[PATCH 2 of 9 V3] sslutil: remove "strict" argument from validatesocket()

Gregory Szorc gregory.szorc at gmail.com
Wed Jun 1 23:16:16 EDT 2016


# HG changeset patch
# User Gregory Szorc <gregory.szorc at gmail.com>
# Date 1464632383 25200
#      Mon May 30 11:19:43 2016 -0700
# Node ID 877afbb2f1d05f169bc798e492826cc70800ea75
# Parent  a1cda46a74533090f22bd596b206ddf9090d6bd2
sslutil: remove "strict" argument from validatesocket()

It was only used by mail.py as part of processing smtp.verifycert,
which was just removed.

diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -319,17 +319,17 @@ def _defaultcacerts():
     """return path to default CA certificates or None."""
     if _plainapplepython():
         dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem')
         if os.path.exists(dummycert):
             return dummycert
 
     return None
 
-def validatesocket(sock, strict=False):
+def validatesocket(sock):
     """Validate a socket meets security requiremnets.
 
     The passed socket must have been created with ``wrapsocket()``.
     """
     host = sock._hgstate['hostname']
     ui = sock._hgstate['ui']
     settings = sock._hgstate['settings']
 
@@ -381,27 +381,20 @@ def validatesocket(sock, strict=False):
     if ui.insecureconnections:
         ui.warn(_('warning: %s certificate with fingerprint %s not '
                   'verified (check %s or web.cacerts '
                   'config setting)\n') %
                 (host, nicefingerprint, section))
         return
 
     if not sock._hgstate['caloaded']:
-        if strict:
-            raise error.Abort(_('%s certificate with fingerprint %s not '
-                                'verified') % (host, nicefingerprint),
-                              hint=_('check %s or web.cacerts config '
-                                     'setting') % section)
-        else:
-            ui.warn(_('warning: %s certificate with fingerprint %s '
-                      'not verified (check %s or web.cacerts config '
-                      'setting)\n') %
-                    (host, nicefingerprint, section))
-
+        ui.warn(_('warning: %s certificate with fingerprint %s '
+                  'not verified (check %s or web.cacerts config '
+                  'setting)\n') %
+                (host, nicefingerprint, section))
         return
 
     msg = _verifycert(peercert2, host)
     if msg:
         raise error.Abort(_('%s certificate error: %s') % (host, msg),
                          hint=_('configure %s %s or use '
                                 '--insecure to connect insecurely') %
                               (section, nicefingerprint))


More information about the Mercurial-devel mailing list