changeset 15816:4bb59919c905

sslutil: work around validator crash getting certificate on failed sockets The previous workaround for correct handling of wrapping of failing connections might be enough to prevent this from happening, but the check here makes this function more robust.
author Mads Kiilerich <mads@kiilerich.com>
date Mon, 09 Jan 2012 14:43:25 +0100
parents edc3a901a63d
children 8f377751b510
files mercurial/sslutil.py
diffstat 1 files changed, 2 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/mercurial/sslutil.py	Mon Jan 09 14:43:24 2012 +0100
+++ b/mercurial/sslutil.py	Mon Jan 09 14:43:25 2012 +0100
@@ -110,6 +110,8 @@
             self.ui.warn(_("warning: certificate for %s can't be verified "
                            "(Python too old)\n") % host)
             return
+        if not sock.cipher(): # work around http://bugs.python.org/issue13721
+            raise util.Abort(_('%s ssl connection error') % host)
         peercert = sock.getpeercert(True)
         peerfingerprint = util.sha1(peercert).hexdigest()
         nicefingerprint = ":".join([peerfingerprint[x:x + 2]