[Bug 4410] New: d7f7f1860f00 regressed SSL on OS X: abort: error: _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
mercurial-bugs at selenic.com
mercurial-bugs at selenic.com
Thu Oct 16 19:49:04 CDT 2014
http://bz.selenic.com/show_bug.cgi?id=4410
Priority: normal
Bug ID: 4410
CC: mercurial-devel at selenic.com
Assignee: bugzilla at selenic.com
Summary: d7f7f1860f00 regressed SSL on OS X: abort: error:
_ssl.c:510: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate
verify failed
Severity: bug
Classification: Unclassified
OS: Mac OS
Reporter: gregory.szorc at gmail.com
Hardware: PC
Status: UNCONFIRMED
Version: unspecified
Component: Mercurial
Product: Mercurial
The following changeset regressed SSL on my OS X machine:
changeset: 30362:d7f7f1860f00
user: Mads Kiilerich <madski at unity3d.com>
date: Fri Sep 26 02:19:48 2014 +0200
summary: ssl: on OS X, use a dummy cert to trick Python/OpenSSL to use
system CA certs
STR:
HGRCPATH=/dev/null ./hg clone https://bitbucket.org/marmoute/mutable-history
Strangely, not unsetting HRCPATH makes it work.
Perhaps this is just a regression in the fingerprint verification code path and
only impacts remotes that don't have fingerprints in your hgrc?
On the parent (a00a7951b20c):
HGRCPATH=/dev/null ./hg clone https://bitbucket.org/marmoute/mutable-history
warning: bitbucket.org certificate with fingerprint
45:ad:ae:1a:cf:0e:73:47:06:07:e0:88:f5:cc:10:e5:fa:1c:f7:99 not verified (check
hostfingerprints or web.cacerts config setting)
destination directory: mutable-history
requesting all changes
adding changesets
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Mercurial-devel
mailing list