[PATCH 1 of 2 v2] ssl: refactor sslkwargs - move things around a bit, preparing for next change

Mads Kiilerich mads at kiilerich.com
Thu Sep 25 19:20:57 CDT 2014


# HG changeset patch
# User Mads Kiilerich <madski at unity3d.com>
# Date 1411690787 -7200
#      Fri Sep 26 02:19:47 2014 +0200
# Node ID 6e888ceda9e9b358e1bcb45eef2555ceb93e0874
# Parent  fa3181323c0aa9b2d2c2f81a7d68d57bd3a7a515
ssl: refactor sslkwargs - move things around a bit, preparing for next change

diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -89,16 +89,18 @@ def _verifycert(cert, hostname):
 # busted on those versions.
 
 def sslkwargs(ui, host):
-    cacerts = ui.config('web', 'cacerts')
     forcetls = ui.configbool('ui', 'tls', default=True)
     if forcetls:
         ssl_version = PROTOCOL_TLSv1
     else:
         ssl_version = PROTOCOL_SSLv23
-    hostfingerprint = ui.config('hostfingerprints', host)
     kws = {'ssl_version': ssl_version,
            }
-    if cacerts and not hostfingerprint:
+    hostfingerprint = ui.config('hostfingerprints', host)
+    if hostfingerprint:
+        return kws
+    cacerts = ui.config('web', 'cacerts')
+    if cacerts:
         cacerts = util.expandpath(cacerts)
         if not os.path.exists(cacerts):
             raise util.Abort(_('could not find web.cacerts: %s') % cacerts)


More information about the Mercurial-devel mailing list