Mercurial > hg

changeset 15817:8f377751b510

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslutil: abort properly if no certificate received for https connection According to the documentation SSLSocket.getpeercert() can return None.
author Mads Kiilerich <mads@kiilerich.com>
date Mon, 09 Jan 2012 14:56:05 +0100
parents 4bb59919c905
children 57241845a4bb
files mercurial/sslutil.py
diffstat 1 files changed, 3 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/mercurial/sslutil.py	Mon Jan 09 14:43:25 2012 +0100
+++ b/mercurial/sslutil.py	Mon Jan 09 14:56:05 2012 +0100
@@ -113,6 +113,9 @@
         if not sock.cipher(): # work around http://bugs.python.org/issue13721
             raise util.Abort(_('%s ssl connection error') % host)
         peercert = sock.getpeercert(True)
+        if not peercert:
+            raise util.Abort(_('%s certificate error: '
+                               'no certificate received') % host)
         peerfingerprint = util.sha1(peercert).hexdigest()
         nicefingerprint = ":".join([peerfingerprint[x:x + 2]
             for x in xrange(0, len(peerfingerprint), 2)])