[PATCH 5 of 6] sslutil: work around validator crash getting certificate on failed sockets
Mads Kiilerich
mads at kiilerich.com
Mon Jan 9 08:00:49 CST 2012
# HG changeset patch
# User Mads Kiilerich <mads at kiilerich.com>
# Date 1326116605 -3600
# Node ID ce9e165f39070c3182fd9ed6bc03d7b2b20336d7
# Parent 6723ed3093373a3bb91234c95e16409c594c10ce
sslutil: work around validator crash getting certificate on failed sockets
The previous workaround for correct handling of wrapping of failing connections
might be enough to prevent this from happening, but the check here makes this
function more robust.
diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -110,6 +110,8 @@
self.ui.warn(_("warning: certificate for %s can't be verified "
"(Python too old)\n") % host)
return
+ if not sock.cipher(): # work around http://bugs.python.org/issue13721
+ raise util.Abort(_('%s ssl connection error') % host)
peercert = sock.getpeercert(True)
peerfingerprint = util.sha1(peercert).hexdigest()
nicefingerprint = ":".join([peerfingerprint[x:x + 2]
More information about the Mercurial-devel
mailing list