Mercurial > hg

changeset 29487:cdcb5747dc88

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslutil: document the Apple OpenSSL cert trick This is sort of documented in _plainapplypython()'s docstring. But it helps to be explicit in security code.
author Gregory Szorc <gregory.szorc@gmail.com>
date Mon, 04 Jul 2016 10:00:56 -0700
parents a62c00f6dd04
children 1c26b9ce66f8
files mercurial/sslutil.py
diffstat 1 files changed, 3 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/mercurial/sslutil.py	Mon Jul 04 09:58:45 2016 -0700
+++ b/mercurial/sslutil.py	Mon Jul 04 10:00:56 2016 -0700
@@ -442,6 +442,9 @@
     except ImportError:
         pass
 
+    # Apple's OpenSSL has patches that allow a specially constructed certificate
+    # to load the system CA store. If we're running on Apple Python, use this
+    # trick.
     if _plainapplepython():
         dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem')
         if os.path.exists(dummycert):