Mercurial Mercurial > hg / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
sslutil: check for OpenSSL without TLS 1.0 support in one case
authorManuel Jacob <me@manueljacob.de>
Sun, 31 May 2020 12:07:17 +0200
changeset 44892 dd7c4a208a4e
parent 44891 abcd6db1f2cc
child 44893 95c832849955
sslutil: check for OpenSSL without TLS 1.0 support in one case It can only happen if supportedprotocols gets fixed to contain only correct items (see the FIXME above in the file).
mercurial/sslutil.py file | annotate | diff | comparison | revisions 
--- a/mercurial/sslutil.py	Sun May 31 11:10:21 2020 +0200
+++ b/mercurial/sslutil.py	Sun May 31 12:07:17 2020 +0200
@@ -553,6 +553,8 @@
     # footgun to kill security. Don't define it.
     exactprotocol = ui.config(b'devel', b'serverexactprotocol')
     if exactprotocol == b'tls1.0':
+        if b'tls1.0' not in supportedprotocols:
+            raise error.Abort(_(b'TLS 1.0 not supported by this Python'))
         protocol = ssl.PROTOCOL_TLSv1
     elif exactprotocol == b'tls1.1':
         if b'tls1.1' not in supportedprotocols:
Mercurial