Mercurial failing on TLSv1.2 repos, but I wrote a patch

Warren Melnick wmelnick at
Mon Jul 20 12:24:33 CDT 2015

Then how can I enable TLSv1.2 if TLSv1.0 is hardcoded, which is what this code does?  Or perhaps TLSv1.2 should be hardcoded already since there are already problems with TLSv1.0 and 1.1
Warren Melnick
Director of IT & Security

Millennium Communications 
6900 Jericho Tpke., Suite 100LL
Syosset, NY  11791 
Tel:      516-682-8080 x258
Fax:     516-682-9090 
Web: <>
Email:  wmelnick at

This electronic message transmission contains information from Millennium Communications, Inc. that may be confidential or privileged. The information is intended to be for the use of only the individual or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is strictly prohibited. If you have received this electronic transmission in error, please notify the sender by replying to this e-mail and immediately deleting this email and any attachments from your system along with any copies you may have made, electronic or otherwise.

On 7/20/15, 1:18 PM, "Matt Mackall" <mpm at> wrote:

>On Mon, 2015-07-20 at 16:37 +0000, Warren Melnick wrote:
>> I am having problems working with repos which use TLSv1.2.  I tracked down the problem to an ssl wrapper which is using TLSv1 instead of SSLv23.
>> This small change fixed it for me:
>> -                                        ssl_version=ssl.PROTOCOL_TLSv1)
>> +                                        ssl_version=ssl.PROTOCOL_SSLv23)
>You've reenabled the insecure and deprecated protocols known as SSLv2
>and SSLv3 so this is not the right fix. Welcome to OpenSSL's broken API.
>Mathematics is the supreme nostalgia of our time.

More information about the Mercurial-devel mailing list