Mercurial Mercurial > hg / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslutil: store OP_NO_SSL* constants in module scope
authorGregory Szorc <gregory.szorc@gmail.com>
Sun, 27 Mar 2016 10:47:24 -0700
changeset 28648 7fc787e5d8ec
parent 28647 834d1c4ba749
child 28649 7acab42ef184
sslutil: store OP_NO_SSL* constants in module scope An upcoming patch will introduce a global SSLContext type so we have a single function used to wrap sockets. Prepare for that by introducing module level constants for disabling SSLv2 and SSLv3.
mercurial/sslutil.py file | annotate | diff | comparison | revisions 
--- a/mercurial/sslutil.py	Sun Mar 27 14:07:06 2016 -0700
+++ b/mercurial/sslutil.py	Sun Mar 27 10:47:24 2016 -0700
@@ -29,6 +29,13 @@
 
 hassni = getattr(ssl, 'HAS_SNI', False)
 
+try:
+    OP_NO_SSLv2 = ssl.OP_NO_SSLv2
+    OP_NO_SSLv3 = ssl.OP_NO_SSLv3
+except AttributeError:
+    OP_NO_SSLv2 = 0x1000000
+    OP_NO_SSLv3 = 0x2000000
+
 _canloaddefaultcerts = False
 try:
     # ssl.SSLContext was added in 2.7.9 and presence indicates modern
@@ -48,7 +55,7 @@
         # maintainers for us, but that breaks too many things to
         # do it in a hurry.
         sslcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
-        sslcontext.options |= ssl.OP_NO_SSLv2 | ssl.OP_NO_SSLv3
+        sslcontext.options |= OP_NO_SSLv2 | OP_NO_SSLv3
         if certfile is not None:
             def password():
                 f = keyfile or certfile
Mercurial