Mercurial > hg
changeset 29447:13edc11eb7b7
sslutil: don't load default certificates when they aren't relevant
Before, we would call SSLContext.load_default_certs() when
certificate verification wasn't being used. Since
SSLContext.verify_mode == ssl.CERT_NONE, this would ideally
no-op. However, there is a slim chance the loading of system
certs could cause a failure. Furthermore, this behavior
interfered with a future patch that aims to provide a more
helpful error message when we're unable to load CAs.
The lack of test fallout is hopefully a sign that our
security code and tests are in a relatively good state.
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Wed, 29 Jun 2016 19:38:24 -0700 |
parents | 2f7f1e10f840 |
children | afbe1fe4c44e |
files | mercurial/sslutil.py |
diffstat | 1 files changed, 2 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/mercurial/sslutil.py Wed Jun 29 19:37:38 2016 -0700 +++ b/mercurial/sslutil.py Wed Jun 29 19:38:24 2016 -0700 @@ -154,11 +154,13 @@ # matters. No need to validate CA certs. if s['certfingerprints']: s['verifymode'] = ssl.CERT_NONE + s['allowloaddefaultcerts'] = False # If --insecure is used, don't take CAs into consideration. elif ui.insecureconnections: s['disablecertverification'] = True s['verifymode'] = ssl.CERT_NONE + s['allowloaddefaultcerts'] = False if ui.configbool('devel', 'disableloaddefaultcerts'): s['allowloaddefaultcerts'] = False