[PATCH 2 of 6] mail: remove redundant call to SSL socket validator
Yuya Nishihara
yuya at tcha.org
Tue Mar 29 10:52:04 EDT 2016
On Sun, 27 Mar 2016 23:21:31 -0700, Gregory Szorc wrote:
> # HG changeset patch
> # User Gregory Szorc <gregory.szorc at gmail.com>
> # Date 1459145731 25200
> # Sun Mar 27 23:15:31 2016 -0700
> # Node ID cf65be71e39936624bf39041c93b94e66a45b881
> # Parent 78f292d3f2c09f55d1aa62e5926b3888635a2426
> mail: remove redundant call to SSL socket validator
>
> Validation is now performed at socket wrapping time, so the
> existing call is redundant.
>
> To ensure strict socket validation is performed, we pass the
> appropriate argument to the socket wrapping function.
>
> We had to add serverhostname to the ssl arguments because it isn't
> passed otherwise. Without it, we can't perform hostname or
> certificate validation.
>
> diff --git a/mercurial/mail.py b/mercurial/mail.py
> --- a/mercurial/mail.py
> +++ b/mercurial/mail.py
> @@ -96,27 +96,37 @@ def _smtp(ui):
> # backward compatible: when tls = true, we use starttls.
> starttls = tls == 'starttls' or util.parsebool(tls)
> smtps = tls == 'smtps'
> if (starttls or smtps) and not util.safehasattr(socket, 'ssl'):
> raise error.Abort(_("can't use TLS: Python SSL support not installed"))
> mailhost = ui.config('smtp', 'host')
> if not mailhost:
> raise error.Abort(_('smtp.host not configured - cannot send mail'))
> +
> + # There are 3 config values for cert verification: "strict", "loose," and
> + # False. The first two perform hostname and fingerprint verification.
> + # "strict" requires that a CA cert be trusted or a fingerprint be defined.
> verifycert = ui.config('smtp', 'verifycert', 'strict')
> if verifycert not in ['strict', 'loose']:
> if util.parsebool(verifycert) is not False:
> raise error.Abort(_('invalid smtp.verifycert configuration: %s')
> % (verifycert))
> verifycert = False
> if (starttls or smtps) and verifycert:
> sslkwargs = sslutil.sslkwargs(ui, mailhost)
> +
> + sslkwargs['serverhostname'] = mailhost
> +
> + # Passed to the validator.
> + if verifycert == 'strict':
> + sslkwargs['requirefingerprintwhennocacerts'] = True
> else:
> # 'ui' is required by sslutil.wrapsocket() and set by sslkwargs()
> - sslkwargs = {'ui': ui}
> + sslkwargs = {'ui': ui, 'serverhostname': mailhost}
Looks like the certificates are verified even if smtp.verifycert is off.
More information about the Mercurial-devel
mailing list