Mercurial Mercurial > hg / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslutil: add FIXME about supportedprotocols possibly containing too many items
authorManuel Jacob <me@manueljacob.de>
Sun, 31 May 2020 11:41:03 +0200
changeset 44890 4942c1bdd080
parent 44889 ceb7318013d5
child 44891 abcd6db1f2cc
sslutil: add FIXME about supportedprotocols possibly containing too many items
mercurial/sslutil.py file | annotate | diff | comparison | revisions 
--- a/mercurial/sslutil.py	Sun May 31 10:47:38 2020 +0200
+++ b/mercurial/sslutil.py	Sun May 31 11:41:03 2020 +0200
@@ -46,6 +46,13 @@
 
 # TLS 1.1 and 1.2 may not be supported if the OpenSSL Python is compiled
 # against doesn't support them.
+# FIXME: Since CPython commit 6e8cda91d92da72800d891b2fc2073ecbc134d98
+# individual TLS versions can be turned on and off, and the
+# ssl.PROTOCOL_TLSv1_* constants are always defined.
+# This means that, on unusual configurations, the following dict may contain
+# too many entries. A proper fix would be to check ssl.HAS_TLSv* where
+# available (Python 3.7+). Before that, this module should be proofed against
+# all possible combinations.
 supportedprotocols = {b'tls1.0'}
 if util.safehasattr(ssl, b'PROTOCOL_TLSv1_1'):
     supportedprotocols.add(b'tls1.1')
Mercurial