url: always create BetterHTTPS connections the same way
authorMads Kiilerich <mads@kiilerich.com>
Wed, 16 Feb 2011 04:28:17 +0100
changeset 13422 ebce5196b9db
parent 13421 bd8bfa85d5a5
child 13423 4e60dad2261f
url: always create BetterHTTPS connections the same way
mercurial/url.py
--- a/mercurial/url.py	Wed Feb 16 04:28:17 2011 +0100
+++ b/mercurial/url.py	Wed Feb 16 04:28:17 2011 +0100
@@ -546,12 +546,13 @@
         send = keepalive.safesend
 
         def connect(self):
+            self.sock = _create_connection((self.host, self.port))
+
             host = self.host
             cacerts = self.ui.config('web', 'cacerts')
             hostfingerprint = self.ui.config('hostfingerprints', host)
 
             if cacerts and not hostfingerprint:
-                sock = _create_connection((self.host, self.port))
                 self.sock = _ssl_wrap_socket(self.sock, self.key_file,
                     self.cert_file, cert_reqs=CERT_REQUIRED,
                     ca_certs=util.expandpath(cacerts))
@@ -562,7 +563,8 @@
                                        'insecurely)') % (host, msg))
                 self.ui.debug('%s certificate successfully verified\n' % host)
             else:
-                httplib.HTTPSConnection.connect(self)
+                self.sock = _ssl_wrap_socket(self.sock, self.key_file,
+                    self.cert_file)
                 if hasattr(self.sock, 'getpeercert'):
                     peercert = self.sock.getpeercert(True)
                     peerfingerprint = util.sha1(peercert).hexdigest()