[PATCH 2 of 6] mail: remove redundant call to SSL socket validator
Pierre-Yves David
pierre-yves.david at ens-lyon.org
Thu Mar 31 20:35:19 EDT 2016
On 03/29/2016 07:52 AM, Yuya Nishihara wrote:
> On Sun, 27 Mar 2016 23:21:31 -0700, Gregory Szorc wrote:
>> # HG changeset patch
>> # User Gregory Szorc <gregory.szorc at gmail.com>
>> # Date 1459145731 25200
>> # Sun Mar 27 23:15:31 2016 -0700
>> # Node ID cf65be71e39936624bf39041c93b94e66a45b881
>> # Parent 78f292d3f2c09f55d1aa62e5926b3888635a2426
>> mail: remove redundant call to SSL socket validator
>>
>> Validation is now performed at socket wrapping time, so the
>> existing call is redundant.
>>
>> To ensure strict socket validation is performed, we pass the
>> appropriate argument to the socket wrapping function.
>>
>> We had to add serverhostname to the ssl arguments because it isn't
>> passed otherwise. Without it, we can't perform hostname or
>> certificate validation.
>>
>> diff --git a/mercurial/mail.py b/mercurial/mail.py
>> --- a/mercurial/mail.py
>> +++ b/mercurial/mail.py
>> @@ -96,27 +96,37 @@ def _smtp(ui):
>> # backward compatible: when tls = true, we use starttls.
>> starttls = tls == 'starttls' or util.parsebool(tls)
>> smtps = tls == 'smtps'
>> if (starttls or smtps) and not util.safehasattr(socket, 'ssl'):
>> raise error.Abort(_("can't use TLS: Python SSL support not installed"))
>> mailhost = ui.config('smtp', 'host')
>> if not mailhost:
>> raise error.Abort(_('smtp.host not configured - cannot send mail'))
>> +
>> + # There are 3 config values for cert verification: "strict", "loose," and
>> + # False. The first two perform hostname and fingerprint verification.
>> + # "strict" requires that a CA cert be trusted or a fingerprint be defined.
>> verifycert = ui.config('smtp', 'verifycert', 'strict')
>> if verifycert not in ['strict', 'loose']:
>> if util.parsebool(verifycert) is not False:
>> raise error.Abort(_('invalid smtp.verifycert configuration: %s')
>> % (verifycert))
>> verifycert = False
>> if (starttls or smtps) and verifycert:
>> sslkwargs = sslutil.sslkwargs(ui, mailhost)
>> +
>> + sslkwargs['serverhostname'] = mailhost
>> +
>> + # Passed to the validator.
>> + if verifycert == 'strict':
>> + sslkwargs['requirefingerprintwhennocacerts'] = True
>> else:
>> # 'ui' is required by sslutil.wrapsocket() and set by sslkwargs()
>> - sslkwargs = {'ui': ui}
>> + sslkwargs = {'ui': ui, 'serverhostname': mailhost}
>
> Looks like the certificates are verified even if smtp.verifycert is off.
I'm not sure why you say that (neither why this would be True or
False). Can you elaborate?
--
Pierre-Yves David
More information about the Mercurial-devel
mailing list