Mercurial failing on TLSv1.2 repos, but I wrote a patch
Warren Melnick
wmelnick at millenniumweb.com
Mon Jul 20 12:24:33 CDT 2015
Then how can I enable TLSv1.2 if TLSv1.0 is hardcoded, which is what this code does? Or perhaps TLSv1.2 should be hardcoded already since there are already problems with TLSv1.0 and 1.1
--
Warren Melnick
Director of IT & Security
Millennium Communications
6900 Jericho Tpke., Suite 100LL
Syosset, NY 11791
Tel: 516-682-8080 x258
Fax: 516-682-9090
Web: www.millenniumweb.com <http://www.millenniumweb.com/>
Email: wmelnick at millenniumweb.com
This electronic message transmission contains information from Millennium Communications, Inc. that may be confidential or privileged. The information is intended to be for the use of only the individual or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is strictly prohibited. If you have received this electronic transmission in error, please notify the sender by replying to this e-mail and immediately deleting this email and any attachments from your system along with any copies you may have made, electronic or otherwise.
On 7/20/15, 1:18 PM, "Matt Mackall" <mpm at selenic.com> wrote:
>On Mon, 2015-07-20 at 16:37 +0000, Warren Melnick wrote:
>> I am having problems working with repos which use TLSv1.2. I tracked down the problem to an ssl wrapper which is using TLSv1 instead of SSLv23.
>>
>> This small change fixed it for me:
>
>> - ssl_version=ssl.PROTOCOL_TLSv1)
>>
>> + ssl_version=ssl.PROTOCOL_SSLv23)
>
>You've reenabled the insecure and deprecated protocols known as SSLv2
>and SSLv3 so this is not the right fix. Welcome to OpenSSL's broken API.
>
>--
>Mathematics is the supreme nostalgia of our time.
>
More information about the Mercurial-devel
mailing list