[PATCH 2 of 6] mail: remove redundant call to SSL socket validator

Yuya Nishihara yuya at tcha.org
Tue Mar 29 10:52:04 EDT 2016 

On Sun, 27 Mar 2016 23:21:31 -0700, Gregory Szorc wrote:
> # HG changeset patch
> # User Gregory Szorc <gregory.szorc at gmail.com>
> # Date 1459145731 25200
> #      Sun Mar 27 23:15:31 2016 -0700
> # Node ID cf65be71e39936624bf39041c93b94e66a45b881
> # Parent  78f292d3f2c09f55d1aa62e5926b3888635a2426
> mail: remove redundant call to SSL socket validator
> 
> Validation is now performed at socket wrapping time, so the
> existing call is redundant.
> 
> To ensure strict socket validation is performed, we pass the
> appropriate argument to the socket wrapping function.
> 
> We had to add serverhostname to the ssl arguments because it isn't
> passed otherwise. Without it, we can't perform hostname or
> certificate validation.
> 
> diff --git a/mercurial/mail.py b/mercurial/mail.py
> --- a/mercurial/mail.py
> +++ b/mercurial/mail.py
> @@ -96,27 +96,37 @@ def _smtp(ui):
>      # backward compatible: when tls = true, we use starttls.
>      starttls = tls == 'starttls' or util.parsebool(tls)
>      smtps = tls == 'smtps'
>      if (starttls or smtps) and not util.safehasattr(socket, 'ssl'):
>          raise error.Abort(_("can't use TLS: Python SSL support not installed"))
>      mailhost = ui.config('smtp', 'host')
>      if not mailhost:
>          raise error.Abort(_('smtp.host not configured - cannot send mail'))
> +
> +    # There are 3 config values for cert verification: "strict", "loose," and
> +    # False. The first two perform hostname and fingerprint verification.
> +    # "strict" requires that a CA cert be trusted or a fingerprint be defined.
>      verifycert = ui.config('smtp', 'verifycert', 'strict')
>      if verifycert not in ['strict', 'loose']:
>          if util.parsebool(verifycert) is not False:
>              raise error.Abort(_('invalid smtp.verifycert configuration: %s')
>                               % (verifycert))
>          verifycert = False
>      if (starttls or smtps) and verifycert:
>          sslkwargs = sslutil.sslkwargs(ui, mailhost)
> +
> +        sslkwargs['serverhostname'] = mailhost
> +
> +        # Passed to the validator.
> +        if verifycert == 'strict':
> +            sslkwargs['requirefingerprintwhennocacerts'] = True
>      else:
>          # 'ui' is required by sslutil.wrapsocket() and set by sslkwargs()
> -        sslkwargs = {'ui': ui}
> +        sslkwargs = {'ui': ui, 'serverhostname': mailhost}

Looks like the certificates are verified even if smtp.verifycert is off.

More information about the Mercurial-devel mailing list