[PATCH 2 of 8] sslutil: change comment and logged message for found ca cert file

Gregory Szorc gregory.szorc at gmail.com
Fri Jul 1 22:57:38 EDT 2016


# HG changeset patch
# User Gregory Szorc <gregory.szorc at gmail.com>
# Date 1467421431 25200
#      Fri Jul 01 18:03:51 2016 -0700
# Node ID 9b25d8e1497ab9da8f056c0370168c4f91abdfd9
# Parent  142d3941bd4374998b8f0e92c287b431863ca95c
sslutil: change comment and logged message for found ca cert file

Future patches will change _defaultcacerts() to do something
on platforms that aren't OS X. Change the comment and logged
message to reflect the future.

diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -191,20 +191,20 @@ def _hostsettings(ui, hostname):
             cafile = ui.config('web', 'cacerts')
 
             if cafile:
                 cafile = util.expandpath(cafile)
                 if not os.path.exists(cafile):
                     raise error.Abort(_('could not find web.cacerts: %s') %
                                       cafile)
             else:
-                # No global CA certs. See if we can load defaults.
+                # CAs not defined in config. Try to find system bundles.
                 cafile = _defaultcacerts()
                 if cafile:
-                    ui.debug('using %s to enable OS X system CA\n' % cafile)
+                    ui.debug('using %s for CA file\n' % cafile)
 
             s['cafile'] = cafile
 
         # Require certificate validation if CA certs are being loaded and
         # verification hasn't been disabled above.
         if cafile or (_canloaddefaultcerts and s['allowloaddefaultcerts']):
             s['verifymode'] = ssl.CERT_REQUIRED
         else:


More information about the Mercurial-devel mailing list