[PATCH 2 of 9 V3] sslutil: remove "strict" argument from validatesocket()
Gregory Szorc
gregory.szorc at gmail.com
Wed Jun 1 23:16:16 EDT 2016
# HG changeset patch
# User Gregory Szorc <gregory.szorc at gmail.com>
# Date 1464632383 25200
# Mon May 30 11:19:43 2016 -0700
# Node ID 877afbb2f1d05f169bc798e492826cc70800ea75
# Parent a1cda46a74533090f22bd596b206ddf9090d6bd2
sslutil: remove "strict" argument from validatesocket()
It was only used by mail.py as part of processing smtp.verifycert,
which was just removed.
diff --git a/mercurial/sslutil.py b/mercurial/sslutil.py
--- a/mercurial/sslutil.py
+++ b/mercurial/sslutil.py
@@ -319,17 +319,17 @@ def _defaultcacerts():
"""return path to default CA certificates or None."""
if _plainapplepython():
dummycert = os.path.join(os.path.dirname(__file__), 'dummycert.pem')
if os.path.exists(dummycert):
return dummycert
return None
-def validatesocket(sock, strict=False):
+def validatesocket(sock):
"""Validate a socket meets security requiremnets.
The passed socket must have been created with ``wrapsocket()``.
"""
host = sock._hgstate['hostname']
ui = sock._hgstate['ui']
settings = sock._hgstate['settings']
@@ -381,27 +381,20 @@ def validatesocket(sock, strict=False):
if ui.insecureconnections:
ui.warn(_('warning: %s certificate with fingerprint %s not '
'verified (check %s or web.cacerts '
'config setting)\n') %
(host, nicefingerprint, section))
return
if not sock._hgstate['caloaded']:
- if strict:
- raise error.Abort(_('%s certificate with fingerprint %s not '
- 'verified') % (host, nicefingerprint),
- hint=_('check %s or web.cacerts config '
- 'setting') % section)
- else:
- ui.warn(_('warning: %s certificate with fingerprint %s '
- 'not verified (check %s or web.cacerts config '
- 'setting)\n') %
- (host, nicefingerprint, section))
-
+ ui.warn(_('warning: %s certificate with fingerprint %s '
+ 'not verified (check %s or web.cacerts config '
+ 'setting)\n') %
+ (host, nicefingerprint, section))
return
msg = _verifycert(peercert2, host)
if msg:
raise error.Abort(_('%s certificate error: %s') % (host, msg),
hint=_('configure %s %s or use '
'--insecure to connect insecurely') %
(section, nicefingerprint))
More information about the Mercurial-devel
mailing list