EOF occurred in violation of protocol" (for example on Mac and Solaris).
The more compatible PROTOCOL_SSLv23 is now used instead. It works but is less
"secure" for some OpenSSL versions as it can fall back to weak encryption.
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Thu, 21 Oct 2010 03:18:52 +0200 |
parents | bc69ba99e34b |
children | 3d6ba8c2b1b8 |
files | mercurial/hgweb/server.py |
diffstat | 1 files changed, 1 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mercurial/hgweb/server.py Wed Oct 20 18:15:47 2010 +0530 +++ b/mercurial/hgweb/server.py Thu Oct 21 03:18:52 2010 +0200 @@ -227,7 +227,7 @@ except ImportError: raise util.Abort(_("SSL support is unavailable")) httpserver.socket = ssl.wrap_socket(httpserver.socket, server_side=True, - certfile=ssl_cert, ssl_version=ssl.PROTOCOL_SSLv3) + certfile=ssl_cert, ssl_version=ssl.PROTOCOL_SSLv23) def setup(self): self.connection = self.request