Mercurial > hg

changeset 12797:076bbbf0ba86 stable

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
hgweb: let HTTPS serve use more compatible and less secure encryption PROTOCOL_SSLv3 on the server side doesn't work everywhere. Sometimes the client reports "EOF occurred in violation of protocol" (for example on Mac and Solaris). The more compatible PROTOCOL_SSLv23 is now used instead. It works but is less "secure" for some OpenSSL versions as it can fall back to weak encryption.
author Mads Kiilerich <mads@kiilerich.com>
date Thu, 21 Oct 2010 03:18:52 +0200
parents bc69ba99e34b
children 3d6ba8c2b1b8
files mercurial/hgweb/server.py
diffstat 1 files changed, 1 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/mercurial/hgweb/server.py	Wed Oct 20 18:15:47 2010 +0530
+++ b/mercurial/hgweb/server.py	Thu Oct 21 03:18:52 2010 +0200
@@ -227,7 +227,7 @@
         except ImportError:
             raise util.Abort(_("SSL support is unavailable"))
         httpserver.socket = ssl.wrap_socket(httpserver.socket, server_side=True,
-            certfile=ssl_cert, ssl_version=ssl.PROTOCOL_SSLv3)
+            certfile=ssl_cert, ssl_version=ssl.PROTOCOL_SSLv23)
 
     def setup(self):
         self.connection = self.request